[openssl] master update

Dr. Paul Dale pauli at openssl.org
Fri Jul 17 12:16:47 UTC 2020 

The branch master has been updated
       via  b99c463d78ecad29f89165fc64a281faafa9461c (commit)
       via  45554b5c71403fec547fe0f56be558cc615c6966 (commit)
      from  8e78da06660b269fbdf8faba6bc3a356ee3fda5e (commit)


- Log -----------------------------------------------------------------
commit b99c463d78ecad29f89165fc64a281faafa9461c
Author: Pauli <paul.dale at oracle.com>
Date:   Wed Jul 1 11:09:38 2020 +1000

    install: add notes about ignored seed sources in the FIPS provider.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12325)

commit 45554b5c71403fec547fe0f56be558cc615c6966
Author: Pauli <paul.dale at oracle.com>
Date:   Tue Jun 30 13:15:05 2020 +1000

    rand: detect if FIPS approved randomness sources are being used.
    
    This boils down to the operating system sources and RDRAND.
    All other sources are not available in the FIPS module.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12325)

-----------------------------------------------------------------------

Summary of changes:
 INSTALL.md                                         |  6 +++-
 .../implementations/rands/seeding/rand_unix.c      | 34 +++++++++++++++++++++-
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/INSTALL.md b/INSTALL.md
index 3ad854823b..01e255df7e 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -447,6 +447,7 @@ on most unix-ish operating systems.
 ### egd
 
 Check for an entropy generating daemon.
+This source is ignored by the FIPS provider.
 
 ### rdcpu
 
@@ -455,11 +456,13 @@ Use the `RDSEED` or `RDRAND` command if provided by the CPU.
 ### librandom
 
 Use librandom (not implemented yet).
+This source is ignored by the FIPS provider.
 
 ### none
 
 Disable automatic seeding.  This is the default on some operating systems where
 no suitable entropy source exists, or no support for it is implemented yet.
+This option is ignored by the FIPS provider.
 
 For more information, see the section [Notes on random number generation][rng]
 at the end of this document.
@@ -1689,7 +1692,8 @@ The seeding method can be configured using the `--with-rand-seed` option,
 which can be used to specify a comma separated list of seed methods.
 However, in most cases OpenSSL will choose a suitable default method,
 so it is not necessary to explicitly provide this option.  Note also
-that not all methods are available on all platforms.
+that not all methods are available on all platforms.  The FIPS provider will
+silently ignore seed sources that were not validated.
 
 I) On operating systems which provide a suitable randomness source (in
 form  of a system call or system device), OpenSSL will use the optimal
diff --git a/providers/implementations/rands/seeding/rand_unix.c b/providers/implementations/rands/seeding/rand_unix.c
index 69fa3f841e..26d81d6054 100644
--- a/providers/implementations/rands/seeding/rand_unix.c
+++ b/providers/implementations/rands/seeding/rand_unix.c
@@ -37,6 +37,36 @@
 # include <sys/param.h>
 #endif
 
+/*
+ * Provide a compile time error if the FIPS module is being built and none
+ * of the supported entropy sources are available.
+ */
+#if defined(FIPS_MODULE)
+# if !defined(OPENSSL_RAND_SEED_GETRANDOM) \
+     && !defined(OPENSSL_RAND_SEED_DEVRANDOM) \
+     && !defined(OPENSSL_RAND_SEED_RDCPU) \
+     && !defined(OPENSSL_RAND_SEED_OS)
+#  error FIPS mode without supported randomness source
+# endif
+/* Remove the sources that are not permitted in FIPS */
+# ifdef OPENSSL_RAND_SEED_LIBRANDOM
+#  undef OPENSSL_RAND_SEED_LIBRANDOM
+#  warning FIPS mode does not support the _librandom_ randomness source
+# endif
+# ifdef OPENSSL_RAND_SEED_RDTSC
+#  undef OPENSSL_RAND_SEED_RDTSC
+#  warning FIPS mode does not support the _RDTSC_ randomness source
+# endif
+# ifdef OPENSSL_RAND_SEED_EGD
+#  undef OPENSSL_RAND_SEED_EGD
+#  warning FIPS mode does not support the _EGD_ randomness source
+# endif
+# ifdef OPENSSL_RAND_SEED_NONE
+#  undef OPENSSL_RAND_SEED_NONE
+#  warning FIPS mode does not support the _none_ randomness source
+# endif
+#endif
+
 #if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \
      || defined(__DJGPP__)
 # include <sys/types.h>
@@ -609,7 +639,9 @@ size_t prov_pool_acquire_entropy(RAND_POOL *pool)
 #  if defined(OPENSSL_RAND_SEED_NONE)
     return rand_pool_entropy_available(pool);
 #  else
-    size_t entropy_available;
+    size_t entropy_available = 0;
+
+    (void)entropy_available;    /* avoid compiler warning */
 
 #   if defined(OPENSSL_RAND_SEED_GETRANDOM)
     {

More information about the openssl-commits mailing list