From 0e881212897a22340df8fae076ae803081e662be6e973d67e7fdf9f0e84d35cc Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Thu, 14 Nov 2024 09:41:10 +0000 Subject: [PATCH] - Update to 3.8.8: - libgnutls: Experimental support for X25519MLKEM768 and SecP256r1MLKEM768 key exchange in TLS 1.3: The support for post-quantum key exchanges has been extended to cover the final standard of ML-KEM, following draft-kwiatkowski-tls-ecdhe-mlkem. The minimum supported version of liboqs is bumped to 0.11.0. - libgnutls: All records included in an OCSP response are now checked in TLS: Previously, when multiple records are provided in a single OCSP response, only the first record was considered; now all those records are examined until the server certificate matches. - libgnutls: Handling of malformed compress_certificate extension is now more standard compliant: The server behavior of receiving a malformed compress_certificate extension now more strictly follows RFC 8879; return illegal_parameter alert instead of bad_certificate, as well as overlong extension data is properly rejected. - build: More flexible library linking options for compression libraries, TPM, and liboqs support: The configure options, --with-zstd, --with-brotli, --with-zlib, --with-tpm2, and --with-liboqs now take 4 states: yes/link/dlopen/no, to specify how the libraries are linked or loaded. * Rebase gnutls-FIPS-140-3-references.patch - FIPS: Allow to perform the integrity check with the hmac provided by each library [bsc#1226724] * Rebase gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=117 --- gnutls-3.8.7.1.tar.xz | 3 - gnutls-3.8.7.1.tar.xz.sig | Bin 580 -> 0 bytes gnutls-3.8.8.tar.xz | 3 + gnutls-3.8.8.tar.xz.sig | Bin 0 -> 580 bytes gnutls-FIPS-140-3-references.patch | 356 +++++++++++----------- gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch | 221 +++++++------- gnutls.changes | 32 ++ gnutls.spec | 6 +- 8 files changed, 328 insertions(+), 293 deletions(-) delete mode 100644 gnutls-3.8.7.1.tar.xz delete mode 100644 gnutls-3.8.7.1.tar.xz.sig create mode 100644 gnutls-3.8.8.tar.xz create mode 100644 gnutls-3.8.8.tar.xz.sig diff --git a/gnutls-3.8.7.1.tar.xz b/gnutls-3.8.7.1.tar.xz deleted file mode 100644 index fc725d1..0000000 --- a/gnutls-3.8.7.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9ca0ddaccce28a74fa18d738744190afb3b0daebef74e6ad686bf7bef99abd60 -size 6695404 diff --git a/gnutls-3.8.7.1.tar.xz.sig b/gnutls-3.8.7.1.tar.xz.sig deleted file mode 100644 index 6149045d441ec74ae3ce0a078f3ee7bf6f51cec22b8619c7a63addfaccceee82..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 580 zcmV-K0=xZ*0zm`-0SEvq79j*iA|=DLZ#0LW$VqJ01%!^*=9qB>0%pC}lMNhoWo~ak zXKr;aZ*pe<3JDO_1%!^*=9qC_n-Bny*~}TtiPvR6BX}PgrR#gRPlRn0w5bpcY)lJ0-PI#i4 z;nA(;zFZV=0O&o{^C~q9(?ZJ)Wwm?izkHO3e3&3Q3T3E>9X+nTVP+6dX?UAT2^TSL+yd=L`>}*&74uOh zj}4jRwb%4|!HzDT`&v!t<_t+H!R_YWE-`oO(7uH{<-7bmMfTt)3uuaKX`NrOz1|+9 zd1%n6)1hw8!af3+%Qg1ESDi{F#d5Lm&tM diff --git a/gnutls-3.8.8.tar.xz b/gnutls-3.8.8.tar.xz new file mode 100644 index 0000000..a4530d3 --- /dev/null +++ b/gnutls-3.8.8.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ac4f020e583880b51380ed226e59033244bc536cad2623f2e26f5afa2939d8fb +size 6696460 diff --git a/gnutls-3.8.8.tar.xz.sig b/gnutls-3.8.8.tar.xz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..d353d7e0f26281a8da374e557e2dfa640030cca940a3257aced06f02c76b130f GIT binary patch literal 580 zcmV-K0=xZ*0zm`-0SEvq79j*iA|=DLZ#0LW$VqJ01%!^*=9qB>0%s|T2n`%{Wo~ak zXKr;aZ*pe<3JDO_1%!^*=9qElb`Sr5W?CyG;^6S|h3W5*oo3+15H$kL2QQgLBQr7p zJCF{7&!EgMkHt_((l*CtrLGpXatSbsYq-+-OL4+hLd!v-?F`b8K(?R~Qd74VtGPWc zGhg1TirSY+ywPI9T%}J7hvP8fuY0WPbd3yoyB^$u@Lfd6R0FB<0nb{GmAz0tU^j5x zGyz8y%>b5b%y`ALgWpM>r~D-BSfwT!DPq4{DdseUy%m}j@wiLNdSmzRW}H3_+-xkS zxe+SNXU2$#x}(%i?WlmMj!k@D4A{EMiiuy|CA18L4c?x!wxg1e*~*x1otxS69)emh z9UAw~Vy5iGS)un2@vZE#&iySqIzwpsHdu?}7VVOO2du9RK~;vBXR!SSUe*+bL6$6^ z;TTur2IqgDg*G<5Co-8seB5VGb%|u?P z|5)qeDluTU7QmHj`RoGMA@HWOEqz}6`FrRYW-%5=#Y#q+gQzW2io6@VCd$&sgr?{9 zG+A(hxt=cDl8p?2eXHtYT`ZbX;TWX`fC2TXvsfASF}w!s&|(((oyapzS_xG=YcPZO zFEKFYGsnpsdtuGq**D^2bY{O=-h)@xZxCurKW@{`=LpRNe^$1!=_Dl4a}iCNoi1ll S$^<0JK>*=Arp+a=+ENl6G#h9D literal 0 HcmV?d00001 diff --git a/gnutls-FIPS-140-3-references.patch b/gnutls-FIPS-140-3-references.patch index 1ecad74..d42f506 100644 --- a/gnutls-FIPS-140-3-references.patch +++ b/gnutls-FIPS-140-3-references.patch @@ -1,7 +1,7 @@ -Index: gnutls-3.8.7/configure.ac +Index: gnutls-3.8.8/configure.ac =================================================================== ---- gnutls-3.8.7.orig/configure.ac -+++ gnutls-3.8.7/configure.ac +--- gnutls-3.8.8.orig/configure.ac ++++ gnutls-3.8.8/configure.ac @@ -624,19 +624,19 @@ LT_INIT([disable-static,win32-dll,shared AC_LIB_HAVE_LINKFLAGS(dl,, [#include ], [dladdr (0, 0);]) @@ -25,10 +25,10 @@ Index: gnutls-3.8.7/configure.ac AC_ARG_WITH(fips140-module-name, AS_HELP_STRING([--with-fips140-module-name], [specify the FIPS140 module name]), -Index: gnutls-3.8.7/doc/cha-gtls-app.texi +Index: gnutls-3.8.8/doc/cha-gtls-app.texi =================================================================== ---- gnutls-3.8.7.orig/doc/cha-gtls-app.texi -+++ gnutls-3.8.7/doc/cha-gtls-app.texi +--- gnutls-3.8.8.orig/doc/cha-gtls-app.texi ++++ gnutls-3.8.8/doc/cha-gtls-app.texi @@ -222,7 +222,7 @@ CPU. The currently available options are @end itemize @@ -38,10 +38,10 @@ Index: gnutls-3.8.7/doc/cha-gtls-app.texi if set to one it will force the FIPS mode enablement. @end multitable -Index: gnutls-3.8.7/doc/cha-internals.texi +Index: gnutls-3.8.8/doc/cha-internals.texi =================================================================== ---- gnutls-3.8.7.orig/doc/cha-internals.texi -+++ gnutls-3.8.7/doc/cha-internals.texi +--- gnutls-3.8.8.orig/doc/cha-internals.texi ++++ gnutls-3.8.8/doc/cha-internals.texi @@ -14,7 +14,7 @@ happens inside the black box. * TLS Hello Extension Handling:: * Cryptographic Backend:: @@ -162,11 +162,11 @@ Index: gnutls-3.8.7/doc/cha-internals.texi operation. It can be attached to the current execution thread with @funcref{gnutls_fips140_push_context} and its internal state will be updated until it is detached with -Index: gnutls-3.8.7/doc/enums.texi +Index: gnutls-3.8.8/doc/enums.texi =================================================================== ---- gnutls-3.8.7.orig/doc/enums.texi -+++ gnutls-3.8.7/doc/enums.texi -@@ -1204,7 +1204,7 @@ application traffic secret is installed +--- gnutls-3.8.8.orig/doc/enums.texi ++++ gnutls-3.8.8/doc/enums.texi +@@ -1210,7 +1210,7 @@ application traffic secret is installed @c gnutls_fips_mode_t @table @code @item GNUTLS_@-FIPS140_@-DISABLED @@ -175,7 +175,7 @@ Index: gnutls-3.8.7/doc/enums.texi @item GNUTLS_@-FIPS140_@-STRICT The default mode; all forbidden operations will cause an operation failure via error code. -@@ -1212,8 +1212,8 @@ operation failure via error code. +@@ -1218,8 +1218,8 @@ operation failure via error code. A transient state during library initialization. That state cannot be set or seen by applications. @item GNUTLS_@-FIPS140_@-LAX @@ -186,10 +186,10 @@ Index: gnutls-3.8.7/doc/enums.texi application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.8.7/doc/functions/gnutls_fips140_set_mode +Index: gnutls-3.8.8/doc/functions/gnutls_fips140_set_mode =================================================================== ---- gnutls-3.8.7.orig/doc/functions/gnutls_fips140_set_mode -+++ gnutls-3.8.7/doc/functions/gnutls_fips140_set_mode +--- gnutls-3.8.8.orig/doc/functions/gnutls_fips140_set_mode ++++ gnutls-3.8.8/doc/functions/gnutls_fips140_set_mode @@ -3,7 +3,7 @@ @@ -215,10 +215,10 @@ Index: gnutls-3.8.7/doc/functions/gnutls_fips140_set_mode values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.8.7/doc/gnutls.html +Index: gnutls-3.8.8/doc/gnutls.html =================================================================== ---- gnutls-3.8.7.orig/doc/gnutls.html -+++ gnutls-3.8.7/doc/gnutls.html +--- gnutls-3.8.8.orig/doc/gnutls.html ++++ gnutls-3.8.8/doc/gnutls.html @@ -485,7 +485,7 @@ Documentation License”.
  • 11.4 TLS Extension Handling
  • 11.5 Cryptographic Backend
    • @@ -237,7 +237,7 @@ Index: gnutls-3.8.7/doc/gnutls.html if set to one it will force the FIPS mode enablement. -@@ -18448,7 +18448,7 @@ None: +@@ -18452,7 +18452,7 @@ None: --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library - file must pre-exist @@ -246,7 +246,7 @@ Index: gnutls-3.8.7/doc/gnutls.html --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -@@ -19468,7 +19468,7 @@ happens inside the black box. +@@ -19472,7 +19472,7 @@ happens inside the black box.
  • TLS Extension Handling
  • Cryptographic Backend
  • Random Number Generators
    • @@ -255,7 +255,7 @@ Index: gnutls-3.8.7/doc/gnutls.html
    @@ -302,7 +302,7 @@ Index: gnutls-3.8.7/doc/gnutls.html as follows.

      -@@ -20162,12 +20162,12 @@ as follows. +@@ -20166,12 +20166,12 @@ as follows.
    • Algorithm self-tests are run on library load
    @@ -318,7 +318,7 @@ Index: gnutls-3.8.7/doc/gnutls.html
  • Any cryptographic operation will be refused if any of the self-tests failed
    • -@@ -20176,7 +20176,7 @@ modified as follows. +@@ -20180,7 +20180,7 @@ modified as follows. environment variable GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS will disable the library integrity tests on startup, and the variable GNUTLS_FORCE_FIPS_MODE can be set to force a value from @@ -327,7 +327,7 @@ Index: gnutls-3.8.7/doc/gnutls.html mode, while ’0’ will disable it.

    The integrity checks for the dependent libraries and GnuTLS are performed -@@ -20184,13 +20184,13 @@ using ’.hmac’ files which ar +@@ -20188,13 +20188,13 @@ using ’.hmac’ files which ar key for the operations can be provided on compile-time with the configure option ’–with-fips140-key’. The MAC algorithm used is HMAC-SHA256.

    @@ -344,7 +344,7 @@ Index: gnutls-3.8.7/doc/gnutls.html the application can relax these requirements via gnutls_fips140_set_mode which can switch to alternative modes as in Figure 11.5.

    -@@ -20199,7 +20199,7 @@ which can switch to alternative modes as +@@ -20203,7 +20203,7 @@ which can switch to alternative modes as
    GNUTLS_FIPS140_DISABLED
    @@ -353,7 +353,7 @@ Index: gnutls-3.8.7/doc/gnutls.html

    GNUTLS_FIPS140_STRICT

    The default mode; all forbidden operations will cause an -@@ -20210,8 +20210,8 @@ operation failure via error code. +@@ -20214,8 +20214,8 @@ operation failure via error code. cannot be set or seen by applications.

    GNUTLS_FIPS140_LAX
    @@ -364,7 +364,7 @@ Index: gnutls-3.8.7/doc/gnutls.html application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility).

    -@@ -20222,7 +20222,7 @@ to a message to the audit callback funct +@@ -20226,7 +20226,7 @@ to a message to the audit callback funct

    Figure 11.5: The gnutls_fips_mode_t enumeration.

    The intention of this API is to be used by applications which may run in @@ -373,7 +373,7 @@ Index: gnutls-3.8.7/doc/gnutls.html e.g., for non-security related purposes. In these cases applications should wrap the non-compliant code within blocks like the following.

    -@@ -20251,9 +20251,9 @@ if (gnutls_fips140_mode_enabled()) +@@ -20255,9 +20255,9 @@ if (gnutls_fips140_mode_enabled())

    The reason of the GNUTLS_FIPS140_SET_MODE_THREAD flag in the previous calls is to localize the change in the mode. Note also, that such a block has no effect when the library is not operating @@ -385,7 +385,7 @@ Index: gnutls-3.8.7/doc/gnutls.html 

    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0);
    -@@ -20276,7 +20276,7 @@ performed within a given context. +@@ -20280,7 +20280,7 @@ performed within a given context.
    int gnutls_fips140_pop_context ( void)
    @@ -394,7 +394,7 @@ Index: gnutls-3.8.7/doc/gnutls.html operation. It can be attached to the current execution thread with gnutls_fips140_push_context and its internal state will be updated until it is detached with -@@ -20649,8 +20649,8 @@ Previous: @@ -405,7 +405,7 @@ Index: gnutls-3.8.7/doc/gnutls.html

    -@@ -24567,7 +24567,7 @@ unusable. This function is not thread-s +@@ -24575,7 +24575,7 @@ unusable. This function is not thread-s

    gnutls_fips140_set_mode

    Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t mode, unsigned flags)
    @@ -414,7 +414,7 @@ Index: gnutls-3.8.7/doc/gnutls.html

    flags: should be zero or GNUTLS_FIPS140_SET_MODE_THREAD

    -@@ -24576,13 +24576,13 @@ unusable. This function is not thread-s +@@ -24584,13 +24584,13 @@ unusable. This function is not thread-s behavior with no flags after threads are created is undefined.

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -430,7 +430,7 @@ Index: gnutls-3.8.7/doc/gnutls.html values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library switches to GNUTLS_FIPS140_STRICT mode.

    -@@ -47003,7 +47003,7 @@ Next: gnutls_fingerprintCore TLS API gnutls_fips140_context_deinitCore TLS API gnutls_fips140_context_initCore TLS API @@ -439,11 +439,11 @@ Index: gnutls-3.8.7/doc/gnutls.html gnutls_fips140_get_operation_stateCore TLS API gnutls_fips140_mode_enabledCore TLS API gnutls_fips140_pop_contextCore TLS API -Index: gnutls-3.8.7/doc/gnutls.info-3 +Index: gnutls-3.8.8/doc/gnutls.info-3 =================================================================== ---- gnutls-3.8.7.orig/doc/gnutls.info-3 -+++ gnutls-3.8.7/doc/gnutls.info-3 -@@ -2104,7 +2104,7 @@ to ‘more’. Both will exit with a st +--- gnutls-3.8.8.orig/doc/gnutls.info-3 ++++ gnutls-3.8.8/doc/gnutls.info-3 +@@ -2108,7 +2108,7 @@ to ‘more’. Both will exit with a st --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library - file must pre-exist @@ -452,7 +452,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -@@ -3257,7 +3257,7 @@ to know what happens inside the black bo +@@ -3261,7 +3261,7 @@ to know what happens inside the black bo * TLS Hello Extension Handling:: * Cryptographic Backend:: * Random Number Generators-internals:: @@ -461,7 +461,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3  File: gnutls.info, Node: The TLS Protocol, Next: TLS Handshake Protocol, Up: Internal architecture of GnuTLS -@@ -3785,7 +3785,7 @@ and abstract key types::. +@@ -3789,7 +3789,7 @@ and abstract key types::. kernel implementation of ‘/dev/crypto’.  @@ -470,7 +470,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 11.6 Random Number Generators ============================= -@@ -3795,7 +3795,7 @@ About the generators +@@ -3799,7 +3799,7 @@ About the generators GnuTLS provides two random generators. The default, and the AES-DRBG random generator which is only used when the library is compiled with @@ -479,7 +479,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 The default generator - inner workings -------------------------------------- -@@ -4026,7 +4026,7 @@ in *note Figure 11.5: gnutls_fips_mode_t +@@ -4030,7 +4030,7 @@ in *note Figure 11.5: gnutls_fips_mode_t Figure 11.5: The ‘gnutls_fips_mode_t’ enumeration. The intention of this API is to be used by applications which may run in @@ -488,7 +488,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 set, e.g., for non-security related purposes. In these cases applications should wrap the non-compliant code within blocks like the following. -@@ -4050,10 +4050,10 @@ are macros to simplify the following seq +@@ -4054,10 +4054,10 @@ are macros to simplify the following seq The reason of the ‘GNUTLS_FIPS140_SET_MODE_THREAD’ flag in the previous calls is to localize the change in the mode. Note also, that such a @@ -501,7 +501,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0); Service indicator -@@ -4535,8 +4535,8 @@ There are certifications from national o +@@ -4539,8 +4539,8 @@ There are certifications from national o practices, such as unit testing and reliance on well known crypto primitives. @@ -512,7 +512,7 @@ Index: gnutls-3.8.7/doc/gnutls.info-3  File: gnutls.info, Node: Error codes, Next: Supported ciphersuites, Prev: Support, Up: Top -@@ -9007,7 +9007,7 @@ gnutls_fips140_set_mode +@@ -9015,7 +9015,7 @@ gnutls_fips140_set_mode -- Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t MODE, unsigned FLAGS) @@ -521,10 +521,10 @@ Index: gnutls-3.8.7/doc/gnutls.info-3 FLAGS: should be zero or ‘GNUTLS_FIPS140_SET_MODE_THREAD’ -Index: gnutls-3.8.7/doc/invoke-gnutls-cli.texi +Index: gnutls-3.8.8/doc/invoke-gnutls-cli.texi =================================================================== ---- gnutls-3.8.7.orig/doc/invoke-gnutls-cli.texi -+++ gnutls-3.8.7/doc/invoke-gnutls-cli.texi +--- gnutls-3.8.8.orig/doc/invoke-gnutls-cli.texi ++++ gnutls-3.8.8/doc/invoke-gnutls-cli.texi @@ -102,7 +102,7 @@ None: --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library @@ -534,10 +534,10 @@ Index: gnutls-3.8.7/doc/invoke-gnutls-cli.texi --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -Index: gnutls-3.8.7/doc/manpages/gnutls-cli.1 +Index: gnutls-3.8.8/doc/manpages/gnutls-cli.1 =================================================================== ---- gnutls-3.8.7.orig/doc/manpages/gnutls-cli.1 -+++ gnutls-3.8.7/doc/manpages/gnutls-cli.1 +--- gnutls-3.8.8.orig/doc/manpages/gnutls-cli.1 ++++ gnutls-3.8.8/doc/manpages/gnutls-cli.1 @@ -398,7 +398,7 @@ Specify the PKCS #11 provider library. This will override the default options in /etc/gnutls/pkcs11.conf .TP @@ -547,11 +547,11 @@ Index: gnutls-3.8.7/doc/manpages/gnutls-cli.1 .sp .TP .NOP \f\*[B-Font]\-\-list\-config\f[] -Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html +Index: gnutls-3.8.8/doc/reference/html/gnutls-gnutls.html =================================================================== ---- gnutls-3.8.7.orig/doc/reference/html/gnutls-gnutls.html -+++ gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html -@@ -20870,12 +20870,12 @@ gnutls_fips140_set_mode (

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -566,7 +566,7 @@ Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library switches to GNUTLS_FIPS140_STRICT mode.

    -@@ -20890,7 +20890,7 @@ switches to

    mode

    @@ -575,7 +575,7 @@ Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html   -@@ -25950,7 +25950,7 @@ encryption

    +@@ -25969,7 +25969,7 @@ encryption

    enum gnutls_fips_mode_t

    @@ -584,7 +584,7 @@ Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html

    Members

    -@@ -25963,7 +25963,7 @@ encryption

    +@@ -25982,7 +25982,7 @@ encryption

    -@@ -25986,8 +25986,8 @@ operation failure via error code.

    +@@ -26005,8 +26005,8 @@ operation failure via error code.

    -@@ -27627,4 +27627,4 @@ This is used by
    Generated by GTK-Doc V1.34.0 - \ No newline at end of file + -Index: gnutls-3.8.7/lib/fips.c +Index: gnutls-3.8.8/lib/fips.c =================================================================== ---- gnutls-3.8.7.orig/lib/fips.c -+++ gnutls-3.8.7/lib/fips.c +--- gnutls-3.8.8.orig/lib/fips.c ++++ gnutls-3.8.8/lib/fips.c @@ -121,7 +121,7 @@ unsigned _gnutls_fips_mode_enabled(void) } @@ -633,7 +633,7 @@ Index: gnutls-3.8.7/lib/fips.c ret = GNUTLS_FIPS140_SELFTESTS; goto exit; } -@@ -724,7 +724,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -740,7 +740,7 @@ unsigned gnutls_fips140_mode_enabled(voi /** * gnutls_fips140_set_mode: @@ -642,7 +642,7 @@ Index: gnutls-3.8.7/lib/fips.c * @flags: should be zero or %GNUTLS_FIPS140_SET_MODE_THREAD * * That function is not thread-safe when changing the mode with no flags -@@ -732,13 +732,13 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -748,13 +748,13 @@ unsigned gnutls_fips140_mode_enabled(voi * behavior with no flags after threads are created is undefined. * * When the flag %GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -658,7 +658,7 @@ Index: gnutls-3.8.7/lib/fips.c * values for @mode or to %GNUTLS_FIPS140_SELFTESTS mode, the library * switches to %GNUTLS_FIPS140_STRICT mode. * -@@ -750,10 +750,10 @@ void gnutls_fips140_set_mode(gnutls_fips +@@ -766,10 +766,10 @@ void gnutls_fips140_set_mode(gnutls_fips gnutls_fips_mode_t prev = _gnutls_fips_mode_enabled(); if (prev == GNUTLS_FIPS140_DISABLED || prev == GNUTLS_FIPS140_SELFTESTS) { @@ -671,7 +671,7 @@ Index: gnutls-3.8.7/lib/fips.c return; } -@@ -766,7 +766,7 @@ void gnutls_fips140_set_mode(gnutls_fips +@@ -782,7 +782,7 @@ void gnutls_fips140_set_mode(gnutls_fips case GNUTLS_FIPS140_SELFTESTS: _gnutls_audit_log( NULL, @@ -680,7 +680,7 @@ Index: gnutls-3.8.7/lib/fips.c mode = GNUTLS_FIPS140_STRICT; break; default: -@@ -942,7 +942,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -958,7 +958,7 @@ void _gnutls_switch_fips_state(gnutls_fi } if (!_tfips_context) { @@ -689,7 +689,7 @@ Index: gnutls-3.8.7/lib/fips.c return; } -@@ -956,7 +956,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -972,7 +972,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -698,7 +698,7 @@ Index: gnutls-3.8.7/lib/fips.c operation_state_to_string(state)); } _tfips_context->state = state; -@@ -967,7 +967,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -983,7 +983,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -707,7 +707,7 @@ Index: gnutls-3.8.7/lib/fips.c operation_state_to_string(state)); } _tfips_context->state = state; -@@ -979,7 +979,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -995,7 +995,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -716,7 +716,7 @@ Index: gnutls-3.8.7/lib/fips.c operation_state_to_string( _tfips_context->state), operation_state_to_string(state)); -@@ -1041,7 +1041,7 @@ int gnutls_fips140_run_self_tests(void) +@@ -1057,7 +1057,7 @@ int gnutls_fips140_run_self_tests(void) ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log(NULL, @@ -725,7 +725,7 @@ Index: gnutls-3.8.7/lib/fips.c } else { /* Restore the previous library state */ _gnutls_switch_lib_state(prev_lib_state); -@@ -1053,7 +1053,7 @@ int gnutls_fips140_run_self_tests(void) +@@ -1069,7 +1069,7 @@ int gnutls_fips140_run_self_tests(void) if (gnutls_fips140_pop_context() < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log( @@ -734,10 +734,10 @@ Index: gnutls-3.8.7/lib/fips.c } gnutls_fips140_context_deinit(fips_context); } -Index: gnutls-3.8.7/lib/fips.h +Index: gnutls-3.8.8/lib/fips.h =================================================================== ---- gnutls-3.8.7.orig/lib/fips.h -+++ gnutls-3.8.7/lib/fips.h +--- gnutls-3.8.8.orig/lib/fips.h ++++ gnutls-3.8.8/lib/fips.h @@ -163,7 +163,7 @@ is_cipher_algo_allowed_in_fips(gnutls_ci } @@ -778,10 +778,10 @@ Index: gnutls-3.8.7/lib/fips.h gnutls_cipher_get_name(algo)); FALLTHROUGH; case GNUTLS_FIPS140_DISABLED: -Index: gnutls-3.8.7/lib/global.c +Index: gnutls-3.8.8/lib/global.c =================================================================== ---- gnutls-3.8.7.orig/lib/global.c -+++ gnutls-3.8.7/lib/global.c +--- gnutls-3.8.8.orig/lib/global.c ++++ gnutls-3.8.8/lib/global.c @@ -339,12 +339,12 @@ static int _gnutls_global_init(unsigned #ifdef ENABLE_FIPS140 @@ -815,11 +815,11 @@ Index: gnutls-3.8.7/lib/global.c if (res != 2) { gnutls_assert(); goto out; -Index: gnutls-3.8.7/lib/includes/gnutls/gnutls.h.in +Index: gnutls-3.8.8/lib/includes/gnutls/gnutls.h.in =================================================================== ---- gnutls-3.8.7.orig/lib/includes/gnutls/gnutls.h.in -+++ gnutls-3.8.7/lib/includes/gnutls/gnutls.h.in -@@ -3213,16 +3213,16 @@ typedef int (*gnutls_alert_read_func)(gn +--- gnutls-3.8.8.orig/lib/includes/gnutls/gnutls.h.in ++++ gnutls-3.8.8/lib/includes/gnutls/gnutls.h.in +@@ -3216,16 +3216,16 @@ typedef int (*gnutls_alert_read_func)(gn void gnutls_alert_set_read_function(gnutls_session_t session, gnutls_alert_read_func func); @@ -840,7 +840,7 @@ Index: gnutls-3.8.7/lib/includes/gnutls/gnutls.h.in * application is aware of the followed security policy, and needs * to utilize disallowed operations for other reasons (e.g., compatibility). * @GNUTLS_FIPS140_LOG: Similarly to %GNUTLS_FIPS140_LAX, it allows forbidden operations; any use of them results -@@ -3230,7 +3230,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -3233,7 +3233,7 @@ unsigned gnutls_fips140_mode_enabled(voi * @GNUTLS_FIPS140_SELFTESTS: A transient state during library initialization. That state * cannot be set or seen by applications. * @@ -849,10 +849,10 @@ Index: gnutls-3.8.7/lib/includes/gnutls/gnutls.h.in */ typedef enum gnutls_fips_mode_t { GNUTLS_FIPS140_DISABLED = 0, -Index: gnutls-3.8.7/src/cli.c +Index: gnutls-3.8.8/src/cli.c =================================================================== ---- gnutls-3.8.7.orig/src/cli.c -+++ gnutls-3.8.7/src/cli.c +--- gnutls-3.8.8.orig/src/cli.c ++++ gnutls-3.8.8/src/cli.c @@ -1635,10 +1635,10 @@ static void cmd_parser(int argc, char ** if (HAVE_OPT(FIPS140_MODE)) { @@ -866,10 +866,10 @@ Index: gnutls-3.8.7/src/cli.c exit(1); } -Index: gnutls-3.8.7/src/gnutls-cli-options.c +Index: gnutls-3.8.8/src/gnutls-cli-options.c =================================================================== ---- gnutls-3.8.7.orig/src/gnutls-cli-options.c -+++ gnutls-3.8.7/src/gnutls-cli-options.c +--- gnutls-3.8.8.orig/src/gnutls-cli-options.c ++++ gnutls-3.8.8/src/gnutls-cli-options.c @@ -843,7 +843,7 @@ usage (FILE *out, int status) " --inline-commands-prefix=str Change the default delimiter for inline commands\n" " --provider=file Specify the PKCS #11 provider library\n" @@ -879,10 +879,10 @@ Index: gnutls-3.8.7/src/gnutls-cli-options.c " --list-config Reports the configuration of the library\n" " --logfile=str Redirect informational messages to a specific file\n" " --keymatexport=str Label used for exporting keying material\n" -Index: gnutls-3.8.7/tests/cert-tests/gost.sh +Index: gnutls-3.8.8/tests/cert-tests/gost.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/gost.sh -+++ gnutls-3.8.7/tests/cert-tests/gost.sh +--- gnutls-3.8.8.orig/tests/cert-tests/gost.sh ++++ gnutls-3.8.8/tests/cert-tests/gost.sh @@ -38,7 +38,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -892,10 +892,10 @@ Index: gnutls-3.8.7/tests/cert-tests/gost.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs12-corner-cases.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs12-corner-cases.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs12-corner-cases.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs12-corner-cases.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs12-corner-cases.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs12-corner-cases.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -905,10 +905,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs12-corner-cases.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs12-encode.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs12-encode.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs12-encode.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs12-encode.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs12-encode.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs12-encode.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -918,10 +918,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs12-encode.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs12-gost.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs12-gost.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs12-gost.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs12-gost.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs12-gost.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs12-gost.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -931,10 +931,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs12-gost.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs12.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs12.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs12.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs12.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs12.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs12.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -944,10 +944,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs12.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs8-decode.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs8-decode.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs8-decode.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs8-decode.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs8-decode.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs8-decode.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -957,10 +957,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs8-decode.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs8-eddsa.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs8-eddsa.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs8-eddsa.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs8-eddsa.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs8-eddsa.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs8-eddsa.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -970,10 +970,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs8-eddsa.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs8-gost.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs8-gost.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs8-gost.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs8-gost.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs8-gost.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs8-gost.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -983,10 +983,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs8-gost.sh exit 77 fi -Index: gnutls-3.8.7/tests/cert-tests/pkcs8.sh +Index: gnutls-3.8.8/tests/cert-tests/pkcs8.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cert-tests/pkcs8.sh -+++ gnutls-3.8.7/tests/cert-tests/pkcs8.sh +--- gnutls-3.8.8.orig/tests/cert-tests/pkcs8.sh ++++ gnutls-3.8.8/tests/cert-tests/pkcs8.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -996,10 +996,10 @@ Index: gnutls-3.8.7/tests/cert-tests/pkcs8.sh exit 77 fi -Index: gnutls-3.8.7/tests/cipher-listings.sh +Index: gnutls-3.8.8/tests/cipher-listings.sh =================================================================== ---- gnutls-3.8.7.orig/tests/cipher-listings.sh -+++ gnutls-3.8.7/tests/cipher-listings.sh +--- gnutls-3.8.8.orig/tests/cipher-listings.sh ++++ gnutls-3.8.8/tests/cipher-listings.sh @@ -63,7 +63,7 @@ check() ${CLI} --fips140-mode @@ -1009,10 +1009,10 @@ Index: gnutls-3.8.7/tests/cipher-listings.sh exit 77 fi -Index: gnutls-3.8.7/tests/testpkcs11.sh +Index: gnutls-3.8.8/tests/testpkcs11.sh =================================================================== ---- gnutls-3.8.7.orig/tests/testpkcs11.sh -+++ gnutls-3.8.7/tests/testpkcs11.sh +--- gnutls-3.8.8.orig/tests/testpkcs11.sh ++++ gnutls-3.8.8/tests/testpkcs11.sh @@ -26,7 +26,7 @@ RETCODE=0 @@ -1022,10 +1022,10 @@ Index: gnutls-3.8.7/tests/testpkcs11.sh exit 77 fi -Index: gnutls-3.8.7/doc/enums/gnutls_fips_mode_t +Index: gnutls-3.8.8/doc/enums/gnutls_fips_mode_t =================================================================== ---- gnutls-3.8.7.orig/doc/enums/gnutls_fips_mode_t -+++ gnutls-3.8.7/doc/enums/gnutls_fips_mode_t +--- gnutls-3.8.8.orig/doc/enums/gnutls_fips_mode_t ++++ gnutls-3.8.8/doc/enums/gnutls_fips_mode_t @@ -3,7 +3,7 @@ @c gnutls_fips_mode_t @table @code @@ -1046,11 +1046,11 @@ Index: gnutls-3.8.7/doc/enums/gnutls_fips_mode_t application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.8.7/doc/gnutls-api.texi +Index: gnutls-3.8.8/doc/gnutls-api.texi =================================================================== ---- gnutls-3.8.7.orig/doc/gnutls-api.texi -+++ gnutls-3.8.7/doc/gnutls-api.texi -@@ -3275,7 +3275,7 @@ unusable. This function is not thread-s +--- gnutls-3.8.8.orig/doc/gnutls-api.texi ++++ gnutls-3.8.8/doc/gnutls-api.texi +@@ -3279,7 +3279,7 @@ unusable. This function is not thread-s @subheading gnutls_fips140_set_mode @anchor{gnutls_fips140_set_mode} @deftypefun {void} {gnutls_fips140_set_mode} (gnutls_fips_mode_t @var{mode}, unsigned @var{flags}) @@ -1059,7 +1059,7 @@ Index: gnutls-3.8.7/doc/gnutls-api.texi @var{flags}: should be zero or @code{GNUTLS_FIPS140_SET_MODE_THREAD} -@@ -3284,13 +3284,13 @@ That function is not thread-safe when ch +@@ -3288,13 +3288,13 @@ That function is not thread-safe when ch behavior with no flags after threads are created is undefined. When the flag @code{GNUTLS_FIPS140_SET_MODE_THREAD} is specified @@ -1075,10 +1075,10 @@ Index: gnutls-3.8.7/doc/gnutls-api.texi values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.8.7/lib/ext/session_ticket.c +Index: gnutls-3.8.8/lib/ext/session_ticket.c =================================================================== ---- gnutls-3.8.7.orig/lib/ext/session_ticket.c -+++ gnutls-3.8.7/lib/ext/session_ticket.c +--- gnutls-3.8.8.orig/lib/ext/session_ticket.c ++++ gnutls-3.8.8/lib/ext/session_ticket.c @@ -517,7 +517,7 @@ int gnutls_session_ticket_key_generate(g { if (_gnutls_fips_mode_enabled()) { @@ -1088,10 +1088,10 @@ Index: gnutls-3.8.7/lib/ext/session_ticket.c * some limits on allowed key size, thus it is not * used. These limits do not affect this function as * it does not generate a "key" but rather key material -Index: gnutls-3.8.7/lib/libgnutls.map +Index: gnutls-3.8.8/lib/libgnutls.map =================================================================== ---- gnutls-3.8.7.orig/lib/libgnutls.map -+++ gnutls-3.8.7/lib/libgnutls.map +--- gnutls-3.8.8.orig/lib/libgnutls.map ++++ gnutls-3.8.8/lib/libgnutls.map @@ -1459,7 +1459,7 @@ GNUTLS_FIPS140_3_4 { gnutls_hkdf_self_test; gnutls_pbkdf2_self_test; @@ -1101,11 +1101,11 @@ Index: gnutls-3.8.7/lib/libgnutls.map drbg_aes_reseed; drbg_aes_init; drbg_aes_generate; -Index: gnutls-3.8.7/lib/nettle/mac.c +Index: gnutls-3.8.8/lib/nettle/mac.c =================================================================== ---- gnutls-3.8.7.orig/lib/nettle/mac.c -+++ gnutls-3.8.7/lib/nettle/mac.c -@@ -270,7 +270,7 @@ static void _wrap_gmac_digest(void *_ctx +--- gnutls-3.8.8.orig/lib/nettle/mac.c ++++ gnutls-3.8.8/lib/nettle/mac.c +@@ -292,7 +292,7 @@ static void _wrap_gmac_digest(void *_ctx static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx) { @@ -1114,19 +1114,19 @@ Index: gnutls-3.8.7/lib/nettle/mac.c * gnutls_hash_init() and gnutls_hmac_init() */ ctx->set_nonce = NULL; -@@ -663,7 +663,7 @@ static void _md5_sha1_init(void *_ctx) +@@ -688,7 +688,7 @@ static void _md5_sha1_init(void *_ctx) static int _ctx_init(gnutls_digest_algorithm_t algo, struct nettle_hash_ctx *ctx) { - /* Any FIPS140-2 related enforcement is performed on + /* Any FIPS140-3 related enforcement is performed on * gnutls_hash_init() and gnutls_hmac_init() */ - switch (algo) { - case GNUTLS_DIG_MD5: -Index: gnutls-3.8.7/config.h.in + + ctx->finished = NULL; +Index: gnutls-3.8.8/config.h.in =================================================================== ---- gnutls-3.8.7.orig/config.h.in -+++ gnutls-3.8.7/config.h.in +--- gnutls-3.8.8.orig/config.h.in ++++ gnutls-3.8.8/config.h.in @@ -104,7 +104,7 @@ /* enable DHE */ #undef ENABLE_ECDHE @@ -1145,11 +1145,11 @@ Index: gnutls-3.8.7/config.h.in #undef FIPS_KEY /* The FIPS140 module name */ -Index: gnutls-3.8.7/configure +Index: gnutls-3.8.8/configure =================================================================== ---- gnutls-3.8.7.orig/configure -+++ gnutls-3.8.7/configure -@@ -4453,7 +4453,7 @@ Optional Features: +--- gnutls-3.8.8.orig/configure ++++ gnutls-3.8.8/configure +@@ -4455,7 +4455,7 @@ Optional Features: --enable-fast-install[=PKGS] optimize for fast installation [default=yes] --disable-libtool-lock avoid locking (might break parallel builds) @@ -1158,10 +1158,10 @@ Index: gnutls-3.8.7/configure --enable-strict-x509 enable stricter sanity checks for x509 certificates --disable-non-suiteb-curves disable curves not in SuiteB -Index: gnutls-3.8.7/doc/cha-support.texi +Index: gnutls-3.8.8/doc/cha-support.texi =================================================================== ---- gnutls-3.8.7.orig/doc/cha-support.texi -+++ gnutls-3.8.7/doc/cha-support.texi +--- gnutls-3.8.8.orig/doc/cha-support.texi ++++ gnutls-3.8.8/doc/cha-support.texi @@ -134,5 +134,5 @@ There are certifications from national o to an auditor that the crypto component follows some best practices, such as unit testing and reliance on well known crypto primitives. @@ -1170,10 +1170,10 @@ Index: gnutls-3.8.7/doc/cha-support.texi -See @ref{FIPS140-2 mode} for more information. +GnuTLS has support for the FIPS 140-3 certification under Red Hat Enterprise Linux. +See @ref{FIPS140-3 mode} for more information. -Index: gnutls-3.8.7/src/gnutls-cli-options.json +Index: gnutls-3.8.8/src/gnutls-cli-options.json =================================================================== ---- gnutls-3.8.7.orig/src/gnutls-cli-options.json -+++ gnutls-3.8.7/src/gnutls-cli-options.json +--- gnutls-3.8.8.orig/src/gnutls-cli-options.json ++++ gnutls-3.8.8/src/gnutls-cli-options.json @@ -384,7 +384,7 @@ }, { @@ -1183,10 +1183,10 @@ Index: gnutls-3.8.7/src/gnutls-cli-options.json }, { "long-option": "list-config", -Index: gnutls-3.8.7/tests/pkcs11-tool.sh +Index: gnutls-3.8.8/tests/pkcs11-tool.sh =================================================================== ---- gnutls-3.8.7.orig/tests/pkcs11-tool.sh -+++ gnutls-3.8.7/tests/pkcs11-tool.sh +--- gnutls-3.8.8.orig/tests/pkcs11-tool.sh ++++ gnutls-3.8.8/tests/pkcs11-tool.sh @@ -30,7 +30,7 @@ set -x : ${DIFF=diff} @@ -1196,10 +1196,10 @@ Index: gnutls-3.8.7/tests/pkcs11-tool.sh exit 77 fi -Index: gnutls-3.8.7/doc/manpages/gnutls_fips140_set_mode.3 +Index: gnutls-3.8.8/doc/manpages/gnutls_fips140_set_mode.3 =================================================================== ---- gnutls-3.8.7.orig/doc/manpages/gnutls_fips140_set_mode.3 -+++ gnutls-3.8.7/doc/manpages/gnutls_fips140_set_mode.3 +--- gnutls-3.8.8.orig/doc/manpages/gnutls_fips140_set_mode.3 ++++ gnutls-3.8.8/doc/manpages/gnutls_fips140_set_mode.3 @@ -8,7 +8,7 @@ gnutls_fips140_set_mode \- API function .BI "void gnutls_fips140_set_mode(gnutls_fips_mode_t " mode ", unsigned " flags ");" .SH ARGUMENTS @@ -1225,16 +1225,16 @@ Index: gnutls-3.8.7/doc/manpages/gnutls_fips140_set_mode.3 values for \fImode\fP or to \fBGNUTLS_FIPS140_SELFTESTS\fP mode, the library switches to \fBGNUTLS_FIPS140_STRICT\fP mode. .SH "SINCE" -Index: gnutls-3.8.7/doc/gnutls.info +Index: gnutls-3.8.8/doc/gnutls.info =================================================================== ---- gnutls-3.8.7.orig/doc/gnutls.info -+++ gnutls-3.8.7/doc/gnutls.info -@@ -619,7 +619,7 @@ Ref: fig-crypto-layers743524 - Ref: Cryptographic Backend-Footnote-1746831 - Ref: Cryptographic Backend-Footnote-2746916 - Node: Random Number Generators-internals747028 --Node: FIPS140-2 mode754484 -+Node: FIPS140-3 mode754484 - Ref: gnutls_fips_mode_t757148 - Node: Upgrading from previous versions760816 - Node: Support775054 +--- gnutls-3.8.8.orig/doc/gnutls.info ++++ gnutls-3.8.8/doc/gnutls.info +@@ -619,7 +619,7 @@ Ref: fig-crypto-layers743655 + Ref: Cryptographic Backend-Footnote-1746962 + Ref: Cryptographic Backend-Footnote-2747047 + Node: Random Number Generators-internals747159 +-Node: FIPS140-2 mode754615 ++Node: FIPS140-3 mode754615 + Ref: gnutls_fips_mode_t757279 + Node: Upgrading from previous versions760947 + Node: Support775185 diff --git a/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch b/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch index 71d6e2a..98c53aa 100644 --- a/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch +++ b/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch @@ -1,117 +1,120 @@ -Index: gnutls-3.8.7/lib/fips.c +Index: gnutls-3.8.8/lib/fips.c =================================================================== ---- gnutls-3.8.7.orig/lib/fips.c -+++ gnutls-3.8.7/lib/fips.c -@@ -177,20 +177,32 @@ struct hmac_entry { - struct hmac_file { - int version; - struct hmac_entry gnutls; -+#if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - struct hmac_entry nettle; - struct hmac_entry hogweed; - #ifdef GMP_LIBRARY_SONAME - struct hmac_entry gmp; - #endif -+#endif - }; - - struct lib_paths { - char gnutls[GNUTLS_PATH_MAX]; -+#if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - char nettle[GNUTLS_PATH_MAX]; - char hogweed[GNUTLS_PATH_MAX]; - #ifdef GMP_LIBRARY_SONAME - char gmp[GNUTLS_PATH_MAX]; - #endif -+#endif - }; +--- gnutls-3.8.8.orig/lib/fips.c ++++ gnutls-3.8.8/lib/fips.c +@@ -349,11 +349,90 @@ static int load_hmac_file(struct hmac_fi + } /* -@@ -250,6 +262,11 @@ static int handler(void *user, const cha - } - } else if (!strcmp(section, GNUTLS_LIBRARY_SONAME)) { - return lib_handler(&p->gnutls, section, name, value); -+#if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - } else if (!strcmp(section, NETTLE_LIBRARY_SONAME)) { - return lib_handler(&p->nettle, section, name, value); - } else if (!strcmp(section, HOGWEED_LIBRARY_SONAME)) { -@@ -258,6 +275,7 @@ static int handler(void *user, const cha - } else if (!strcmp(section, GMP_LIBRARY_SONAME)) { - return lib_handler(&p->gmp, section, name, value); - #endif -+#endif - } else { - return 0; - } -@@ -403,6 +422,11 @@ static int callback(struct dl_phdr_info - - if (!strcmp(soname, GNUTLS_LIBRARY_SONAME)) - _gnutls_str_cpy(paths->gnutls, GNUTLS_PATH_MAX, path); -+#if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - else if (!strcmp(soname, NETTLE_LIBRARY_SONAME)) - _gnutls_str_cpy(paths->nettle, GNUTLS_PATH_MAX, path); - else if (!strcmp(soname, HOGWEED_LIBRARY_SONAME)) -@@ -411,6 +435,7 @@ static int callback(struct dl_phdr_info - else if (!strcmp(soname, GMP_LIBRARY_SONAME)) - _gnutls_str_cpy(paths->gmp, GNUTLS_PATH_MAX, path); - #endif -+#endif - return 0; - } - -@@ -423,6 +448,11 @@ static int load_lib_paths(struct lib_pat - _gnutls_debug_log("Gnutls library path was not found\n"); - return gnutls_assert_val(GNUTLS_E_FILE_ERROR); - } -+#if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - if (paths->nettle[0] == '\0') { - _gnutls_debug_log("Nettle library path was not found\n"); - return gnutls_assert_val(GNUTLS_E_FILE_ERROR); -@@ -437,6 +467,7 @@ static int load_lib_paths(struct lib_pat - return gnutls_assert_val(GNUTLS_E_FILE_ERROR); - } - #endif -+#endif - - return GNUTLS_E_SUCCESS; - } -@@ -483,6 +514,11 @@ static int check_binary_integrity(void) - ret = check_lib_hmac(&hmac.gnutls, paths.gnutls); ++ * check_dep_lib_hmac: ++ * @path: path to the library which hmac should be compared ++ * ++ * Verify that HMAC of a given library matches the hmac in the file ++ * provided by the library, named: ..so..hmac. ++ * ++ * Returns: 0 on successful HMAC verification, a negative error code otherwise ++ */ ++static int check_dep_lib_hmac(const char *path) ++{ ++ int ret; ++ unsigned prev; ++ uint8_t hmac[HMAC_SIZE]; ++ gnutls_datum_t data; ++ char hmac_path[GNUTLS_PATH_MAX]; ++ uint8_t lib_hmac[HMAC_SIZE]; ++ size_t lib_hmac_size; ++ ++ _gnutls_debug_log("Loading: %s\n", path); ++ ret = gnutls_load_file(path, &data); ++ if (ret < 0) { ++ _gnutls_debug_log("Could not load %s: %s\n", path, ++ gnutls_strerror(ret)); ++ return gnutls_assert_val(ret); ++ } ++ ++ prev = _gnutls_get_lib_state(); ++ _gnutls_switch_lib_state(LIB_STATE_OPERATIONAL); ++ ret = gnutls_hmac_fast(HMAC_ALGO, FIPS_KEY, sizeof(FIPS_KEY) - 1, ++ data.data, data.size, hmac); ++ _gnutls_switch_lib_state(prev); ++ ++ gnutls_free(data.data); ++ if (ret < 0) { ++ _gnutls_debug_log("Could not calculate HMAC for %s: %s\n", path, ++ gnutls_strerror(ret)); ++ return gnutls_assert_val(ret); ++ } ++ ++ /* Check now the integrity of the hmac provided by the library */ ++ ret = get_hmac_path(hmac_path, sizeof(hmac_path), path); ++ if (ret < 0) { ++ _gnutls_debug_log("Could not get hmac file path: %s\n", ++ gnutls_strerror(ret)); ++ return ret; ++ } ++ _gnutls_debug_log("Loading: %s\n", hmac_path); ++ ret = gnutls_load_file(hmac_path, &data); ++ if (ret < 0) { ++ _gnutls_debug_log("Could not load %s: %s\n", hmac_path, ++ gnutls_strerror(ret)); ++ return gnutls_assert_val(ret); ++ } ++ lib_hmac_size = hex_data_size(data.size); ++ /* trim eventual newlines from the end of the data read from file */ ++ while ((data.size > 0) && (data.data[data.size - 1] == '\n')) { ++ data.data[data.size - 1] = 0; ++ data.size--; ++ } ++ ret = gnutls_hex_decode(&data, lib_hmac, &lib_hmac_size); ++ gnutls_free(data.data); ++ if (ret < 0) { ++ _gnutls_debug_log("Could not hex decode hmac\n"); ++ return gnutls_assert_val(GNUTLS_E_PARSING_ERROR); ++ } ++ ret = gnutls_memcmp(lib_hmac, hmac, HMAC_SIZE); ++ if (ret){ ++ _gnutls_debug_log("Calculated MAC for %s does not match\n", ++ path); ++ gnutls_memset(hmac, 0, HMAC_SIZE); ++ gnutls_memset(lib_hmac, 0, HMAC_SIZE); ++ return gnutls_assert_val(GNUTLS_E_PARSING_ERROR); ++ } ++ _gnutls_debug_log("Successfully verified MAC for %s\n", path); ++ gnutls_memset(hmac, 0, HMAC_SIZE); ++ return 0; ++} ++ ++/* + * check_lib_hmac: + * @entry: hmac file entry + * @path: path to the library which hmac should be compared + * +- * Verify that HMAC from hmac file entry matches HMAC of given library. ++ * Verify that HMAC from hmac file entry matches HMAC of gnutls library. + * + * Returns: 0 on successful HMAC verification, a negative error code otherwise + */ +@@ -496,17 +575,20 @@ static int check_binary_integrity(void) if (ret < 0) return ret; -+# if 0 -+ /* Disable nettle, hogweed and gmp HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ - ret = check_lib_hmac(&hmac.nettle, paths.nettle); - if (ret < 0) - return ret; -@@ -494,6 +530,7 @@ static int check_binary_integrity(void) + #ifdef NETTLE_LIBRARY_SONAME +- ret = check_lib_hmac(&hmac.nettle, paths.nettle); ++ //ret = check_lib_hmac(&hmac.nettle, paths.nettle); ++ ret = check_dep_lib_hmac(paths.nettle); + if (ret < 0) + return ret; + #endif + #ifdef HOGWEED_LIBRARY_SONAME +- ret = check_lib_hmac(&hmac.hogweed, paths.hogweed); ++ //ret = check_lib_hmac(&hmac.hogweed, paths.hogweed); ++ ret = check_dep_lib_hmac(paths.hogweed); + if (ret < 0) + return ret; + #endif + #ifdef GMP_LIBRARY_SONAME +- ret = check_lib_hmac(&hmac.gmp, paths.gmp); ++ //ret = check_lib_hmac(&hmac.gmp, paths.gmp); ++ ret = check_dep_lib_hmac(paths.gmp); if (ret < 0) return ret; #endif -+#endif - - return 0; - } diff --git a/gnutls.changes b/gnutls.changes index bea88bb..7624961 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,9 +1,41 @@ +------------------------------------------------------------------- +Mon Nov 11 10:04:31 UTC 2024 - Pedro Monreal + +- Update to 3.8.8: + - libgnutls: Experimental support for X25519MLKEM768 and + SecP256r1MLKEM768 key exchange in TLS 1.3: The support for + post-quantum key exchanges has been extended to cover the final + standard of ML-KEM, following draft-kwiatkowski-tls-ecdhe-mlkem. + The minimum supported version of liboqs is bumped to 0.11.0. + - libgnutls: All records included in an OCSP response are now checked + in TLS: Previously, when multiple records are provided in a single + OCSP response, only the first record was considered; now all those + records are examined until the server certificate matches. + - libgnutls: Handling of malformed compress_certificate extension is + now more standard compliant: The server behavior of receiving a + malformed compress_certificate extension now more strictly follows + RFC 8879; return illegal_parameter alert instead of bad_certificate, + as well as overlong extension data is properly rejected. + - build: More flexible library linking options for compression + libraries, TPM, and liboqs support: The configure options, + --with-zstd, --with-brotli, --with-zlib, --with-tpm2, and --with-liboqs + now take 4 states: yes/link/dlopen/no, to specify how the libraries + are linked or loaded. + * Rebase gnutls-FIPS-140-3-references.patch + ------------------------------------------------------------------- Fri Sep 27 08:02:09 UTC 2024 - Antonio Larrosa - Build with liboqs to support the X25519Kyber768 post-quantum key exchange algorithm. +------------------------------------------------------------------- +Thu Sep 5 07:57:42 UTC 2024 - Pedro Monreal + +- FIPS: Allow to perform the integrity check with the hmac provided + by each library [bsc#1226724] + * Rebase gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch + ------------------------------------------------------------------- Mon Sep 2 10:09:23 UTC 2024 - Pedro Monreal diff --git a/gnutls.spec b/gnutls.spec index 00fc99e..fd0877f 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -42,14 +42,14 @@ %endif %bcond_with tpm Name: gnutls -Version: 3.8.7 +Version: 3.8.8 Release: 0 Summary: The GNU Transport Layer Security Library License: GPL-3.0-or-later AND LGPL-2.1-or-later Group: Productivity/Networking/Security URL: https://www.gnutls.org/ -Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.1.tar.xz -Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.1.tar.xz.sig +Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz +Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz.sig # https://gnutls.org/gnutls-release-keyring.gpg Source2: https://gnutls.org/gnutls-release-keyring.gpg#/gnutls.keyring Source3: baselibs.conf

    GNUTLS_FIPS140_DISABLED

    		 @@ -593,7 +593,7 @@ Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html  

    GNUTLS_FIPS140_LAX

    		 @@ -604,17 +604,17 @@ Index: gnutls-3.8.7/doc/reference/html/gnutls-gnutls.html application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility).