openssl3

Commit Graph

Author	SHA1	Message	Date
Dmitry Belyavskiy	ed09ce6530	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack. Resolves: RHEL-32148 Resolves: RHEL-36792 Resolves: RHEL-38514 Resolves: RHEL-39111	7 months ago
Dmitry Belyavskiy	2c5c3fcced	Rebasing to OpenSSL 3.2.1 Resolves: RHEL-26271	9 months ago
Dmitry Belyavskiy	217cd631e8	Add a workaround for lack of EMS in FIPS mode Resolves: rhbz#2216256	2 years ago
Clemens Lang	21d2b9fb47	Fix X942KDF indicator for short output key lengths In testing, we noticed that using output keys shorter than 14 bytes with the X9.42 KDF does not set the explicit FIPS indicator to unapproved as it should. The relevant check was implemented, but the state in the implementation's context was not exposed. Resolves: rhbz#2175864 Signed-off-by: Clemens Lang <cllang@redhat.com>	2 years ago
Clemens Lang	6a9e17a8c1	KDF: Add FIPS indicators FIPS requires a number of restrictions on the parameters of the various key derivation functions implemented in OpenSSL. The KDFs that use digest algorithms usually should not allow SHAKE (due to FIPS 140-3 IG C.C). Additionally, some application-specific KDFs have further restrictions defined in SP 800-135r1. Generally, all KDFs shall use a key-derivation key length of at least 112 bits due to SP 800-131Ar2 section 8. Additionally any use of a KDF to generate and output length of less than 112 bits will also set the indicator to unapproved. Add explicit indicators to all KDFs usable in FIPS mode except for PBKDF2 (which has its specific FIPS limits already implemented). The indicator can be queried using EVP_KDF_CTX_get_params() after setting the required parameters and keys for the KDF. Our FIPS provider implements SHA1, SHA2 (both -256 and -512, and the truncated variants -224 and -384) and SHA3 (-256 and -512, and the truncated versions -224 and -384), as well as SHAKE-128 and -256. The SHAKE functions are generally not allowed in KDFs. For the rest, the support matrix is: KDF \| SHA-1 \| SHA-2 \| SHA-2 truncated \| SHA-3 \| SHA-3 truncated ========================================================================== KBKDF \| x \| x \| x \| x \| x HKDF \| x \| x \| x \| x \| x TLS1PRF \| \| SHA-{256,384,512} only \| \| SSHKDF \| x \| x \| x \| \| SSKDF \| x \| x \| x \| x \| x X9.63KDF \| \| x \| x \| x \| x X9.42-ASN1 \| x \| x \| x \| x \| x TLS1.3PRF \| \| SHA-{256,384} only \| \| Signed-off-by: Clemens Lang <cllang@redhat.com> Resolves: rhbz#2175860 rhbz#2175864	2 years ago

5 Commits (ed09ce6530ba7b331f722bf7048f362c8485888e)