libgcrypt

pool/libgcrypt

SHA256

Fork 2

Commit Graph

Author	SHA256	Message	Date
Pedro Monreal Gonzalez	211bd2f53b	Accepting request 819163 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.8.6 * mpi: Consider +0 and -0 the same in mpi_cmp * mpi: Fix flags in mpi_copy for opaque MPI * mpi: Fix the return value of mpi_invm_generic * mpi: DSA,ECDSA: Fix use of mpi_invm - Call mpi_invm before _gcry_dsa_modify_k - Call mpi_invm before _gcry_ecc_ecdsa_sign * mpi: Constant time mpi_inv with some conditions - mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond) - New: mpih_abs_cond, mpi_invm_odd - Rename from _gcry_mpi_invm: mpi_invm_generic - Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm * mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr * Fix wrong code execution in Poly1305 ARM/NEON implementation - Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext) * Set vZZ.16b register to zero before use in armv8 gcm implementation * random: Fix include of config.h * Fix declaration of internal function _gcry_mpi_get_ui: Don't use ulong * ecc: Fix wrong handling of shorten PK bytes - Zeros are already recovered: (_gcry_ecc_mont_decodepoint) - Update libgcrypt-ecc-ecdsa-no-blinding.patch OBS-URL: https://build.opensuse.org/request/show/819163 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=138	2020-07-07 09:36:56 +00:00
Vítězslav Čížek	9a7cde5372	Accepting request 805624 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: libgcrypt: Double free in test_keys() on failed signature verification [bsc#1169944] * Use safer gcry_mpi_release() instead of mpi_free() - Update patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569) * add libgcrypt-fips_selftest_trigger_file.patch * refresh libgcrypt-global_init-constructor.patch - Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted by libgcrypt-global_init-constructor.patch - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC: [bsc#1165539] - Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates. - Refreshed patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - FIPS: Switch the PCT to use the new signature operation [bsc#1165539] * Patches for DSA, RSA and ECDSA test_keys functions: - libgcrypt-PCT-DSA.patch - libgcrypt-PCT-RSA.patch - libgcrypt-PCT-ECC.patch - Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch OBS-URL: https://build.opensuse.org/request/show/805624 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134	2020-05-14 15:39:34 +00:00

Author

SHA256

Message

Date

Pedro Monreal Gonzalez

211bd2f53b

Accepting request 819163 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

- Update to 1.8.6
  * mpi: Consider +0 and -0 the same in mpi_cmp
  * mpi: Fix flags in mpi_copy for opaque MPI
  * mpi: Fix the return value of mpi_invm_generic
  * mpi: DSA,ECDSA: Fix use of mpi_invm
    - Call mpi_invm before _gcry_dsa_modify_k
    - Call mpi_invm before _gcry_ecc_ecdsa_sign
  * mpi: Constant time mpi_inv with some conditions
    - mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond)
    - New: mpih_abs_cond, mpi_invm_odd
    - Rename from _gcry_mpi_invm: mpi_invm_generic
    - Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm
  * mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr
  * Fix wrong code execution in Poly1305 ARM/NEON implementation
    - Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext)
  * Set vZZ.16b register to zero before use in armv8 gcm implementation
  * random: Fix include of config.h
  * Fix declaration of internal function _gcry_mpi_get_ui: Don't use ulong
  * ecc: Fix wrong handling of shorten PK bytes
    - Zeros are already recovered: (_gcry_ecc_mont_decodepoint)
- Update libgcrypt-ecc-ecdsa-no-blinding.patch

OBS-URL: https://build.opensuse.org/request/show/819163
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=138

2020-07-07 09:36:56 +00:00

Vítězslav Čížek

9a7cde5372

Accepting request 805624 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

- FIPS: libgcrypt: Double free in test_keys() on failed signature
  verification [bsc#1169944]
  * Use safer gcry_mpi_release() instead of mpi_free()
- Update patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- Ship the FIPS checksum file in the shared library package and
  create a separate trigger file for the FIPS selftests (bsc#1169569)
  * add libgcrypt-fips_selftest_trigger_file.patch
  * refresh libgcrypt-global_init-constructor.patch
- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted
  by libgcrypt-global_init-constructor.patch

- FIPS: Verify that the generated signature and the original input
  differ in test_keys function for RSA, DSA and ECC: [bsc#1165539]
- Add zero-padding when qx and qy have different lengths when
  assembling the Q point from affine coordinates.
- Refreshed patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- FIPS: Switch the PCT to use the new signature operation [bsc#1165539]
  * Patches for DSA, RSA and ECDSA test_keys functions:
    - libgcrypt-PCT-DSA.patch
    - libgcrypt-PCT-RSA.patch
    - libgcrypt-PCT-ECC.patch
- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch

OBS-URL: https://build.opensuse.org/request/show/805624
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134

2020-05-14 15:39:34 +00:00

2 Commits