Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RSA key check consolidation part 2 #1502

Merged
merged 4 commits into from
Mar 23, 2024
Merged

RSA key check consolidation part 2 #1502

merged 4 commits into from
Mar 23, 2024

Conversation

dkostic
Copy link
Contributor

@dkostic dkostic commented Mar 20, 2024

Issues:

CryptoAlg-2280

Description of changes:

This change tidies up and adds documentation for RSA_check_fips
function. The only technical change is the implementation of the
pair-wise consistency check which was replaced with the one from
BoringSSL for simplicity.

Call-outs:

Point out areas that need special attention or support during the review process. Discuss architecture or design changes.

Testing:

How is this change tested (unit tests, fuzz tests, etc.)? Are there any testing steps to be verified by the reviewer?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@dkostic dkostic requested a review from a team as a code owner March 20, 2024 05:01
@codecov-commenter
Copy link

codecov-commenter commented Mar 20, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 77.19298% with 13 lines in your changes are missing coverage. Please review.

Project coverage is 76.98%. Comparing base (5ede432) to head (7e88217).

Files Patch % Lines
crypto/fipsmodule/rsa/rsa.c 77.19% 13 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1502      +/-   ##
==========================================
- Coverage   77.00%   76.98%   -0.02%     
==========================================
  Files         425      425              
  Lines       71556    71546      -10     
==========================================
- Hits        55103    55083      -20     
- Misses      16453    16463      +10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@skmcgrail skmcgrail self-requested a review March 20, 2024 23:30
justsmth
justsmth approved these changes Mar 22, 2024
View reviewed changes
crypto/fipsmodule/rsa/rsa.c
Comment on lines +1174 to +1176
if (boringssl_fips_break_test("RSA_PWCT")) {
data[0] = ~data[0];
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NP: This will be optimized away for release build, but we could guard this logic with #ifdef BORINGSSL_FIPS_BREAK_TESTS,

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@justsmth, not sure if we need it. This flag is used to disable the integrity test as per d04c32a

@dkostic dkostic merged commit c8bdf89 into aws:main Mar 23, 2024
44 checks passed
@dkostic dkostic deleted the rsa-key-check-consolidation branch March 23, 2024 16:03
nebeid
nebeid reviewed Mar 25, 2024
View reviewed changes
crypto/fipsmodule/rsa/rsa.c
// In addition to invalid key type, stripped private keys can not be checked
// with this function because they lack the public component which is
// necessary for both FIPS checks performed here.
if (key_type == RSA_KEY_TYPE_FOR_CHECKING_INVALID ||
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The RSA_is_opaque no longer applies?

crypto/fipsmodule/rsa/rsa.c
goto end;
}

if (!RSA_sign(NID_sha256, data, sizeof(data), sig, &sig_len, key)) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We needed to use the EVP_DigestSign/Verify for the PCT test dbedeb7

nebeid
nebeid reviewed Mar 25, 2024
View reviewed changes
crypto/fipsmodule/rsa/rsa.c
data[0] = ~data[0];
}
if (!RSA_verify(NID_sha256, data, sizeof(data), sig, sig_len, key)) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not keep RSA_R_PUBLIC_KEY_VALIDATION_FAILED in the case of PCT failure as before?

crypto/fipsmodule/rsa/rsa.c
Comment on lines +1174 to +1176
if (boringssl_fips_break_test("RSA_PWCT")) {
data[0] = ~data[0];
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@justsmth, not sure if we need it. This flag is used to disable the integrity test as per d04c32a

@justsmth justsmth mentioned this pull request Apr 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nebeid nebeid nebeid left review comments

@skmcgrail skmcgrail skmcgrail approved these changes

@justsmth justsmth justsmth approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@dkostic @codecov-commenter @skmcgrail @nebeid @justsmth