File openssl-1.1.1-fips-post-rand.patch of Package openssl-1_1
xxxxxxxxxx1
diff -up openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand openssl-1.1.1i/crypto/fips/fips.c2
--- openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand 2020-12-09 10:26:41.634106328 +01003
+++ openssl-1.1.1i/crypto/fips/fips.c 2020-12-09 10:26:41.652106475 +01004
5
6
# include <openssl/fips.h>7
# include "internal/thread_once.h"8
+# include "crypto/rand.h"9
10
# ifndef PATH_MAX11
# define PATH_MAX 102412
13
static int fips_selftest_fail = 0;14
static int fips_mode = 0;15
static int fips_started = 0;16
+static int fips_post = 0;17
18
static int fips_is_owning_thread(void);19
static int fips_set_owning_thread(void);20
21
fips_selftest_fail = 1;22
}23
24
+int fips_in_post(void)25
+{26
+ return fips_post;27
+}28
+29
/* we implement what libfipscheck does ourselves */30
31
static int32
33
}34
# endif35
36
+ fips_post = 1;37
+38
if (!FIPS_selftest()) {39
fips_selftest_fail = 1;40
ret = 0;41
42
goto end;43
}44
45
+ fips_post = 0;46
+47
fips_set_mode(onoff);48
+ /* force RNG reseed with entropy from getrandom() on next call */49
+ rand_force_reseed();50
+51
ret = 1;52
goto end;53
}54
diff -up openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1i/crypto/rand/drbg_lib.c55
--- openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand 2020-12-08 14:20:59.000000000 +010056
+++ openssl-1.1.1i/crypto/rand/drbg_lib.c 2020-12-09 10:26:41.652106475 +010057
58
return min_entropy > min_entropylen ? min_entropy : min_entropylen;59
}60
61
+void rand_force_reseed(void)62
+{63
+ RAND_DRBG *drbg;64
+65
+ drbg = RAND_DRBG_get0_master();66
+ drbg->fork_id = 0;67
+68
+ drbg = RAND_DRBG_get0_private();69
+ drbg->fork_id = 0;70
+71
+ drbg = RAND_DRBG_get0_public();72
+ drbg->fork_id = 0;73
+}74
+75
/* Implements the default OpenSSL RAND_add() method */76
static int drbg_add(const void *buf, int num, double randomness)77
{78
diff -up openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1i/crypto/rand/rand_unix.c79
--- openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand 2020-12-08 14:20:59.000000000 +010080
+++ openssl-1.1.1i/crypto/rand/rand_unix.c 2020-12-09 10:36:59.531221903 +010081
82
#include <openssl/crypto.h>83
#include "rand_local.h"84
#include "crypto/rand.h"85
+#include "crypto/fips.h"86
#include <stdio.h>87
#include "internal/dso.h"88
#ifdef __linux89
# include <sys/syscall.h>90
+# include <sys/random.h>91
# ifdef DEVRANDOM_WAIT92
# include <sys/shm.h>93
# include <sys/utsname.h>94
95
* syscall_random(): Try to get random data using a system call96
* returns the number of bytes returned in buf, or < 0 on error.97
*/98
-static ssize_t syscall_random(void *buf, size_t buflen)99
+static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)100
{101
/*102
* Note: 'buflen' equals the size of the buffer which is used by the103
104
* Note: Sometimes getentropy() can be provided but not implemented105
* internally. So we need to check errno for ENOSYS106
*/107
+# if 0108
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)109
extern int getentropy(void *buffer, size_t length) __attribute__((weak));110
111
112
if (p_getentropy.p != NULL)113
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;114
# endif115
-116
+# endif117
/* Linux supports this since version 3.17 */118
-# if defined(__linux) && defined(__NR_getrandom)119
- return syscall(__NR_getrandom, buf, buflen, 0);120
+# if defined(__linux) && defined(SYS_getrandom)121
+ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);122
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)123
return sysctl_random(buf, buflen);124
# else125
126
size_t entropy_available;127
128
# if defined(OPENSSL_RAND_SEED_GETRANDOM)129
+ int in_post;130
+131
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {132
{133
size_t bytes_needed;134
unsigned char *buffer;135
136
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);137
while (bytes_needed != 0 && attempts-- > 0) {138
buffer = rand_pool_add_begin(pool, bytes_needed);139
- bytes = syscall_random(buffer, bytes_needed);140
+ bytes = syscall_random(buffer, bytes_needed, in_post);141
if (bytes > 0) {142
rand_pool_add_end(pool, bytes, 8 * bytes);143
bytes_needed -= bytes;144
145
int attempts = 3;146
const int fd = get_random_device(i);147
148
- if (fd == -1)149
+ if (fd == -1) {150
+ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);151
continue;152
+ }153
154
while (bytes_needed != 0 && attempts-- > 0) {155
buffer = rand_pool_add_begin(pool, bytes_needed);156
157
return entropy_available;158
}159
# endif160
-161
+# ifdef OPENSSL_RAND_SEED_GETRANDOM162
+ }163
+# endif164
return rand_pool_entropy_available(pool);165
# endif166
}167
diff -up openssl-1.1.1i/include/crypto/fips.h.fips-post-rand openssl-1.1.1i/include/crypto/fips.h168
--- openssl-1.1.1i/include/crypto/fips.h.fips-post-rand 2020-12-09 10:26:41.639106369 +0100169
+++ openssl-1.1.1i/include/crypto/fips.h 2020-12-09 10:26:41.657106516 +0100170
171
int FIPS_selftest_drbg(void);172
int FIPS_selftest_cmac(void);173
174
+int fips_in_post(void);175
+176
int fips_pkey_signature_test(EVP_PKEY *pkey,177
const unsigned char *tbs, int tbslen,178
const unsigned char *kat,179
diff -up openssl-1.1.1i/include/crypto/rand.h.fips-post-rand openssl-1.1.1i/include/crypto/rand.h180
--- openssl-1.1.1i/include/crypto/rand.h.fips-post-rand 2020-12-08 14:20:59.000000000 +0100181
+++ openssl-1.1.1i/include/crypto/rand.h 2020-12-09 10:26:41.657106516 +0100182
183
typedef struct rand_pool_st RAND_POOL;184
185
void rand_cleanup_int(void);186
+void rand_force_reseed(void);187
void rand_drbg_cleanup_int(void);188
void drbg_delete_thread_state(void);189
190