aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssl/providers
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/providers')
-rw-r--r--crypto/openssl/providers/fips-sources.checksums20
-rw-r--r--crypto/openssl/providers/fips.checksum2
-rw-r--r--crypto/openssl/providers/fips/self_test_data.inc42
-rw-r--r--crypto/openssl/providers/fips/self_test_kats.c100
-rw-r--r--crypto/openssl/providers/implementations/kdfs/krb5kdf.c7
-rw-r--r--crypto/openssl/providers/implementations/keymgmt/ecx_kmgmt.c8
6 files changed, 158 insertions, 21 deletions
diff --git a/crypto/openssl/providers/fips-sources.checksums b/crypto/openssl/providers/fips-sources.checksums
index d48a9c85f57b..334b4ad6b7f2 100644
--- a/crypto/openssl/providers/fips-sources.checksums
+++ b/crypto/openssl/providers/fips-sources.checksums
@@ -250,7 +250,7 @@ c685813be6ad35b0861ba888670ef54aa2b399d003472698e39426de6e52db59 crypto/initthr
f866aafae928db1b439ac950dc90744a2397dfe222672fe68b3798396190c8b0 crypto/mem_clr.c
18127868d868ca5705444c24f7dc385391ba31154fc04ff54949739e8fa7fdfc crypto/ml_dsa/ml_dsa_encoders.c
825105b0a2c4844b2b4229001650ff7e61e1348e52f1072210f70b97cd4adb71 crypto/ml_dsa/ml_dsa_hash.h
-c82201cf1a17ff2d4b169dcd4402d3d56f4685e460a1447e021db4abd67f7f0e crypto/ml_dsa/ml_dsa_key.c
+c467f4400d399aad6b51746ef2575d1e04d260a1bf901b35ca55624fe62e650e crypto/ml_dsa/ml_dsa_key.c
579c1a12a5c5f014476a6bf695dc271f63074fb187e23ffc3f9ccb5b7ea044f1 crypto/ml_dsa/ml_dsa_key.h
3f98eb0467033d0a40867ef1c1036dcfea5d231eeac2321196f7d7c7243edace crypto/ml_dsa/ml_dsa_key_compress.c
983d164bfa3dbe8d85ad1fdc24d897e79d9246d96d9c1862855c6c538b387ad9 crypto/ml_dsa/ml_dsa_local.h
@@ -263,7 +263,7 @@ ff65c82c56e341f47df03d0c74de7fb537de0e68a4fa23fa07a9fdb51c511f1c crypto/ml_dsa/
1d7f57a41034988a4e7d4c9a998760d2ef802c5e90275d09a3ca31c5f3403d94 crypto/ml_dsa/ml_dsa_sign.c
5217ef237e21872205703b95577290c34898423466a465c7bd609b2eb4627964 crypto/ml_dsa/ml_dsa_sign.h
abd934284bcd8061027a69f437fa4410c6b72cd950be1ebe048244d036371208 crypto/ml_dsa/ml_dsa_vector.h
-defc2e4e81ff1b78056c795bc0565f4241a259c2957abe84a51bcbc1e4ace3f1 crypto/ml_kem/ml_kem.c
+8c4f7238f68f959f2ad1e2529c567364c5a8818898355c82818521e03239ea76 crypto/ml_kem/ml_kem.c
36e24eae5d38cc9666ae40e4e8a2dc12328e1159fea68447cb19dab174d25adf crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
33357356cd739d4ae89d52f0804b6900e4b94d8829323819c6f64c8908e978df crypto/modes/asm/aes-gcm-armv8_64.pl
bcc09bdb474f045d04c983fa09c31a010c5a25513f53a5d3653ade91304f0f96 crypto/modes/asm/aes-gcm-avx512.pl
@@ -306,7 +306,7 @@ f50450f7e5f6896fb8e3cde2fdc11cc543124c854ef9d88252a166606ca80081 crypto/params_
467c416422ecf61e3b713c5eb259fdbcb4aa73ae8dee61804d0b85cfd3fff4f7 crypto/property/defn_cache.c
91c1f1f8eb5588ed9da17386c244ae68a6a81717b1c7ab6c9f1a6a57973a039f crypto/property/property.c
66da4f28d408133fb544b14aeb9ad4913e7c5c67e2826e53f0dc5bf4d8fada26 crypto/property/property_local.h
-d32105cb087d708d0504a787f74bc163cc398c299faf2e98d6bb5ae02f5ce9b7 crypto/property/property_parse.c
+1e99a3934812f99dad79cbfbb6727ad61b6093711c1a6c74d4b50f9318152611 crypto/property/property_parse.c
a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c
20e69b9d594dfc443075eddbb0e6bcc0ed36ca51993cd50cc5a4f86eb31127f8 crypto/property/property_string.c
10644e9d20214660706de58d34edf635c110d4e4f2628cd5284a08c60ed9aff8 crypto/provider_core.c
@@ -322,7 +322,7 @@ f0c8792a99132e0b9c027cfa7370f45594a115934cdc9e8f23bdd64abecaf7fd crypto/rsa/rsa
1b828f428f0e78b591378f7b780164c4574620c68f9097de041cbd576f811bf6 crypto/rsa/rsa_backend.c
38a102cd1da1f6ca5a46e6a22f018237964336274385f5c70cbedcaa6997647e crypto/rsa/rsa_chk.c
e762c599b17d5c89f4b1c9eb7d0ca1f04a95d815c86a3e72c30b231ce57fb199 crypto/rsa/rsa_crpt.c
-0fa3e4687510e2d91c8f4b1c460b1d51375d9855ed825b3d6697620b146b52d1 crypto/rsa/rsa_gen.c
+a3d20f27ae3cb41af5b62febd0bb19025e59d401b136306d570cdba103b15542 crypto/rsa/rsa_gen.c
f22bc4e2c3acab83e67820c906c1caf048ec1f0d4fcb7472c1bec753c75f8e93 crypto/rsa/rsa_lib.c
5ae8edaf654645996385fbd420ef73030762fc146bf41deb5294d6d83e257a16 crypto/rsa/rsa_local.h
cf0b75cd54b61b9b9a290ef18d0ddce9fb26a029a54eb3f720d9b25188440f00 crypto/rsa/rsa_mp_names.c
@@ -416,7 +416,7 @@ a00e16963e1e2a0126c6a8e62da8a14f98de9736027654c925925dadd0ca3cc1 crypto/thread/
27ec0090f4243c96e4fbe1babfd4320c2a16615ffa368275433217d50a1ef76c crypto/thread/internal.c
67ba8d87fbbb7c9a9e438018e7ecfd1cedd4d00224be05755580d044f5f1317a crypto/threads_lib.c
b1a828491d9ce305802662561788facac92dff70cca9ead807f3e28741ff21e0 crypto/threads_none.c
-c659f7ce5c4b59d2a1cff78485fa8e89c8d20d5798df4afc1b94ff635ffc0262 crypto/threads_pthread.c
+491e9c29d4a7b4dd627ea25c20ce4a33103565b3108b618c41c6816dfc675569 crypto/threads_pthread.c
9c3bf7b4baa302a4017150fbcaa114ee9df935b18d5a3a8c8015003780d4e7de crypto/threads_win.c
7edd638df588b14711a50c98d458c4fc83f223ed03bc6c39c7c8edf7915b7cfa crypto/time.c
88c5f9f4d2611223d283ebd2ae10ae5ecbb9972d00f747d93fcb74b62641e3f9 crypto/x86_64cpuid.pl
@@ -445,7 +445,7 @@ bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto
6e7762e7fb63f56d25b24f70209f4dc834c59a87f74467531ec81646f565dbe3 include/crypto/modes.h
920bc48a4dad3712bdcef188c0ce8e8a8304e0ce332b54843bab366fc5eab472 include/crypto/rand.h
71f23915ea74e93971fb0205901031be3abea7ffef2c52e4cc4848515079f68d include/crypto/rand_pool.h
-b1df067691f9741ef9c42b2e5f12461bcd87b745514fc5701b9c9402fb10b224 include/crypto/rsa.h
+6f16685ffbc97dc2ac1240bfddf4bbac2dd1ad83fff6da91aee6f3f64c6ee8ff include/crypto/rsa.h
32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h
80338f3865b7c74aab343879432a6399507b834e2f55dd0e9ee7a5eeba11242a include/crypto/sha.h
dc7808729c3231a08bbe470b3e1b562420030f59f7bc05b14d7b516fa77b4f3a include/crypto/slh_dsa.h
@@ -546,7 +546,7 @@ a8a45996fd21411cb7ed610bc202dbd06570cdfa0a2d14f7dfc8bfadc820e636 include/openss
cb6bca3913c60a57bac39583eee0f789d49c3d29be3ecde9aecc7f3287117aa5 include/openssl/objects.h
d25537af264684dff033dd8ae62b0348f868fcfec4aa51fa8f07bcfa4bd807ad include/openssl/objectserr.h
fe6acd42c3e90db31aaafc2236a7d30ebfa53c4c07ea4d8265064c7fcb951970 include/openssl/opensslconf.h
-fc914a750d798ac9fc9287e6359cfa1da214b91651deaaaa7e1a46b595cd0425 include/openssl/opensslv.h.in
+6c1a8837bbba633db2a8951ff29ccfe09e7d2a24a37ee2af90f2d897c190da9a include/openssl/opensslv.h.in
767d9d7d5051c937a3ce8a268c702902fda93eeaa210a94dfde1f45c23277d20 include/openssl/param_build.h
1c442aaaa4dda7fbf727a451bc676fb4d855ef617c14dc77ff2a5e958ae33c3e include/openssl/params.h
44f178176293c6ce8142890ff9dc2d466364c734e4e811f56bd62010c5403183 include/openssl/pkcs7.h.in
@@ -618,8 +618,8 @@ f2581d7b4e105f2bb6d30908f3c2d9959313be08cec6dbeb49030c125a7676d3 providers/fips
669f76f742bcaaf28846b057bfab97da7c162d69da244de71b7c743bf16e430f providers/fips/include/fipscommon.h
f111fd7e016af8cc6f96cd8059c28227b328dd466ed137ae0c0bc0c3c3eec3ba providers/fips/self_test.c
5c2c6c2f69e2eb01b88fa35630f27948e00dd2c2fd351735c74f34ccb2005cbe providers/fips/self_test.h
-663441de9aba1d1b81ce02b3acded520b88cc460330d4d98adb7450d9664c474 providers/fips/self_test_data.inc
-2e568e2b161131240e97bd77a730c2299f961c2f1409ea8466422fc07f9be23f providers/fips/self_test_kats.c
+df83c901ad13675fbbb4708b6087feba6099870ad3dd0e8d09cfdb6798419770 providers/fips/self_test_data.inc
+6779d5afb3f48d82868b247ffb0a6a572f6e3964738296ad47e7ccafdb263c88 providers/fips/self_test_kats.c
dde79dfdedfe0e73006a0cf912fdde1ff109dfbc5ba6ecab319c938bc4275950 providers/implementations/asymciphers/rsa_enc.c
c2f1b12c64fc369dfc3b9bc9e76a76de7280e6429adaee55d332eb1971ad1879 providers/implementations/ciphers/cipher_aes.c
6ba7d817081cf0d87ba7bfb38cd9d70e41505480bb8bc796ef896f68d4514ea6 providers/implementations/ciphers/cipher_aes.h
@@ -699,7 +699,7 @@ c764555b9dc9b273c280514a5d2d44156f82f3e99155a77c627f2c773209bcd7 providers/impl
24cc3cc8e8681c77b7f96c83293bd66045fd8ad69f756e673ca7f8ca9e82b0af providers/implementations/keymgmt/dsa_kmgmt.c
36a9c1c8658ce7918453827cb58ed52787e590e3f148c5510deeb2c16c25a29d providers/implementations/keymgmt/ec_kmgmt.c
258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc
-9728d696d249b2d224724c9872138a60e1998e5cfa5c49f3f48ad0666f7eed34 providers/implementations/keymgmt/ecx_kmgmt.c
+11c27cc3c9f38885c484f25d11987e93f197aa90bef2fc1d6e8f508c2d014d4d providers/implementations/keymgmt/ecx_kmgmt.c
daf35a7ab961ef70aefca981d80407935904c5da39dca6692432d6e6bc98759d providers/implementations/keymgmt/kdf_legacy_kmgmt.c
d97d7c8d3410b3e560ef2becaea2a47948e22205be5162f964c5e51a7eef08cb providers/implementations/keymgmt/mac_legacy_kmgmt.c
a428de71082fd01e5dcfa030a6fc34f6700b86d037b4e22f015c917862a158ce providers/implementations/keymgmt/ml_dsa_kmgmt.c
diff --git a/crypto/openssl/providers/fips.checksum b/crypto/openssl/providers/fips.checksum
index 7fa4ea19bba3..5d1117361d27 100644
--- a/crypto/openssl/providers/fips.checksum
+++ b/crypto/openssl/providers/fips.checksum
@@ -1 +1 @@
-8d0c2c2b986f4c98f511c9aa020e98aa984dce5976d8e1966a7721f8b559cda8 providers/fips-sources.checksums
+c342f9dc7075a6ecd0e4b3c9db06e180765278a7bbae233ec1a65095a0e524ec providers/fips-sources.checksums
diff --git a/crypto/openssl/providers/fips/self_test_data.inc b/crypto/openssl/providers/fips/self_test_data.inc
index b6aa433ca93c..6abab0a7a173 100644
--- a/crypto/openssl/providers/fips/self_test_data.inc
+++ b/crypto/openssl/providers/fips/self_test_data.inc
@@ -1308,6 +1308,18 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
ST_KAT_PARAM_END()
};
+/*-
+ * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
+ * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
+ * HP/UX PA-RISC compilers.
+ */
+static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
+
+static const ST_KAT_PARAM rsa_enc_params[] = {
+ ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
+ ST_KAT_PARAM_END()
+};
+
static const unsigned char rsa_sig_msg[] = "Hello World!";
static const unsigned char rsa_expected_sig[256] = {
@@ -3497,3 +3509,33 @@ static const ST_KAT_ASYM_KEYGEN st_kat_asym_keygen_tests[] = {
# endif
};
#endif /* !OPENSSL_NO_ML_DSA || !OPENSSL_NO_SLH_DSA */
+
+static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
+ {
+ OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
+ "RSA",
+ 1,
+ rsa_pub_key,
+ rsa_enc_params,
+ ITM(rsa_asym_plaintext_encrypt),
+ ITM(rsa_asym_expected_encrypt),
+ },
+ {
+ OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
+ "RSA",
+ 0,
+ rsa_priv_key,
+ rsa_enc_params,
+ ITM(rsa_asym_expected_encrypt),
+ ITM(rsa_asym_plaintext_encrypt),
+ },
+ {
+ OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
+ "RSA",
+ 0,
+ rsa_crt_key,
+ rsa_enc_params,
+ ITM(rsa_asym_expected_encrypt),
+ ITM(rsa_asym_plaintext_encrypt),
+ },
+};
diff --git a/crypto/openssl/providers/fips/self_test_kats.c b/crypto/openssl/providers/fips/self_test_kats.c
index 35ecb43598ee..acb0b85f7343 100644
--- a/crypto/openssl/providers/fips/self_test_kats.c
+++ b/crypto/openssl/providers/fips/self_test_kats.c
@@ -813,6 +813,93 @@ err:
#endif
/*
+ * Test an encrypt or decrypt KAT..
+ *
+ * FIPS 140-2 IG D.9 states that separate KAT tests are needed for encrypt
+ * and decrypt..
+ */
+static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st,
+ OSSL_LIB_CTX *libctx)
+{
+ int ret = 0;
+ OSSL_PARAM *keyparams = NULL, *initparams = NULL;
+ OSSL_PARAM_BLD *keybld = NULL, *initbld = NULL;
+ EVP_PKEY_CTX *encctx = NULL, *keyctx = NULL;
+ EVP_PKEY *key = NULL;
+ BN_CTX *bnctx = NULL;
+ unsigned char out[256];
+ size_t outlen = sizeof(out);
+
+ OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER, t->desc);
+
+ bnctx = BN_CTX_new_ex(libctx);
+ if (bnctx == NULL)
+ goto err;
+
+ /* Load a public or private key from data */
+ keybld = OSSL_PARAM_BLD_new();
+ if (keybld == NULL
+ || !add_params(keybld, t->key, bnctx))
+ goto err;
+ keyparams = OSSL_PARAM_BLD_to_param(keybld);
+ keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
+ if (keyctx == NULL || keyparams == NULL)
+ goto err;
+ if (EVP_PKEY_fromdata_init(keyctx) <= 0
+ || EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
+ goto err;
+
+ /* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
+ encctx = EVP_PKEY_CTX_new_from_pkey(libctx, key, NULL);
+ if (encctx == NULL
+ || (t->encrypt && EVP_PKEY_encrypt_init(encctx) <= 0)
+ || (!t->encrypt && EVP_PKEY_decrypt_init(encctx) <= 0))
+ goto err;
+
+ /* Add any additional parameters such as padding */
+ if (t->postinit != NULL) {
+ initbld = OSSL_PARAM_BLD_new();
+ if (initbld == NULL)
+ goto err;
+ if (!add_params(initbld, t->postinit, bnctx))
+ goto err;
+ initparams = OSSL_PARAM_BLD_to_param(initbld);
+ if (initparams == NULL)
+ goto err;
+ if (EVP_PKEY_CTX_set_params(encctx, initparams) <= 0)
+ goto err;
+ }
+
+ if (t->encrypt) {
+ if (EVP_PKEY_encrypt(encctx, out, &outlen,
+ t->in, t->in_len) <= 0)
+ goto err;
+ } else {
+ if (EVP_PKEY_decrypt(encctx, out, &outlen,
+ t->in, t->in_len) <= 0)
+ goto err;
+ }
+ /* Check the KAT */
+ OSSL_SELF_TEST_oncorrupt_byte(st, out);
+ if (outlen != t->expected_len
+ || memcmp(out, t->expected, t->expected_len) != 0)
+ goto err;
+
+ ret = 1;
+err:
+ BN_CTX_free(bnctx);
+ EVP_PKEY_free(key);
+ EVP_PKEY_CTX_free(encctx);
+ EVP_PKEY_CTX_free(keyctx);
+ OSSL_PARAM_free(keyparams);
+ OSSL_PARAM_BLD_free(keybld);
+ OSSL_PARAM_free(initparams);
+ OSSL_PARAM_BLD_free(initbld);
+ OSSL_SELF_TEST_onend(st, ret);
+ return ret;
+}
+
+/*
* Test a data driven list of KAT's for digest algorithms.
* All tests are run regardless of if they fail or not.
* Return 0 if any test fails.
@@ -853,6 +940,17 @@ static int self_test_kems(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
return ret;
}
+static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
+{
+ int i, ret = 1;
+
+ for (i = 0; i < (int)OSSL_NELEM(st_kat_asym_cipher_tests); ++i) {
+ if (!self_test_asym_cipher(&st_kat_asym_cipher_tests[i], st, libctx))
+ ret = 0;
+ }
+ return ret;
+}
+
static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
{
int i, ret = 1;
@@ -1092,6 +1190,8 @@ int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
ret = 0;
if (!self_test_kems(st, libctx))
ret = 0;
+ if (!self_test_asym_ciphers(st, libctx))
+ ret = 0;
RAND_set0_private(libctx, saved_rand);
return ret;
diff --git a/crypto/openssl/providers/implementations/kdfs/krb5kdf.c b/crypto/openssl/providers/implementations/kdfs/krb5kdf.c
index 566afa74fece..13623ec7302e 100644
--- a/crypto/openssl/providers/implementations/kdfs/krb5kdf.c
+++ b/crypto/openssl/providers/implementations/kdfs/krb5kdf.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -350,7 +350,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
{
int klen, ret;
- ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL);
+ ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL);
if (!ret)
goto out;
/* set the key len for the odd variable key len cipher */
@@ -362,6 +362,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
goto out;
}
}
+ ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
+ if (!ret)
+ goto out;
/* we never want padding, either the length requested is a multiple of
* the cipher block size or we are passed a cipher that can cope with
* partial blocks via techniques like cipher text stealing */
diff --git a/crypto/openssl/providers/implementations/keymgmt/ecx_kmgmt.c b/crypto/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
index e6d326a90705..0ebe8b4d59b1 100644
--- a/crypto/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/crypto/openssl/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -218,14 +218,6 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
ok = ok && ossl_ecx_key_fromdata(key, params, include_private);
-#ifdef FIPS_MODULE
- if (ok > 0 && ecx_key_type_is_ed(key->type) && !ossl_fips_self_testing())
- if (key->haspubkey && key->privkey != NULL) {
- ok = ecd_fips140_pairwise_test(key, key->type, 1);
- if (ok <= 0)
- ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
- }
-#endif /* FIPS_MODULE */
return ok;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-08 04:04:28 +0000