Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove jent_read_entropy_safe usage from AWS-LC and modify entropy generation (fips-2021-10-20) #2109

Merged
merged 4 commits into from
Jan 15, 2025
Merged

Remove jent_read_entropy_safe usage from AWS-LC and modify entropy generation (fips-2021-10-20) #2109

merged 4 commits into from
Jan 15, 2025
+36 −9

Conversation

smittals2
Copy link
Contributor

@smittals2 smittals2 commented Jan 10, 2025
edited
Loading

Issues:

P186365975

Description of changes:

These changes remove any usage of jent_read_entropy_safe function from AWS-LC. This function has an implementation vulnerability described here.

Entropy generation is also modified to use jent_read_entropy instead of jent_read_entropy_safe via this commit

jent_read_entropy_safe is now unused in our codebase, however, it is still present in the Jitter code. The changes to entropy generation are inside the FIPS boundary and will change the integrity hash value.

Call-outs:

Point out areas that need special attention or support during the review process. Discuss architecture or design changes.

Testing:

How is this change tested (unit tests, fuzz tests, etc.)? Are there any testing steps to be verified by the reviewer?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

dkostic and others added 2 commits January 10, 2025 14:08
@dkostic @smittals2
Change the Jitter entropy recovery mechanism (aws#1058)
07caaa3 
Previously, we were calling |jent_entropy_read_safe| Jitter function
to get entropy. This function has a built-in recover mechanism where
if the source fails to produce entropy then the function changes some
parameters and tries again. Due to FIPS rules, this is not possible
any more. We change the call to |jent_entropy_read| instead and handle
the potential failure in the AWS-LC part of the module by retrying
three times (note that in this case the same entropy source parameters
do not change).
@smittals2
cherrypicked dusan commit and remoed jent_read_entropy_safe
6dbbd9e
@smittals2 smittals2 requested review from a team as code owners January 10, 2025 22:16
andrewhop
andrewhop previously approved these changes Jan 13, 2025
View reviewed changes
skmcgrail
skmcgrail previously approved these changes Jan 13, 2025
View reviewed changes
@smittals2 smittals2 dismissed stale reviews from skmcgrail and andrewhop via 627544a January 14, 2025 21:56
@smittals2 smittals2 changed the title Remove jent_read_entropy_safe and modify entropy generation (fips-2021-10-20) Remove jent_read_entropy_safe usage from AWS-LC and modify entropy generation (fips-2021-10-20) Jan 14, 2025
@smittals2 smittals2 merged commit da0617e into aws:fips-2021-10-20 Jan 15, 2025
4 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewhop andrewhop andrewhop approved these changes

@skmcgrail skmcgrail skmcgrail approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@smittals2 @skmcgrail @andrewhop @dkostic