diff --git a/libgcrypt-binary_integrity_in_non-FIPS.patch b/libgcrypt-binary_integrity_in_non-FIPS.patch index 2daaa0a..00b3a06 100644 --- a/libgcrypt-binary_integrity_in_non-FIPS.patch +++ b/libgcrypt-binary_integrity_in_non-FIPS.patch @@ -1,17 +1,96 @@ -Index: libgcrypt-1.8.4/src/fips.c +Index: libgcrypt-1.8.2/src/fips.c =================================================================== ---- libgcrypt-1.8.4.orig/src/fips.c 2018-11-26 17:30:28.040692529 +0100 -+++ libgcrypt-1.8.4/src/fips.c 2018-11-26 17:59:04.130934181 +0100 -@@ -663,7 +663,11 @@ check_binary_integrity (void) +--- libgcrypt-1.8.2.orig/src/fips.c 2019-03-27 13:15:14.190987624 +0100 ++++ libgcrypt-1.8.2/src/fips.c 2019-03-27 13:18:07.047986428 +0100 +@@ -115,6 +115,50 @@ _gcry_initialize_fsm_lock (void) + abort (); + } + } ++ ++/* Checks whether the library will enter the FIPS mode. ++ Uses the same logic as _gcry_initialize_fips_mode */ ++static int ++will_enter_fips (void) ++{ ++ /* for convenience, so that a process can run fips-enabled, but ++ not necessarily all of them, enable FIPS mode via environment ++ variable LIBGCRYPT_FORCE_FIPS_MODE. */ ++ if (getenv("LIBGCRYPT_FORCE_FIPS_MODE") != NULL) ++ return 1; ++ ++ /* For testing the system it is useful to override the system ++ provided detection of the FIPS mode and force FIPS mode using a ++ file. The filename is hardwired so that there won't be any ++ confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is ++ actually used. The file itself may be empty. */ ++ if ( !access (FIPS_FORCE_FILE, F_OK) ) ++ return 1; ++ ++ /* Checking based on /proc file properties. */ ++ { ++ static const char procfname[] = "/proc/sys/crypto/fips_enabled"; ++ FILE *fp; ++ ++ fp = fopen (procfname, "r"); ++ if (fp) ++ { ++ char line[256]; ++ ++ if (fgets (line, sizeof line, fp) && atoi (line)) ++ { ++ /* System is in fips mode. */ ++ fclose (fp); ++ return 1; ++ } ++ fclose (fp); ++ } ++ } ++ ++ return 0; ++} ++ ++ + + /* Check whether the OS is in FIPS mode and record that in a module + local variable. If FORCE is passed as true, fips mode will be +@@ -631,10 +675,10 @@ get_library_path(const char *libname, co + + /* Run an integrity check on the binary. Returns 0 on success. */ + static int +-check_binary_integrity (void) ++check_binary_integrity () + { + #ifdef ENABLE_HMAC_BINARY_CHECK +- gpg_error_t err; ++ gpg_error_t err = 0; + char libpath[4096]; + unsigned char digest[32]; + int dlen; +@@ -675,7 +719,14 @@ check_binary_integrity (void) /* Open the file. */ fp = fopen (fname, "r"); if (!fp) - err = gpg_error_from_syserror (); + { -+ /* Missing checksum is a problem only in FIPS mode */ -+ if (fips_mode() || errno != ENOENT) ++ /* Missing checksum is a problem only in FIPS mode. ++ As the integrity check was moved to the POWERON state, ++ we no longer can rely on fips_mode(). Because at the point, ++ the library is not yet initialized. */ ++ if (will_enter_fips() || errno != ENOENT) + err = gpg_error_from_syserror (); + } else { /* A buffer of 64 bytes plus one for a LF and one to +@@ -743,9 +794,8 @@ _gcry_fips_run_selftests (int extended) + we return and finish the remaining selftests before + real use of the library. It will be in the POWERON + state meanwhile. */ +- if (in_poweron) +- if (check_binary_integrity ()) +- goto leave; ++ if (check_binary_integrity ()) ++ goto leave; + + if (in_poweron) + return 0; diff --git a/libgcrypt-fips_rsa_no_enforced_mode.patch b/libgcrypt-fips_rsa_no_enforced_mode.patch new file mode 100644 index 0000000..55f1003 --- /dev/null +++ b/libgcrypt-fips_rsa_no_enforced_mode.patch @@ -0,0 +1,13 @@ +Index: libgcrypt-1.8.2/cipher/rsa.c +=================================================================== +--- libgcrypt-1.8.2.orig/cipher/rsa.c 2017-11-23 19:16:58.000000000 +0100 ++++ libgcrypt-1.8.2/cipher/rsa.c 2019-03-26 11:14:33.737388126 +0100 +@@ -389,7 +389,7 @@ generate_fips (RSA_secret_key *sk, unsig + + if (nbits < 1024 || (nbits & 0x1FF)) + return GPG_ERR_INV_VALUE; +- if (_gcry_enforced_fips_mode() && nbits != 2048 && nbits != 3072) ++ if (fips_mode() && nbits != 2048 && nbits != 3072) + return GPG_ERR_INV_VALUE; + + /* The random quality depends on the transient_key flag. */ diff --git a/libgcrypt.changes b/libgcrypt.changes index 672f16b..66e341f 100644 --- a/libgcrypt.changes +++ b/libgcrypt.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Mar 26 16:30:23 UTC 2019 - Vítězslav Čížek + +- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests + are invoked as well as the state transition, adjust the code so + a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) + * update libgcrypt-binary_integrity_in_non-FIPS.patch + +------------------------------------------------------------------- +Tue Mar 26 16:25:18 UTC 2019 - Vítězslav Čížek + +- Enforce the minimal RSA keygen size in fips mode (bsc#1125740) + * add libgcrypt-fips_rsa_no_enforced_mode.patch + ------------------------------------------------------------------- Fri Mar 22 14:13:05 UTC 2019 - Vítězslav Čížek diff --git a/libgcrypt.spec b/libgcrypt.spec index 12f684f..81ed1ee 100644 --- a/libgcrypt.spec +++ b/libgcrypt.spec @@ -57,9 +57,10 @@ Patch32: libgcrypt-fips_run_selftest_at_constructor.patch Patch35: libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch #PATCH-FIX-UPSTREAM bsc#1064455 fipsdrv patch to enable --algo for dsa-verify Patch36: libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch -Patch37: libgcrypt-binary_integrity_in_non-FIPS.patch Patch39: libgcrypt-1.8.3-fips-ctor.patch Patch40: libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch +Patch41: libgcrypt-binary_integrity_in_non-FIPS.patch +Patch42: libgcrypt-fips_rsa_no_enforced_mode.patch BuildRequires: automake >= 1.14 BuildRequires: fipscheck BuildRequires: libgpg-error-devel >= 1.25