From cc0a40bd74120dc06fd80f163b30abb91f60b63b Mon Sep 17 00:00:00 2001 From: Lucas Mulling via Gcrypt-devel Date: Wed, 26 Feb 2025 17:19:23 -0300 Subject: [PATCH 05/14] cipher: Differentiate no-blinding flag in the SLI MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * cipher/rsa.c (rsa_decrypt, rsa_encrypt): Differentiate use of flag no-blinding in the service level indicator. GnuPG-bug-id: 7338 Signed-off-by: Lucas Mulling Signed-off-by: Lucas Mülling --- cipher/rsa.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/cipher/rsa.c b/cipher/rsa.c index c1329644..dce76414 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -1501,7 +1501,19 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) be practically mounted over the network as shown by Brumley and Boney in 2003. */ if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING)) - secret (plain, data, &sk); + { + if (fips_mode ()) + { + if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK)) + { + rc = GPG_ERR_INV_FLAG; + goto leave; + } + else + fips_service_indicator_mark_non_compliant (); + } + secret (plain, data, &sk); + } else secret_blinded (plain, data, &sk, nbits); @@ -1632,8 +1644,22 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* Do RSA computation. */ sig = mpi_new (0); + if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING)) - secret (sig, data, &sk); + { + if (fips_mode ()) + { + if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK)) + { + rc = GPG_ERR_INV_FLAG; + goto leave; + } + else + fips_service_indicator_mark_non_compliant (); + } + + secret (sig, data, &sk); + } else secret_blinded (sig, data, &sk, nbits); if (DBG_CIPHER) -- 2.49.0