session: Tolerate non-approved DH parameter usage in FIPS mode

The SecretSession protocol uses a weak Diffie-Hellman parameters which are not approved by FIPS. While this is not ideal, the protocol is not designed as a general protection mechanism of data in transit, but just as a safety net against when the dbus-daemon (or dbus-broker) crashes and dumps a core, and thus bumping the protocol to use a larger DH group would be overkill. This patch temporarily disables the FIPS check around the GnuTLS DH API calls to avoid errors. Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2024-12-21 20:28:52 +00:00 · 2024-07-22 16:31:50 +09:00 · 2024-07-22 16:31:50 +09:00 · ac1367056d
commit ac1367056d
parent 337a0937fb
5 changed files with 111 additions and 0 deletions
--- a/egg/egg-fips-gnutls.c
+++ b/egg/egg-fips-gnutls.c
@ -0,0 +1,36 @@
+/*
+ * libsecret
+ *
+ * Copyright (C) 2024 Red Hat, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+
+#include "egg-fips.h"
+
+#include <gnutls/gnutls.h>
+
+EggFipsMode
+egg_fips_get_mode (void)
+{
+	return gnutls_fips140_mode_enabled ();
+}
+
+void
+egg_fips_set_mode (EggFipsMode mode)
+{
+	gnutls_fips140_set_mode (mode, GNUTLS_FIPS140_SET_MODE_THREAD);
+}
--- a/egg/egg-fips-libgcrypt.c
+++ b/egg/egg-fips-libgcrypt.c
@ -0,0 +1,33 @@
+/*
+ * libsecret
+ *
+ * Copyright (C) 2024 Red Hat, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+#include "egg-fips.h"
+
+EggFipsMode
+egg_fips_get_mode (void)
+{
+	return EGG_FIPS_MODE_DISABLED;
+}
+
+void
+egg_fips_set_mode (EggFipsMode mode)
+{
+	(void)mode;
+}
--- a/egg/egg-fips.h
+++ b/egg/egg-fips.h
@ -0,0 +1,31 @@
+/*
+ * libsecret
+ *
+ * Copyright (C) 2024 Red Hat, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef EGG_FIPS_H_
+#define EGG_FIPS_H_
+
+typedef enum {
+	EGG_FIPS_MODE_DISABLED = 0,
+	/* Other values are specific to each backend */
+} EggFipsMode;
+
+EggFipsMode egg_fips_get_mode (void);
+void egg_fips_set_mode (EggFipsMode mode);
+
+#endif /* EGG_FIPS_H_ */
--- a/egg/meson.build
+++ b/egg/meson.build
@ -18,6 +18,7 @@ if with_crypto
  if with_gcrypt
    libegg_sources += [
      'egg-dh-libgcrypt.c',
+      'egg-fips-libgcrypt.c',
      'egg-hkdf-libgcrypt.c',
      'egg-keyring1-libgcrypt.c',
      'egg-libgcrypt.c',
@ -25,6 +26,7 @@ if with_crypto
  elif with_gnutls
    libegg_sources += [
      'egg-dh-gnutls.c',
+      'egg-fips-gnutls.c',
      'egg-hkdf-gnutls.c',
      'egg-keyring1-gnutls.c',
    ]
--- a/libsecret/secret-session.c
+++ b/libsecret/secret-session.c
@ -19,6 +19,7 @@

 #ifdef WITH_CRYPTO
 #include "egg/egg-dh.h"
+#include "egg/egg-fips.h"
 #include "egg/egg-hkdf.h"
 #endif

@ -78,6 +79,7 @@ request_open_session_aes (SecretSession *session)
 {
 	GBytes *buffer;
 	GVariant *argument;
+	EggFipsMode fips_mode;

 	g_assert (session->params == NULL);
 	g_assert (session->privat == NULL);
@ -98,9 +100,12 @@ request_open_session_aes (SecretSession *session)
 	g_printerr ("\n");
 #endif

+	fips_mode = egg_fips_get_mode ();
+	egg_fips_set_mode (EGG_FIPS_MODE_DISABLED);
 	if (!egg_dh_gen_pair (session->params, 0,
 	                      &session->publi, &session->privat))
 		g_return_val_if_reached (NULL);
+	egg_fips_set_mode (fips_mode);

 	buffer = egg_dh_pubkey_export (session->publi);
 	g_return_val_if_fail (buffer != NULL, NULL);
@ -121,6 +126,7 @@ response_open_session_aes (SecretSession *session,
 	const gchar *sig;
 	egg_dh_pubkey *peer;
 	GBytes *ikm;
+	EggFipsMode fips_mode;

 	sig = g_variant_get_type_string (response);
 	g_return_val_if_fail (sig != NULL, FALSE);
@ -147,7 +153,10 @@ response_open_session_aes (SecretSession *session,
 	g_printerr ("\n");
 #endif

+	fips_mode = egg_fips_get_mode ();
+	egg_fips_set_mode (EGG_FIPS_MODE_DISABLED);
 	ikm = egg_dh_gen_secret (peer, session->privat, session->params);
+	egg_fips_set_mode (fips_mode);
 	egg_dh_pubkey_free (peer);

 #if 0