summaryrefslogtreecommitdiff
path: root/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
diff options
context:
space:
mode:
Diffstat (limited to 'openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch')
-rw-r--r--openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch157
1 files changed, 157 insertions, 0 deletions
diff --git a/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
new file mode 100644
index 0000000..2acea98
--- /dev/null
+++ b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
@@ -0,0 +1,157 @@
+diff -up openssl-1.1.1c/crypto/fips/fips.c.fips-post-rand openssl-1.1.1c/crypto/fips/fips.c
+--- openssl-1.1.1c/crypto/fips/fips.c.fips-post-rand 2019-05-29 15:53:56.328216002 +0200
++++ openssl-1.1.1c/crypto/fips/fips.c 2019-05-29 15:53:56.359215457 +0200
+@@ -68,6 +68,7 @@
+
+ # include <openssl/fips.h>
+ # include "internal/thread_once.h"
++# include "internal/rand_int.h"
+
+ # ifndef PATH_MAX
+ # define PATH_MAX 1024
+@@ -76,6 +77,7 @@
+ static int fips_selftest_fail = 0;
+ static int fips_mode = 0;
+ static int fips_started = 0;
++static int fips_post = 0;
+
+ static int fips_is_owning_thread(void);
+ static int fips_set_owning_thread(void);
+@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void)
+ fips_selftest_fail = 1;
+ }
+
++int fips_in_post(void)
++{
++ return fips_post;
++}
++
+ /* we implement what libfipscheck does ourselves */
+
+ static int
+@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff)
+ }
+ # endif
+
++ fips_post = 1;
++
+ if (!FIPS_selftest()) {
+ fips_selftest_fail = 1;
+ ret = 0;
+@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff)
+ goto end;
+ }
+
++ fips_post = 0;
++
+ fips_set_mode(onoff);
++ /* force RNG reseed with entropy from getrandom() on next call */
++ rand_fork();
++
+ ret = 1;
+ goto end;
+ }
+diff -up openssl-1.1.1c/crypto/include/internal/fips_int.h.fips-post-rand openssl-1.1.1c/crypto/include/internal/fips_int.h
+--- openssl-1.1.1c/crypto/include/internal/fips_int.h.fips-post-rand 2019-05-29 15:53:56.337215844 +0200
++++ openssl-1.1.1c/crypto/include/internal/fips_int.h 2019-05-29 15:53:56.359215457 +0200
+@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
+ int FIPS_selftest_drbg(void);
+ int FIPS_selftest_cmac(void);
+
++int fips_in_post(void);
++
+ int fips_pkey_signature_test(EVP_PKEY *pkey,
+ const unsigned char *tbs, int tbslen,
+ const unsigned char *kat,
+diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/crypto/rand/rand_unix.c
+--- openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand 2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/crypto/rand/rand_unix.c 2019-05-29 16:54:16.471391802 +0200
+@@ -16,10 +16,12 @@
+ #include <openssl/rand.h>
+ #include "rand_lcl.h"
+ #include "internal/rand_int.h"
++#include "internal/fips_int.h"
+ #include <stdio.h>
+ #include "internal/dso.h"
+ #if defined(__linux)
+-# include <asm/unistd.h>
++# include <sys/syscall.h>
++# include </usr/include/linux/random.h>
+ #endif
+ #if defined(__FreeBSD__)
+ # include <sys/types.h>
+@@ -279,7 +281,7 @@ static ssize_t sysctl_random(char *buf,
+ * syscall_random(): Try to get random data using a system call
+ * returns the number of bytes returned in buf, or < 0 on error.
+ */
+-static ssize_t syscall_random(void *buf, size_t buflen)
++static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)
+ {
+ /*
+ * Note: 'buflen' equals the size of the buffer which is used by the
+@@ -301,6 +303,7 @@ static ssize_t syscall_random(void *buf,
+ * - Linux since 3.17 with glibc 2.25
+ * - FreeBSD since 12.0 (1200061)
+ */
++# if 0
+ # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
+ extern int getentropy(void *buffer, size_t length) __attribute__((weak));
+
+@@ -322,10 +325,10 @@ static ssize_t syscall_random(void *buf,
+ if (p_getentropy.p != NULL)
+ return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
+ # endif
+-
++# endif
+ /* Linux supports this since version 3.17 */
+-# if defined(__linux) && defined(__NR_getrandom)
+- return syscall(__NR_getrandom, buf, buflen, 0);
++# if defined(__linux) && defined(SYS_getrandom)
++ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);
+ # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
+ return sysctl_random(buf, buflen);
+ # else
+@@ -475,8 +478,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
+ size_t bytes_needed;
+ size_t entropy_available = 0;
+ unsigned char *buffer;
+-
+ # if defined(OPENSSL_RAND_SEED_GETRANDOM)
++ int in_post;
++
++ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
+ {
+ ssize_t bytes;
+ /* Maximum allowed number of consecutive unsuccessful attempts */
+@@ -485,7 +490,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
+ bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+ while (bytes_needed != 0 && attempts-- > 0) {
+ buffer = rand_pool_add_begin(pool, bytes_needed);
+- bytes = syscall_random(buffer, bytes_needed);
++ bytes = syscall_random(buffer, bytes_needed, in_post);
+ if (bytes > 0) {
+ rand_pool_add_end(pool, bytes, 8 * bytes);
+ bytes_needed -= bytes;
+@@ -540,8 +545,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
+ int attempts = 3;
+ const int fd = get_random_device(i);
+
+- if (fd == -1)
++ if (fd == -1) {
++ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);
+ continue;
++ }
+
+ while (bytes_needed != 0 && attempts-- > 0) {
+ buffer = rand_pool_add_begin(pool, bytes_needed);
+@@ -601,7 +608,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
+ }
+ }
+ # endif
+-
++# ifdef OPENSSL_RAND_SEED_GETRANDOM
++ }
++# endif
+ return rand_pool_entropy_available(pool);
+ # endif
+ }
bgstack15