From a8a3a389ee34132da7fa6172afe2fd22c53a568f Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Mon, 30 May 2022 18:00:10 +0200 Subject: [PATCH] Use KAT for ECDSA signature tests, s390 arch Resolves: rhbz#2069235 --- 0060-FIPS-KAT-signature-tests.patch | 36 +++++++++++++++++++++++++++++ openssl.spec | 2 ++ 2 files changed, 38 insertions(+) diff --git a/0060-FIPS-KAT-signature-tests.patch b/0060-FIPS-KAT-signature-tests.patch index 47313dd..184b150 100644 --- a/0060-FIPS-KAT-signature-tests.patch +++ b/0060-FIPS-KAT-signature-tests.patch @@ -382,3 +382,39 @@ diff -up openssl-3.0.1/providers/fips/self_test_data.inc.kat openssl-3.0.1/provi }, # ifndef OPENSSL_NO_EC2M { +diff -up openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c +--- openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat 2022-05-30 14:48:53.180999124 +0200 ++++ openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c 2022-05-30 14:58:52.841286228 +0200 +@@ -44,6 +44,10 @@ + #define S390X_OFF_RN(n) (4 * n) + #define S390X_OFF_Y(n) (4 * n) + ++#ifdef FIPS_MODULE ++extern int REDHAT_FIPS_signature_st; ++#endif ++ + static int ec_GFp_s390x_nistp_mul(const EC_GROUP *group, EC_POINT *r, + const BIGNUM *scalar, + size_t num, const EC_POINT *points[], +@@ -183,11 +187,21 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign + * because kdsa instruction constructs an in-range, invertible nonce + * internally implementing counter-measures for RNG weakness. + */ ++#ifdef FIPS_MODULE ++ if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) { ++ BN_bn2binpad(eckey->sign_kat_k, param + S390X_OFF_RN(len), len); ++ /* Turns KDSA internal nonce-generation off. */ ++ fc |= S390X_KDSA_D; ++ } else { ++#endif + if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len), + (size_t)len, 0) != 1) { + ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED); + goto ret; + } ++#ifdef FIPS_MODULE ++ } ++#endif + } else { + /* Reconstruct k = (k^-1)^-1. */ + if (ossl_ec_group_do_inverse_ord(group, k, kinv, NULL) == 0 diff --git a/openssl.spec b/openssl.spec index cd48db8..76c96bb 100644 --- a/openssl.spec +++ b/openssl.spec @@ -466,6 +466,8 @@ install -m644 %{SOURCE9} \ - Resolves: rhbz#2090362 - Revert "Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode" Related: rhbz#2087147 +- Use KAT for ECDSA signature tests, s390 arch +- Resolves: rhbz#2069235 * Thu May 19 2022 Dmitry Belyavskiy - 1:3.0.1-32 - `openssl ecparam -list_curves` lists only FIPS-approved curves in FIPS mode