swtpm: Implement a check for HMAC+sha1 for testing future restrictions

HMAC+sha1 may be restricted next, so test for it but do not support forced removal of support for it. Signed-off-by: Stefan Berger <[email protected]>
stefanberger · Sep 17, 2024 · 017f99c · 017f99c
1 parent 51a13a7
commit 017f99c
Showing 1 changed file with 50 additions and 1 deletion.
diff --git a/src/swtpm/check_algos.c b/src/swtpm/check_algos.c
@@ -50,6 +50,7 @@
 
 #include <openssl/rsa.h>
 #include <openssl/evp.h>
+#include <openssl/hmac.h>
 
 #define MAX_RSA_KEYSIZE 2048
 
@@ -334,6 +335,21 @@ static int check_rsa_verify(const char *hashname, unsigned int keysize,
     return bad;
 }
 
+static int check_hmac(const char *hashname,
+                      unsigned int unused1 SWTPM_ATTR_UNUSED,
+                      unsigned int unused2 SWTPM_ATTR_UNUSED)
+{
+    const EVP_MD *evp_md = EVP_get_digestbyname(hashname);
+    unsigned char md[EVP_MAX_MD_SIZE];
+    unsigned int md_len = sizeof(md);
+
+    /*
+     * libtpms may not use OpenSSL HMAC functions to calculate an HMAC (but
+     * hash functions), nevertheles use HMAC() to test.
+     */
+    return HMAC(evp_md, NULL, 0, (unsigned char *)".", 1, md, &md_len) == NULL;
+}
+
 /*
  * List of OpenSSL configuration-disabled and 'fips=yes'-disabled algorithms
  * that TPM 2 may enable with a profile.
@@ -721,6 +737,11 @@ int check_ossl_fips_disabled_remove_algorithms(gchar ***algorithms,
  */
 int check_ossl_fips_disabled_set_attributes(gchar ***attributes, gboolean force)
 {
+    const gchar *const fips_hmac_attributes[] = {
+        "no-sha1-hmac-creation",
+        "no-sha1-hmac-verification",
+        NULL
+    };
     const gchar *const fips_attributes[] = {
         "no-sha1-signing",
         "no-sha1-verification",
@@ -735,6 +756,10 @@ int check_ossl_fips_disabled_set_attributes(gchar ***attributes, gboolean force)
              !strv_contains_all((const gchar *const*)*attributes,
                                 fips_attributes)))
             *attributes = strv_extend(*attributes, fips_attributes);
+        /*
+         * Do not force-remove HMAC+sha1 support until it is officially
+         * disabled
+         */
         goto exit;
     }
 
@@ -743,7 +768,7 @@ int check_ossl_fips_disabled_set_attributes(gchar ***attributes, gboolean force)
         strv_contains_all((const gchar *const*)*attributes,
                           (const char*[]){"fips-host", NULL})) {
         /* fips-host is already set */
-        goto exit;
+        goto check_hmac_sha1;
     }
 
     if (!(*attributes) ||
@@ -785,6 +810,30 @@ int check_ossl_fips_disabled_set_attributes(gchar ***attributes, gboolean force)
         }
     }
 
+check_hmac_sha1:
+    /* HMAC with SHA1 may be disabled next */
+    if ((*attributes) &&
+        (strv_contains_all((const gchar *const*)*attributes,
+                           (const char*[]){"no-sha1-hmac", NULL}) ||
+         strv_contains_all((const gchar *const*)*attributes,
+                           fips_hmac_attributes))) {
+        /*
+         * no-sha1-hmac or no-sha1-hmac-creation & no-sha1-hmac-verification
+         * are already set
+         */
+        goto exit;
+    }
+
+    if (!(*attributes)) {
+        if (check_hmac("SHA1", 0, 0)) {
+            *attributes = strv_extend(*attributes,
+                                      (const char *[]){
+                                          "no-sha1-hmac",
+                                          NULL
+                                      });
+        }
+    }
+
 exit:
     return 0;
 }