Merge pull request #997 from junaruga/wip/fips-test-pkcs12

Fix test_pkcs12.rb in FIPS.

Author: rhenium

Rakefile

@@ -28,7 +28,6 @@ Rake::TestTask.new(:test_fips_internal) do |t|
   t.test_files = FileList['test/**/test_*.rb'] - FileList[
     'test/openssl/test_hmac.rb',
     'test/openssl/test_kdf.rb',
-    'test/openssl/test_pkcs12.rb',
     'test/openssl/test_ts.rb',
   ]
   t.warning = true

test/openssl/test_pkcs12.rb

@@ -3,6 +3,29 @@
 
 if defined?(OpenSSL)
 
+# OpenSSL::PKCS12.create calling the PKCS12_create() has the argument mac_iter
+# which uses a MAC key using PKCS12KDF which is not FIPS-approved.
+# OpenSSL::PKCS12.new with base64-encoded example calling PKCS12_parse()
+# verifies the MAC key using PKCS12KDF which is not FIPS-approved.
+#
+# PBE-SHA1-3DES uses PKCS12KDF which is not FIPS-approved according to the RFC
+# 7292 PKCS#12.
+# https://datatracker.ietf.org/doc/html/rfc7292#appendix-C
+# > The PBES1 encryption scheme defined in PKCS #5 provides a number of
+# > algorithm identifiers for deriving keys and IVs; here, we specify a
+# > few more, all of which use the procedure detailed in Appendices B.2
+# > and B.3 to construct keys (and IVs, where needed).  As is implied by
+# > their names, all of the object identifiers below use the hash
+# > function SHA-1.
+# > ...
+# > pbeWithSHAAnd3-KeyTripleDES-CBC  OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
+#
+# Note that the pbeWithSHAAnd3-KeyTripleDES-CBC (pkcs12-pbeids 3) in the RFC
+# 7292 PKCS#12 means PBE-SHA1-3DES in OpenSSL. PKCS12KDF is used in PKCS#12.
+# https://oidref.com/1.2.840.113549.1.12.1.3
+# https://github.com/openssl/openssl/blob/ed57d1e06dca28689190e00d9893e0fd7ecc67c1/crypto/objects/objects.txt#L385
+return if OpenSSL.fips_mode
+
 module OpenSSL
   class TestPKCS12 < OpenSSL::TestCase
     DEFAULT_PBE_PKEYS = "PBE-SHA1-3DES"
@@ -210,8 +233,13 @@ def test_create_with_keytype
     end
 
     def test_new_with_no_keys
-      # generated with:
-      #   openssl pkcs12 -certpbe PBE-SHA1-3DES -in <@mycert> -nokeys -export
+      # Generated with the following steps:
+      #   Print the value of the @mycert such as by `puts @mycert.to_s` and
+      #   save the value as the file `mycert.pem`.
+      #   Run the following commands:
+      #   openssl pkcs12 -certpbe PBE-SHA1-3DES -in <(cat mycert.pem) \
+      #     -nokeys -export -passout pass:abc123 -out /tmp/p12.out
+      #   base64 -w 60 /tmp/p12.out
       str = <<~EOF.unpack1("m")
 MIIGJAIBAzCCBeoGCSqGSIb3DQEHAaCCBdsEggXXMIIF0zCCBc8GCSqGSIb3
 DQEHBqCCBcAwggW8AgEAMIIFtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMw
@@ -259,8 +287,10 @@ def test_new_with_no_keys
     end
 
     def test_new_with_no_certs
-      # generated with:
-      #   openssl pkcs12 -inkey fixtures/openssl/pkey/rsa-1.pem -nocerts -export
+      # Generated with the folowing steps:
+      #   openssl pkcs12 -inkey test/openssl/fixtures/pkey/rsa-1.pem \
+      #     -nocerts -export -passout pass:abc123 -out /tmp/p12.out
+      #   base64 -w 60 /tmp/p12.out
       str = <<~EOF.unpack1("m")
 MIIJ7wIBAzCCCbUGCSqGSIb3DQEHAaCCCaYEggmiMIIJnjCCCZoGCSqGSIb3
 DQEHAaCCCYsEggmHMIIJgzCCCX8GCyqGSIb3DQEMCgECoIIJbjCCCWowHAYK