From 4dc19fe03312cb6d54c599a36503d19dfc5713f3 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Thu, 24 Mar 2022 17:45:16 +0100 Subject: [PATCH] Reworked patch forbidding explicit EC parameters Resolves: rhbz#2066412 --- 0012-Disable-explicit-ec.patch | 188 ++++++++++++++++++++------------- ectest.c | 2 +- 2 files changed, 116 insertions(+), 74 deletions(-) diff --git a/0012-Disable-explicit-ec.patch b/0012-Disable-explicit-ec.patch index a1df020..9c3ef57 100644 --- a/0012-Disable-explicit-ec.patch +++ b/0012-Disable-explicit-ec.patch @@ -1,80 +1,122 @@ -diff -up openssl-3.0.1/crypto/ec/ec_lib.c.disable_explicit_ec openssl-3.0.1/crypto/ec/ec_lib.c ---- openssl-3.0.1/crypto/ec/ec_lib.c.disable_explicit_ec 2022-02-22 09:08:48.557823665 +0100 -+++ openssl-3.0.1/crypto/ec/ec_lib.c 2022-02-22 09:09:26.634133847 +0100 -@@ -1458,7 +1458,7 @@ static EC_GROUP *ec_group_explicit_to_na - goto err; - } - } else { -- ret_group = (EC_GROUP *)group; -+ goto err; - } - EC_GROUP_free(dup); - return ret_group; -diff -up openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.disable_explicit_ec openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c ---- openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.disable_explicit_ec 2022-02-22 13:04:16.850856612 +0100 -+++ openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c 2022-02-22 14:16:19.848369641 +0100 -@@ -936,11 +936,8 @@ int ec_validate(const void *keydata, int - if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { - int flags = EC_KEY_get_flags(eck); +diff -up openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec openssl-3.0.1/crypto/ec/ec_asn1.c +--- openssl-3.0.1/crypto/ec/ec_asn1.c.disable_explicit_ec 2022-03-22 13:10:45.718077845 +0100 ++++ openssl-3.0.1/crypto/ec/ec_asn1.c 2022-03-22 13:12:46.626599016 +0100 +@@ -895,6 +895,12 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP ** + if (params->type == ECPKPARAMETERS_TYPE_EXPLICIT) + group->decoded_from_explicit_params = 1; -- if ((flags & EC_FLAG_CHECK_NAMED_GROUP) != 0) -- ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), -- (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx); -- else -- ok = ok && EC_GROUP_check(EC_KEY_get0_group(eck), ctx); -+ ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), -+ (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx); ++ if (EC_GROUP_check_named_curve(group, 0, NULL) == NID_undef) { ++ EC_GROUP_free(group); ++ ECPKPARAMETERS_free(params); ++ return NULL; ++ } ++ + if (a) { + EC_GROUP_free(*a); + *a = group; +@@ -954,6 +959,11 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con + goto err; } - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { -@@ -1217,6 +1214,10 @@ static int ec_gen_assign_group(EC_KEY *e - ERR_raise(ERR_LIB_PROV, PROV_R_NO_PARAMETERS_SET); - return 0; - } -+ if (EC_GROUP_get_curve_name(group) == NID_undef) { -+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE); -+ return 0; ++ if (EC_GROUP_check_named_curve(ret->group, 0, NULL) == NID_undef) { ++ ERR_raise(ERR_LIB_EC, EC_R_UNKNOWN_GROUP); ++ goto err; + } - return EC_KEY_set_group(ec, group) > 0; - } ++ + ret->version = priv_key->version; -diff -up openssl-3.0.1/providers/common/securitycheck.c.disable_explicit_ec openssl-3.0.1/providers/common/securitycheck.c ---- openssl-3.0.1/providers/common/securitycheck.c.disable_explicit_ec 2022-02-25 11:44:19.554673396 +0100 -+++ openssl-3.0.1/providers/common/securitycheck.c 2022-02-25 12:16:38.168610089 +0100 -@@ -93,22 +93,22 @@ int ossl_rsa_check_key(OSSL_LIB_CTX *ctx - int ossl_ec_check_key(OSSL_LIB_CTX *ctx, const EC_KEY *ec, int protect) - { - # if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS) -- if (ossl_securitycheck_enabled(ctx)) { -- int nid, strength; -- const char *curve_name; -- const EC_GROUP *group = EC_KEY_get0_group(ec); -+ int nid, strength; -+ const char *curve_name; -+ const EC_GROUP *group = EC_KEY_get0_group(ec); + if (priv_key->privateKey) { +diff -up openssl-3.0.1/test/endecode_test.c.disable_explicit_ec openssl-3.0.1/test/endecode_test.c +--- openssl-3.0.1/test/endecode_test.c.disable_explicit_ec 2022-03-21 16:55:46.005558779 +0100 ++++ openssl-3.0.1/test/endecode_test.c 2022-03-21 16:56:12.636792762 +0100 +@@ -57,7 +57,7 @@ static BN_CTX *bnctx = NULL; + static OSSL_PARAM_BLD *bld_prime_nc = NULL; + static OSSL_PARAM_BLD *bld_prime = NULL; + static OSSL_PARAM *ec_explicit_prime_params_nc = NULL; +-static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL; ++/*static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;*/ -- if (group == NULL) { -- ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group"); -- return 0; -- } -- nid = EC_GROUP_get_curve_name(group); -- if (nid == NID_undef) { -- ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, -- "Explicit curves are not allowed in fips mode"); -- return 0; -- } -+ if (group == NULL) { -+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group"); -+ return 0; -+ } -+ nid = EC_GROUP_get_curve_name(group); -+ if (nid == NID_undef) { -+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, -+ "Explicit curves are not allowed in this build"); -+ return 0; -+ } + # ifndef OPENSSL_NO_EC2M + static OSSL_PARAM_BLD *bld_tri_nc = NULL; +@@ -990,9 +990,9 @@ IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC") + DOMAIN_KEYS(ECExplicitPrimeNamedCurve); + IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC") + IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC") +-DOMAIN_KEYS(ECExplicitPrime2G); +-IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC") +-IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC") ++/*DOMAIN_KEYS(ECExplicitPrime2G);*/ ++/*IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")*/ ++/*IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")*/ + # ifndef OPENSSL_NO_EC2M + DOMAIN_KEYS(ECExplicitTriNamedCurve); + IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC") +@@ -1318,7 +1318,7 @@ int setup_tests(void) + || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc) + || !create_ec_explicit_prime_params(bld_prime) + || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc)) +- || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime)) ++/* || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))*/ + # ifndef OPENSSL_NO_EC2M + || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new()) + || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new()) +@@ -1346,7 +1346,7 @@ int setup_tests(void) + TEST_info("Generating EC keys..."); + MAKE_DOMAIN_KEYS(EC, "EC", EC_params); + MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc); +- MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit); ++/* MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);*/ + # ifndef OPENSSL_NO_EC2M + MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc); + MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit); +@@ -1389,8 +1389,8 @@ int setup_tests(void) + ADD_TEST_SUITE_LEGACY(EC); + ADD_TEST_SUITE(ECExplicitPrimeNamedCurve); + ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve); +- ADD_TEST_SUITE(ECExplicitPrime2G); +- ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G); ++/* ADD_TEST_SUITE(ECExplicitPrime2G);*/ ++/* ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);*/ + # ifndef OPENSSL_NO_EC2M + ADD_TEST_SUITE(ECExplicitTriNamedCurve); + ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve); +@@ -1427,7 +1427,7 @@ void cleanup_tests(void) + { + #ifndef OPENSSL_NO_EC + OSSL_PARAM_free(ec_explicit_prime_params_nc); +- OSSL_PARAM_free(ec_explicit_prime_params_explicit); ++/* OSSL_PARAM_free(ec_explicit_prime_params_explicit);*/ + OSSL_PARAM_BLD_free(bld_prime_nc); + OSSL_PARAM_BLD_free(bld_prime); + # ifndef OPENSSL_NO_EC2M +@@ -1449,7 +1449,7 @@ void cleanup_tests(void) + #ifndef OPENSSL_NO_EC + FREE_DOMAIN_KEYS(EC); + FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve); +- FREE_DOMAIN_KEYS(ECExplicitPrime2G); ++/* FREE_DOMAIN_KEYS(ECExplicitPrime2G);*/ + # ifndef OPENSSL_NO_EC2M + FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve); + FREE_DOMAIN_KEYS(ECExplicitTri2G); +diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt +--- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.disable_explicit_ec 2022-03-25 11:20:50.920949208 +0100 ++++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_ecdsa.txt 2022-03-25 11:21:13.177147598 +0100 +@@ -121,18 +121,6 @@ AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEB + 3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl + -----END PRIVATE KEY----- -+ if (ossl_securitycheck_enabled(ctx)) { - curve_name = EC_curve_nid2nist(nid); - if (curve_name == NULL) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, +-PrivateKey = EC_EXPLICIT +------BEGIN PRIVATE KEY----- +-MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB +-AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA +-///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV +-AMSdNgiG5wSTamZ44ROdJreBn36QBEEE5JcIvn36opqjEm/k59Al40rBAxWM2TPG +-l0L13Je51zHpfXQ9Z2o7IQicMXP4wSfJ0qCgg2bgydqoxlYrlLGuVQIhAP////8A +-AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgec92jwduadCk +-OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATtECEhQbLEaiUj/Wu0qjcr81lL +-46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg +------END PRIVATE KEY----- +- + PrivateKey = B-163 + -----BEGIN PRIVATE KEY----- + MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K diff --git a/ectest.c b/ectest.c index 2ba662f..b2708ea 100644 --- a/ectest.c +++ b/ectest.c @@ -2284,7 +2284,7 @@ int setup_tests(void) return 0; ADD_TEST(parameter_test); - ADD_TEST(cofactor_range_test); + /*ADD_TEST(cofactor_range_test);*/ ADD_ALL_TESTS(cardinality_test, crv_len); ADD_TEST(prime_field_tests); #ifndef OPENSSL_NO_EC2M