Loading CHANGES +2 −2 Original line number Diff line number Diff line Loading @@ -4,8 +4,8 @@ Changes between 1.0.0d and 1.0.1 [xx XXX xxxx] *) Redirect low level RSA operations to FIPS module including blocking of non FIPS RSA methods. *) Redirect RSA operations to FIPS module including keygen, encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods. [Steve Henson] *) Add similar low level API blocking to ciphers. Loading crypto/rsa/rsa.h +3 −0 Original line number Diff line number Diff line Loading @@ -455,6 +455,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_PKEY_RSA_CTRL 143 #define RSA_F_PKEY_RSA_CTRL_STR 144 #define RSA_F_PKEY_RSA_SIGN 142 #define RSA_F_PKEY_RSA_VERIFY 154 #define RSA_F_PKEY_RSA_VERIFYRECOVER 141 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 Loading @@ -463,6 +464,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 #define RSA_F_RSA_GENERATE_KEY 105 #define RSA_F_RSA_GENERATE_KEY_EX 155 #define RSA_F_RSA_MEMORY_LOCK 130 #define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NULL 124 Loading Loading @@ -541,6 +543,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 151 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 Loading crypto/rsa/rsa_err.c +3 −0 Original line number Diff line number Diff line Loading @@ -78,6 +78,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"}, {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"}, {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"}, {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"}, {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, Loading @@ -86,6 +87,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, Loading Loading @@ -167,6 +169,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, Loading crypto/rsa/rsa_gen.c +15 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,9 @@ #include "cryptlib.h" #include <openssl/bn.h> #include <openssl/rsa.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); Loading @@ -77,6 +80,18 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) * now just because key-generation is part of RSA_METHOD. */ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { #ifdef OPENSSL_FIPS if (FIPS_mode()) { if (rsa->meth->flags & RSA_FLAG_FIPS_METHOD) return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb); if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD); return 0; } } #endif if(rsa->meth->rsa_keygen) return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); return rsa_builtin_keygen(rsa, bits, e_value, cb); Loading crypto/rsa/rsa_pmeth.c +74 −0 Original line number Diff line number Diff line Loading @@ -63,6 +63,9 @@ #include <openssl/rsa.h> #include <openssl/bn.h> #include <openssl/evp.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif #include "evp_locl.h" #include "rsa_locl.h" Loading Loading @@ -151,6 +154,30 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) } } /* FIP checker. Return value indicates status of context parameters: * 1 : redirect to FIPS. * 0 : don't redirect to FIPS. * -1 : illegal operation in FIPS mode. */ static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx) { RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; int rv = -1; if (!FIPS_mode()) return 0; if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) rv = 0; if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv) return -1; if (rctx->md && !(rctx->md->flags & EVP_MD_FLAG_FIPS)) return rv; if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS)) return rv; return 1; } static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { Loading @@ -158,6 +185,15 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; #ifdef OPENSSL_FIPS ret = pkey_fips_check_ctx(ctx); if (ret < 0) { RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); return -1; } #endif if (rctx->md) { if (tbslen != (size_t)EVP_MD_size(rctx->md)) Loading @@ -166,6 +202,22 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, RSA_R_INVALID_DIGEST_LENGTH); return -1; } #ifdef OPENSSL_FIPS if (ret > 0) { unsigned int slen; ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md, rctx->pad_mode, rctx->saltlen, rctx->mgf1md, sig, &slen); if (ret > 0) *siglen = slen; else *siglen = 0; return ret; } #endif if (rctx->pad_mode == RSA_X931_PADDING) { if (!setup_tbuf(rctx, ctx)) Loading Loading @@ -274,8 +326,30 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; size_t rslen; #ifdef OPENSSL_FIPS int rv; rv = pkey_fips_check_ctx(ctx); if (rv < 0) { RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); return -1; } #endif if (rctx->md) { #ifdef OPENSSL_FIPS if (rv > 0) { return FIPS_rsa_verify_digest(rsa, tbs, tbslen, rctx->md, rctx->pad_mode, rctx->saltlen, rctx->mgf1md, sig, siglen); } #endif if (rctx->pad_mode == RSA_PKCS1_PADDING) return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa); Loading Loading
CHANGES +2 −2 Original line number Diff line number Diff line Loading @@ -4,8 +4,8 @@ Changes between 1.0.0d and 1.0.1 [xx XXX xxxx] *) Redirect low level RSA operations to FIPS module including blocking of non FIPS RSA methods. *) Redirect RSA operations to FIPS module including keygen, encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods. [Steve Henson] *) Add similar low level API blocking to ciphers. Loading
crypto/rsa/rsa.h +3 −0 Original line number Diff line number Diff line Loading @@ -455,6 +455,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_PKEY_RSA_CTRL 143 #define RSA_F_PKEY_RSA_CTRL_STR 144 #define RSA_F_PKEY_RSA_SIGN 142 #define RSA_F_PKEY_RSA_VERIFY 154 #define RSA_F_PKEY_RSA_VERIFYRECOVER 141 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 Loading @@ -463,6 +464,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 #define RSA_F_RSA_GENERATE_KEY 105 #define RSA_F_RSA_GENERATE_KEY_EX 155 #define RSA_F_RSA_MEMORY_LOCK 130 #define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NULL 124 Loading Loading @@ -541,6 +543,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 151 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 Loading
crypto/rsa/rsa_err.c +3 −0 Original line number Diff line number Diff line Loading @@ -78,6 +78,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"}, {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"}, {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"}, {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"}, {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, Loading @@ -86,6 +87,7 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, {ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, Loading Loading @@ -167,6 +169,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, Loading
crypto/rsa/rsa_gen.c +15 −0 Original line number Diff line number Diff line Loading @@ -67,6 +67,9 @@ #include "cryptlib.h" #include <openssl/bn.h> #include <openssl/rsa.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); Loading @@ -77,6 +80,18 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) * now just because key-generation is part of RSA_METHOD. */ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { #ifdef OPENSSL_FIPS if (FIPS_mode()) { if (rsa->meth->flags & RSA_FLAG_FIPS_METHOD) return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb); if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD); return 0; } } #endif if(rsa->meth->rsa_keygen) return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); return rsa_builtin_keygen(rsa, bits, e_value, cb); Loading
crypto/rsa/rsa_pmeth.c +74 −0 Original line number Diff line number Diff line Loading @@ -63,6 +63,9 @@ #include <openssl/rsa.h> #include <openssl/bn.h> #include <openssl/evp.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif #include "evp_locl.h" #include "rsa_locl.h" Loading Loading @@ -151,6 +154,30 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) } } /* FIP checker. Return value indicates status of context parameters: * 1 : redirect to FIPS. * 0 : don't redirect to FIPS. * -1 : illegal operation in FIPS mode. */ static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx) { RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; int rv = -1; if (!FIPS_mode()) return 0; if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) rv = 0; if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv) return -1; if (rctx->md && !(rctx->md->flags & EVP_MD_FLAG_FIPS)) return rv; if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS)) return rv; return 1; } static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { Loading @@ -158,6 +185,15 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; #ifdef OPENSSL_FIPS ret = pkey_fips_check_ctx(ctx); if (ret < 0) { RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); return -1; } #endif if (rctx->md) { if (tbslen != (size_t)EVP_MD_size(rctx->md)) Loading @@ -166,6 +202,22 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, RSA_R_INVALID_DIGEST_LENGTH); return -1; } #ifdef OPENSSL_FIPS if (ret > 0) { unsigned int slen; ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md, rctx->pad_mode, rctx->saltlen, rctx->mgf1md, sig, &slen); if (ret > 0) *siglen = slen; else *siglen = 0; return ret; } #endif if (rctx->pad_mode == RSA_X931_PADDING) { if (!setup_tbuf(rctx, ctx)) Loading Loading @@ -274,8 +326,30 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, RSA_PKEY_CTX *rctx = ctx->data; RSA *rsa = ctx->pkey->pkey.rsa; size_t rslen; #ifdef OPENSSL_FIPS int rv; rv = pkey_fips_check_ctx(ctx); if (rv < 0) { RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); return -1; } #endif if (rctx->md) { #ifdef OPENSSL_FIPS if (rv > 0) { return FIPS_rsa_verify_digest(rsa, tbs, tbslen, rctx->md, rctx->pad_mode, rctx->saltlen, rctx->mgf1md, sig, siglen); } #endif if (rctx->pad_mode == RSA_PKCS1_PADDING) return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa); Loading