Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CRYPTO: Remove support for ex_data fields when building the FIPS module #10837

Closed
wants to merge 2 commits into from
Closed

CRYPTO: Remove support for ex_data fields when building the FIPS module #10837

wants to merge 2 commits into from
+32 −13

Conversation

levitte
Copy link
Member

@levitte levitte commented Jan 14, 2020

These fields are purely application data, and applications don't reach
into the bowels of the FIPS module, so these fields are never used
there.

Fixes #10835

@levitte
CRYPTO: Remove support for ex_data fields when building the FIPS module
af60c41 
These fields are purely application data, and applications don't reach
into the bowels of the FIPS module, so these fields are never used
there.

Fixes openssl#10835
@levitte
PROV: Adapt the DSA keymgmt implementation to no ex_fields
7c8762e
@levitte levitte added branch: master Merge to master branch approval: review pending This pull request needs review by a committer labels Jan 14, 2020
@levitte levitte mentioned this pull request Jan 14, 2020
Closed
paulidale
paulidale reviewed Jan 14, 2020
View reviewed changes
crypto/rand/rand_local.h
@@ -308,8 +308,10 @@ struct rand_drbg_st {
size_t seedlen;
DRBG_STATUS state;

#ifndef FIPS_MODE
/* Application data, mainly used in the KATs. */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't this comment cause alarm?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was wondering about that, but having looked around, I only saw that used in test programs (i.e applications), so.

They can always be re-enabled selectively later on, if actually needed.

@paulidale
Copy link
Contributor

I'm wondering why?

Why not leave them in the FIPS provider albeit unused?

@levitte
Copy link
Member Author

levitte commented Jan 14, 2020
edited
Loading

It created havoc when implementing key copying in the dsa keymgmt, because suddenly I was required to pass a OPENSSL_CTX for no real reason. This would have meant some pretty heavy refactoring of the dsa keymgmt.

Incidently, I noticed that EC has already disabled ex_data when building the fips module, so it seems someone had already been thinking the same thing before.

slontis
slontis requested changes Jan 14, 2020
View reviewed changes
Copy link
Member

@slontis slontis left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this needs a discussion..
Not sure what the side effects of this will be...
libctx is being passed around for a few things in the fips module currently.
ex_data is one of them. BN_CTX and RAND also need it.
@mattcaswell ?

@levitte
Copy link
Member Author

levitte commented Jan 14, 2020

libctx is being passed around for a few things in the fips module currently.

Yes? But does that mean that the keys need to have an ex_data field?

@levitte
Copy link
Member Author

levitte commented Jan 14, 2020

BN_CTX and RAND also need it.

The only place I can see that being affected, specifically for keymgmt, is with key generation, and if you look in #10289, the key generation functions receive a provctx, which fixes that.

@levitte
Copy link
Member Author

levitte commented Jan 14, 2020

So, uhmmm, ping ?

@mattcaswell
Copy link
Member

I think this needs a discussion..
Not sure what the side effects of this will be...
libctx is being passed around for a few things in the fips module currently.
ex_data is one of them. BN_CTX and RAND also need it.

I see no problem with this.

@mattcaswell mattcaswell added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jan 14, 2020
@richsalz
Copy link
Contributor

To this non-member, it looks like you're kinda rushing things. I hope folks half-a-world away feel their concerns are being addressed.

@mattcaswell
Copy link
Member

To this non-member, it looks like you're kinda rushing things. I hope folks half-a-world away feel their concerns are being addressed.

Not sure what concerns you mean. This all seems fairly innocuous to me.

@richsalz
Copy link
Contributor

Well, @slontis has the 24hour period to raise issues. But seems like two folks in the same region wrote code, pinged, answered a query, approved all while he slept :) Shrug.

@mattcaswell
Copy link
Member

Well, @slontis has the 24hour period to raise issues. But seems like two folks in the same region wrote code, pinged, answered a query, approved all while he slept :) Shrug.

That's the whole point of the 24hr period...

@levitte
Copy link
Member Author

levitte commented Jan 14, 2020
edited
Loading

FYI, there was video call this morning (European time), involving @mattcaswell, @paulidale, @slontis, @romen and myself, where this PR was discussed among other things.

@levitte levitte added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jan 15, 2020
openssl-machine pushed a commit that referenced this pull request Jan 15, 2020
@levitte
CRYPTO: Remove support for ex_data fields when building the FIPS module
a332778 
These fields are purely application data, and applications don't reach
into the bowels of the FIPS module, so these fields are never used
there.

Fixes #10835

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #10837)
openssl-machine pushed a commit that referenced this pull request Jan 15, 2020
@levitte
PROV: Adapt the DSA keymgmt implementation to no ex_fields
9ec7b6a 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #10837)
@levitte
Copy link
Member Author

levitte commented Jan 15, 2020

Merged.

a332778 CRYPTO: Remove support for ex_data fields when building the FIPS module
9ec7b6a PROV: Adapt the DSA keymgmt implementation to no ex_fields

@levitte levitte closed this Jan 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulidale paulidale paulidale left review comments

@mattcaswell mattcaswell mattcaswell approved these changes

@slontis slontis slontis approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Let's not have ex_data within the FIPS provider module
5 participants
@levitte @paulidale @mattcaswell @richsalz @slontis