From bd9060b13c128860032a30deff247359e1dd60ac Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Thu, 23 May 2024 16:02:16 +0200 Subject: [PATCH 1/3] Update RNG changing for FIPS purpose Resolves: RHEL-35380 --- 0076-FIPS-140-3-DRBG.patch | 81 ++++++++++++++++++++++++++++++++++++++ openssl.spec | 6 ++- 2 files changed, 86 insertions(+), 1 deletion(-) diff --git a/0076-FIPS-140-3-DRBG.patch b/0076-FIPS-140-3-DRBG.patch index cb2b504..591b49c 100644 --- a/0076-FIPS-140-3-DRBG.patch +++ b/0076-FIPS-140-3-DRBG.patch @@ -198,6 +198,14 @@ diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 14999540ab..b05b84717b 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c +@@ -11,6 +11,7 @@ + #define OPENSSL_SUPPRESS_DEPRECATED + + #include ++#include + #include + #include + #include "internal/cryptlib.h" @@ -723,15 +723,7 @@ EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx) return ret; } @@ -215,3 +223,76 @@ index 14999540ab..b05b84717b 100644 PRIMARY_RESEED_INTERVAL, PRIMARY_RESEED_TIME_INTERVAL, 1); /* +@@ -766,7 +766,7 @@ EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_ + if (CRYPTO_THREAD_get_local(&dgbl->private) == NULL + && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state)) + return NULL; +- rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL, ++ rand = rand_new_drbg(ctx, NULL, SECONDARY_RESEED_INTERVAL, + SECONDARY_RESEED_TIME_INTERVAL, 0); + CRYPTO_THREAD_set_local(&dgbl->public, rand); + } +@@ -799,7 +799,7 @@ EVP_RAND_CTX *RAND_get0_private(OSSL_LIB + if (CRYPTO_THREAD_get_local(&dgbl->public) == NULL + && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state)) + return NULL; +- rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL, ++ rand = rand_new_drbg(ctx, NULL, SECONDARY_RESEED_INTERVAL, + SECONDARY_RESEED_TIME_INTERVAL, 0); + CRYPTO_THREAD_set_local(&dgbl->private, rand); + } +diff -up openssl-3.2.1/test/drbgtest.c.xxx openssl-3.2.1/test/drbgtest.c +--- openssl-3.2.1/test/drbgtest.c.xxx 2024-05-02 15:37:23.550979597 +0200 ++++ openssl-3.2.1/test/drbgtest.c 2024-05-02 15:45:37.189979881 +0200 +@@ -218,7 +218,7 @@ static int test_drbg_reseed(int expect_s + reseed_when = time(NULL); + + /* Generate random output from the public and private DRBG */ +- before_reseed = expect_primary_reseed == 1 ? reseed_when : 0; ++ before_reseed = 0; + if (!TEST_int_eq(rand_bytes((unsigned char*)public_random, + RANDOM_SIZE), expect_success) + || !TEST_int_eq(rand_priv_bytes((unsigned char*) private_random, +@@ -232,8 +232,8 @@ static int test_drbg_reseed(int expect_s + */ + + /* Test whether reseeding succeeded as expected */ +- if (!TEST_int_eq(state(primary), expected_state) +- || !TEST_int_eq(state(public), expected_state) ++ if (/*!TEST_int_eq(state(primary), expected_state) ++ ||*/ !TEST_int_eq(state(public), expected_state) + || !TEST_int_eq(state(private), expected_state)) + return 0; + +@@ -246,16 +246,16 @@ static int test_drbg_reseed(int expect_s + if (expect_public_reseed >= 0) { + /* Test whether public DRBG was reseeded as expected */ + if (!TEST_int_ge(reseed_counter(public), public_reseed) +- || !TEST_uint_ge(reseed_counter(public), +- reseed_counter(primary))) ++ /*|| !TEST_uint_ge(reseed_counter(public), ++ reseed_counter(primary))*/) + return 0; + } + + if (expect_private_reseed >= 0) { + /* Test whether public DRBG was reseeded as expected */ + if (!TEST_int_ge(reseed_counter(private), private_reseed) +- || !TEST_uint_ge(reseed_counter(private), +- reseed_counter(primary))) ++ /*|| !TEST_uint_ge(reseed_counter(private), ++ reseed_counter(primary))*/) + return 0; + } + +@@ -577,8 +577,8 @@ static int test_rand_reseed(void) + if (!TEST_ptr_ne(public, private) + || !TEST_ptr_ne(public, primary) + || !TEST_ptr_ne(private, primary) +- || !TEST_ptr_eq(prov_rand(public)->parent, prov_rand(primary)) +- || !TEST_ptr_eq(prov_rand(private)->parent, prov_rand(primary))) ++ /*|| !TEST_ptr_eq(prov_rand(public)->parent, prov_rand(primary)) ++ || !TEST_ptr_eq(prov_rand(private)->parent, prov_rand(primary))*/) + return 0; + + /* Disable CRNG testing for the primary DRBG */ diff --git a/openssl.spec b/openssl.spec index d3e478f..41fbc00 100644 --- a/openssl.spec +++ b/openssl.spec @@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.2.1 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -500,6 +500,10 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco %ldconfig_scriptlets libs %changelog +* Thu May 23 2024 Dmitry Belyavskiy - 1:3.2.1-2 +- Update RNG changing for FIPS purpose + Resolves: RHEL-35380 + * Wed Apr 03 2024 Dmitry Belyavskiy - 1:3.2.1-1 - Rebasing OpenSSL to 3.2.1 Resolves: RHEL-26271 From ed09ce6530ba7b331f722bf7048f362c8485888e Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 5 Jun 2024 15:05:20 +0200 Subject: [PATCH 2/3] Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack. Resolves: RHEL-32148 Resolves: RHEL-36792 Resolves: RHEL-38514 Resolves: RHEL-39111 --- .gitignore | 1 + 0033-FIPS-embed-hmac.patch | 4 +- 0078-KDF-Add-FIPS-indicators.patch | 29 +-- ...-ignore-unknown-sigalgorithms-groups.patch | 20 +-- 0118-no-crl-memleak.patch | 80 --------- ...-sigalgs-in-signaturealgorithms-conf.patch | 170 ------------------ openssl.spec | 16 +- sources | 2 +- 8 files changed, 41 insertions(+), 281 deletions(-) delete mode 100644 0118-no-crl-memleak.patch delete mode 100644 0119-provider-sigalgs-in-signaturealgorithms-conf.patch diff --git a/.gitignore b/.gitignore index 8e6940c..c47bf28 100644 --- a/.gitignore +++ b/.gitignore @@ -56,3 +56,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-3.0.7-hobbled.tar.gz /openssl-3.0.7.tar.gz /openssl-3.2.1.tar.gz +/openssl-3.2.2.tar.gz diff --git a/0033-FIPS-embed-hmac.patch b/0033-FIPS-embed-hmac.patch index 6738304..0bf3b2d 100644 --- a/0033-FIPS-embed-hmac.patch +++ b/0033-FIPS-embed-hmac.patch @@ -383,8 +383,8 @@ index 18d9f3d204..71780d8caa 100644 --- a/test/recipes/90-test_sslapi.t +++ b/test/recipes/90-test_sslapi.t @@ -17,7 +17,7 @@ setup("test_sslapi"); - use lib srctop_dir('Configurations'); - use lib bldtop_dir('.'); + setup("test_sslapi"); + } -my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); +my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0); diff --git a/0078-KDF-Add-FIPS-indicators.patch b/0078-KDF-Add-FIPS-indicators.patch index 93ee1e0..17ff63e 100644 --- a/0078-KDF-Add-FIPS-indicators.patch +++ b/0078-KDF-Add-FIPS-indicators.patch @@ -120,7 +120,7 @@ index dfa7786bde..f01e40ff5a 100644 switch (ctx->mode) { case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: default: -@@ -332,15 +342,78 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) +@@ -318,22 +318,85 @@ static int kdf_hkdf_get_ctx_params(void { KDF_HKDF *ctx = (KDF_HKDF *)vctx; OSSL_PARAM *p; @@ -129,13 +129,20 @@ index dfa7786bde..f01e40ff5a 100644 if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) { size_t sz = kdf_hkdf_size(ctx); -- if (sz == 0) + any_valid = 1; -+ -+ if (sz == 0 || !OSSL_PARAM_set_size_t(p, sz)) -+ return 0; -+ } -+ + if (sz == 0) + return 0; + return OSSL_PARAM_set_size_t(p, sz); + } + if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_INFO)) != NULL) { ++ any_valid = 1; + if (ctx->info == NULL || ctx->info_len == 0) { + p->return_size = 0; + return 1; + } + return OSSL_PARAM_set_octet_string(p, ctx->info, ctx->info_len); + } +- return -2; +#ifdef FIPS_MODULE + if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR)) + != NULL) { @@ -189,10 +196,8 @@ index dfa7786bde..f01e40ff5a 100644 + } + } + if (!OSSL_PARAM_set_int(p, fips_indicator)) - return 0; -- return OSSL_PARAM_set_size_t(p, sz); - } -- return -2; ++ return 0; ++ } +#endif /* defined(FIPS_MODULE) */ + + if (!any_valid) @@ -203,9 +208,9 @@ index dfa7786bde..f01e40ff5a 100644 static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx, @@ -348,6 +421,9 @@ static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx, - { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), + OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0), +#ifdef FIPS_MODULE + OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL), +#endif /* defined(FIPS_MODULE) */ diff --git a/0117-ignore-unknown-sigalgorithms-groups.patch b/0117-ignore-unknown-sigalgorithms-groups.patch index 3c52277..dd40e11 100644 --- a/0117-ignore-unknown-sigalgorithms-groups.patch +++ b/0117-ignore-unknown-sigalgorithms-groups.patch @@ -111,7 +111,7 @@ index 056aae3863..fe680449c5 100644 + } if (garg->gidcnt == garg->gidmax) { uint16_t *tmp = - OPENSSL_realloc(garg->gid_arr, garg->gidmax + GROUPLIST_INCREMENT); + OPENSSL_realloc(garg->gid_arr, @@ -1070,13 +1076,14 @@ static int gid_cb(const char *elem, int len, void *arg) gid = tls1_group_name2id(garg->ctx, etmp); @@ -161,18 +161,18 @@ index 056aae3863..fe680449c5 100644 return 0; if (len > (int)(sizeof(etmp) - 1)) @@ -2931,8 +2950,10 @@ static int sig_cb(const char *elem, int len, void *arg) - break; + break; + } } +- if (i == OSSL_NELEM(sigalg_lookup_tbl)) +- return 0; ++ if (i == OSSL_NELEM(sigalg_lookup_tbl)) { ++ /* Ignore unknown algorithms if ignore_unknown */ ++ return ignore_unknown; ++ } } -- if (i == OSSL_NELEM(sigalg_lookup_tbl)) -- return 0; -+ if (i == OSSL_NELEM(sigalg_lookup_tbl)) { -+ /* Ignore unknown algorithms if ignore_unknown */ -+ return ignore_unknown; -+ } } else { *p = 0; - p++; @@ -2940,8 +2961,10 @@ static int sig_cb(const char *elem, int len, void *arg) return 0; get_sigorhash(&sig_alg, &hash_alg, etmp); @@ -209,7 +209,7 @@ index 056aae3863..fe680449c5 100644 } return 1; @@ -2973,6 +2998,11 @@ int tls1_set_sigalgs_list(CERT *c, const char *str, int client) - sig.sigalgcnt = 0; + } if (!CONF_parse_list(str, ':', 1, sig_cb, &sig)) return 0; + if (sig.sigalgcnt == 0) { diff --git a/0118-no-crl-memleak.patch b/0118-no-crl-memleak.patch deleted file mode 100644 index ee7e745..0000000 --- a/0118-no-crl-memleak.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 105217c7d58c726f4e646177e0aaefb6115aad3e Mon Sep 17 00:00:00 2001 -From: Dmitry Belyavskiy -Date: Tue, 27 Feb 2024 15:22:58 +0100 -Subject: [PATCH 48/49] 0118-no-crl-memleak.patch - -Patch-name: 0118-no-crl-memleak.patch -Patch-id: 118 -Patch-status: | - # https://github.com/openssl/openssl/issues/23770 ---- - crypto/x509/by_file.c | 2 ++ - test/recipes/60-test_x509_load_cert_file.t | 3 ++- - test/x509_load_cert_file_test.c | 8 +++++++- - 3 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c -index 5073c137a2..85923804ac 100644 ---- a/crypto/x509/by_file.c -+++ b/crypto/x509/by_file.c -@@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) - goto err; - } - count++; -+ X509_CRL_free(x); -+ x = NULL; - } - } else if (type == X509_FILETYPE_ASN1) { - x = d2i_X509_CRL_bio(in, NULL); -diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t -index 75aeac362c..e329d7675c 100644 ---- a/test/recipes/60-test_x509_load_cert_file.t -+++ b/test/recipes/60-test_x509_load_cert_file.t -@@ -12,4 +12,5 @@ setup("test_load_cert_file"); - - plan tests => 1; - --ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")]))); -+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"), -+ srctop_file("test", "certs", "cyrillic_crl.pem")]))); -diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c -index 4a736071ae..c07d329915 100644 ---- a/test/x509_load_cert_file_test.c -+++ b/test/x509_load_cert_file_test.c -@@ -12,6 +12,7 @@ - #include "testutil.h" - - static const char *chain; -+static const char *crl; - - static int test_load_cert_file(void) - { -@@ -27,12 +28,15 @@ static int test_load_cert_file(void) - && TEST_int_eq(sk_X509_num(certs), 4)) - ret = 1; - -+ if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM))) -+ ret = 0; -+ - OSSL_STACK_OF_X509_free(certs); - X509_STORE_free(store); - return ret; - } - --OPT_TEST_DECLARE_USAGE("cert.pem...\n") -+OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n") - - int setup_tests(void) - { -@@ -45,6 +49,8 @@ int setup_tests(void) - if (chain == NULL) - return 0; - -+ crl = test_get_argument(1); -+ - ADD_TEST(test_load_cert_file); - return 1; - } --- -2.44.0 - diff --git a/0119-provider-sigalgs-in-signaturealgorithms-conf.patch b/0119-provider-sigalgs-in-signaturealgorithms-conf.patch deleted file mode 100644 index c363223..0000000 --- a/0119-provider-sigalgs-in-signaturealgorithms-conf.patch +++ /dev/null @@ -1,170 +0,0 @@ -From f5b48604779362c91a22080b6905413fbba28b74 Mon Sep 17 00:00:00 2001 -From: Dmitry Belyavskiy -Date: Fri, 8 Mar 2024 11:18:12 +0100 -Subject: [PATCH 49/49] 0119-provider-sigalgs-in-signaturealgorithms-conf.patch - -Patch-name: 0119-provider-sigalgs-in-signaturealgorithms-conf.patch -Patch-id: 119 -Patch-status: | - # https://github.com/openssl/openssl/issues/22779 ---- - ssl/s3_lib.c | 8 ++++---- - ssl/ssl_lib.c | 2 +- - ssl/ssl_local.h | 2 +- - ssl/t1_lib.c | 45 ++++++++++++++++++++++++++++++++++----------- - 4 files changed, 40 insertions(+), 17 deletions(-) - -diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c -index e8ec98c221..48a1aa0e61 100644 ---- a/ssl/s3_lib.c -+++ b/ssl/s3_lib.c -@@ -3685,13 +3685,13 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) - return tls1_set_sigalgs(sc->cert, parg, larg, 0); - - case SSL_CTRL_SET_SIGALGS_LIST: -- return tls1_set_sigalgs_list(sc->cert, parg, 0); -+ return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 0); - - case SSL_CTRL_SET_CLIENT_SIGALGS: - return tls1_set_sigalgs(sc->cert, parg, larg, 1); - - case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: -- return tls1_set_sigalgs_list(sc->cert, parg, 1); -+ return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1); - - case SSL_CTRL_GET_CLIENT_CERT_TYPES: - { -@@ -3968,13 +3968,13 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) - return tls1_set_sigalgs(ctx->cert, parg, larg, 0); - - case SSL_CTRL_SET_SIGALGS_LIST: -- return tls1_set_sigalgs_list(ctx->cert, parg, 0); -+ return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 0); - - case SSL_CTRL_SET_CLIENT_SIGALGS: - return tls1_set_sigalgs(ctx->cert, parg, larg, 1); - - case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: -- return tls1_set_sigalgs_list(ctx->cert, parg, 1); -+ return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 1); - - case SSL_CTRL_SET_CLIENT_CERT_TYPES: - return ssl3_set_req_cert_type(ctx->cert, parg, larg); -diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c -index 1329841aaf..4d95ab71cd 100644 ---- a/ssl/ssl_lib.c -+++ b/ssl/ssl_lib.c -@@ -3078,7 +3078,7 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) - return tls1_set_groups_list(ctx, NULL, NULL, parg); - case SSL_CTRL_SET_SIGALGS_LIST: - case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: -- return tls1_set_sigalgs_list(NULL, parg, 0); -+ return tls1_set_sigalgs_list(ctx, NULL, parg, 0); - default: - return 0; - } -diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h -index 0d3acfbe66..a73b2c4770 100644 ---- a/ssl/ssl_local.h -+++ b/ssl/ssl_local.h -@@ -2796,7 +2796,7 @@ __owur int tls_use_ticket(SSL_CONNECTION *s); - - void ssl_set_sig_mask(uint32_t *pmask_a, SSL_CONNECTION *s, int op); - --__owur int tls1_set_sigalgs_list(CERT *c, const char *str, int client); -+__owur int tls1_set_sigalgs_list(SSL_CTX *ctx, CERT *c, const char *str, int client); - __owur int tls1_set_raw_sigalgs(CERT *c, const uint16_t *psigs, size_t salglen, - int client); - __owur int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, -diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index fe680449c5..87f2ae7000 100644 ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -716,6 +716,7 @@ int ssl_load_sigalgs(SSL_CTX *ctx) - - /* now populate ctx->ssl_cert_info */ - if (ctx->sigalg_list_len > 0) { -+ OPENSSL_free(ctx->ssl_cert_info); - ctx->ssl_cert_info = OPENSSL_zalloc(sizeof(lu) * ctx->sigalg_list_len); - if (ctx->ssl_cert_info == NULL) - return 0; -@@ -2889,6 +2890,7 @@ typedef struct { - size_t sigalgcnt; - /* TLSEXT_SIGALG_XXX values */ - uint16_t sigalgs[TLS_MAX_SIGALGCNT]; -+ SSL_CTX *ctx; - } sig_cb_st; - - static void get_sigorhash(int *psig, int *phash, const char *str) -@@ -2913,7 +2915,8 @@ static void get_sigorhash(int *psig, int *phash, const char *str) - static int sig_cb(const char *elem, int len, void *arg) - { - sig_cb_st *sarg = arg; -- size_t i; -+ size_t i = 0; -+ int load_success = 0; - const SIGALG_LOOKUP *s; - char etmp[TLS_MAX_SIGSTRING_LEN], *p; - int sig_alg = NID_undef, hash_alg = NID_undef; -@@ -2943,17 +2946,36 @@ static int sig_cb(const char *elem, int len, void *arg) - * in the table. - */ - if (p == NULL) { -- for (i = 0, s = sigalg_lookup_tbl; i < OSSL_NELEM(sigalg_lookup_tbl); -- i++, s++) { -- if (s->name != NULL && strcmp(etmp, s->name) == 0) { -- sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg; -- break; -- } -+ /* Load provider sigalgs */ -+ if (sarg->ctx) { -+ load_success = ssl_load_sigalgs(sarg->ctx); - } -- if (i == OSSL_NELEM(sigalg_lookup_tbl)) { -- /* Ignore unknown algorithms if ignore_unknown */ -- return ignore_unknown; -+ if (load_success) { -+ /* Check if a provider supports the sigalg */ -+ for (i = 0; i < sarg->ctx->sigalg_list_len; i++) { -+ if (sarg->ctx->sigalg_list[i].sigalg_name != NULL -+ && strcmp(etmp, -+ sarg->ctx->sigalg_list[i].sigalg_name) == 0) { -+ sarg->sigalgs[sarg->sigalgcnt++] = -+ sarg->ctx->sigalg_list[i].code_point; -+ break; -+ } -+ } - } -+ /* Check the built-in sigalgs */ -+ if (!sarg->ctx || !load_success || i == sarg->ctx->sigalg_list_len) { -+ for (i = 0, s = sigalg_lookup_tbl; -+ i < OSSL_NELEM(sigalg_lookup_tbl); i++, s++) { -+ if (s->name != NULL && strcmp(etmp, s->name) == 0) { -+ sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg; -+ break; -+ } -+ } -+ if (i == OSSL_NELEM(sigalg_lookup_tbl)) { -+ /* Ignore unknown algorithms if ignore_unknown */ -+ return ignore_unknown; -+ } -+ } - } else { - *p = 0; - p++; -@@ -2992,10 +3014,11 @@ static int sig_cb(const char *elem, int len, void *arg) - * Set supported signature algorithms based on a colon separated list of the - * form sig+hash e.g. RSA+SHA512:DSA+SHA512 - */ --int tls1_set_sigalgs_list(CERT *c, const char *str, int client) -+int tls1_set_sigalgs_list(SSL_CTX *ctx, CERT *c, const char *str, int client) - { - sig_cb_st sig; - sig.sigalgcnt = 0; -+ sig.ctx = ctx; - if (!CONF_parse_list(str, ':', 1, sig_cb, &sig)) - return 0; - if (sig.sigalgcnt == 0) { --- -2.44.0 - diff --git a/openssl.spec b/openssl.spec index 41fbc00..995e513 100644 --- a/openssl.spec +++ b/openssl.spec @@ -28,8 +28,8 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 3.2.1 -Release: 2%{?dist} +Version: 3.2.2 +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -152,10 +152,6 @@ Patch115: 0115-skip-quic-pairwise.patch Patch116: 0116-version-aliasing.patch # https://github.com/openssl/openssl/issues/23050 Patch117: 0117-ignore-unknown-sigalgorithms-groups.patch -# https://github.com/openssl/openssl/issues/23770 -Patch118: 0118-no-crl-memleak.patch -# https://github.com/openssl/openssl/issues/22779 -Patch119: 0119-provider-sigalgs-in-signaturealgorithms-conf.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2160797 Patch121: 0121-FIPS-cms-defaults.patch @@ -500,6 +496,14 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco %ldconfig_scriptlets libs %changelog +* Wed Jun 05 2024 Dmitry Belyavskiy - 1:3.2.2-1 +- Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, + and Minerva attack. + Resolves: RHEL-32148 + Resolves: RHEL-36792 + Resolves: RHEL-38514 + Resolves: RHEL-39111 + * Thu May 23 2024 Dmitry Belyavskiy - 1:3.2.1-2 - Update RNG changing for FIPS purpose Resolves: RHEL-35380 diff --git a/sources b/sources index 21d66d1..6d3dc96 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.2.1.tar.gz) = 29ea75964f78ef5bbe5783ed60d32917408ae4cb7d4aecdbbf2280bfdbc260c7cbabbc03bd179fc994fbee85cebc7213eeb5bfcde5c22db5e83edf2cebe7113f +SHA512 (openssl-3.2.2.tar.gz) = ebc945065f62a8a2ea4e2f136a2afaea4d38a03bb07a148f7fb73c34a64475a4069de122ebee11a66e421dbd58756ad7ab2d3f905dc90acee72d62757d8c0a2d From d53f31aa805e037f96e1517ba19c439848151edf Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 12 Jun 2024 20:19:44 +0900 Subject: [PATCH 3/3] Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers Resolves: RHEL-40823 Signed-off-by: Daiki Ueno --- ...kward-compatibility-with-older-provi.patch | 33 +++++++++++++++++++ openssl.spec | 8 ++++- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 0123-kdf-Preserve-backward-compatibility-with-older-provi.patch diff --git a/0123-kdf-Preserve-backward-compatibility-with-older-provi.patch b/0123-kdf-Preserve-backward-compatibility-with-older-provi.patch new file mode 100644 index 0000000..c88588f --- /dev/null +++ b/0123-kdf-Preserve-backward-compatibility-with-older-provi.patch @@ -0,0 +1,33 @@ +From 34a709e89e0c43928d9353aca1fb0c82aaa7e6ab Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Wed, 12 Jun 2024 20:14:04 +0900 +Subject: [PATCH] kdf: Preserve backward compatibility with older providers + +Suggested in: +https://github.com/openssl/openssl/issues/24611#issuecomment-2162560293 +--- + crypto/evp/pmeth_lib.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c +index 015f756..e776ea5 100644 +--- a/crypto/evp/pmeth_lib.c ++++ b/crypto/evp/pmeth_lib.c +@@ -1068,8 +1068,13 @@ static int evp_pkey_ctx_add1_octet_string(EVP_PKEY_CTX *ctx, int fallback, + os_params[0] = OSSL_PARAM_construct_octet_string(param, NULL, 0); + os_params[1] = OSSL_PARAM_construct_end(); + +- if (!EVP_PKEY_CTX_get_params(ctx, os_params)) ++ if (!EVP_PKEY_CTX_get_params(ctx, os_params)) { ++ if (EVP_PKEY_CTX_gettable_params(ctx) == NULL) { ++ /* Older provider that doesn't support gettable parameters */ ++ return evp_pkey_ctx_set1_octet_string(ctx, fallback, param, op, ctrl, data, datalen); ++ } + return 0; ++ } + + /* Older provider that doesn't support getting this parameter */ + if (os_params[0].return_size == OSSL_PARAM_UNMODIFIED) +-- +2.45.1 + diff --git a/openssl.spec b/openssl.spec index 995e513..409b08f 100644 --- a/openssl.spec +++ b/openssl.spec @@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16)) Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.2.2 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -157,6 +157,8 @@ Patch117: 0117-ignore-unknown-sigalgorithms-groups.patch Patch121: 0121-FIPS-cms-defaults.patch # KTLS regression, temporary skip tests Patch122: 0122-TMP-KTLS-test-skip.patch +# HKDF regression with older provider implementations +Patch123: 0123-kdf-Preserve-backward-compatibility-with-older-provi.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -496,6 +498,10 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco %ldconfig_scriptlets libs %changelog +* Wed Jun 12 2024 Daiki Ueno - 1:3.2.2-2 +- Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers + Resolves: RHEL-40823 + * Wed Jun 05 2024 Dmitry Belyavskiy - 1:3.2.2-1 - Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.