Pedro Monreal Gonzalez
c1414c55a9
- Update to 1.11.0:
* New and extended interfaces:
- Add an API for Key Encapsulation Mechanism (KEM). [T6755]
- Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5]
- Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268]
- Add Classic McEliece algorithm. [rC003367b912]
- Add One-Step KDF with hash and MAC. [T5964]
- Add KDF algorithm HKDF of RFC-5869. [T5964]
- Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3]
- Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4]
- Add ARIA block cipher algorithm. [rC316c6d7715]
- Add explicit FIPS indicators for MD and MAC algorithms. [T6376]
- Add support for SHAKE as MGF in RSA. [T6557]
- Add gcry_md_read support for SHAKE algorithms. [T6539]
- Add gcry_md_hash_buffers_ext function. [T7035]
- Add cSHAKE hash algorithm. [rC065b3f4e02]
- Support internal generation of IV for AEAD cipher mode. [T4873]
* Performance:
- Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3]
- Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1]
- Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16]
- Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006]
- Add PowerPC vector implementation of SM4. [rC0b2da804ee]
- Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006]
- Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5]
- Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4
and Camellia. [rCcf956793af]
- Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f]
- Add AVX2 and AVX512 accelerated implementations for GHASH (GCM)
and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193]
OBS-URL: https://build.opensuse.org/request/show/1183811
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=180
115 lines
3.9 KiB
Diff
115 lines
3.9 KiB
Diff
Index: libgcrypt-1.10.0/random/rndoldlinux.c
|
|
===================================================================
|
|
--- libgcrypt-1.10.0.orig/random/rndoldlinux.c
|
|
+++ libgcrypt-1.10.0/random/rndoldlinux.c
|
|
@@ -132,7 +132,7 @@ _gcry_rndoldlinux_gather_random (void (*
|
|
volatile pid_t apid;
|
|
int fd;
|
|
int n;
|
|
- byte buffer[768];
|
|
+ byte buffer[256];
|
|
size_t n_hw;
|
|
size_t want = length;
|
|
size_t last_so_far = 0;
|
|
@@ -187,26 +187,43 @@ _gcry_rndoldlinux_gather_random (void (*
|
|
my_pid = apid;
|
|
}
|
|
|
|
+ if (fips_mode())
|
|
+ {
|
|
+ if (level >= GCRY_VERY_STRONG_RANDOM)
|
|
+ {
|
|
+ size_t n;
|
|
|
|
- /* First read from a hardware source. Note that _gcry_rndhw_poll_slow lets
|
|
- it account only for up to 50% (or 25% for RDRAND) of the requested
|
|
- bytes. */
|
|
- n_hw = _gcry_rndhw_poll_slow (add, origin, length);
|
|
- if (length > 1)
|
|
- length -= n_hw;
|
|
-
|
|
- /* When using a blocking random generator try to get some entropy
|
|
- * from the jitter based RNG. In this case we take up to 50% of the
|
|
- * remaining requested bytes. */
|
|
- if (level >= GCRY_VERY_STRONG_RANDOM)
|
|
- {
|
|
- n_hw = _gcry_rndjent_poll (add, origin, length/2);
|
|
- if (n_hw > length/2)
|
|
- n_hw = length/2;
|
|
+ n = _gcry_rndjent_poll (add, origin, length);
|
|
+ if (n == 0)
|
|
+ log_fatal ("unexpected error from rndjent: %s\n",
|
|
+ strerror (errno));
|
|
+ if (n > length)
|
|
+ n = length;
|
|
+ if (length > 1)
|
|
+ length -= n;
|
|
+ }
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ /* First read from a hardware source. Note that _gcry_rndhw_poll_slow lets
|
|
+ it account only for up to 50% (or 25% for RDRAND) of the requested
|
|
+ bytes. */
|
|
+ n_hw = _gcry_rndhw_poll_slow (add, origin, length);
|
|
if (length > 1)
|
|
length -= n_hw;
|
|
- }
|
|
|
|
+ /* When using a blocking random generator try to get some entropy
|
|
+ * from the jitter based RNG. In this case we take up to 50% of the
|
|
+ * remaining requested bytes. */
|
|
+ if (level >= GCRY_VERY_STRONG_RANDOM)
|
|
+ {
|
|
+ n_hw = _gcry_rndjent_poll (add, origin, length/2);
|
|
+ if (n_hw > length/2)
|
|
+ n_hw = length/2;
|
|
+ if (length > 1)
|
|
+ length -= n_hw;
|
|
+ }
|
|
+ }
|
|
|
|
/* Open the requested device. The first time a device is to be
|
|
opened we fail with a fatal error if the device does not exists.
|
|
@@ -262,8 +279,6 @@ _gcry_rndoldlinux_gather_random (void (*
|
|
do
|
|
{
|
|
nbytes = length < sizeof(buffer)? length : sizeof(buffer);
|
|
- if (nbytes > 256)
|
|
- nbytes = 256;
|
|
_gcry_pre_syscall ();
|
|
ret = getentropy (buffer, nbytes);
|
|
_gcry_post_syscall ();
|
|
Index: libgcrypt-1.10.0/random/rndjent.c
|
|
===================================================================
|
|
--- libgcrypt-1.10.0.orig/random/rndjent.c
|
|
+++ libgcrypt-1.10.0/random/rndjent.c
|
|
@@ -279,13 +279,24 @@ _gcry_rndjent_poll (void (*add)(const vo
|
|
if (!jent_rng_is_initialized)
|
|
{
|
|
/* Auto-initialize. */
|
|
- jent_rng_is_initialized = 1;
|
|
jent_entropy_collector_free (jent_rng_collector);
|
|
jent_rng_collector = NULL;
|
|
if ( !(_gcry_random_read_conf () & RANDOM_CONF_DISABLE_JENT))
|
|
{
|
|
- if (!jent_entropy_init ())
|
|
- jent_rng_collector = jent_entropy_collector_alloc (1, 0);
|
|
+ if (!jent_entropy_init_ex (1, 0))
|
|
+ {
|
|
+ jent_rng_collector = jent_entropy_collector_alloc (1, 0);
|
|
+ jent_rng_is_initialized = 1;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (!jent_rng_collector)
|
|
+ {
|
|
+ if (!jent_entropy_init_ex (1, 0))
|
|
+ {
|
|
+ jent_rng_collector = jent_entropy_collector_alloc (1, 0);
|
|
+ jent_rng_is_initialized = 1;
|
|
}
|
|
}
|
|
|