diff --git a/src/wp_tls_capa.c b/src/wp_tls_capa.c index 1c7bd0f3..dc4ee5af 100644 --- a/src/wp_tls_capa.c +++ b/src/wp_tls_capa.c @@ -135,8 +135,10 @@ static const wp_tls_group_consts wp_group_const_list[35] = { /** List of parameters for TLS groups. */ static const OSSL_PARAM wp_param_group_list[][11] = { +#if defined(WP_HAVE_EC_P192) && !defined(HAVE_FIPS) WP_TLS_GROUP_ENTRY_EC( "secp192r1" , "prime192v1" , 0 ), WP_TLS_GROUP_ENTRY_EC( "P-192" , "prime192v1" , 0 ), +#endif WP_TLS_GROUP_ENTRY_EC( "secp224r1" , "secp224r1" , 1 ), WP_TLS_GROUP_ENTRY_EC( "P-224" , "secp224r1" , 1 ), WP_TLS_GROUP_ENTRY_EC( "secp256r1" , "prime256v1" , 2 ), diff --git a/test/test_ecc.c b/test/test_ecc.c index 2783963b..7ffb1666 100644 --- a/test/test_ecc.c +++ b/test/test_ecc.c @@ -26,6 +26,8 @@ #include +#include + /* Mirror the fallback used in src/wp_ecdsa_sig.c for wolfSSL < v5.9.1. */ #ifndef WC_MIN_DIGEST_SIZE #define WC_MIN_DIGEST_SIZE 20 @@ -2845,4 +2847,86 @@ int test_ec_fromdata_oversize(void *data) } #endif /* WP_HAVE_EC_P256 */ +/* Collected while walking the advertised TLS-GROUP capability list. */ +typedef struct wp_group_scan { + int total; /* Number of groups advertised. */ + int foundP192; /* "P-192" was advertised. */ + int foundSecp192r1; /* "secp192r1" was advertised. */ +} wp_group_scan; + +/* Record whether the weak P-192 group is advertised. */ +static int wp_group_name_cb(const OSSL_PARAM params[], void *arg) +{ + wp_group_scan *scan = (wp_group_scan*)arg; + const OSSL_PARAM *p; + const char *name = NULL; + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_NAME); + if ((p != NULL) && OSSL_PARAM_get_utf8_string_ptr(p, &name) && + (name != NULL)) { + scan->total++; + if (strcmp(name, "P-192") == 0) { + scan->foundP192 = 1; + } + else if (strcmp(name, "secp192r1") == 0) { + scan->foundSecp192r1 = 1; + } + } + + return 1; +} + +/* + * P-192 provides only 80 bits of security and is not FIPS approved. Advertise + * it as a TLS group only in non-FIPS builds (!HAVE_FIPS) where the curve is + * compiled and usable (WP_HAVE_EC_P192). + */ +int test_ec_tls_group_p192(void *data) +{ + int err = 0; + OSSL_PROVIDER *prov = NULL; + wp_group_scan scan; + + (void)data; + + memset(&scan, 0, sizeof(scan)); + + prov = OSSL_PROVIDER_load(wpLibCtx, wolfprovider_id); + if (prov == NULL) { + PRINT_ERR_MSG("Failed to load wolfProvider"); + err = 1; + } + + if (err == 0) { + if (OSSL_PROVIDER_get_capabilities(prov, "TLS-GROUP", + wp_group_name_cb, &scan) != 1) { + PRINT_ERR_MSG("get_capabilities(TLS-GROUP) failed"); + err = 1; + } + } + + if (err == 0 && scan.total == 0) { + PRINT_ERR_MSG("No TLS groups advertised"); + err = 1; + } + +#if defined(WP_HAVE_EC_P192) && !defined(HAVE_FIPS) + if (err == 0 && (scan.foundP192 == 0 || scan.foundSecp192r1 == 0)) { + PRINT_ERR_MSG("P-192 should be advertised when the curve is usable"); + err = 1; + } +#else + if (err == 0 && (scan.foundP192 != 0 || scan.foundSecp192r1 != 0)) { + PRINT_ERR_MSG("P-192 must not be advertised (80-bit / non-FIPS only)"); + err = 1; + } +#endif + + if (prov != NULL) { + OSSL_PROVIDER_unload(prov); + } + + return err; +} + #endif /* WP_HAVE_ECC */ diff --git a/test/unit.c b/test/unit.c index 95f22b5f..1246649d 100644 --- a/test/unit.c +++ b/test/unit.c @@ -466,6 +466,10 @@ TEST_CASE test_case[] = { TEST_DECL(test_ec_load_cert, NULL), #endif /* WP_HAVE_ECDSA */ +#ifdef WP_HAVE_ECC + TEST_DECL(test_ec_tls_group_p192, NULL), +#endif /* WP_HAVE_ECC */ + #ifdef WP_HAVE_PBE #if !defined(HAVE_FIPS) || defined(WP_ALLOW_NON_FIPS) TEST_DECL(test_pbe, NULL), diff --git a/test/unit.h b/test/unit.h index e263dfd0..2277fd41 100644 --- a/test/unit.h +++ b/test/unit.h @@ -458,6 +458,7 @@ int test_ec_decode(void* data); int test_ec_import(void* data); int test_ec_auto_derive_pubkey(void* data); int test_ec_null_init(void* data); +int test_ec_tls_group_p192(void* data); #ifdef WP_HAVE_EC_P256 int test_ec_print_public(void* data); int test_ec_fromdata_oversize(void* data);