fips: wire in the no-short-mac option

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24917)
2025-03-25 20:00:44 +08:00 · 2024-07-17 13:55:35 +10:00 · 2024-07-17 13:55:35 +10:00 · d791c2c486
commit d791c2c486
parent 3440a9a0e2
3 changed files with 19 additions and 1 deletions
--- a/include/openssl/fips_names.h
+++ b/include/openssl/fips_names.h
@ -61,6 +61,14 @@ extern "C" {
 */
 # define OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check"

+/*
+ * A boolean that determines if the runtime FIPS check for undersized MAC output
+ * is performed.
+ * This is enabled by default.
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+#define OSSL_PROV_FIPS_PARAM_NO_SHORT_MAC "no-short-mac"
+
 /*
 * A boolean that determines if truncated digests can be used with Hash and HMAC
 * DRBGs.  FIPS 140-3 IG D.R disallows such use for efficiency rather than
--- a/providers/common/include/prov/fipscommon.h
+++ b/providers/common/include/prov/fipscommon.h
@ -12,6 +12,7 @@

 int FIPS_security_check_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_tls_prf_ems_check(OSSL_LIB_CTX *libctx);
+int FIPS_no_short_mac(OSSL_LIB_CTX *libctx);
 int FIPS_restricted_drbg_digests_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_hkdf_digest_check(OSSL_LIB_CTX *libctx);
 int FIPS_tls13_kdf_digest_check(OSSL_LIB_CTX *libctx);
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@ -90,6 +90,7 @@ typedef struct fips_global_st {
    SELF_TEST_POST_PARAMS selftest_params;
    FIPS_OPTION fips_security_checks;
    FIPS_OPTION fips_tls1_prf_ems_check;
+    FIPS_OPTION fips_no_short_mac;
    FIPS_OPTION fips_restricted_drgb_digests;
    FIPS_OPTION fips_hkdf_digest_check;
    FIPS_OPTION fips_tls13_kdf_digest_check;
@ -114,6 +115,7 @@ void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *libctx)
        return NULL;
    init_fips_option(&fgbl->fips_security_checks, 1);
    init_fips_option(&fgbl->fips_tls1_prf_ems_check, 0); /* Disabled by default */
+    init_fips_option(&fgbl->fips_no_short_mac, 1);
    init_fips_option(&fgbl->fips_restricted_drgb_digests, 0);
    init_fips_option(&fgbl->fips_hkdf_digest_check, 0);
    init_fips_option(&fgbl->fips_tls13_kdf_digest_check, 0);
@ -138,6 +140,7 @@ static const OSSL_PARAM fips_param_types[] = {
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_STATUS, OSSL_PARAM_INTEGER, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_SECURITY_CHECKS, OSSL_PARAM_INTEGER, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_TLS1_PRF_EMS_CHECK, OSSL_PARAM_INTEGER, NULL, 0),
+    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NO_SHORT_MAC, OSSL_PARAM_INTEGER, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_DRBG_TRUNC_DIGEST, OSSL_PARAM_INTEGER, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_HKDF_DIGEST_CHECK, OSSL_PARAM_INTEGER, NULL,
                    0),
@ -166,7 +169,7 @@ static int fips_get_params_from_core(FIPS_GLOBAL *fgbl)
    * OSSL_PROV_FIPS_PARAM_SECURITY_CHECKS and
    * OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK are not self test parameters.
    */
-    OSSL_PARAM core_params[17], *p = core_params;
+    OSSL_PARAM core_params[20], *p = core_params;

    *p++ = OSSL_PARAM_construct_utf8_ptr(
            OSSL_PROV_PARAM_CORE_MODULE_FILENAME,
@ -203,6 +206,8 @@ static int fips_get_params_from_core(FIPS_GLOBAL *fgbl)
                        fips_security_checks);
    FIPS_FEATURE_OPTION(fgbl, OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK,
                        fips_tls1_prf_ems_check);
+    FIPS_FEATURE_OPTION(fgbl, OSSL_PROV_FIPS_PARAM_NO_SHORT_MAC,
+                        fips_no_short_mac);
    FIPS_FEATURE_OPTION(fgbl, OSSL_PROV_FIPS_PARAM_DRBG_TRUNC_DIGEST,
                        fips_restricted_drgb_digests);
    FIPS_FEATURE_OPTION(fgbl, OSSL_PROV_FIPS_PARAM_HKDF_DIGEST_CHECK,
@ -264,6 +269,8 @@ static int fips_get_params(void *provctx, OSSL_PARAM params[])
                     fips_security_checks);
    FIPS_FEATURE_GET(fgbl, OSSL_PROV_PARAM_TLS1_PRF_EMS_CHECK,
                     fips_tls1_prf_ems_check);
+    FIPS_FEATURE_GET(fgbl, OSSL_PROV_PARAM_NO_SHORT_MAC,
+                     fips_no_short_mac);
    FIPS_FEATURE_GET(fgbl, OSSL_PROV_PARAM_DRBG_TRUNC_DIGEST,
                     fips_restricted_drgb_digests);
    FIPS_FEATURE_GET(fgbl, OSSL_PROV_PARAM_HKDF_DIGEST_CHECK,
@ -813,6 +820,7 @@ int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle,

    FIPS_SET_OPTION(fgbl, fips_security_checks);
    FIPS_SET_OPTION(fgbl, fips_tls1_prf_ems_check);
+    FIPS_SET_OPTION(fgbl, fips_no_short_mac);
    FIPS_SET_OPTION(fgbl, fips_restricted_drgb_digests);
    FIPS_SET_OPTION(fgbl, fips_hkdf_digest_check);
    FIPS_SET_OPTION(fgbl, fips_tls13_kdf_digest_check);
@ -1020,6 +1028,7 @@ int BIO_snprintf(char *buf, size_t n, const char *format, ...)

 FIPS_FEATURE_CHECK(FIPS_security_check_enabled, fips_security_checks)
 FIPS_FEATURE_CHECK(FIPS_tls_prf_ems_check, fips_tls1_prf_ems_check)
+FIPS_FEATURE_CHECK(FIPS_no_short_mac, fips_no_short_mac)
 FIPS_FEATURE_CHECK(FIPS_restricted_drbg_digests_enabled,
                   fips_restricted_drgb_digests)
 FIPS_FEATURE_CHECK(FIPS_hkdf_digest_check, fips_hkdf_digest_check)