Accepting request 1009758 from home:pmonrealgonzalez:branches:security:tls

- Update to 3.7.8: * libgnutls: In FIPS140 mode, RSA signature verification is an approved operation if the key has modulus with known sizes (1024, 1280, 1536, and 1792 bits), in addition to any modulus sizes larger than 2048 bits, according to SP800-131A rev2. * libgnutls: gnutls_session_channel_binding performs additional checks when GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the "tls-exporter" channel binding is only usable when the handshake is bound to a unique master secret (i.e., either TLS 1.3 or extended master secret extension is negotiated). Otherwise the function now returns error. * libgnutls: usage of the following functions, which are designed to loosen restrictions imposed by allowlisting mode of configuration, has been additionally restricted. Invoking them is now only allowed if system-wide TLS priority string has not been initialized yet: - gnutls_digest_set_secure - gnutls_sign_set_secure - gnutls_sign_set_secure_for_certs - gnutls_protocol_set_enabled * Delete gnutls-3.6.6-set_guile_site_dir.patch and use the --with-guile-extension-dir configure option to properly handle the guile extension directory. * Rebase gnutls-Make-XTS-key-check-failure-not-fatal.patch * Update gnutls.keyring * Add a build depencency on gtk-doc required by autoreconf OBS-URL: https://build.opensuse.org/request/show/1009758 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=77
2022-10-11 12:44:03 +00:00 · 2022-10-11 12:44:03 +00:00 · 443be2c653
commit 443be2c653
parent c4276dbca6
9 changed files with 422 additions and 1721 deletions
--- a/gnutls-3.6.6-set_guile_site_dir.patch
+++ b/gnutls-3.6.6-set_guile_site_dir.patch
@ -1,13 +0,0 @@
-Index: gnutls-3.7.7/configure
-===================================================================
--- gnutls-3.7.7.orig/configure
-+++ gnutls-3.7.7/configure
-@@ -74223,7 +74223,7 @@ fi
- 
-   { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Guile site directory" >&5
- printf %s "checking for Guile site directory... " >&6; }
-  GUILE_SITE=`$PKG_CONFIG --print-errors --variable=sitedir guile-$GUILE_EFFECTIVE_VERSION`
-+  GUILE_SITE=/usr/share/guile
-   { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GUILE_SITE" >&5
- printf "%s\n" "$GUILE_SITE" >&6; }
-   if test "$GUILE_SITE" = ""; then
--- a/gnutls-3.7.7.tar.xz
+++ b/gnutls-3.7.7.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:be9143d0d58eab64dba9b77114aaafac529b6c0d7e81de6bdf1c9b59027d2106
-size 6351664
--- a/gnutls-3.7.7.tar.xz.sig
+++ b/gnutls-3.7.7.tar.xz.sig
--- a/gnutls-3.7.8.tar.xz
+++ b/gnutls-3.7.8.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c58ad39af0670efe6a8aee5e3a8b2331a1200418b64b7c51977fb396d4617114
+size 6029220
--- a/gnutls-3.7.8.tar.xz.sig
+++ b/gnutls-3.7.8.tar.xz.sig
--- a/gnutls-Make-XTS-key-check-failure-not-fatal.patch
+++ b/gnutls-Make-XTS-key-check-failure-not-fatal.patch
@ -5,16 +5,18 @@ Subject: [PATCH] Make XTS key check failure not fatal

 Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 ---
- lib/accelerated/x86/aes-xts-x86-aesni.c |    1 
- lib/nettle/cipher.c                     |   73 +++++++++--------------------
- tests/Makefile.am                       |    2 
- tests/xts-key-check.c                   |   78 ++++++++++++++++++++++++++++++++
- 4 files changed, 102 insertions(+), 52 deletions(-)
+ lib/accelerated/x86/aes-xts-x86-aesni.c |  1 -
+ lib/nettle/cipher.c                     | 73 ++++++++---------------
+ tests/Makefile.am                       |  2 +-
+ tests/xts-key-check.c                   | 78 +++++++++++++++++++++++++
+ 5 files changed, 103 insertions(+), 52 deletions(-)
 create mode 100644 tests/xts-key-check.c

+diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c
+index 0588d0bd55..d6936a688d 100644
 --- a/lib/accelerated/x86/aes-xts-x86-aesni.c
 +++ b/lib/accelerated/x86/aes-xts-x86-aesni.c
-@@ -73,7 +73,6 @@ x86_aes_xts_cipher_setkey(void *_ctx, co
+@@ -73,7 +73,6 @@ x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
 	/* Check key block according to FIPS-140-2 IG A.9 */
 	if (_gnutls_fips_mode_enabled()){
 		if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) {
@ -22,9 +24,11 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 		}
 	}
+diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c
+index c9c59fb0ba..9c2ce19e7e 100644
 --- a/lib/nettle/cipher.c
 +++ b/lib/nettle/cipher.c
-@@ -448,12 +448,14 @@ _gcm_decrypt(struct nettle_cipher_ctx *c
+@@ -448,12 +448,14 @@ _gcm_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
 		    length, dst, src);
 }
 
@ -41,10 +45,11 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 {
 	des3_set_key(ctx, key);
 }
-@@ -477,50 +479,6 @@ _cfb8_decrypt(struct nettle_cipher_ctx *
+@@ -476,50 +478,6 @@ _cfb8_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+ 		     length, dst, src);
 }
 
- static void
+-static void
 -_xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key,
 -			    const uint8_t *key)
 -{
@ -88,11 +93,10 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 -	xts_aes256_set_decrypt_key(xts_key, key);
 -}
 -
-static void
+ static void
 _xts_aes128_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
 		    const uint8_t * src)
- {
-@@ -1041,8 +999,8 @@ static const struct nettle_cipher_st bui
+@@ -1041,8 +999,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = {
 	   .ctx_size = sizeof(struct xts_aes128_key),
 	   .encrypt = _xts_aes128_encrypt,
 	   .decrypt = _xts_aes128_decrypt,
@ -103,7 +107,7 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 	   .max_iv_size = AES_BLOCK_SIZE,
 	},
 	{  .algo = GNUTLS_CIPHER_AES_256_XTS,
-@@ -1052,8 +1010,8 @@ static const struct nettle_cipher_st bui
+@@ -1052,8 +1010,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = {
 	   .ctx_size = sizeof(struct xts_aes256_key),
 	   .encrypt = _xts_aes256_encrypt,
 	   .decrypt = _xts_aes256_decrypt,
@ -114,7 +118,7 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 	   .max_iv_size = AES_BLOCK_SIZE,
 	},
 	{  .algo = GNUTLS_CIPHER_AES_128_SIV,
-@@ -1144,6 +1102,21 @@ wrap_nettle_cipher_setkey(void *_ctx, co
+@@ -1144,6 +1102,21 @@ wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize)
 		return 0;
 	}
 
@ -136,17 +140,22 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 	if (ctx->enc)
 		ctx->cipher->set_encrypt_key(ctx->ctx_ptr, key);
 	else
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index 3e126f0046..1122886b31 100644
 --- a/tests/Makefile.am
 +++ b/tests/Makefile.am
-@@ -233,7 +233,7 @@ ctests += mini-record-2 simple gnutls_hm
+@@ -233,7 +233,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
 	 tls13-without-timeout-func buffer status-request-revoked \
 	 set_x509_ocsp_multi_cli kdf-api keylog-func handshake-write \
 	 x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name \
-	 x509-upnconstraint cipher-padding pkcs7-verify-double-free
-+	 x509-upnconstraint xts-key-check cipher-padding pkcs7-verify-double-free
+-	 x509-upnconstraint cipher-padding pkcs7-verify-double-free \
+	 x509-upnconstraint xts-key-check cipher-padding pkcs7-verify-double-free \
+ 	 fips-rsa-sizes
 
 ctests += tls-channel-binding
- 
+diff --git a/tests/xts-key-check.c b/tests/xts-key-check.c
+new file mode 100644
+index 0000000000..a3bea5abca
 --- /dev/null
 +++ b/tests/xts-key-check.c
@@ -0,0 +1,78 @@
@ -228,3 +237,6 @@ Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 +	test_xts_check(GNUTLS_CIPHER_AES_128_XTS);
 +	test_xts_check(GNUTLS_CIPHER_AES_256_XTS);
 +}
+-- 
+GitLab
+
--- a/gnutls.changes
+++ b/gnutls.changes
@ -1,3 +1,33 @@
+-------------------------------------------------------------------
+Sun Oct  9 12:53:27 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
+
+- Update to 3.7.8:
+  * libgnutls: In FIPS140 mode, RSA signature verification is an
+    approved operation if the key has modulus with known sizes
+    (1024, 1280, 1536, and 1792 bits), in addition to any modulus
+    sizes larger than 2048 bits, according to SP800-131A rev2.
+  * libgnutls: gnutls_session_channel_binding performs additional
+    checks when GNUTLS_CB_TLS_EXPORTER is requested. According to
+    RFC9622 4.2, the "tls-exporter" channel binding is only usable
+    when the handshake is bound to a unique master secret (i.e.,
+    either TLS 1.3 or extended master secret extension is
+    negotiated). Otherwise the function now returns error.
+  * libgnutls: usage of the following functions, which are designed
+    to loosen restrictions imposed by allowlisting mode of
+    configuration, has been additionally restricted. Invoking
+    them is now only allowed if system-wide TLS priority string
+    has not been initialized yet:
+      - gnutls_digest_set_secure
+      - gnutls_sign_set_secure
+      - gnutls_sign_set_secure_for_certs
+      - gnutls_protocol_set_enabled
+  * Delete gnutls-3.6.6-set_guile_site_dir.patch and use the
+    --with-guile-extension-dir configure option to properly
+    handle the guile extension directory.
+  * Rebase gnutls-Make-XTS-key-check-failure-not-fatal.patch
+  * Update gnutls.keyring
+  * Add a build depencency on gtk-doc required by autoreconf
+
 -------------------------------------------------------------------
 Tue Oct  4 13:05:27 UTC 2022 - Otto Hollmann <otto.hollmann@suse.com>

--- a/gnutls.keyring
+++ b/gnutls.keyring
--- a/gnutls.spec
+++ b/gnutls.spec
@ -36,7 +36,7 @@
 %bcond_with tpm
 %bcond_without guile
 Name:           gnutls
-Version:        3.7.7
+Version:        3.7.8
 Release:        0
 Summary:        The GNU Transport Layer Security Library
 License:        GPL-3.0-or-later AND LGPL-2.1-or-later
@ -44,10 +44,10 @@ Group:          Productivity/Networking/Security
 URL:            https://www.gnutls.org/
 Source0:        https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz
 Source1:        https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz.sig
+# https://gnutls.org/gnutls-release-keyring.gpg
 Source2:        gnutls.keyring
 Source3:        baselibs.conf
 Patch0:         gnutls-3.5.11-skip-trust-store-tests.patch
-Patch1:         gnutls-3.6.6-set_guile_site_dir.patch
 Patch2:         gnutls-FIPS-TLS_KDF_selftest.patch
 Patch3:         gnutls-FIPS-disable-failing-tests.patch
 Patch4:         gnutls_ECDSA_signing.patch
@ -67,6 +67,7 @@ BuildRequires:  datefudge
 BuildRequires:  fdupes
 BuildRequires:  fipscheck
 BuildRequires:  gcc-c++
+BuildRequires:  gtk-doc
 # The test suite calls /usr/bin/ss from iproute2. It's our own duty to ensure we have it present
 BuildRequires:  iproute2
 BuildRequires:  libidn2-devel
@ -220,7 +221,7 @@ echo "SYSTEM=NORMAL" >> tests/system.prio
 export LDFLAGS="-pie -Wl,-z,now -Wl,-z,relro"
 export CFLAGS="%{optflags} -fPIE"
 export CXXFLAGS="%{optflags} -fPIE"
-#autoreconf -fiv
+autoreconf -fiv
 %configure \
        gl_cv_func_printf_directive_n=yes \
        gl_cv_func_printf_infinite_long_double=yes \
@ -243,6 +244,7 @@ export CXXFLAGS="%{optflags} -fPIE"
 %endif
 %if %{with guile}
        --enable-guile \
+        --with-guile-extension-dir=%{_libdir}/guile/3.0 \
 %else
        --disable-guile \
 %endif
@ -381,7 +383,7 @@ GNUTLS_FORCE_FIPS_MODE=1 make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=
 %files guile
 %license LICENSE
 %{_libdir}/guile/*
-%{_datadir}/guile/gnutls*
+%{_datadir}/guile/site/*
 %endif

 %changelog