From 234eb316b0a04c50e8511a570775ded45060f18b Mon Sep 17 00:00:00 2001
From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
Date: Wed, 26 Feb 2025 17:19:24 -0300
Subject: [PATCH 08/14] cipher,visibility: Differentiate use of random-override
 in the SLI
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi,
_gcry_pk_single_data_push, _gcry_pk_util_free_encoding_ctx):
Differentiate use of random-override in the SLI.
* src/visibility.c (gcry_pk_random_override_new):
Differentiate use explicit random override in the SLI.

GnuPG-bug-id: 7338
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
 cipher/pubkey-util.c | 33 +++++++++++++++++++++++++++++++++
 src/visibility.c     | 12 ++++++++++++
 2 files changed, 45 insertions(+)

diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
index e7355569..66a04f13 100644
--- a/cipher/pubkey-util.c
+++ b/cipher/pubkey-util.c
@@ -973,6 +973,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
           list = sexp_find_token (ldata, "random-override", 0);
           if (list)
             {
+              if (fips_mode ())
+                {
+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+                    {
+                      sexp_release (list);
+                      rc = GPG_ERR_INV_FLAG;
+                      goto leave;
+                    }
+                  else
+                    fips_service_indicator_mark_non_compliant ();
+                }
               s = sexp_nth_data (list, 1, &n);
               if (!s)
                 rc = GPG_ERR_NO_OBJ;
@@ -1149,6 +1160,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
           list = sexp_find_token (ldata, "random-override", 0);
           if (list)
             {
+              if (fips_mode ())
+                {
+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+                    {
+                      sexp_release (list);
+                      rc = GPG_ERR_INV_FLAG;
+                      goto leave;
+                    }
+                  else
+                    fips_service_indicator_mark_non_compliant ();
+                }
               s = sexp_nth_data (list, 1, &n);
               if (!s)
                 rc = GPG_ERR_NO_OBJ;
@@ -1248,6 +1270,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
       list = sexp_find_token (ldata, "random-override", 0);
       if (list)
         {
+          if (fips_mode ())
+            {
+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+                {
+                  sexp_release (list);
+                  rc = GPG_ERR_INV_FLAG;
+                  goto leave;
+                }
+              else
+                fips_service_indicator_mark_non_compliant ();
+            }
           s = sexp_nth_data (list, 1, &n);
           if (!s)
             rc = GPG_ERR_NO_OBJ;
diff --git a/src/visibility.c b/src/visibility.c
index 4134446a..ccd0de69 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -1085,6 +1085,18 @@ gcry_pk_hash_verify (gcry_sexp_t sigval, const char *data_tmpl, gcry_sexp_t pkey
 gcry_error_t
 gcry_pk_random_override_new (gcry_ctx_t *r_ctx, const unsigned char *p, size_t len)
 {
+  if (!fips_is_operational ())
+    return gpg_error (fips_not_operational ());
+  fips_service_indicator_init ();
+
+  if (fips_mode ())
+    {
+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+        return gpg_error (GPG_ERR_INV_OP);
+      else
+        fips_service_indicator_mark_non_compliant ();
+    }
+
   return gpg_error (_gcry_pk_single_data_push (r_ctx, p, len));
 }
 
-- 
2.49.0