Fix test_ssl.rb in FIPS.

junaruga · junaruga · commit ac3559e51e51 · 2025-09-16T13:27:22.000+01:00
test_post_connect_check_with_anon_ciphers: test_tmp_dh_callback: test_tmp_dh: DH missing the q value on unknown named parameters (ciphers) is not FIPS-approved, according to the FIPS-186-4 APPENDIX B: Key Pair Generation - B.1.1 Key Pair Generation Using Extra Random Bits, the inputs p, q, and g are required. However, TLS doesn't send q. https://csrc.nist.gov/pubs/fips/186-4/final OpenSSL has a special workaround to recover the missing "q" value for known named parameters, which is the reason why other tests that use the default parameters in `lib/openssl/ssl.rb` are working. Note that the test_post_connect_check_with_anon_ciphers test got the following error on `OpenSSL.debug = true` in FIPS. ``` /home/jaruga/var/git/ruby/openssl/lib/openssl/ssl.rb:551: warning: error on stack: error:0A0C0103:SSL routines:tls_construct_server_key_exchange:internal error ``` test_get_ephemeral_key: kRSA (PKCS1-v1_5 padding) is not allowed in FIPS according to the NIST SP 800-131A Rev. 2 - 6 Key Agreement and Key Transport Using RSA - Table 5: Approval Status for the RSA-based Key Agreement and Key Transport Schemes - PKCS1-v1_5 padding - Disallowed after 2023 https://csrc.nist.gov/pubs/sp/800/131/a/r2/final Note that the test_get_ephemeral_key test got the following error on `OpenSSL.debug = true` in FIPS. ``` test/openssl/test_ssl.rb:2326: warning: error on stack: error:1C8000A8:Provider routines:rsa_encrypt:invalid padding mode ```
diff --git a/Rakefile b/Rakefile
@@ -34,7 +34,6 @@ Rake::TestTask.new(:test_fips_internal) do |t|
     'test/openssl/test_ns_spki.rb',
     'test/openssl/test_ocsp.rb',
     'test/openssl/test_pkcs12.rb',
-    'test/openssl/test_ssl.rb',
     'test/openssl/test_ts.rb',
     'test/openssl/test_x509cert.rb',
     'test/openssl/test_x509crl.rb',
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
@@ -685,6 +685,8 @@ def test_sslctx_set_params
   end
 
   def test_post_connect_check_with_anon_ciphers
+    # DH missing the q value on unknown named parameters is not FIPS-approved.
+    omit_on_fips
     omit "AWS-LC does not support DHE ciphersuites" if aws_lc?
 
     ctx_proc = -> ctx {
@@ -1747,6 +1749,9 @@ def test_sync_close_without_connect
   end
 
   def test_get_ephemeral_key
+    # kRSA is not FIPS-approved.
+    omit_on_fips
+
     # kRSA
     ctx_proc1 = proc { |ctx|
       ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
@@ -1863,6 +1868,8 @@ def test_fallback_scsv
   end
 
   def test_tmp_dh_callback
+    # DH missing the q value on unknown named parameters is not FIPS-approved.
+    omit_on_fips
     omit "AWS-LC does not support DHE ciphersuites" if aws_lc?
 
     dh = Fixtures.pkey("dh-1")
@@ -2131,6 +2138,8 @@ def test_connect_works_when_setting_dh_callback_to_nil
   end
 
   def test_tmp_dh
+    # DH missing the q value on unknown named parameters is not FIPS-approved.
+    omit_on_fips
     omit "AWS-LC does not support DHE ciphersuites" if aws_lc?
 
     dh = Fixtures.pkey("dh-1")
