Merge ~adrien/ubuntu/+source/openssl:fips-avx512-and-lto into ubuntu/+source/openssl:ubuntu/devel
- Git
- lp:~adrien/ubuntu/+source/openssl
- fips-avx512-and-lto
- Merge into ubuntu/devel
Proposed by
Adrien Nader
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Merge reported by: | Adrien Nader | ||||||||
Merged at revision: | eb649aba51aad5f5a86e4ee9df407fa7d7b661f9 | ||||||||
Proposed branch: | ~adrien/ubuntu/+source/openssl:fips-avx512-and-lto | ||||||||
Merge into: | ubuntu/+source/openssl:ubuntu/devel | ||||||||
Diff against target: |
1037 lines (+971/-4) 9 files modified
debian/changelog (+24/-0) debian/patches/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch (+38/-0) debian/patches/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch (+130/-0) debian/patches/fips/crypto-Add-kernel-FIPS-mode-detection.patch (+154/-0) debian/patches/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch (+495/-0) debian/patches/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch (+57/-0) debian/patches/intel/002-vaes_gcm_avx512_fix.patch (+63/-0) debian/patches/series (+9/-3) debian/rules (+1/-1) |
||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Simon Chopin (community) | Approve | ||
Review via email: mp+462486@code.launchpad.net |
Commit message
Include patches to reduce the delta of the FIPS-variant package, re-enable AVX512 patch and disable LTO.
All these changes have corresponding bug reports:
- [FFe] FIPS compatibility patches: https:/
- Backport Intel's AVX512 patches on openssl 3.0: https:/
- openssl is not LTO-safe: https:/
There is a granted FFe for the FIPS patches.
The AVX512 is a fix so no FFe request.
I also consider the LTO one to be a fix so no FFe request either even though I provided all the details needed to make one.
Description of the change
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 06dd500..b4d551a 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,27 @@ |
6 | +openssl (3.0.13-0ubuntu2) noble; urgency=medium |
7 | + |
8 | + [ Tobias Heider ] |
9 | + * Add fips-mode detection and adjust defaults when running in fips mode |
10 | + (LP: #2056593): |
11 | + - d/p/fips/crypto-Add-kernel-FIPS-mode-detection.patch: |
12 | + Detect if kernel fips mode is enabled |
13 | + - d/p/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch: |
14 | + Load FIPS provider if running in FIPS mode |
15 | + - d/p/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch: |
16 | + Limit openssl-speed to FIPS compliant algorithms when running in FIPS mode |
17 | + - d/p/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch |
18 | + Make sure DRBG respects query properties |
19 | + - d/p/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch: |
20 | + Make sure encoding runs with correct library context and provider |
21 | + |
22 | + [ Adrien Nader ] |
23 | + * Re-enable intel/0002-AES-GCM-enabled-with-AVX512-vAES-and-vPCLMULQDQ.patch |
24 | + (LP: #2030784) |
25 | + Thanks Bun K Tan and Dan Zimmerman |
26 | + * Disable LTO with which the codebase is generally incompatible (LP: #2058017) |
27 | + |
28 | + -- Adrien Nader <adrien.nader@canonical.com> Fri, 15 Mar 2024 09:46:33 +0100 |
29 | + |
30 | openssl (3.0.13-0ubuntu1) noble; urgency=medium |
31 | |
32 | * Import 3.0.13 |
33 | diff --git a/debian/patches/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch b/debian/patches/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch |
34 | new file mode 100644 |
35 | index 0000000..fce1415 |
36 | --- /dev/null |
37 | +++ b/debian/patches/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch |
38 | @@ -0,0 +1,38 @@ |
39 | +From: Chris Coulson <chris.coulson@canonical.com> |
40 | +Date: Thu, 13 Oct 2022 00:02:26 +0100 |
41 | +Subject: apps: pass -propquery arg to the libctx DRBG fetches |
42 | + |
43 | +Forwarded: no |
44 | +Applied-Upstream: no |
45 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593 |
46 | + |
47 | +The -propquery argument might be used to define a preference for which provider |
48 | +an algorithm is fetched from. Set the query properties for the library context |
49 | +DRBG fetches as well so that they are fetched with the same properties. |
50 | +--- |
51 | + apps/lib/app_libctx.c | 5 +++++ |
52 | + 1 file changed, 5 insertions(+) |
53 | + |
54 | +diff --git a/apps/lib/app_libctx.c b/apps/lib/app_libctx.c |
55 | +index 4b9ec40e8527..d1c9909165b4 100644 |
56 | +--- a/apps/lib/app_libctx.c |
57 | ++++ b/apps/lib/app_libctx.c |
58 | +@@ -6,6 +6,7 @@ |
59 | + * in the file LICENSE in the source distribution or at |
60 | + * https://www.openssl.org/source/license.html |
61 | + */ |
62 | ++#include <openssl/rand.h> |
63 | + #include "app_libctx.h" |
64 | + #include "apps.h" |
65 | + |
66 | +@@ -15,6 +16,10 @@ static const char *app_propq = NULL; |
67 | + int app_set_propq(const char *arg) |
68 | + { |
69 | + app_propq = arg; |
70 | ++ if (!RAND_set_DRBG_type(app_libctx, NULL, arg, NULL, NULL)) |
71 | ++ return 0; |
72 | ++ if (!RAND_set_seed_source_type(app_libctx, NULL, arg)) |
73 | ++ return 0; |
74 | + return 1; |
75 | + } |
76 | + |
77 | diff --git a/debian/patches/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch b/debian/patches/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch |
78 | new file mode 100644 |
79 | index 0000000..2aa9810 |
80 | --- /dev/null |
81 | +++ b/debian/patches/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch |
82 | @@ -0,0 +1,130 @@ |
83 | +From: Chris Coulson <chris.coulson@canonical.com> |
84 | +Date: Thu, 21 Apr 2022 13:11:18 +0100 |
85 | +Subject: apps/speed: Omit unavailable algorithms in FIPS mode |
86 | + |
87 | +Forwarded: no |
88 | +Applied-Upstream: no |
89 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593 |
90 | +--- |
91 | + apps/speed.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
92 | + 1 file changed, 66 insertions(+) |
93 | + |
94 | +diff --git a/apps/speed.c b/apps/speed.c |
95 | +index 1113d775b8ab..9bdab90186b3 100644 |
96 | +--- a/apps/speed.c |
97 | ++++ b/apps/speed.c |
98 | +@@ -1496,6 +1496,9 @@ int speed_main(int argc, char **argv) |
99 | + OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0); |
100 | + #endif |
101 | + |
102 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) |
103 | ++ evp_mac_mdname = "sha1"; |
104 | ++ |
105 | + prog = opt_init(argc, argv, speed_options); |
106 | + while ((o = opt_next()) != OPT_EOF) { |
107 | + switch (o) { |
108 | +@@ -1647,6 +1650,8 @@ int speed_main(int argc, char **argv) |
109 | + } |
110 | + if (strcmp(algo, "des") == 0) { |
111 | + doit[D_CBC_DES] = doit[D_EDE3_DES] = 1; |
112 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) |
113 | ++ doit[D_CBC_DES] = 0; |
114 | + continue; |
115 | + } |
116 | + if (strcmp(algo, "sha") == 0) { |
117 | +@@ -1660,6 +1665,8 @@ int speed_main(int argc, char **argv) |
118 | + if (strncmp(algo, "rsa", 3) == 0) { |
119 | + if (algo[3] == '\0') { |
120 | + memset(rsa_doit, 1, sizeof(rsa_doit)); |
121 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) |
122 | ++ rsa_doit[R_RSA_512] = rsa_doit[R_RSA_1024] = 0; |
123 | + continue; |
124 | + } |
125 | + if (opt_found(algo, rsa_choices, &i)) { |
126 | +@@ -1682,6 +1689,10 @@ int speed_main(int argc, char **argv) |
127 | + if (strncmp(algo, "dsa", 3) == 0) { |
128 | + if (algo[3] == '\0') { |
129 | + memset(dsa_doit, 1, sizeof(dsa_doit)); |
130 | ++ /* R_DSA_512 and R_DSA_1024 should be disabled in FIPS mode, |
131 | ++ * but actually, none of the DSA benchmarks work because the |
132 | ++ * compiled-in keys fail the necessary checks. Just return an |
133 | ++ * error if the DSA benchmarks are invoked explicitly. */ |
134 | + continue; |
135 | + } |
136 | + if (opt_found(algo, dsa_choices, &i)) { |
137 | +@@ -1700,6 +1711,18 @@ int speed_main(int argc, char **argv) |
138 | + if (strncmp(algo, "ecdsa", 5) == 0) { |
139 | + if (algo[5] == '\0') { |
140 | + memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); |
141 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) { |
142 | ++ ecdsa_doit[R_EC_P160] = ecdsa_doit[R_EC_P192] = 0; |
143 | ++#ifndef OPENSSL_NO_EC2M |
144 | ++ ecdsa_doit[R_EC_K163] = ecdsa_doit[R_EC_B163] = 0; |
145 | ++#endif |
146 | ++ ecdsa_doit[R_EC_BRP256R1] = |
147 | ++ ecdsa_doit[R_EC_BRP256T1] = |
148 | ++ ecdsa_doit[R_EC_BRP384R1] = |
149 | ++ ecdsa_doit[R_EC_BRP384T1] = |
150 | ++ ecdsa_doit[R_EC_BRP512R1] = |
151 | ++ ecdsa_doit[R_EC_BRP512T1] = 0; |
152 | ++ } |
153 | + continue; |
154 | + } |
155 | + if (opt_found(algo, ecdsa_choices, &i)) { |
156 | +@@ -1710,6 +1733,18 @@ int speed_main(int argc, char **argv) |
157 | + if (strncmp(algo, "ecdh", 4) == 0) { |
158 | + if (algo[4] == '\0') { |
159 | + memset(ecdh_doit, 1, sizeof(ecdh_doit)); |
160 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) { |
161 | ++ ecdh_doit[R_EC_P160] = ecdh_doit[R_EC_P192] = 0; |
162 | ++#ifndef OPENSSL_NO_EC2M |
163 | ++ ecdh_doit[R_EC_K163] = ecdh_doit[R_EC_B163] = 0; |
164 | ++#endif |
165 | ++ ecdh_doit[R_EC_BRP256R1] = |
166 | ++ ecdh_doit[R_EC_BRP256T1] = |
167 | ++ ecdh_doit[R_EC_BRP384R1] = |
168 | ++ ecdh_doit[R_EC_BRP384T1] = |
169 | ++ ecdh_doit[R_EC_BRP512R1] = |
170 | ++ ecdh_doit[R_EC_BRP512T1] = 0; |
171 | ++ } |
172 | + continue; |
173 | + } |
174 | + if (opt_found(algo, ecdh_choices, &i)) { |
175 | +@@ -1863,6 +1898,37 @@ int speed_main(int argc, char **argv) |
176 | + #ifndef OPENSSL_NO_SM2 |
177 | + memset(sm2_doit, 1, sizeof(sm2_doit)); |
178 | + #endif |
179 | ++ if (EVP_default_properties_is_fips_enabled(app_get0_libctx())) { |
180 | ++ rsa_doit[R_RSA_512] = rsa_doit[R_RSA_1024] = 0; |
181 | ++ |
182 | ++ memset(dsa_doit, 0, sizeof(dsa_doit)); |
183 | ++ |
184 | ++ ecdsa_doit[R_EC_P160] = ecdsa_doit[R_EC_P192] = 0; |
185 | ++#ifndef OPENSSL_NO_EC2M |
186 | ++ ecdsa_doit[R_EC_K163] = ecdsa_doit[R_EC_B163] = 0; |
187 | ++#endif |
188 | ++ ecdsa_doit[R_EC_BRP256R1] = |
189 | ++ ecdsa_doit[R_EC_BRP256T1] = |
190 | ++ ecdsa_doit[R_EC_BRP384R1] = |
191 | ++ ecdsa_doit[R_EC_BRP384T1] = |
192 | ++ ecdsa_doit[R_EC_BRP512R1] = |
193 | ++ ecdsa_doit[R_EC_BRP512T1] = 0; |
194 | ++ |
195 | ++ ecdh_doit[R_EC_P160] = ecdh_doit[R_EC_P192] = 0; |
196 | ++#ifndef OPENSSL_NO_EC2M |
197 | ++ ecdh_doit[R_EC_K163] = ecdh_doit[R_EC_B163] = 0; |
198 | ++#endif |
199 | ++ ecdh_doit[R_EC_BRP256R1] = |
200 | ++ ecdh_doit[R_EC_BRP256T1] = |
201 | ++ ecdh_doit[R_EC_BRP384R1] = |
202 | ++ ecdh_doit[R_EC_BRP384T1] = |
203 | ++ ecdh_doit[R_EC_BRP512R1] = |
204 | ++ ecdh_doit[R_EC_BRP512T1] = 0; |
205 | ++ |
206 | ++#ifndef OPENSSL_NO_SM2 |
207 | ++ memset(sm2_doit, 0, sizeof(sm2_doit)); |
208 | ++#endif |
209 | ++ } |
210 | + } |
211 | + for (i = 0; i < ALGOR_NUM; i++) |
212 | + if (doit[i]) |
213 | diff --git a/debian/patches/fips/crypto-Add-kernel-FIPS-mode-detection.patch b/debian/patches/fips/crypto-Add-kernel-FIPS-mode-detection.patch |
214 | new file mode 100644 |
215 | index 0000000..25c5184 |
216 | --- /dev/null |
217 | +++ b/debian/patches/fips/crypto-Add-kernel-FIPS-mode-detection.patch |
218 | @@ -0,0 +1,154 @@ |
219 | +From: Chris Coulson <chris.coulson@canonical.com> |
220 | +Date: Thu, 14 Apr 2022 14:57:44 +0100 |
221 | +Subject: crypto: Add kernel FIPS mode detection |
222 | + |
223 | +Forwarded: no |
224 | +Applied-Upstream: no |
225 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593 |
226 | + |
227 | +This adds a new internal API to determine whether the kernel has been booted |
228 | +in FIPS mode. This can be overridden with the OPENSSL_FORCE_FIPS_MODE |
229 | +environment variable. OPENSSL_FIPS_MODE_SWITCH_PATH can be used to specify an |
230 | +alternative path for the fips_enabled file and is used in tests. |
231 | +The FIPS_MODULE switch can be used to enable build of the the FIPS provider |
232 | +module specific parts which are not needed in the OpenSSL library itself. |
233 | +--- |
234 | + crypto/build.info | 2 +- |
235 | + crypto/context.c | 20 ++++++++++++++++++++ |
236 | + crypto/fips_mode.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ |
237 | + crypto/fips_mode.h | 17 +++++++++++++++++ |
238 | + 4 files changed, 84 insertions(+), 1 deletion(-) |
239 | + create mode 100644 crypto/fips_mode.c |
240 | + create mode 100644 crypto/fips_mode.h |
241 | + |
242 | +diff --git a/crypto/build.info b/crypto/build.info |
243 | +index a45bf8deefd5..a128c645667e 100644 |
244 | +--- a/crypto/build.info |
245 | ++++ b/crypto/build.info |
246 | +@@ -101,7 +101,7 @@ SOURCE[../libcrypto]=$UTIL_COMMON \ |
247 | + mem.c mem_sec.c \ |
248 | + cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \ |
249 | + o_fopen.c getenv.c o_init.c init.c trace.c provider.c provider_child.c \ |
250 | +- punycode.c passphrase.c |
251 | ++ punycode.c passphrase.c fips_mode.c |
252 | + SOURCE[../providers/libfips.a]=$UTIL_COMMON |
253 | + |
254 | + SOURCE[../libcrypto]=$UPLINKSRC |
255 | +diff --git a/crypto/context.c b/crypto/context.c |
256 | +index 548665fba265..83e255cb2563 100644 |
257 | +--- a/crypto/context.c |
258 | ++++ b/crypto/context.c |
259 | +@@ -17,6 +17,11 @@ |
260 | + #include "crypto/ctype.h" |
261 | + #include "crypto/rand.h" |
262 | + |
263 | ++#ifndef FIPS_MODULE |
264 | ++# include "crypto/evp.h" |
265 | ++# include "fips_mode.h" |
266 | ++#endif |
267 | ++ |
268 | + struct ossl_lib_ctx_onfree_list_st { |
269 | + ossl_lib_ctx_onfree_fn *fn; |
270 | + struct ossl_lib_ctx_onfree_list_st *next; |
271 | +@@ -69,11 +74,26 @@ int ossl_lib_ctx_is_child(OSSL_LIB_CTX *ctx) |
272 | + return ctx->ischild; |
273 | + } |
274 | + |
275 | ++#if !defined(FIPS_MODULE) |
276 | ++static CRYPTO_ONCE init_fips = CRYPTO_ONCE_STATIC_INIT; |
277 | ++ |
278 | ++DEFINE_RUN_ONCE_STATIC(do_init_fips) |
279 | ++{ |
280 | ++ ossl_init_fips(); |
281 | ++ return 1; |
282 | ++} |
283 | ++#endif |
284 | ++ |
285 | + static int context_init(OSSL_LIB_CTX *ctx) |
286 | + { |
287 | + size_t i; |
288 | + int exdata_done = 0; |
289 | + |
290 | ++#if !defined(FIPS_MODULE) |
291 | ++ if (!RUN_ONCE(&init_fips, do_init_fips)) |
292 | ++ return 0; |
293 | ++#endif |
294 | ++ |
295 | + ctx->lock = CRYPTO_THREAD_lock_new(); |
296 | + if (ctx->lock == NULL) |
297 | + return 0; |
298 | +diff --git a/crypto/fips_mode.c b/crypto/fips_mode.c |
299 | +new file mode 100644 |
300 | +index 000000000000..0131075ed764 |
301 | +--- /dev/null |
302 | ++++ b/crypto/fips_mode.c |
303 | +@@ -0,0 +1,46 @@ |
304 | ++#define _GNU_SOURCE |
305 | ++#include <errno.h> |
306 | ++#include <fcntl.h> |
307 | ++#include <stdlib.h> |
308 | ++#include <string.h> |
309 | ++#include <sys/types.h> |
310 | ++#include <sys/stat.h> |
311 | ++#include <unistd.h> |
312 | ++#include "fips_mode.h" |
313 | ++ |
314 | ++#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" |
315 | ++ |
316 | ++static int fips_mode; |
317 | ++ |
318 | ++int ossl_fips_mode(void) |
319 | ++{ |
320 | ++ return fips_mode; |
321 | ++} |
322 | ++ |
323 | ++void ossl_init_fips(void) |
324 | ++{ |
325 | ++ const char *switch_path = FIPS_MODE_SWITCH_FILE; |
326 | ++ char *v; |
327 | ++ char c; |
328 | ++ int fd; |
329 | ++ |
330 | ++ if ((v = secure_getenv("OPENSSL_FORCE_FIPS_MODE")) != NULL) { |
331 | ++ fips_mode = strcmp(v, "0") == 0 ? 0 : 1; |
332 | ++ return; |
333 | ++ } |
334 | ++ |
335 | ++ if ((v = secure_getenv("OPENSSL_FIPS_MODE_SWITCH_PATH")) != NULL) { |
336 | ++ switch_path = v; |
337 | ++ } |
338 | ++ |
339 | ++ fd = open(switch_path, O_RDONLY); |
340 | ++ if (fd < 0) { |
341 | ++ fips_mode = 0; |
342 | ++ return; |
343 | ++ } |
344 | ++ |
345 | ++ while (read(fd, &c, sizeof(c)) < 0 && errno == EINTR); |
346 | ++ close(fd); |
347 | ++ |
348 | ++ fips_mode = c == '1' ? 1 : 0; |
349 | ++} |
350 | +diff --git a/crypto/fips_mode.h b/crypto/fips_mode.h |
351 | +new file mode 100644 |
352 | +index 000000000000..5f0607ba9d70 |
353 | +--- /dev/null |
354 | ++++ b/crypto/fips_mode.h |
355 | +@@ -0,0 +1,17 @@ |
356 | ++/* |
357 | ++ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. |
358 | ++ * |
359 | ++ * Licensed under the Apache License 2.0 (the "License"). You may not use |
360 | ++ * this file except in compliance with the License. You can obtain a copy |
361 | ++ * in the file LICENSE in the source distribution or at |
362 | ++ * https://www.openssl.org/source/license.html |
363 | ++ */ |
364 | ++ |
365 | ++#ifndef OSSL_FIPS_MODE_H |
366 | ++# define OSSL_FIPS_MODE_H |
367 | ++# pragma once |
368 | ++ |
369 | ++int ossl_fips_mode(void); |
370 | ++void ossl_init_fips(void); |
371 | ++ |
372 | ++#endif |
373 | diff --git a/debian/patches/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch b/debian/patches/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch |
374 | new file mode 100644 |
375 | index 0000000..4d2eb9d |
376 | --- /dev/null |
377 | +++ b/debian/patches/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch |
378 | @@ -0,0 +1,495 @@ |
379 | +From: Chris Coulson <chris.coulson@canonical.com> |
380 | +Date: Thu, 14 Apr 2022 15:40:56 +0100 |
381 | +Subject: crypto: Automatically use the FIPS provider when the kernel is |
382 | + booted in FIPS mode |
383 | + |
384 | +Forwarded: no |
385 | +Applied-Upstream: no |
386 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593 |
387 | + |
388 | +This automatically configures all library contexts to use the FIPS provider when |
389 | +the kernel is booted in FIPS mode by: |
390 | +- Setting "fips=yes" as the default property for algorithm fetches |
391 | +- Loading and activating the FIPS provider as the fallback provider. |
392 | + |
393 | +If applications load providers via a configuration either because the default |
394 | +configuration is modified or they override the default configuration, this |
395 | +disables loading of the fallback providers. In this case, the configuration |
396 | +must load the FIPS provider when FIPS mode is enabled, else algorithm fetches |
397 | +will fail |
398 | + |
399 | +Applications can choose to use non-FIPS approved algorithms by specifying the |
400 | +"-fips" or "fips=no" property for algorithm fetches and loading the default |
401 | +provider. |
402 | +--- |
403 | + crypto/context.c | 5 ++ |
404 | + crypto/provider_core.c | 4 +- |
405 | + crypto/provider_local.h | 2 +- |
406 | + crypto/provider_predefined.c | 25 +++++++- |
407 | + doc/man3/EVP_set_default_properties.pod | 3 +- |
408 | + doc/man5/config.pod | 8 ++- |
409 | + doc/man7/OSSL_PROVIDER-default.pod | 7 ++- |
410 | + doc/man7/crypto.pod | 30 +++++++-- |
411 | + doc/man7/fips_module.pod | 15 +++++ |
412 | + test/build.info | 6 +- |
413 | + test/fips_auto_enable_test.c | 106 ++++++++++++++++++++++++++++++++ |
414 | + test/recipes/04-test_auto_fips_mode.t | 50 +++++++++++++++ |
415 | + test/recipes/04-test_auto_fips_mode/off | 1 + |
416 | + test/recipes/04-test_auto_fips_mode/on | 1 + |
417 | + test/run_tests.pl | 1 + |
418 | + 15 files changed, 247 insertions(+), 17 deletions(-) |
419 | + create mode 100644 test/fips_auto_enable_test.c |
420 | + create mode 100644 test/recipes/04-test_auto_fips_mode.t |
421 | + create mode 100644 test/recipes/04-test_auto_fips_mode/off |
422 | + create mode 100644 test/recipes/04-test_auto_fips_mode/on |
423 | + |
424 | +diff --git a/crypto/context.c b/crypto/context.c |
425 | +index 83e255cb2563..457ebb0880b4 100644 |
426 | +--- a/crypto/context.c |
427 | ++++ b/crypto/context.c |
428 | +@@ -122,6 +122,11 @@ static int context_init(OSSL_LIB_CTX *ctx) |
429 | + if (!ossl_property_parse_init(ctx)) |
430 | + goto err; |
431 | + |
432 | ++#if !defined(FIPS_MODULE) |
433 | ++ if (ossl_fips_mode() == 1 && !evp_default_properties_enable_fips_int(ctx, 1, 0)) |
434 | ++ goto err; |
435 | ++#endif |
436 | ++ |
437 | + return 1; |
438 | + err: |
439 | + if (exdata_done) |
440 | +diff --git a/crypto/provider_core.c b/crypto/provider_core.c |
441 | +index 4cadb6a9f02e..ecfa1e1dd902 100644 |
442 | +--- a/crypto/provider_core.c |
443 | ++++ b/crypto/provider_core.c |
444 | +@@ -544,7 +544,7 @@ OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, |
445 | + size_t i; |
446 | + |
447 | + /* Check if this is a predefined builtin provider */ |
448 | +- for (p = ossl_predefined_providers; p->name != NULL; p++) { |
449 | ++ for (p = ossl_predefined_providers(); p->name != NULL; p++) { |
450 | + if (strcmp(p->name, name) == 0) { |
451 | + template = *p; |
452 | + break; |
453 | +@@ -1305,7 +1305,7 @@ static int provider_activate_fallbacks(struct provider_store_st *store) |
454 | + return 1; |
455 | + } |
456 | + |
457 | +- for (p = ossl_predefined_providers; p->name != NULL; p++) { |
458 | ++ for (p = ossl_predefined_providers(); p->name != NULL; p++) { |
459 | + OSSL_PROVIDER *prov = NULL; |
460 | + |
461 | + if (!p->is_fallback) |
462 | +diff --git a/crypto/provider_local.h b/crypto/provider_local.h |
463 | +index e0bcbcb9f94e..bfde4dd7cc25 100644 |
464 | +--- a/crypto/provider_local.h |
465 | ++++ b/crypto/provider_local.h |
466 | +@@ -23,7 +23,7 @@ typedef struct { |
467 | + unsigned int is_fallback:1; |
468 | + } OSSL_PROVIDER_INFO; |
469 | + |
470 | +-extern const OSSL_PROVIDER_INFO ossl_predefined_providers[]; |
471 | ++const OSSL_PROVIDER_INFO *ossl_predefined_providers(void); |
472 | + |
473 | + void ossl_provider_info_clear(OSSL_PROVIDER_INFO *info); |
474 | + int ossl_provider_info_add_to_store(OSSL_LIB_CTX *libctx, |
475 | +diff --git a/crypto/provider_predefined.c b/crypto/provider_predefined.c |
476 | +index 068e0b7cd96a..0ee2158a7c47 100644 |
477 | +--- a/crypto/provider_predefined.c |
478 | ++++ b/crypto/provider_predefined.c |
479 | +@@ -9,6 +9,9 @@ |
480 | + |
481 | + #include <openssl/core.h> |
482 | + #include "provider_local.h" |
483 | ++#if !defined(FIPS_MODULE) |
484 | ++# include "fips_mode.h" |
485 | ++#endif |
486 | + |
487 | + OSSL_provider_init_fn ossl_default_provider_init; |
488 | + OSSL_provider_init_fn ossl_base_provider_init; |
489 | +@@ -17,7 +20,7 @@ OSSL_provider_init_fn ossl_fips_intern_provider_init; |
490 | + #ifdef STATIC_LEGACY |
491 | + OSSL_provider_init_fn ossl_legacy_provider_init; |
492 | + #endif |
493 | +-const OSSL_PROVIDER_INFO ossl_predefined_providers[] = { |
494 | ++const OSSL_PROVIDER_INFO providers[] = { |
495 | + #ifdef FIPS_MODULE |
496 | + { "fips", NULL, ossl_fips_intern_provider_init, NULL, 1 }, |
497 | + #else |
498 | +@@ -30,3 +33,23 @@ const OSSL_PROVIDER_INFO ossl_predefined_providers[] = { |
499 | + #endif |
500 | + { NULL, NULL, NULL, NULL, 0 } |
501 | + }; |
502 | ++ |
503 | ++#if !defined(FIPS_MODULE) |
504 | ++const OSSL_PROVIDER_INFO fips_providers[] = { |
505 | ++ { "fips", NULL, NULL, NULL, 1 }, |
506 | ++ { "base", NULL, ossl_base_provider_init, NULL, 1 }, |
507 | ++ { "default", NULL, ossl_default_provider_init, NULL, 0 }, |
508 | ++ { "null", NULL, ossl_null_provider_init, NULL, 0 }, |
509 | ++ { NULL, NULL, NULL, NULL, 0 } |
510 | ++}; |
511 | ++#endif |
512 | ++ |
513 | ++const OSSL_PROVIDER_INFO *ossl_predefined_providers(void) |
514 | ++{ |
515 | ++#if !defined(FIPS_MODULE) |
516 | ++ if (ossl_fips_mode() == 1) |
517 | ++ return fips_providers; |
518 | ++#endif |
519 | ++ |
520 | ++ return providers; |
521 | ++} |
522 | +diff --git a/doc/man3/EVP_set_default_properties.pod b/doc/man3/EVP_set_default_properties.pod |
523 | +index 2d862772c251..3ee3f10566dd 100644 |
524 | +--- a/doc/man3/EVP_set_default_properties.pod |
525 | ++++ b/doc/man3/EVP_set_default_properties.pod |
526 | +@@ -34,7 +34,8 @@ query for the given I<libctx>. It merges the fips default property query with an |
527 | + existing query strings that have been set via EVP_set_default_properties(). |
528 | + |
529 | + EVP_default_properties_is_fips_enabled() indicates if 'fips=yes' is a default |
530 | +-property for the given I<libctx>. |
531 | ++property for the given I<libctx>. This is the default for every I<libctx> on |
532 | ++systems that are operaring in FIPS-approved mode. |
533 | + |
534 | + =head1 NOTES |
535 | + |
536 | +diff --git a/doc/man5/config.pod b/doc/man5/config.pod |
537 | +index 8d312c661fa0..e35368c13da1 100644 |
538 | +--- a/doc/man5/config.pod |
539 | ++++ b/doc/man5/config.pod |
540 | +@@ -275,11 +275,13 @@ available to the provider. |
541 | + |
542 | + =head3 Default provider and its activation |
543 | + |
544 | +-If no providers are activated explicitly, the default one is activated implicitly. |
545 | +-See L<OSSL_PROVIDER-default(7)> for more details. |
546 | ++If no providers are activated explicitly, either the default provider or |
547 | ++FIPS provider are activated implicitly depending on the environment. |
548 | ++See L<crypto(7)>, L<OSSL_PROVIDER-default(7)> and L<OSSL_PROVIDER-FIPS(7)> for |
549 | ++more details. |
550 | + |
551 | + If you add a section explicitly activating any other provider(s), |
552 | +-you most probably need to explicitly activate the default provider, |
553 | ++you most probably need to explicitly activate the default or FIPS provider, |
554 | + otherwise it becomes unavailable in openssl. It may make the system remotely unavailable. |
555 | + |
556 | + =head2 EVP Configuration |
557 | +diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod |
558 | +index e39d76abdbb8..e6ff52241632 100644 |
559 | +--- a/doc/man7/OSSL_PROVIDER-default.pod |
560 | ++++ b/doc/man7/OSSL_PROVIDER-default.pod |
561 | +@@ -9,9 +9,10 @@ OSSL_PROVIDER-default - OpenSSL default provider |
562 | + The OpenSSL default provider supplies the majority of OpenSSL's diverse |
563 | + algorithm implementations. If an application doesn't specify anything else |
564 | + explicitly (e.g. in the application or via config), then this is the |
565 | +-provider that will be used as fallback: It is loaded automatically the |
566 | +-first time that an algorithm is fetched from a provider or a function |
567 | +-acting on providers is called and no other provider has been loaded yet. |
568 | ++provider that will be used as fallback on systems that are not operating in |
569 | ++FIPS-approved mode: It is loaded automatically the first time that an algorithm |
570 | ++is fetched from a provider or a function acting on providers is called and no |
571 | ++other provider has been loaded yet. |
572 | + |
573 | + If an attempt to load a provider has already been made (whether successful |
574 | + or not) then the default provider won't be loaded automatically. Therefore |
575 | +diff --git a/doc/man7/crypto.pod b/doc/man7/crypto.pod |
576 | +index c31e10ac29a5..40e421583675 100644 |
577 | +--- a/doc/man7/crypto.pod |
578 | ++++ b/doc/man7/crypto.pod |
579 | +@@ -48,8 +48,22 @@ A provider in OpenSSL is a component that collects together algorithm |
580 | + implementations. In order to use an algorithm you must have at least one |
581 | + provider loaded that contains an implementation of it. OpenSSL comes with a |
582 | + number of providers and they may also be obtained from third parties. If you |
583 | +-don't load a provider explicitly (either in program code or via config) then the |
584 | +-OpenSSL built-in "default" provider will be automatically loaded. |
585 | ++don't load a provider explicitly (either in program code or via config) then one |
586 | ++of the following OpenSSL providers will be loaded automatically: |
587 | ++ |
588 | ++=over 4 |
589 | ++ |
590 | ++=item * |
591 | ++ |
592 | ++The built-in "default" provider when running on a system that is not operating |
593 | ++in FIPS-approved mode. |
594 | ++ |
595 | ++=item * |
596 | ++ |
597 | ++The "fips" provider when running on a system that is operating in FIPS-approved |
598 | ++mode. |
599 | ++ |
600 | ++=back |
601 | + |
602 | + =head2 Library contexts |
603 | + |
604 | +@@ -364,9 +378,10 @@ algorithms), the property query string "provider=default" can be used as a |
605 | + search criterion for these implementations. The default provider includes all |
606 | + of the functionality in the base provider below. |
607 | + |
608 | +-If you don't load any providers at all then the "default" provider will be |
609 | +-automatically loaded. If you explicitly load any provider then the "default" |
610 | +-provider would also need to be explicitly loaded if it is required. |
611 | ++If you don't load any providers at all and the system is not running in |
612 | ++FIPS-approved mode, then the "default" provider will be automatically loaded. |
613 | ++If you explicitly load any provider then the "default" provider would also need |
614 | ++to be explicitly loaded if it is required. |
615 | + |
616 | + See L<OSSL_PROVIDER-default(7)>. |
617 | + |
618 | +@@ -397,6 +412,11 @@ provider can also be selected with the property "fips=yes". The FIPS provider |
619 | + may also contain non-approved algorithm implementations and these can be |
620 | + selected with the property "fips=no". |
621 | + |
622 | ++If you don't load any providers at all and the system is running in |
623 | ++FIPS-approved mode, then the FIPS provider will be automatically loaded. |
624 | ++If you explicitly load any provider then the FIPS provider would also need |
625 | ++to be explicitly loaded if it is required. |
626 | ++ |
627 | + See L<OSSL_PROVIDER-FIPS(7)> and L<fips_module(7)>. |
628 | + |
629 | + =head2 Legacy provider |
630 | +diff --git a/doc/man7/fips_module.pod b/doc/man7/fips_module.pod |
631 | +index d0861a9dcecc..801075d9d05e 100644 |
632 | +--- a/doc/man7/fips_module.pod |
633 | ++++ b/doc/man7/fips_module.pod |
634 | +@@ -45,6 +45,21 @@ All of the above APIs are deprecated in OpenSSL 3.0 - so a simple rule is to |
635 | + avoid using all deprecated functions. See L<migration_guide(7)> for a list of |
636 | + deprecated functions. |
637 | + |
638 | ++=head2 Applications running on systems operating in FIPS-approved mode |
639 | ++ |
640 | ++When running on systems that are operating in FIPS-approved mode and no |
641 | ++providers are loaded explicitly via the application or config, the FIPS module |
642 | ++is loaded implicitly as a fallback provider whenever an algorithm is fetched |
643 | ++for the first time. The "default" provider is not loaded implicitly in this |
644 | ++case, and must be loaded explicitly if it is required by an application. |
645 | ++ |
646 | ++Every L<OSSL_LIB_CTX(3)> is created with "fips=yes" as a default property in |
647 | ++this mode so that algorithm fetches will only fetch algorithms that define |
648 | ++this property and are FIPS-approved. To use algorithms that are not FIPS |
649 | ++approved, either specify "-fips" or "fips=no" as a property query string with |
650 | ++fetching functions, or use the L<EVP_default_properties_enable_fips(3)> function |
651 | ++to remove the default property for a specific B<OSSL_LIB_CTX>. |
652 | ++ |
653 | + =head2 Making all applications use the FIPS module by default |
654 | + |
655 | + One simple approach is to cause all applications that are using OpenSSL to only |
656 | +diff --git a/test/build.info b/test/build.info |
657 | +index 416c2270771a..02d9f082d072 100644 |
658 | +--- a/test/build.info |
659 | ++++ b/test/build.info |
660 | +@@ -61,7 +61,7 @@ IF[{- !$disabled{tests} -}] |
661 | + keymgmt_internal_test hexstr_test provider_status_test defltfips_test \ |
662 | + bio_readbuffer_test user_property_test pkcs7_test upcallstest \ |
663 | + provfetchtest prov_config_test rand_test fips_version_test \ |
664 | +- nodefltctxtest |
665 | ++ nodefltctxtest fips_auto_enable_test |
666 | + |
667 | + IF[{- !$disabled{'deprecated-3.0'} -}] |
668 | + PROGRAMS{noinst}=enginetest |
669 | +@@ -599,6 +599,10 @@ IF[{- !$disabled{tests} -}] |
670 | + INCLUDE[cmp_client_test]=.. ../include ../apps/include |
671 | + DEPEND[cmp_client_test]=../libcrypto.a libtestutil.a |
672 | + |
673 | ++ SOURCE[fips_auto_enable_test]=fips_auto_enable_test.c |
674 | ++ INCLUDE[fips_auto_enable_test]=../include ../apps/include |
675 | ++ DEPEND[fips_auto_enable_test]=../libcrypto libtestutil.a |
676 | ++ |
677 | + # Internal test programs. These are essentially a collection of internal |
678 | + # test routines. Some of them need to reach internal symbols that aren't |
679 | + # available through the shared library (at least on Linux, Solaris, Windows |
680 | +diff --git a/test/fips_auto_enable_test.c b/test/fips_auto_enable_test.c |
681 | +new file mode 100644 |
682 | +index 000000000000..5135ab1b5772 |
683 | +--- /dev/null |
684 | ++++ b/test/fips_auto_enable_test.c |
685 | +@@ -0,0 +1,106 @@ |
686 | ++/* |
687 | ++ * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. |
688 | ++ * |
689 | ++ * Licensed under the Apache License 2.0 (the "License"). You may not use |
690 | ++ * this file except in compliance with the License. You can obtain a copy |
691 | ++ * in the file LICENSE in the source distribution or at |
692 | ++ * https://www.openssl.org/source/license.html |
693 | ++ */ |
694 | ++ |
695 | ++#include <openssl/evp.h> |
696 | ++#include <openssl/provider.h> |
697 | ++#include "testutil.h" |
698 | ++ |
699 | ++static int badfips; |
700 | ++static int context; |
701 | ++static int fips; |
702 | ++ |
703 | ++static int test_fips_auto(void) |
704 | ++{ |
705 | ++ OSSL_LIB_CTX *libctx = NULL; |
706 | ++ EVP_MD *sha256 = NULL; |
707 | ++ int is_fips_enabled, fips_loaded, default_loaded; |
708 | ++ const char *prov_name, *expected_prov_name = fips ? "fips" : "default"; |
709 | ++ int testresult = 0; |
710 | ++ |
711 | ++ if (context) { |
712 | ++ if (!TEST_ptr(libctx = OSSL_LIB_CTX_new())) |
713 | ++ goto err; |
714 | ++ } |
715 | ++ |
716 | ++ is_fips_enabled = EVP_default_properties_is_fips_enabled(libctx); |
717 | ++ |
718 | ++ if (!TEST_int_eq(is_fips_enabled, fips)) |
719 | ++ goto err; |
720 | ++ |
721 | ++ sha256 = EVP_MD_fetch(libctx, "SHA-256", NULL); |
722 | ++ if (!fips || !badfips) { |
723 | ++ if (!TEST_ptr(sha256)) |
724 | ++ goto err; |
725 | ++ |
726 | ++ prov_name = OSSL_PROVIDER_get0_name(EVP_MD_get0_provider(sha256)); |
727 | ++ if (!TEST_str_eq(prov_name, expected_prov_name)) |
728 | ++ goto err; |
729 | ++ } else if (!TEST_ptr_null(sha256)) |
730 | ++ goto err; |
731 | ++ |
732 | ++ fips_loaded = OSSL_PROVIDER_available(libctx, "fips"); |
733 | ++ default_loaded = OSSL_PROVIDER_available(libctx, "default"); |
734 | ++ |
735 | ++ if (!TEST_int_eq(fips_loaded, fips && !badfips) || |
736 | ++ !TEST_int_eq(default_loaded, !fips && !badfips)) |
737 | ++ goto err; |
738 | ++ |
739 | ++ testresult = 1; |
740 | ++ err: |
741 | ++ EVP_MD_free(sha256); |
742 | ++ OSSL_LIB_CTX_free(libctx); |
743 | ++ return testresult; |
744 | ++} |
745 | ++ |
746 | ++typedef enum OPTION_choice { |
747 | ++ OPT_ERR = -1, |
748 | ++ OPT_EOF = 0, |
749 | ++ OPT_FIPS, |
750 | ++ OPT_BAD_FIPS, |
751 | ++ OPT_CONTEXT, |
752 | ++ OPT_TEST_ENUM |
753 | ++} OPTION_CHOICE; |
754 | ++ |
755 | ++const OPTIONS *test_get_options(void) |
756 | ++{ |
757 | ++ static const OPTIONS options[] = { |
758 | ++ OPT_TEST_OPTIONS_DEFAULT_USAGE, |
759 | ++ { "fips", OPT_FIPS, '-', "Test library context in FIPS mode" }, |
760 | ++ { "badfips", OPT_BAD_FIPS, '-', "Expect FIPS mode not to work correctly" }, |
761 | ++ { "context", OPT_CONTEXT, '-', "Explicitly use a non-default library context" }, |
762 | ++ { NULL } |
763 | ++ }; |
764 | ++ return options; |
765 | ++} |
766 | ++ |
767 | ++int setup_tests(void) |
768 | ++{ |
769 | ++ OPTION_CHOICE o; |
770 | ++ |
771 | ++ while ((o = opt_next()) != OPT_EOF) { |
772 | ++ switch (o) { |
773 | ++ case OPT_FIPS: |
774 | ++ fips = 1; |
775 | ++ break; |
776 | ++ case OPT_BAD_FIPS: |
777 | ++ badfips = 1; |
778 | ++ break; |
779 | ++ case OPT_CONTEXT: |
780 | ++ context = 1; |
781 | ++ break; |
782 | ++ case OPT_TEST_CASES: |
783 | ++ break; |
784 | ++ default: |
785 | ++ return 0; |
786 | ++ } |
787 | ++ } |
788 | ++ |
789 | ++ ADD_TEST(test_fips_auto); |
790 | ++ return 1; |
791 | ++} |
792 | +diff --git a/test/recipes/04-test_auto_fips_mode.t b/test/recipes/04-test_auto_fips_mode.t |
793 | +new file mode 100644 |
794 | +index 000000000000..fcd4b3d4e8a3 |
795 | +--- /dev/null |
796 | ++++ b/test/recipes/04-test_auto_fips_mode.t |
797 | +@@ -0,0 +1,50 @@ |
798 | ++#! /usr/bin/env perl |
799 | ++# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. |
800 | ++# |
801 | ++# Licensed under the Apache License 2.0 (the "License"). You may not use |
802 | ++# this file except in compliance with the License. You can obtain a copy |
803 | ++# in the file LICENSE in the source distribution or at |
804 | ++# https://www.openssl.org/source/license.html |
805 | ++ |
806 | ++use strict; |
807 | ++use warnings; |
808 | ++ |
809 | ++use File::Spec::Functions qw/curdir/; |
810 | ++use OpenSSL::Test qw/:DEFAULT srctop_dir/; |
811 | ++use OpenSSL::Test::Utils; |
812 | ++use Cwd qw(abs_path); |
813 | ++ |
814 | ++BEGIN { |
815 | ++ setup("test_auto_fips_mode"); |
816 | ++} |
817 | ++ |
818 | ++my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); |
819 | ++ |
820 | ++plan tests => ($no_fips ? 5 : 7); |
821 | ++ |
822 | ++$ENV{OPENSSL_FIPS_MODE_SWITCH_PATH} = abs_path(srctop_dir("test", "recipes", |
823 | ++ "04-test_auto_fips_mode", "notexist")); |
824 | ++ok(run(test(["fips_auto_enable_test"])), "running fips_auto_enable_test"); |
825 | ++ok(run(test(["fips_auto_enable_test", "-context"])), |
826 | ++ "running fips_auto_enable_test -context"); |
827 | ++ |
828 | ++$ENV{OPENSSL_FIPS_MODE_SWITCH_PATH} = abs_path(srctop_dir("test", "recipes", |
829 | ++ "04-test_auto_fips_mode", "off")); |
830 | ++ok(run(test(["fips_auto_enable_test"])), |
831 | ++ "running fips_auto_enable_test with FIPS mode off"); |
832 | ++ok(run(test(["fips_auto_enable_test", "-context"])), |
833 | ++ "running fips_auto_enable_test -context with FIPS mode off"); |
834 | ++ |
835 | ++$ENV{OPENSSL_FIPS_MODE_SWITCH_PATH} = abs_path(srctop_dir("test", "recipes", |
836 | ++ "04-test_auto_fips_mode", "on")); |
837 | ++ |
838 | ++unless($no_fips) { |
839 | ++ ok(run(test(["fips_auto_enable_test", "-fips"])), |
840 | ++ "running fips_auto_enable_test -fips"); |
841 | ++ ok(run(test(["fips_auto_enable_test", "-context", "-fips"])), |
842 | ++ "running fips_auto_enable_test -context -fips"); |
843 | ++} |
844 | ++ |
845 | ++$ENV{OPENSSL_MODULES} = curdir(); |
846 | ++ok(run(test(["fips_auto_enable_test", "-fips", "-badfips"])), |
847 | ++ "running fips_auto_enable_test -fips -badfips"); |
848 | +diff --git a/test/recipes/04-test_auto_fips_mode/off b/test/recipes/04-test_auto_fips_mode/off |
849 | +new file mode 100644 |
850 | +index 000000000000..573541ac9702 |
851 | +--- /dev/null |
852 | ++++ b/test/recipes/04-test_auto_fips_mode/off |
853 | +@@ -0,0 +1 @@ |
854 | ++0 |
855 | +diff --git a/test/recipes/04-test_auto_fips_mode/on b/test/recipes/04-test_auto_fips_mode/on |
856 | +new file mode 100644 |
857 | +index 000000000000..d00491fd7e5b |
858 | +--- /dev/null |
859 | ++++ b/test/recipes/04-test_auto_fips_mode/on |
860 | +@@ -0,0 +1 @@ |
861 | ++1 |
862 | +diff --git a/test/run_tests.pl b/test/run_tests.pl |
863 | +index 4384ebe28e0d..b52d5b7ee05e 100644 |
864 | +--- a/test/run_tests.pl |
865 | ++++ b/test/run_tests.pl |
866 | +@@ -37,6 +37,7 @@ $ENV{OPENSSL_CONF} = rel2abs(catfile($srctop, "apps", "openssl.cnf")); |
867 | + $ENV{OPENSSL_CONF_INCLUDE} = rel2abs(catdir($bldtop, "test")); |
868 | + $ENV{OPENSSL_MODULES} = rel2abs(catdir($bldtop, "providers")); |
869 | + $ENV{OPENSSL_ENGINES} = rel2abs(catdir($bldtop, "engines")); |
870 | ++$ENV{OPENSSL_FIPS_MODE_SWITCH_PATH} = "/nonexistant"; |
871 | + $ENV{CTLOG_FILE} = rel2abs(catfile($srctop, "test", "ct", "log_list.cnf")); |
872 | + |
873 | + my %tapargs = |
874 | diff --git a/debian/patches/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch b/debian/patches/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch |
875 | new file mode 100644 |
876 | index 0000000..3b2b15f |
877 | --- /dev/null |
878 | +++ b/debian/patches/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch |
879 | @@ -0,0 +1,57 @@ |
880 | +From: Chris Coulson <chris.coulson@canonical.com> |
881 | +Date: Thu, 30 Mar 2023 16:10:16 +0100 |
882 | +Subject: test: Ensure encoding runs with the correct context during |
883 | + test_encoder_decoder |
884 | + |
885 | +Forwarded: no |
886 | +Applied-Upstream: no |
887 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593 |
888 | + |
889 | +This test uses 2 library contexts - one context for creating initial test keys, |
890 | +and then another context (or the default context) for running tests. There is an |
891 | +issue that during the encoding tests, the OSSL_ENCODER_CTX is created from the |
892 | +created EVP_PKEYs, which are associated with the library context used to create |
893 | +the keys. This means that encoding tests run with the wrong library context, |
894 | +which always uses the default provider. |
895 | +--- |
896 | + test/endecode_test.c | 15 +++++++++++++-- |
897 | + 1 file changed, 13 insertions(+), 2 deletions(-) |
898 | + |
899 | +diff --git a/test/endecode_test.c b/test/endecode_test.c |
900 | +index 5158b39ee41f..ce6febe619a8 100644 |
901 | +--- a/test/endecode_test.c |
902 | ++++ b/test/endecode_test.c |
903 | +@@ -105,11 +105,12 @@ static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams) |
904 | + static EVP_PKEY *make_key(const char *type, EVP_PKEY *template, |
905 | + OSSL_PARAM *genparams) |
906 | + { |
907 | +- EVP_PKEY *pkey = NULL; |
908 | ++ EVP_PKEY *tmp_pkey = NULL, *pkey = NULL; |
909 | + EVP_PKEY_CTX *ctx = |
910 | + template != NULL |
911 | + ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq) |
912 | + : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq); |
913 | ++ OSSL_PARAM *params = NULL; |
914 | + |
915 | + /* |
916 | + * No real need to check the errors other than for the cascade |
917 | +@@ -119,8 +120,18 @@ static EVP_PKEY *make_key(const char *type, EVP_PKEY *template, |
918 | + && EVP_PKEY_keygen_init(ctx) > 0 |
919 | + && (genparams == NULL |
920 | + || EVP_PKEY_CTX_set_params(ctx, genparams) > 0) |
921 | +- && EVP_PKEY_keygen(ctx, &pkey) > 0); |
922 | ++ && EVP_PKEY_keygen(ctx, &tmp_pkey) > 0); |
923 | ++ EVP_PKEY_CTX_free(ctx); |
924 | ++ |
925 | ++ (void)(tmp_pkey != NULL |
926 | ++ && ((ctx = EVP_PKEY_CTX_new_from_name(testctx, type, testpropq)) != NULL) |
927 | ++ && EVP_PKEY_todata(pkey, EVP_PKEY_KEYPAIR, ¶ms) > 0 |
928 | ++ && EVP_PKEY_fromdata_init(ctx) > 0 |
929 | ++ && EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) > 0); |
930 | ++ OSSL_PARAM_free(params); |
931 | + EVP_PKEY_CTX_free(ctx); |
932 | ++ EVP_PKEY_free(tmp_pkey); |
933 | ++ |
934 | + return pkey; |
935 | + } |
936 | + #endif |
937 | diff --git a/debian/patches/intel/002-vaes_gcm_avx512_fix.patch b/debian/patches/intel/002-vaes_gcm_avx512_fix.patch |
938 | new file mode 100644 |
939 | index 0000000..da94b6f |
940 | --- /dev/null |
941 | +++ b/debian/patches/intel/002-vaes_gcm_avx512_fix.patch |
942 | @@ -0,0 +1,63 @@ |
943 | +diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_vaes_avx512.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_vaes_avx512.inc |
944 | +index 8f279d0c7..ec91327fd 100644 |
945 | +--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_vaes_avx512.inc |
946 | ++++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_vaes_avx512.inc |
947 | +@@ -48,7 +48,6 @@ static int vaes_gcm_setkey(PROV_GCM_CTX *ctx, const unsigned char *key, |
948 | + PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx; |
949 | + AES_KEY *ks = &actx->ks.ks; |
950 | + |
951 | +- ctx->ks = ks; |
952 | + aesni_set_encrypt_key(key, keylen * 8, ks); |
953 | + memset(gcmctx, 0, sizeof(*gcmctx)); |
954 | + gcmctx->key = ks; |
955 | +@@ -77,7 +76,7 @@ static int vaes_gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, |
956 | + if (ivlen > (U64(1) << 61)) |
957 | + return 0; |
958 | + |
959 | +- ossl_aes_gcm_setiv_avx512(ctx->ks, gcmctx, iv, ivlen); |
960 | ++ ossl_aes_gcm_setiv_avx512(gcmctx->key, gcmctx, iv, ivlen); |
961 | + |
962 | + return 1; |
963 | + } |
964 | +@@ -162,9 +161,9 @@ static int vaes_gcm_cipherupdate(PROV_GCM_CTX *ctx, const unsigned char *in, |
965 | + } |
966 | + |
967 | + if (ctx->enc) |
968 | +- ossl_aes_gcm_encrypt_avx512(ctx->ks, gcmctx, &gcmctx->mres, in, len, out); |
969 | ++ ossl_aes_gcm_encrypt_avx512(gcmctx->key, gcmctx, &gcmctx->mres, in, len, out); |
970 | + else |
971 | +- ossl_aes_gcm_decrypt_avx512(ctx->ks, gcmctx, &gcmctx->mres, in, len, out); |
972 | ++ ossl_aes_gcm_decrypt_avx512(gcmctx->key, gcmctx, &gcmctx->mres, in, len, out); |
973 | + |
974 | + return 1; |
975 | + } |
976 | +diff --git a/providers/implementations/include/prov/ciphercommon_gcm.h b/providers/implementations/include/prov/ciphercommon_gcm.h |
977 | +index 7c4a548f9..b482af78d 100644 |
978 | +--- a/providers/implementations/include/prov/ciphercommon_gcm.h |
979 | ++++ b/providers/implementations/include/prov/ciphercommon_gcm.h |
980 | +@@ -75,7 +75,6 @@ typedef struct prov_gcm_ctx_st { |
981 | + const PROV_GCM_HW *hw; /* hardware specific methods */ |
982 | + GCM128_CONTEXT gcm; |
983 | + ctr128_f ctr; |
984 | +- const void *ks; |
985 | + } PROV_GCM_CTX; |
986 | + |
987 | + PROV_CIPHER_FUNC(int, GCM_setkey, (PROV_GCM_CTX *ctx, const unsigned char *key, |
988 | +@@ -122,7 +121,6 @@ int ossl_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in, |
989 | + size_t len, unsigned char *out); |
990 | + |
991 | + #define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \ |
992 | +- ctx->ks = ks; \ |
993 | + fn_set_enc_key(key, keylen * 8, ks); \ |
994 | + CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \ |
995 | + ctx->ctr = (ctr128_f)fn_ctr; \ |
996 | + |
997 | +Subject: Avoid having another copy of key schedule in PROV_GCM_CTX |
998 | +Author: Dan Zimmerman |
999 | +Forwarded: not-needed, https://github.com/openssl/openssl/pull/22384 |
1000 | +Applied-Upstream: yes |
1001 | +Acked-by: or Reviewed-by; reviewer as Name and email, can be repeated |
1002 | +Bug: https://github.com/openssl/openssl/commit/143ca66cf00c88950d689a8aa0c89888052669f4 |
1003 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2030784/comments |
1004 | +Origin: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2030784/comments/10 |
1005 | +Last-Update: 2024-03-11 |
1006 | diff --git a/debian/patches/series b/debian/patches/series |
1007 | index 7c3b688..14e11b9 100644 |
1008 | --- a/debian/patches/series |
1009 | +++ b/debian/patches/series |
1010 | @@ -15,6 +15,12 @@ skip_tls1.1_seclevel3_tests.patch |
1011 | |
1012 | ## AVX512 support patches (LP #2030784) |
1013 | intel/0001-Dual-1536-2048-bit-exponentiation-optimization-for-I.patch |
1014 | -# Skipped due to issues appearing in the testsuite on 3.0.13 following dupctx |
1015 | -# changes in 3.0.13 |
1016 | -# intel/0002-AES-GCM-enabled-with-AVX512-vAES-and-vPCLMULQDQ.patch |
1017 | +intel/0002-AES-GCM-enabled-with-AVX512-vAES-and-vPCLMULQDQ.patch |
1018 | +intel/002-vaes_gcm_avx512_fix.patch |
1019 | + |
1020 | +# FIPS patches |
1021 | +fips/crypto-Add-kernel-FIPS-mode-detection.patch |
1022 | +fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch |
1023 | +fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch |
1024 | +fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch |
1025 | +fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch |
1026 | diff --git a/debian/rules b/debian/rules |
1027 | index 1e2ba2b..a6eef69 100755 |
1028 | --- a/debian/rules |
1029 | +++ b/debian/rules |
1030 | @@ -11,7 +11,7 @@ |
1031 | include /usr/share/dpkg/architecture.mk |
1032 | include /usr/share/dpkg/pkg-info.mk |
1033 | |
1034 | -export DEB_BUILD_MAINT_OPTIONS = hardening=+all future=+lfs |
1035 | +export DEB_BUILD_MAINT_OPTIONS = hardening=+all future=+lfs optimize=-lto |
1036 | |
1037 | SHELL=/bin/bash |
1038 |
Uploaded, with a couple of small fixups in the AVX512 patch. As a result the g-u importer won't be able to close this MP, so could you do it manually Adrien? TIA :)