Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF).

2020-05-12 11:53:19 -07:00 · 2020-05-12 11:53:19 -07:00 · 4d8cf5b571
commit 4d8cf5b571
parent 8300754ecd
4 changed files with 50 additions and 22 deletions
--- a/configure.ac
+++ b/configure.ac
@ -96,6 +96,32 @@ AS_IF([test "$ax_enable_debug" = "yes"],
      [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"])


+
+# FIPS
+AC_ARG_ENABLE([fips],
+    [AS_HELP_STRING([--enable-fips],[Enable FIPS 140-2, Will NOT work w/o FIPS license (default: disabled)])],
+    [ENABLED_FIPS=$enableval],
+    [ENABLED_FIPS="no"])
+
+AS_CASE([$ENABLED_FIPS],
+    ["v2"],[
+        # FIPS v2
+        ENABLED_FIPS="yes"
+        FIPS_VERSION="v2"
+    ],
+    ["rand"],[
+        # FIPS Rand
+        ENABLED_FIPS="yes"
+        FIPS_VERSION="rand"
+    ],
+    ["no"],[FIPS_VERSION="none"],
+    [
+        # FIPS v1
+        ENABLED_FIPS="yes"
+        FIPS_VERSION="v1"
+    ])
+    
+
 # Distro build feature subset (Debian, Ubuntu, etc.)
 AC_ARG_ENABLE([distro],
    [AS_HELP_STRING([--enable-distro],[Enable wolfSSL distro build (default: disabled)])],
@ -119,7 +145,11 @@ AC_ARG_ENABLE([all],
 if test "$ENABLED_ALL" = "yes"
 then
    enable_dtls=yes
-    enable_tls13=yes
+    if test "x$FIPS_VERSION" != "xv1"
+    then
+        enable_tls13=yes
+        enable_rsapss=yes
+    fi
    enable_openssh=yes
    enable_opensslextra=yes
    enable_opensslall=yes
@ -293,7 +323,10 @@ AC_ARG_ENABLE([tls13],
    [ ENABLED_TLS13=$enableval ],
    [ ENABLED_TLS13=yes ]
    )
-
+if test "x$FIPS_VERSION" = "xv1"
+then
+    ENABLED_TLS13="no"
+fi
 if test "$ENABLED_TLS13" = "yes"
 then
    AM_CFLAGS="-DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES $AM_CFLAGS"
@ -2429,14 +2462,8 @@ fi


 # FIPS
-AC_ARG_ENABLE([fips],
-    [AS_HELP_STRING([--enable-fips],[Enable FIPS 140-2, Will NOT work w/o FIPS license (default: disabled)])],
-    [ENABLED_FIPS=$enableval],
-    [ENABLED_FIPS="no"])
-
-AS_CASE([$ENABLED_FIPS],
-    ["v2"],[FIPS_VERSION="v2"
-        ENABLED_FIPS=yes
+AS_CASE([$FIPS_VERSION],
+    ["v2"],[
        AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS -DHAVE_FIPS_VERSION=2 -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING -DWOLFSSL_VALIDATE_FFC_IMPORT -DHAVE_FFDHE_Q"
        ENABLED_KEYGEN="yes"
        ENABLED_SHA224="yes"
@ -2467,14 +2494,9 @@ AS_CASE([$ENABLED_FIPS],
              [AM_CFLAGS="$AM_CFLAGS -DFORCE_FAILURE_RDSEED"])
    ],
    ["rand"],[
-        ENABLED_FIPS="yes"
-        FIPS_VERSION="rand"
        AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_FIPS_RAND -DHAVE_FIPS -DHAVE_FIPS_VERSION=2"
    ],
-    ["no"],[FIPS_VERSION="none"],
-    [
-        ENABLED_FIPS="yes"
-        FIPS_VERSION="v1"
+    ["v1"],[
        AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
    ])

--- a/src/tls13.c
+++ b/src/tls13.c
@ -4679,7 +4679,7 @@ static int CreateECCEncodedSig(byte* sigData, int sigDataSz, int hashAlgo)
 }
 #endif /* HAVE_ECC */

-#ifndef NO_RSA
+#if !defined(NO_RSA) && defined(WC_RSA_PSS)
 /* Check that the decrypted signature matches the encoded signature
 * based on the digest of the signature data.
 *
@ -4722,7 +4722,7 @@ static int CheckRSASignature(WOLFSSL* ssl, int sigAlgo, int hashAlgo,

    return ret;
 }
-#endif /* !NO_RSA */
+#endif /* !NO_RSA && WC_RSA_PSS */
 #endif /* !NO_RSA || HAVE_ECC */

 /* Get the next certificate from the list for writing into the TLS v1.3
@ -5759,7 +5759,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,

        case TLS_ASYNC_VERIFY:
        {
-        #ifndef NO_RSA
+        #if !defined(NO_RSA) && defined(WC_RSA_PSS)
            if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) {
                ret = CheckRSASignature(ssl, args->sigAlgo, args->hashAlgo,
                                        args->output, args->sendSz);
@ -5769,7 +5769,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
                FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
                ssl->peerRsaKeyPresent = 0;
            }
-        #endif /* !NO_RSA */
+        #endif /* !NO_RSA && WC_RSA_PSS */

            /* Advance state and proceed */
            ssl->options.asyncState = TLS_ASYNC_FINALIZE;
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -11726,7 +11726,7 @@ done:
 }
 #endif

-#ifdef WC_RSA_PSS
+#if defined(WC_RSA_PSS) && !defined(HAVE_FIPS_VERSION) /* not supported with FIPSv1 */
 static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
 {
    byte             digest[WC_MAX_DIGEST_SIZE];
@ -13862,7 +13862,7 @@ int rsa_test(void)
 #endif /* WOLFSSL_CERT_REQ */
 #endif /* WOLFSSL_CERT_GEN */

-#ifdef WC_RSA_PSS
+#if defined(WC_RSA_PSS) && !defined(HAVE_FIPS_VERSION) /* not supported with FIPSv1 */
    ret = rsa_pss_test(&rng, &key);
 #endif

--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@ -2229,6 +2229,12 @@ extern void uITRON4_free(void *p) ;
    #define WOLFSSL_NO_CONSTCHARCONST
 #endif

+/* FIPS v1 does not support TLS v1.3 (requires RSA PSS and HKDF) */
+#if defined(HAVE_FIPS) && !defined(HAVE_FIPS_VERSION)
+    #undef WC_RSA_PSS
+    #undef WOLFSSL_TLS13
+#endif
+

 #ifdef __cplusplus
    }   /* extern "C" */