libgcrypt/libgcrypt-cipher-Differentiate-no-blinding-flag-in-the-SLI.patch

From cc0a40bd74120dc06fd80f163b30abb91f60b63b Mon Sep 17 00:00:00 2001
From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
Date: Wed, 26 Feb 2025 17:19:23 -0300
Subject: [PATCH 05/14] cipher: Differentiate no-blinding flag in the SLI
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* cipher/rsa.c (rsa_decrypt, rsa_encrypt): Differentiate use of flag
no-blinding in the service level indicator.

GnuPG-bug-id: 7338
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
 cipher/rsa.c | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

diff --git a/cipher/rsa.c b/cipher/rsa.c
index c1329644..dce76414 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1501,7 +1501,19 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
      be practically mounted over the network as shown by Brumley and
      Boney in 2003.  */
   if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
-    secret (plain, data, &sk);
+    {
+      if (fips_mode ())
+        {
+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+            {
+              rc = GPG_ERR_INV_FLAG;
+              goto leave;
+            }
+          else
+            fips_service_indicator_mark_non_compliant ();
+        }
+      secret (plain, data, &sk);
+    }
   else
     secret_blinded (plain, data, &sk, nbits);
 
@@ -1632,8 +1644,22 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
 
   /* Do RSA computation.  */
   sig = mpi_new (0);
+
   if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
-    secret (sig, data, &sk);
+    {
+      if (fips_mode ())
+        {
+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+            {
+              rc = GPG_ERR_INV_FLAG;
+              goto leave;
+            }
+          else
+            fips_service_indicator_mark_non_compliant ();
+        }
+
+        secret (sig, data, &sk);
+    }
   else
     secret_blinded (sig, data, &sk, nbits);
   if (DBG_CIPHER)
-- 
2.49.0
- Security fix [bsc#1221107, CVE-2024-2236] * Add --enable-marvin-workaround to spec to enable workaround * Fix timing based side-channel in RSA implementation ( Marvin attack ) * Add libgcrypt-CVE-2024-2236.patch OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=193 2025-06-10 07:06:49 +00:00			`From cc0a40bd74120dc06fd80f163b30abb91f60b63b Mon Sep 17 00:00:00 2001`
			`From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>`
			`Date: Wed, 26 Feb 2025 17:19:23 -0300`
			`Subject: [PATCH 05/14] cipher: Differentiate no-blinding flag in the SLI`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`* cipher/rsa.c (rsa_decrypt, rsa_encrypt): Differentiate use of flag`
			`no-blinding in the service level indicator.`

			`GnuPG-bug-id: 7338`
			`Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>`
			`Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>`
			`---`
			`cipher/rsa.c \| 30 ++++++++++++++++++++++++++++--`
			`1 file changed, 28 insertions(+), 2 deletions(-)`

			`diff --git a/cipher/rsa.c b/cipher/rsa.c`
			`index c1329644..dce76414 100644`
			`--- a/cipher/rsa.c`
			`+++ b/cipher/rsa.c`
			`@@ -1501,7 +1501,19 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)`
			`be practically mounted over the network as shown by Brumley and`
			`Boney in 2003. */`
			`if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))`
			`- secret (plain, data, &sk);`
			`+ {`
			`+ if (fips_mode ())`
			`+ {`
			`+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))`
			`+ {`
			`+ rc = GPG_ERR_INV_FLAG;`
			`+ goto leave;`
			`+ }`
			`+ else`
			`+ fips_service_indicator_mark_non_compliant ();`
			`+ }`
			`+ secret (plain, data, &sk);`
			`+ }`
			`else`
			`secret_blinded (plain, data, &sk, nbits);`

			`@@ -1632,8 +1644,22 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)`

			`/* Do RSA computation. */`
			`sig = mpi_new (0);`
			`+`
			`if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))`
			`- secret (sig, data, &sk);`
			`+ {`
			`+ if (fips_mode ())`
			`+ {`
			`+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))`
			`+ {`
			`+ rc = GPG_ERR_INV_FLAG;`
			`+ goto leave;`
			`+ }`
			`+ else`
			`+ fips_service_indicator_mark_non_compliant ();`
			`+ }`
			`+`
			`+ secret (sig, data, &sk);`
			`+ }`
			`else`
			`secret_blinded (sig, data, &sk, nbits);`
			`if (DBG_CIPHER)`
			`--`
			`2.49.0`