On 18/02/2023 00:09, Thomas Dwyer III wrote:
I cannot find any documentation to confirm this but my testing seems to
indicate that the null cipher returned by EVP_enc_null() does not work
with the FIPS provider. Specifically:
#include <stdio.h>
#include <openssl/evp.h>
int
main(int argc, char **argv)
{
int rc;
EVP_CIPHER_CTX *ctx;
unsigned char iv[1] = {0};
ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL) {
fprintf(stderr, "EVP_CIPHER_CTX_new() failed\n");
exit(1);
}
rc = EVP_CipherInit(ctx, EVP_enc_null(), NULL, iv, 1);
printf("EVP_CipherInit() = %d\n", rc);
exit(rc);
}
EVP_CipherInit() returns 1 with the default provider but 0 with the
FIPS+base providers. This is a behavior change from OpenSSL 1.0.2 and
the FIPS Object Module where the null cipher still works after calling
FIPS_mode_set(1); Is this change intentional? If so, is it documented
somewhere and I just missed it?
This is correct the NULL cipher is only available in the default
provider. Unsurprisingly the NULL cipher is not FIPS approved which is
why it doesn't exist there.
This actually looks like a documentation problem. The list of ciphers
available in the default and fips providers are documented here:
https://www.openssl.org/docs/man3.0/man7/OSSL_PROVIDER-default.html
https://www.openssl.org/docs/man3.0/man7/OSSL_PROVIDER-FIPS.html
But the list is incomplete for the default provider, since it makes no
mention of the NULL cipher (which it should do). I've raised an issue
for that:
https://github.com/openssl/openssl/issues/20340
Matt
Thanks,
Tom.III
