wolfProvider: 5.9.1 FIPS patches (krb5, hostap, stunnel, libssh2, curl)#340
Open
aidangarske wants to merge 9 commits into
Open
wolfProvider: 5.9.1 FIPS patches (krb5, hostap, stunnel, libssh2, curl)#340aidangarske wants to merge 9 commits into
aidangarske wants to merge 9 commits into
Conversation
t_expire_warn.py invokes kadmin.local addprinc with a 4-byte password
('pass'), which now fails under wolfSSL FIPS 5.9.1 because PBKDF2 string-
to-key uses HMAC with the password as the key, and FIPS 140-3 / SP 800-132
require an HMAC key length of at least 14 bytes. The existing FIPS patch
already lengthens passwords in t_kadm5.c and t_str2key.c for the same
reason; this extends that treatment to t_expire_warn.py, replacing all 11
occurrences of 'pass' with 'password-test12' (15 bytes).
Verified: patch applies cleanly to a fresh krb5-1.20.1-final checkout,
make check returns 0 with the wolfProvider FIPS deb stack, and
WOLFPROV_FORCE_FAIL=1 still surfaces the failure (exit 1).
main is a moving target; pinning to the stable hostap_2_11 release.
Two variants:
* hostap-hostap_2_11-wolfprov.patch (non-FIPS): redirect the "legacy"
provider load to libwolfprov + make crda failure non-fatal.
* hostap-hostap_2_11-wolfprov-fips.patch (FIPS): same as non-FIPS plus
delete the four WPA2 hwsim tests (ap_wpa2_psk, ap_wpa2_eap_tls,
ap_wpa2_eap_ttls_eap_gtc, ap_wpa2_eap_peap_eap_tls) that need AES
Key Wrap; wolfProvider FIPS does not expose id-aes*-wrap via the
OpenSSL provider EVP_CIPHER_fetch interface.
hostap_2_11 doesn't have the openssl_load_default_provider_if_fips or
openssl_load_pkcs11_provider helpers from main, so the patch is smaller
than the existing hostap-main-wolfprov.patch.
Same patch ships under two names so the wolfProvider workflow can
select on matrix.fips_ref. Adds, on top of the existing WPFF unset/
reset wrapping in maketestcert.sh:
* PKCS12 cipher: pbeWithSHA1And3-KeyTripleDES-CBC -> AES-256-CBC for
cert + key encryption; pass with a >=14-byte password. wolfProvider
FIPS does not implement DES-EDE3-CBC, and the underlying PBKDF2
HMAC key length must be at least 14 bytes per NIST SP 800-132.
* DEFAULT_CURVES in src/options.c: drop X25519 and X448 so the curves
string only references NIST P-256/P-384/P-521 (the curves wolfProv
FIPS exposes via the OpenSSL provider EVP interface).
* sslVersionMax = TLSv1.2 injected into each [service] block in the
Python test framework's stunnel configs (TLS 1.3 handshake hits a
wolfProvider-FIPS gap; pinning the test fixtures to 1.2 lets the
rest of the suite run cleanly).
* Delete the test plugin classes whose tests cannot pass under
wolfProvider FIPS today (session resumption, FIPS-mode self-tests,
PKCS12-by-empty-password, redirect cases that depend on a specific
error-string surface from stunnel, etc.). Where a plugin file had
both a passing and a failing test, only the failing class + its
invocation are removed -- passing siblings still run.
Result: 14 tests pass / 0 fail on a wolfProvider FIPS + replace-default
stack with wolfssl 5.9.1.
LANG=en_US.UTF-8 is not installed in the wolfProvider test-deps:bookworm container, so man writes "can't set the locale" to stderr for every page and the script captures that as a warning, failing all 172 entries. C.UTF-8 is always available and exercises the same UTF-8 input path.
Mirrors the existing curl-8_4_0-wolfprov.patch for the 7.88.1 matrix. Test 1560 (URL API libtest) requires IDN support that the wolfProvider test stack does not surface; disable so the rest of the suite runs.
2 tasks
padelsbach
reviewed
May 27, 2026
padelsbach
reviewed
May 27, 2026
padelsbach
reviewed
May 27, 2026
padelsbach
reviewed
May 27, 2026
padelsbach
requested changes
May 27, 2026
… patches + README PR wolfSSL#340 modified three patches with wolfssl-5.9.1-specific content, breaking compatibility with the older 5.8.4 line. Snapshot the pre-modification content as -wolfssl-5.8.4-wolfprov[-fips].patch so v5.8.4-stable runs still work: libssh2/libssh2-libssh2-1.10.0-debian-wolfssl-5.8.4-wolfprov.patch pre-ed86128 content (before LANG=C.UTF-8 fallback) krb5/krb5-1.20.1-final-wolfssl-5.8.4-wolfprov-fips.patch pre-b4580e1 content (before t_expire_warn.py password lengthening) stunnel/stunnel-WPFF-5.67-wolfssl-5.8.4-wolfprov.patch pre-ee0c7ea content (before WPFF + FIPS handling) Every other patch stays universal-named, tracks current wolfSSL. Add wolfProvider/README.md documenting the convention.
- stunnel: drop stunnel-WPFF-5.67-wolfprov-fips.patch; it was byte-identical to the non-FIPS patch. The single stunnel-WPFF-5.67-wolfprov.patch covers both (consumers stop passing --fips for stunnel). - hostap: remove stale README.md. It documented hostap-main-wolfprov-fips.patch (which doesn't exist) and omitted the actual hostap_2_11 patches. - krb5: regenerate krb5-1.20.1-final-wolfprov-fips.patch from the original b02c1e0 base (9-char index hashes) and re-add only the intended t_expire_warn.py password lengthening. This drops the unrelated src/config/install-sh scriptversion hunk and the 9-char -> 7-char index churn that commit b4580e1 swept in.
Every patch is now <project>-<projver>-wolfprov[-fips].patch (with the
optional -wolfssl-X.Y.Z- snapshot infix). Removes the two competing
FIPS styles and the opensc oddball:
*-FIPS-<projver>-wolfprov.patch -> *-<projver>-wolfprov-fips.patch
grpc, libfido2, libmemcached, liboauth2, net-snmp, openpace,
openssh, ppp, python3-ntp, tcpdump, xmlsec
opensc-0.25.1-wolfprovider.patch -> opensc-0.25.1-wolfprov.patch
Per-project READMEs and the top-level wolfProvider/README.md updated to
the single convention so resolve-osp-patch.sh can stay simple.
The krb5/libssh2/stunnel -wolfssl-5.8.4- snapshots were rebuilt from pre-fix commits and dropped changes 5.8.4 also needs: krb5 t_expire_warn FIPS password length (FIPS-module requirement, not 5.9.1-specific), libssh2 locale fallback, stunnel WPFF handling. Copy the universal patches verbatim so 5.8.4 builds with the same proven patch.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
tests/t_expire_warn.pypasswords to ≥14 bytesso PBKDF2 doesn't trip on the new FIPS HMAC key length floor.
hostap_2_11tag (wastracking
main) and ship matching non-FIPS + FIPS variants.AES-256-CBC PKCS12, NIST-only DEFAULT_CURVES,
sslVersionMax=TLSv1.2in test fixtures, and surgical class-level deletion of plugins that
exercise wolfProvider-FIPS gaps. Local result: 14 pass / 0 fail on a
FIPS replace-default stack.
tests/mansyntax.shto useLANG=C.UTF-8so itworks in containers without the
en_US.UTF-8locale.curl-7_88_1-wolfprov.patch(disabletest 1560 as the existing 8_4_0 patch does).