From cf30493c2ce694196fb8c5b13de4deb58375dc7c6ee08348b1fec76bbb7556a1 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Fri, 24 Mar 2023 12:22:34 +0000 Subject: [PATCH 1/2] Accepting request 1074130 from home:pmonrealgonzalez:branches:security:tls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Update to 3.8.0: [bsc#1205763, bsc#1209627] * libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange. Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin. [GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361] * libgnutls: C++ library is now header only. All definitions from gnutlsxx.c have been moved into gnutlsxx.h. Users of the C++ interface have two options: 1. include gnutlsxx.h in their application and link against the C library. (default) 2. include gnutlsxx.h in their application, compile with GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link against the C++ library. * libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST priority modifier have been added to allow disabling of the status_request TLS extension in the client side. * libgnutls: TLS heartbeat is disabled by default. The heartbeat extension in TLS (RFC 6520) is not widely used given other implementations dropped support for it. To enable back support for it, supply --enable-heartbeat-support to configure script. * libgnutls: SRP authentication is now disabled by default. It is disabled because the SRP authentication in TLS is not up to date with the latest TLS standards and its ciphersuites are based on the CBC mode and SHA-1. To enable it back, supply --enable-srp-authentication option to configure script. * libgnutls: All code has been indented using "indent -ppi1 -linux". CI/CD has been adjusted to catch regressions. This is implemented through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s commit-check. You may run devel/indent-gnutls to fix any OBS-URL: https://build.opensuse.org/request/show/1074130 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=88 --- gnutls-3.7.9.tar.xz | 3 - gnutls-3.7.9.tar.xz.sig | Bin 685 -> 0 bytes gnutls-3.8.0.tar.xz | 3 + gnutls-3.8.0.tar.xz.sig | Bin 0 -> 684 bytes gnutls-FIPS-140-3-references.patch | 524 +++++++++--------- gnutls-FIPS-PCT-DH.patch | 114 ++-- gnutls-FIPS-PCT-ECDH.patch | 90 +-- ...LI-pbkdf2-verify-keylengths-only-SHA.patch | 114 ---- ...et-error-state-when-jent-init-failed.patch | 91 --- gnutls-FIPS-disable-failing-tests.patch | 36 -- gnutls-FIPS-jitterentropy.patch | 198 ++++--- ...Make-XTS-key-check-failure-not-fatal.patch | 242 -------- gnutls-verify-library-HMAC.patch | 21 - gnutls.changes | 70 +++ gnutls.keyring | Bin 23391 -> 26256 bytes gnutls.spec | 89 +-- gnutls_ECDSA_signing.patch | 172 ------ 17 files changed, 573 insertions(+), 1194 deletions(-) delete mode 100644 gnutls-3.7.9.tar.xz delete mode 100644 gnutls-3.7.9.tar.xz.sig create mode 100644 gnutls-3.8.0.tar.xz create mode 100644 gnutls-3.8.0.tar.xz.sig delete mode 100644 gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch delete mode 100644 gnutls-FIPS-Set-error-state-when-jent-init-failed.patch delete mode 100644 gnutls-FIPS-disable-failing-tests.patch delete mode 100644 gnutls-Make-XTS-key-check-failure-not-fatal.patch delete mode 100644 gnutls-verify-library-HMAC.patch delete mode 100644 gnutls_ECDSA_signing.patch diff --git a/gnutls-3.7.9.tar.xz b/gnutls-3.7.9.tar.xz deleted file mode 100644 index 8c12498..0000000 --- a/gnutls-3.7.9.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:aaa03416cdbd54eb155187b359e3ec3ed52ec73df4df35a0edd49429ff64d844 -size 6377212 diff --git a/gnutls-3.7.9.tar.xz.sig b/gnutls-3.7.9.tar.xz.sig deleted file mode 100644 index 548891323b2f13f11d119d158f742098e6b79e2edd2f28b8e37ac10047514022..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 685 zcmV;e0#f~mbp!ww3IH7zAp~7U%MW%m1*ZiyR`hyxrbx5-A`ArrW91K^0162ZdUd8q zv-u(n;?w~E&f6q(NPv#zi%ukpcf3iFM}HBx=;%ghSSO#y6?toq0RYt491{~spHH7T zUSsDv_9K;Dy;%-6ptdBP;KiwSCjyBAGXwwu2ml=xAp}MuCBw9DG>4zaNo>{ygpSwd zm~jOHW99HU0162Z)&+!)*XEdU)x{70VO!5itsV85Ff^iin?JtpxyF5qz4w&+8&Hz! z{sNMPBfs63nY>sL3a1d)^qkfvf+MkY`y$r_DcgGym@}c9xO}(BJ_W70uGFGZXdzm& z&<{Mm*L)%!=S_{4C^@xnjjRl>&e9n7N{_8lUZtPcqQ!R{?@oS;ph@xS4%$$5A6x0F zwd@BHZ^pEk5ZfYc*-DzR^4rnv-D;#$lJo=aRj>%~`?>>t=1b)7L66TeagGCQ`Z)Py zmHr{-E$UW*}GJnR)<(37jX5itPGcMc{BDb2xfzDmWM z92WRDw=qxjnZ?)RneiOD1nBP)2hJ0LYk?C6_HXK4Td@AmCPLXt?p%ejZCDq=Al=gT T#5A?Cd+qdmWpd z_3~tXHvEjC_%Bh;-`PDc+Ke08)}=vbE6zS{WsdZ0G7jyjzWyYjpi{{hIU|RkU171W z#e1MOFSLr-DYxb?eF+Ed?hv2#MFW4COPvIpPdUN0)=^VEW52by1H`w%=B8bK4uzmR zv^CE;Wb(WCOxhrGo2-erD^Kv3Z{=?gL*Wg;uh7I989F&T%Uau!= zC_Ls1XvXV6nY7S1JJgCq7=Ek^^ByXSQ6BtGj9>JHFBRxlWLo!4LP2nnwdxN#nKeq( z^CJqaexh=oznw}l?7TUVd!JAXI2;F*ce=$Ke;a37kBKOYjFn^>Wq!w70i3LmOZtKA zEOl5J-{VyJrmzqc!Ht!Tn+lR+&9PmBO6nkHdUZIb0dTUVSAK#k3Qm2@JvI?Q7)q=? zbXhY(ZAQQ0AliF_IUE(zb$>=O!1bCG?9Klg6G#gqCw__BjEVuA+vCR}uHr5#YLVzz zTvwSY^Z*syM~0R)+a28(nC#;_0l)lj4;SZHVk0^mg7Jw7wKZ;C}Z zTc~BJ$?;B1t^(@9MKewh?GiFW%jVQz4GnBy1QldW;wM3rpn~2DbEaN2CLB@lDjE`3 SmxE+uQFg{dH0jbMKmi`R*EY=n literal 0 HcmV?d00001 diff --git a/gnutls-FIPS-140-3-references.patch b/gnutls-FIPS-140-3-references.patch index 101757c..bfc6651 100644 --- a/gnutls-FIPS-140-3-references.patch +++ b/gnutls-FIPS-140-3-references.patch @@ -1,8 +1,8 @@ -Index: gnutls-3.7.9/configure.ac +Index: gnutls-3.8.0/configure.ac =================================================================== ---- gnutls-3.7.9.orig/configure.ac -+++ gnutls-3.7.9/configure.ac -@@ -588,19 +588,19 @@ LT_INIT([disable-static,win32-dll,shared +--- gnutls-3.8.0.orig/configure.ac ++++ gnutls-3.8.0/configure.ac +@@ -586,19 +586,19 @@ LT_INIT([disable-static,win32-dll,shared AC_LIB_HAVE_LINKFLAGS(dl,, [#include ], [dladdr (0, 0);]) AC_ARG_ENABLE(fips140-mode, @@ -25,11 +25,11 @@ Index: gnutls-3.7.9/configure.ac AC_ARG_WITH(fips140-module-name, AS_HELP_STRING([--with-fips140-module-name], [specify the FIPS140 module name]), -Index: gnutls-3.7.9/doc/cha-gtls-app.texi +Index: gnutls-3.8.0/doc/cha-gtls-app.texi =================================================================== ---- gnutls-3.7.9.orig/doc/cha-gtls-app.texi -+++ gnutls-3.7.9/doc/cha-gtls-app.texi -@@ -206,7 +206,7 @@ CPU. The currently available options are +--- gnutls-3.8.0.orig/doc/cha-gtls-app.texi ++++ gnutls-3.8.0/doc/cha-gtls-app.texi +@@ -222,7 +222,7 @@ CPU. The currently available options are @end itemize @item @code{GNUTLS_FORCE_FIPS_MODE} @@ -38,10 +38,10 @@ Index: gnutls-3.7.9/doc/cha-gtls-app.texi if set to one it will force the FIPS mode enablement. @end multitable -Index: gnutls-3.7.9/doc/cha-internals.texi +Index: gnutls-3.8.0/doc/cha-internals.texi =================================================================== ---- gnutls-3.7.9.orig/doc/cha-internals.texi -+++ gnutls-3.7.9/doc/cha-internals.texi +--- gnutls-3.8.0.orig/doc/cha-internals.texi ++++ gnutls-3.8.0/doc/cha-internals.texi @@ -14,7 +14,7 @@ happens inside the black box. * TLS Hello Extension Handling:: * Cryptographic Backend:: @@ -162,11 +162,11 @@ Index: gnutls-3.7.9/doc/cha-internals.texi operation. It can be attached to the current execution thread with @funcref{gnutls_fips140_push_context} and its internal state will be updated until it is detached with -Index: gnutls-3.7.9/doc/enums.texi +Index: gnutls-3.8.0/doc/enums.texi =================================================================== ---- gnutls-3.7.9.orig/doc/enums.texi -+++ gnutls-3.7.9/doc/enums.texi -@@ -1169,7 +1169,7 @@ application traffic secret is installed +--- gnutls-3.8.0.orig/doc/enums.texi ++++ gnutls-3.8.0/doc/enums.texi +@@ -1176,7 +1176,7 @@ application traffic secret is installed @c gnutls_fips_mode_t @table @code @item GNUTLS_@-FIPS140_@-DISABLED @@ -175,7 +175,7 @@ Index: gnutls-3.7.9/doc/enums.texi @item GNUTLS_@-FIPS140_@-STRICT The default mode; all forbidden operations will cause an operation failure via error code. -@@ -1177,8 +1177,8 @@ operation failure via error code. +@@ -1184,8 +1184,8 @@ operation failure via error code. A transient state during library initialization. That state cannot be set or seen by applications. @item GNUTLS_@-FIPS140_@-LAX @@ -186,10 +186,10 @@ Index: gnutls-3.7.9/doc/enums.texi application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.7.9/doc/functions/gnutls_fips140_set_mode +Index: gnutls-3.8.0/doc/functions/gnutls_fips140_set_mode =================================================================== ---- gnutls-3.7.9.orig/doc/functions/gnutls_fips140_set_mode -+++ gnutls-3.7.9/doc/functions/gnutls_fips140_set_mode +--- gnutls-3.8.0.orig/doc/functions/gnutls_fips140_set_mode ++++ gnutls-3.8.0/doc/functions/gnutls_fips140_set_mode @@ -3,7 +3,7 @@ @@ -215,10 +215,10 @@ Index: gnutls-3.7.9/doc/functions/gnutls_fips140_set_mode values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.7.9/doc/gnutls.html +Index: gnutls-3.8.0/doc/gnutls.html =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls.html -+++ gnutls-3.7.9/doc/gnutls.html +--- gnutls-3.8.0.orig/doc/gnutls.html ++++ gnutls-3.8.0/doc/gnutls.html @@ -486,7 +486,7 @@ Documentation License”.
  • 11.4 TLS Extension Handling
  • 11.5 Cryptographic Backend
  • @@ -228,7 +228,7 @@ Index: gnutls-3.7.9/doc/gnutls.html
  • Appendix A Upgrading from previous versions
  • Appendix B Support -@@ -8990,7 +8990,7 @@ CPU. The currently available options are +@@ -9009,7 +9009,7 @@ CPU. The currently available options are
  • 0x200000: Enable VIA PHE
  • 0x400000: Enable VIA PHE SHA512
  • @@ -405,7 +405,7 @@ Index: gnutls-3.7.9/doc/gnutls.html


    -@@ -24538,7 +24538,7 @@ unusable. This function is not thread-s +@@ -24526,7 +24526,7 @@ unusable. This function is not thread-s

    gnutls_fips140_set_mode

    Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t mode, unsigned flags)
    @@ -414,7 +414,7 @@ Index: gnutls-3.7.9/doc/gnutls.html

    flags: should be zero or GNUTLS_FIPS140_SET_MODE_THREAD

    -@@ -24547,13 +24547,13 @@ unusable. This function is not thread-s +@@ -24535,13 +24535,13 @@ unusable. This function is not thread-s behavior with no flags after threads are created is undefined.

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -430,7 +430,7 @@ Index: gnutls-3.7.9/doc/gnutls.html values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library switches to GNUTLS_FIPS140_STRICT mode.

    -@@ -46665,7 +46665,7 @@ Next: gnutls_fingerprintCore TLS API gnutls_fips140_context_deinitCore TLS API gnutls_fips140_context_initCore TLS API @@ -439,11 +439,11 @@ Index: gnutls-3.7.9/doc/gnutls.html gnutls_fips140_get_operation_stateCore TLS API gnutls_fips140_mode_enabledCore TLS API gnutls_fips140_pop_contextCore TLS API -Index: gnutls-3.7.9/doc/gnutls.info-3 +Index: gnutls-3.8.0/doc/gnutls.info-3 =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls.info-3 -+++ gnutls-3.7.9/doc/gnutls.info-3 -@@ -2458,7 +2458,7 @@ to 'more'. Both will exit with a status +--- gnutls-3.8.0.orig/doc/gnutls.info-3 ++++ gnutls-3.8.0/doc/gnutls.info-3 +@@ -1631,7 +1631,7 @@ to 'more'. Both will exit with a status --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library - file must pre-exist @@ -452,7 +452,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -@@ -3559,7 +3559,7 @@ to know what happens inside the black bo +@@ -2732,7 +2732,7 @@ to know what happens inside the black bo * TLS Hello Extension Handling:: * Cryptographic Backend:: * Random Number Generators-internals:: @@ -461,7 +461,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3  File: gnutls.info, Node: The TLS Protocol, Next: TLS Handshake Protocol, Up: Internal architecture of GnuTLS -@@ -4091,7 +4091,7 @@ and abstract key types::. +@@ -3264,7 +3264,7 @@ and abstract key types::. kernel implementation of '/dev/crypto'.  @@ -470,7 +470,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 11.6 Random Number Generators ============================= -@@ -4101,7 +4101,7 @@ About the generators +@@ -3274,7 +3274,7 @@ About the generators GnuTLS provides two random generators. The default, and the AES-DRBG random generator which is only used when the library is compiled with @@ -479,7 +479,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 The default generator - inner workings -------------------------------------- -@@ -4250,25 +4250,25 @@ after observing the output of the PRNG. +@@ -3423,25 +3423,25 @@ after observing the output of the PRNG. the above paragraph, all levels are immune to such attack.  @@ -513,7 +513,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 modified as follows. * The random generator used switches to DRBG-AES -@@ -4276,11 +4276,11 @@ modified as follows. +@@ -3449,11 +3449,11 @@ modified as follows. startup * Algorithm self-tests are run on library load @@ -528,7 +528,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 generation * Any cryptographic operation will be refused if any of the self-tests failed -@@ -4289,7 +4289,7 @@ There are also few environment variables +@@ -3462,7 +3462,7 @@ There are also few environment variables The environment variable 'GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS' will disable the library integrity tests on startup, and the variable 'GNUTLS_FORCE_FIPS_MODE' can be set to force a value from *note Figure @@ -537,7 +537,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 while '0' will disable it. The integrity checks for the dependent libraries and GnuTLS are -@@ -4298,20 +4298,20 @@ library. The key for the operations can +@@ -3471,20 +3471,20 @@ library. The key for the operations can with the configure option '-with-fips140-key'. The MAC algorithm used is HMAC-SHA256. @@ -562,7 +562,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 'GNUTLS_FIPS140_STRICT' The default mode; all forbidden operations will cause an operation failure via error code. -@@ -4319,8 +4319,8 @@ in *note Figure 11.5: gnutls_fips_mode_t +@@ -3492,8 +3492,8 @@ in *note Figure 11.5: gnutls_fips_mode_t A transient state during library initialization. That state cannot be set or seen by applications. 'GNUTLS_FIPS140_LAX' @@ -573,7 +573,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 the application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). -@@ -4333,7 +4333,7 @@ in *note Figure 11.5: gnutls_fips_mode_t +@@ -3506,7 +3506,7 @@ in *note Figure 11.5: gnutls_fips_mode_t Figure 11.5: The 'gnutls_fips_mode_t' enumeration. The intention of this API is to be used by applications which may run in @@ -582,7 +582,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 set, e.g., for non-security related purposes. In these cases applications should wrap the non-compliant code within blocks like the following. -@@ -4357,10 +4357,10 @@ are macros to simplify the following seq +@@ -3530,10 +3530,10 @@ are macros to simplify the following seq The reason of the 'GNUTLS_FIPS140_SET_MODE_THREAD' flag in the previous calls is to localize the change in the mode. Note also, that such a @@ -595,7 +595,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0); Service indicator -@@ -4379,7 +4379,7 @@ within a given context. +@@ -3552,7 +3552,7 @@ within a given context. 'INT *note gnutls_fips140_push_context:: (gnutls_fips140_context_t CONTEXT)' 'INT *note gnutls_fips140_pop_context:: ( VOID)' @@ -604,7 +604,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 operation. It can be attached to the current execution thread with *note gnutls_fips140_push_context:: and its internal state will be updated until it is detached with *note gnutls_fips140_pop_context::. -@@ -4837,8 +4837,8 @@ There are certifications from national o +@@ -4010,8 +4010,8 @@ There are certifications from national o practices, such as unit testing and reliance on well known crypto primitives. @@ -615,7 +615,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3  File: gnutls.info, Node: Error codes, Next: Supported ciphersuites, Prev: Support, Up: Top -@@ -9315,7 +9315,7 @@ gnutls_fips140_set_mode +@@ -8476,7 +8476,7 @@ gnutls_fips140_set_mode -- Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t MODE, unsigned FLAGS) @@ -624,7 +624,7 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 FLAGS: should be zero or 'GNUTLS_FIPS140_SET_MODE_THREAD' -@@ -9325,12 +9325,12 @@ gnutls_fips140_set_mode +@@ -8486,12 +8486,12 @@ gnutls_fips140_set_mode undefined. When the flag 'GNUTLS_FIPS140_SET_MODE_THREAD' is specified then @@ -639,10 +639,10 @@ Index: gnutls-3.7.9/doc/gnutls.info-3 values for 'mode' or to 'GNUTLS_FIPS140_SELFTESTS' mode, the library switches to 'GNUTLS_FIPS140_STRICT' mode. -Index: gnutls-3.7.9/doc/invoke-gnutls-cli.texi +Index: gnutls-3.8.0/doc/invoke-gnutls-cli.texi =================================================================== ---- gnutls-3.7.9.orig/doc/invoke-gnutls-cli.texi -+++ gnutls-3.7.9/doc/invoke-gnutls-cli.texi +--- gnutls-3.8.0.orig/doc/invoke-gnutls-cli.texi ++++ gnutls-3.8.0/doc/invoke-gnutls-cli.texi @@ -99,7 +99,7 @@ None: --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library @@ -652,10 +652,10 @@ Index: gnutls-3.7.9/doc/invoke-gnutls-cli.texi --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -Index: gnutls-3.7.9/doc/manpages/gnutls-cli.1 +Index: gnutls-3.8.0/doc/manpages/gnutls-cli.1 =================================================================== ---- gnutls-3.7.9.orig/doc/manpages/gnutls-cli.1 -+++ gnutls-3.7.9/doc/manpages/gnutls-cli.1 +--- gnutls-3.8.0.orig/doc/manpages/gnutls-cli.1 ++++ gnutls-3.8.0/doc/manpages/gnutls-cli.1 @@ -389,7 +389,7 @@ Specify the PKCS #11 provider library. This will override the default options in /etc/gnutls/pkcs11.conf .TP @@ -665,11 +665,11 @@ Index: gnutls-3.7.9/doc/manpages/gnutls-cli.1 .sp .TP .NOP \f\*[B-Font]\-\-list\-config\f[] -Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html +Index: gnutls-3.8.0/doc/reference/html/gnutls-gnutls.html =================================================================== ---- gnutls-3.7.9.orig/doc/reference/html/gnutls-gnutls.html -+++ gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html -@@ -20552,12 +20552,12 @@ gnutls_fips140_set_mode (

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -684,7 +684,7 @@ Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library switches to GNUTLS_FIPS140_STRICT mode.

    -@@ -20572,7 +20572,7 @@ switches to

    mode

    @@ -693,7 +693,7 @@ Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html   -@@ -25479,7 +25479,7 @@ encryption

    +@@ -25568,7 +25568,7 @@ encryption


    enum gnutls_fips_mode_t

    @@ -702,7 +702,7 @@ Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html

    Members

    -@@ -25492,7 +25492,7 @@ encryption

    +@@ -25581,7 +25581,7 @@ encryption

    -@@ -25515,8 +25515,8 @@ operation failure via error code.

    +@@ -25604,8 +25604,8 @@ operation failure via error code.

    -@@ -27111,4 +27111,4 @@ transition to
    Generated by GTK-Doc V1.33.1 - \ No newline at end of file + -Index: gnutls-3.7.9/lib/fips.c +Index: gnutls-3.8.0/lib/fips.c =================================================================== ---- gnutls-3.7.9.orig/lib/fips.c -+++ gnutls-3.7.9/lib/fips.c -@@ -113,7 +113,7 @@ unsigned _gnutls_fips_mode_enabled(void) +--- gnutls-3.8.0.orig/lib/fips.c ++++ gnutls-3.8.0/lib/fips.c +@@ -121,7 +121,7 @@ unsigned _gnutls_fips_mode_enabled(void) } if (f1p != 0) { @@ -742,7 +742,7 @@ Index: gnutls-3.7.9/lib/fips.c ret = GNUTLS_FIPS140_STRICT; goto exit; } -@@ -122,7 +122,7 @@ unsigned _gnutls_fips_mode_enabled(void) +@@ -130,7 +130,7 @@ unsigned _gnutls_fips_mode_enabled(void) if (f2p != 0) { /* a funny state where self tests are performed * and ignored */ @@ -751,7 +751,7 @@ Index: gnutls-3.7.9/lib/fips.c ret = GNUTLS_FIPS140_SELFTESTS; goto exit; } -@@ -632,7 +632,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -694,7 +694,7 @@ unsigned gnutls_fips140_mode_enabled(voi /** * gnutls_fips140_set_mode: @@ -760,7 +760,7 @@ Index: gnutls-3.7.9/lib/fips.c * @flags: should be zero or %GNUTLS_FIPS140_SET_MODE_THREAD * * That function is not thread-safe when changing the mode with no flags -@@ -640,13 +640,13 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -702,13 +702,13 @@ unsigned gnutls_fips140_mode_enabled(voi * behavior with no flags after threads are created is undefined. * * When the flag %GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -776,27 +776,28 @@ Index: gnutls-3.7.9/lib/fips.c * values for @mode or to %GNUTLS_FIPS140_SELFTESTS mode, the library * switches to %GNUTLS_FIPS140_STRICT mode. * -@@ -657,8 +657,8 @@ void gnutls_fips140_set_mode(gnutls_fips +@@ -719,9 +719,9 @@ void gnutls_fips140_set_mode(gnutls_fips #ifdef ENABLE_FIPS140 gnutls_fips_mode_t prev = _gnutls_fips_mode_enabled(); if (prev == GNUTLS_FIPS140_DISABLED || prev == GNUTLS_FIPS140_SELFTESTS) { - /* we need to run self-tests first to be in FIPS140-2 mode */ -- _gnutls_audit_log(NULL, "The library should be initialized in FIPS140-2 mode to do that operation\n"); + /* we need to run self-tests first to be in FIPS140-3 mode */ -+ _gnutls_audit_log(NULL, "The library should be initialized in FIPS140-3 mode to do that operation\n"); + _gnutls_audit_log(NULL, +- "The library should be initialized in FIPS140-2 mode to do that operation\n"); ++ "The library should be initialized in FIPS140-3 mode to do that operation\n"); return; } -@@ -669,7 +669,7 @@ void gnutls_fips140_set_mode(gnutls_fips - case GNUTLS_FIPS140_DISABLED: - break; - case GNUTLS_FIPS140_SELFTESTS: -- _gnutls_audit_log(NULL, "Cannot switch library to FIPS140-2 self-tests mode; defaulting to strict\n"); -+ _gnutls_audit_log(NULL, "Cannot switch library to FIPS140-3 self-tests mode; defaulting to strict\n"); - mode = GNUTLS_FIPS140_STRICT; - break; - default: -@@ -848,7 +848,7 @@ _gnutls_switch_fips_state(gnutls_fips140 +@@ -733,7 +733,7 @@ void gnutls_fips140_set_mode(gnutls_fips + break; + case GNUTLS_FIPS140_SELFTESTS: + _gnutls_audit_log(NULL, +- "Cannot switch library to FIPS140-2 self-tests mode; defaulting to strict\n"); ++ "Cannot switch library to FIPS140-3 self-tests mode; defaulting to strict\n"); + mode = GNUTLS_FIPS140_STRICT; + break; + default: +@@ -908,7 +908,7 @@ void _gnutls_switch_fips_state(gnutls_fi } if (!_tfips_context) { @@ -805,63 +806,63 @@ Index: gnutls-3.7.9/lib/fips.c return; } -@@ -860,7 +860,7 @@ _gnutls_switch_fips_state(gnutls_fips140 - case GNUTLS_FIPS140_OP_INITIAL: +@@ -921,7 +921,7 @@ void _gnutls_switch_fips_state(gnutls_fi /* initial can be transitioned to any state */ if (mode != GNUTLS_FIPS140_LAX) { -- _gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from initial to %s\n", -+ _gnutls_audit_log(NULL, "FIPS140-3 operation mode switched from initial to %s\n", + _gnutls_audit_log(NULL, +- "FIPS140-2 operation mode switched from initial to %s\n", ++ "FIPS140-3 operation mode switched from initial to %s\n", operation_state_to_string(state)); } _tfips_context->state = state; -@@ -869,7 +869,7 @@ _gnutls_switch_fips_state(gnutls_fips140 - /* approved can only be transitioned to not-approved */ +@@ -931,7 +931,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (likely(state == GNUTLS_FIPS140_OP_NOT_APPROVED)) { if (mode != GNUTLS_FIPS140_LAX) { -- _gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from approved to %s\n", -+ _gnutls_audit_log(NULL, "FIPS140-3 operation mode switched from approved to %s\n", - operation_state_to_string(state)); + _gnutls_audit_log(NULL, +- "FIPS140-2 operation mode switched from approved to %s\n", ++ "FIPS140-3 operation mode switched from approved to %s\n", + operation_state_to_string + (state)); } - _tfips_context->state = state; -@@ -879,7 +879,7 @@ _gnutls_switch_fips_state(gnutls_fips140 - default: +@@ -943,7 +943,7 @@ void _gnutls_switch_fips_state(gnutls_fi /* other transitions are prohibited */ if (mode != GNUTLS_FIPS140_LAX) { -- _gnutls_audit_log(NULL, "FIPS140-2 operation mode cannot be switched from %s to %s\n", -+ _gnutls_audit_log(NULL, "FIPS140-3 operation mode cannot be switched from %s to %s\n", - operation_state_to_string(_tfips_context->state), + _gnutls_audit_log(NULL, +- "FIPS140-2 operation mode cannot be switched from %s to %s\n", ++ "FIPS140-3 operation mode cannot be switched from %s to %s\n", + operation_state_to_string + (_tfips_context->state), operation_state_to_string(state)); - } -@@ -941,7 +941,7 @@ gnutls_fips140_run_self_tests(void) - if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && - ret < 0) { +@@ -1004,7 +1004,7 @@ int gnutls_fips140_run_self_tests(void) + if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); -- _gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n"); -+ _gnutls_audit_log(NULL, "FIPS140-3 self testing part 2 failed\n"); + _gnutls_audit_log(NULL, +- "FIPS140-2 self testing part 2 failed\n"); ++ "FIPS140-3 self testing part 2 failed\n"); } else { /* Restore the previous library state */ _gnutls_switch_lib_state(prev_lib_state); -@@ -951,7 +951,7 @@ gnutls_fips140_run_self_tests(void) - if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && fips_context) { +@@ -1016,7 +1016,7 @@ int gnutls_fips140_run_self_tests(void) if (gnutls_fips140_pop_context() < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); -- _gnutls_audit_log(NULL, "FIPS140-2 context restoration failed\n"); -+ _gnutls_audit_log(NULL, "FIPS140-3 context restoration failed\n"); + _gnutls_audit_log(NULL, +- "FIPS140-2 context restoration failed\n"); ++ "FIPS140-3 context restoration failed\n"); } gnutls_fips140_context_deinit(fips_context); } -Index: gnutls-3.7.9/lib/fips.h +Index: gnutls-3.8.0/lib/fips.h =================================================================== ---- gnutls-3.7.9.orig/lib/fips.h -+++ gnutls-3.7.9/lib/fips.h -@@ -189,16 +189,16 @@ is_digest_algo_allowed_for_sign_in_fips( +--- gnutls-3.8.0.orig/lib/fips.h ++++ gnutls-3.8.0/lib/fips.h +@@ -158,16 +158,16 @@ is_cipher_algo_allowed_in_fips(gnutls_ci } - #ifdef ENABLE_FIPS140 + # ifdef ENABLE_FIPS140 -/* This will test the condition when in FIPS140-2 mode +/* This will test the condition when in FIPS140-3 mode * and return an error if necessary or ignore */ - # define FIPS_RULE(condition, ret_error, ...) { \ + # define FIPS_RULE(condition, ret_error, ...) { \ gnutls_fips_mode_t _mode = _gnutls_fips_mode_enabled(); \ if (_mode != GNUTLS_FIPS140_DISABLED) { \ if (condition) { \ @@ -874,7 +875,7 @@ Index: gnutls-3.7.9/lib/fips.h return ret_error; \ } \ } \ -@@ -213,7 +213,7 @@ is_mac_algo_allowed(gnutls_mac_algorithm +@@ -181,7 +181,7 @@ inline static bool is_mac_algo_allowed(g switch (mode) { case GNUTLS_FIPS140_LOG: _gnutls_audit_log(NULL, @@ -883,28 +884,19 @@ Index: gnutls-3.7.9/lib/fips.h gnutls_mac_get_name(algo)); FALLTHROUGH; case GNUTLS_FIPS140_DISABLED: -@@ -235,7 +235,7 @@ is_cipher_algo_allowed(gnutls_cipher_alg - !is_cipher_algo_allowed_in_fips(algo)) { +@@ -203,7 +203,7 @@ inline static bool is_cipher_algo_allowe switch (mode) { case GNUTLS_FIPS140_LOG: -- _gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n", -+ _gnutls_audit_log(NULL, "fips140-3: allowing access to %s\n", + _gnutls_audit_log(NULL, +- "fips140-2: allowing access to %s\n", ++ "fips140-3: allowing access to %s\n", gnutls_cipher_get_name(algo)); FALLTHROUGH; case GNUTLS_FIPS140_DISABLED: -@@ -257,7 +257,7 @@ is_digest_algo_allowed_for_sign(gnutls_d - !is_digest_algo_allowed_for_sign_in_fips(algo)) { - switch (mode) { - case GNUTLS_FIPS140_LOG: -- _gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n", -+ _gnutls_audit_log(NULL, "fips140-3: allowing access to %s\n", - gnutls_cipher_get_name(algo)); - FALLTHROUGH; - case GNUTLS_FIPS140_DISABLED: -Index: gnutls-3.7.9/lib/global.c +Index: gnutls-3.8.0/lib/global.c =================================================================== ---- gnutls-3.7.9.orig/lib/global.c -+++ gnutls-3.7.9/lib/global.c +--- gnutls-3.8.0.orig/lib/global.c ++++ gnutls-3.8.0/lib/global.c @@ -326,12 +326,12 @@ static int _gnutls_global_init(unsigned #ifdef ENABLE_FIPS140 @@ -920,29 +912,29 @@ Index: gnutls-3.7.9/lib/global.c _gnutls_priority_update_fips(); /* first round of self checks, these are done on the -@@ -340,7 +340,7 @@ static int _gnutls_global_init(unsigned - ret = _gnutls_fips_perform_self_checks1(); +@@ -341,7 +341,7 @@ static int _gnutls_global_init(unsigned if (ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); -- _gnutls_audit_log(NULL, "FIPS140-2 self testing part1 failed\n"); -+ _gnutls_audit_log(NULL, "FIPS140-3 self testing part1 failed\n"); + _gnutls_audit_log(NULL, +- "FIPS140-2 self testing part1 failed\n"); ++ "FIPS140-3 self testing part1 failed\n"); if (res != 2) { gnutls_assert(); goto out; -@@ -362,7 +362,7 @@ static int _gnutls_global_init(unsigned - ret = _gnutls_fips_perform_self_checks2(); +@@ -364,7 +364,7 @@ static int _gnutls_global_init(unsigned if (ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); -- _gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n"); -+ _gnutls_audit_log(NULL, "FIPS140-3 self testing part 2 failed\n"); + _gnutls_audit_log(NULL, +- "FIPS140-2 self testing part 2 failed\n"); ++ "FIPS140-3 self testing part 2 failed\n"); if (res != 2) { gnutls_assert(); goto out; -Index: gnutls-3.7.9/lib/includes/gnutls/gnutls.h.in +Index: gnutls-3.8.0/lib/includes/gnutls/gnutls.h.in =================================================================== ---- gnutls-3.7.9.orig/lib/includes/gnutls/gnutls.h.in -+++ gnutls-3.7.9/lib/includes/gnutls/gnutls.h.in -@@ -3336,16 +3336,16 @@ void +--- gnutls-3.8.0.orig/lib/includes/gnutls/gnutls.h.in ++++ gnutls-3.8.0/lib/includes/gnutls/gnutls.h.in +@@ -3278,16 +3278,16 @@ void gnutls_alert_set_read_function(gnutls_session_t session, gnutls_alert_read_func func); @@ -963,7 +955,7 @@ Index: gnutls-3.7.9/lib/includes/gnutls/gnutls.h.in * application is aware of the followed security policy, and needs * to utilize disallowed operations for other reasons (e.g., compatibility). * @GNUTLS_FIPS140_LOG: Similarly to %GNUTLS_FIPS140_LAX, it allows forbidden operations; any use of them results -@@ -3353,7 +3353,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -3295,7 +3295,7 @@ unsigned gnutls_fips140_mode_enabled(voi * @GNUTLS_FIPS140_SELFTESTS: A transient state during library initialization. That state * cannot be set or seen by applications. * @@ -971,12 +963,12 @@ Index: gnutls-3.7.9/lib/includes/gnutls/gnutls.h.in + * Enumeration of different operational modes under FIPS140-3. */ typedef enum gnutls_fips_mode_t { - GNUTLS_FIPS140_DISABLED = 0, -Index: gnutls-3.7.9/src/cli.c + GNUTLS_FIPS140_DISABLED = 0, +Index: gnutls-3.8.0/src/cli.c =================================================================== ---- gnutls-3.7.9.orig/src/cli.c -+++ gnutls-3.7.9/src/cli.c -@@ -1641,10 +1641,10 @@ static void cmd_parser(int argc, char ** +--- gnutls-3.8.0.orig/src/cli.c ++++ gnutls-3.8.0/src/cli.c +@@ -1650,10 +1650,10 @@ static void cmd_parser(int argc, char ** if (HAVE_OPT(FIPS140_MODE)) { if (gnutls_fips140_mode_enabled() != 0) { @@ -989,10 +981,10 @@ Index: gnutls-3.7.9/src/cli.c exit(1); } -Index: gnutls-3.7.9/src/gnutls-cli-options.c +Index: gnutls-3.8.0/src/gnutls-cli-options.c =================================================================== ---- gnutls-3.7.9.orig/src/gnutls-cli-options.c -+++ gnutls-3.7.9/src/gnutls-cli-options.c +--- gnutls-3.8.0.orig/src/gnutls-cli-options.c ++++ gnutls-3.8.0/src/gnutls-cli-options.c @@ -785,7 +785,7 @@ usage (FILE *out, int status) " --inline-commands-prefix=str Change the default delimiter for inline commands\n" " --provider=file Specify the PKCS #11 provider library\n" @@ -1002,10 +994,10 @@ Index: gnutls-3.7.9/src/gnutls-cli-options.c " --list-config Reports the configuration of the library\n" " --logfile=str Redirect informational messages to a specific file\n" " --keymatexport=str Label used for exporting keying material\n" -Index: gnutls-3.7.9/tests/cert-tests/gost.sh +Index: gnutls-3.8.0/tests/cert-tests/gost.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/gost.sh -+++ gnutls-3.7.9/tests/cert-tests/gost.sh +--- gnutls-3.8.0.orig/tests/cert-tests/gost.sh ++++ gnutls-3.8.0/tests/cert-tests/gost.sh @@ -38,7 +38,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -1015,10 +1007,36 @@ Index: gnutls-3.7.9/tests/cert-tests/gost.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs12-corner-cases.sh +Index: gnutls-3.8.0/tests/cert-tests/pkcs12-corner-cases.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs12-corner-cases.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs12-corner-cases.sh +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs12-corner-cases.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs12-corner-cases.sh +@@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.8.0/tests/cert-tests/pkcs12-encode.sh +=================================================================== +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs12-encode.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs12-encode.sh +@@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.8.0/tests/cert-tests/pkcs12-gost.sh +=================================================================== +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs12-gost.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs12-gost.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -1028,10 +1046,23 @@ Index: gnutls-3.7.9/tests/cert-tests/pkcs12-corner-cases.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs12-encode.sh +Index: gnutls-3.8.0/tests/cert-tests/pkcs12.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs12-encode.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs12-encode.sh +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs12.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs12.sh +@@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.8.0/tests/cert-tests/pkcs8-decode.sh +=================================================================== +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs8-decode.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs8-decode.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -1041,23 +1072,10 @@ Index: gnutls-3.7.9/tests/cert-tests/pkcs12-encode.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs12-gost.sh +Index: gnutls-3.8.0/tests/cert-tests/pkcs8-eddsa.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs12-gost.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs12-gost.sh -@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then - fi - - if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then -- echo "Cannot run in FIPS140-2 mode" -+ echo "Cannot run in FIPS140-3 mode" - exit 77 - fi - -Index: gnutls-3.7.9/tests/cert-tests/pkcs12.sh -=================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs12.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs12.sh +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs8-eddsa.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs8-eddsa.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -1067,11 +1085,11 @@ Index: gnutls-3.7.9/tests/cert-tests/pkcs12.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs8-decode.sh +Index: gnutls-3.8.0/tests/cert-tests/pkcs8-gost.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs8-decode.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs8-decode.sh -@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs8-gost.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs8-gost.sh +@@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then @@ -1080,11 +1098,11 @@ Index: gnutls-3.7.9/tests/cert-tests/pkcs8-decode.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs8-eddsa.sh +Index: gnutls-3.8.0/tests/cert-tests/pkcs8.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs8-eddsa.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs8-eddsa.sh -@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then +--- gnutls-3.8.0.orig/tests/cert-tests/pkcs8.sh ++++ gnutls-3.8.0/tests/cert-tests/pkcs8.sh +@@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then @@ -1093,37 +1111,11 @@ Index: gnutls-3.7.9/tests/cert-tests/pkcs8-eddsa.sh exit 77 fi -Index: gnutls-3.7.9/tests/cert-tests/pkcs8-gost.sh +Index: gnutls-3.8.0/tests/cipher-listings.sh =================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs8-gost.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs8-gost.sh -@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then - fi - - if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then -- echo "Cannot run in FIPS140-2 mode" -+ echo "Cannot run in FIPS140-3 mode" - exit 77 - fi - -Index: gnutls-3.7.9/tests/cert-tests/pkcs8.sh -=================================================================== ---- gnutls-3.7.9.orig/tests/cert-tests/pkcs8.sh -+++ gnutls-3.7.9/tests/cert-tests/pkcs8.sh -@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then - fi - - if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then -- echo "Cannot run in FIPS140-2 mode" -+ echo "Cannot run in FIPS140-3 mode" - exit 77 - fi - -Index: gnutls-3.7.9/tests/cipher-listings.sh -=================================================================== ---- gnutls-3.7.9.orig/tests/cipher-listings.sh -+++ gnutls-3.7.9/tests/cipher-listings.sh -@@ -64,7 +64,7 @@ check() +--- gnutls-3.8.0.orig/tests/cipher-listings.sh ++++ gnutls-3.8.0/tests/cipher-listings.sh +@@ -63,7 +63,7 @@ check() ${CLI} --fips140-mode if test $? = 0;then @@ -1132,11 +1124,11 @@ Index: gnutls-3.7.9/tests/cipher-listings.sh exit 77 fi -Index: gnutls-3.7.9/tests/testpkcs11.sh +Index: gnutls-3.8.0/tests/testpkcs11.sh =================================================================== ---- gnutls-3.7.9.orig/tests/testpkcs11.sh -+++ gnutls-3.7.9/tests/testpkcs11.sh -@@ -27,7 +27,7 @@ +--- gnutls-3.8.0.orig/tests/testpkcs11.sh ++++ gnutls-3.8.0/tests/testpkcs11.sh +@@ -26,7 +26,7 @@ RETCODE=0 if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then @@ -1145,10 +1137,10 @@ Index: gnutls-3.7.9/tests/testpkcs11.sh exit 77 fi -Index: gnutls-3.7.9/doc/enums/gnutls_fips_mode_t +Index: gnutls-3.8.0/doc/enums/gnutls_fips_mode_t =================================================================== ---- gnutls-3.7.9.orig/doc/enums/gnutls_fips_mode_t -+++ gnutls-3.7.9/doc/enums/gnutls_fips_mode_t +--- gnutls-3.8.0.orig/doc/enums/gnutls_fips_mode_t ++++ gnutls-3.8.0/doc/enums/gnutls_fips_mode_t @@ -3,7 +3,7 @@ @c gnutls_fips_mode_t @table @code @@ -1169,10 +1161,10 @@ Index: gnutls-3.7.9/doc/enums/gnutls_fips_mode_t application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.7.9/doc/gnutls-api.texi +Index: gnutls-3.8.0/doc/gnutls-api.texi =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls-api.texi -+++ gnutls-3.7.9/doc/gnutls-api.texi +--- gnutls-3.8.0.orig/doc/gnutls-api.texi ++++ gnutls-3.8.0/doc/gnutls-api.texi @@ -3275,7 +3275,7 @@ unusable. This function is not thread-s @subheading gnutls_fips140_set_mode @anchor{gnutls_fips140_set_mode} @@ -1198,11 +1190,11 @@ Index: gnutls-3.7.9/doc/gnutls-api.texi values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.7.9/lib/ext/session_ticket.c +Index: gnutls-3.8.0/lib/ext/session_ticket.c =================================================================== ---- gnutls-3.7.9.orig/lib/ext/session_ticket.c -+++ gnutls-3.7.9/lib/ext/session_ticket.c -@@ -539,7 +539,7 @@ int gnutls_session_ticket_key_generate(g +--- gnutls-3.8.0.orig/lib/ext/session_ticket.c ++++ gnutls-3.8.0/lib/ext/session_ticket.c +@@ -536,7 +536,7 @@ int gnutls_session_ticket_key_generate(g { if (_gnutls_fips_mode_enabled()) { int ret; @@ -1211,10 +1203,10 @@ Index: gnutls-3.7.9/lib/ext/session_ticket.c * some limits on allowed key size, thus it is not * used. These limits do not affect this function as * it does not generate a "key" but rather key material -Index: gnutls-3.7.9/lib/libgnutls.map +Index: gnutls-3.8.0/lib/libgnutls.map =================================================================== ---- gnutls-3.7.9.orig/lib/libgnutls.map -+++ gnutls-3.7.9/lib/libgnutls.map +--- gnutls-3.8.0.orig/lib/libgnutls.map ++++ gnutls-3.8.0/lib/libgnutls.map @@ -1418,7 +1418,7 @@ GNUTLS_FIPS140_3_4 { gnutls_hkdf_self_test; gnutls_pbkdf2_self_test; @@ -1224,11 +1216,11 @@ Index: gnutls-3.7.9/lib/libgnutls.map drbg_aes_reseed; drbg_aes_init; drbg_aes_generate; -Index: gnutls-3.7.9/lib/nettle/mac.c +Index: gnutls-3.8.0/lib/nettle/mac.c =================================================================== ---- gnutls-3.7.9.orig/lib/nettle/mac.c -+++ gnutls-3.7.9/lib/nettle/mac.c -@@ -267,7 +267,7 @@ static void _wrap_gmac_digest(void *_ctx +--- gnutls-3.8.0.orig/lib/nettle/mac.c ++++ gnutls-3.8.0/lib/nettle/mac.c +@@ -262,7 +262,7 @@ static void _wrap_gmac_digest(void *_ctx static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx) { @@ -1237,7 +1229,7 @@ Index: gnutls-3.7.9/lib/nettle/mac.c * gnutls_hash_init() and gnutls_hmac_init() */ ctx->set_nonce = NULL; -@@ -656,7 +656,7 @@ static void _md5_sha1_digest(void *_ctx, +@@ -649,7 +649,7 @@ static void _md5_sha1_digest(void *_ctx, static int _ctx_init(gnutls_digest_algorithm_t algo, struct nettle_hash_ctx *ctx) { @@ -1246,11 +1238,11 @@ Index: gnutls-3.7.9/lib/nettle/mac.c * gnutls_hash_init() and gnutls_hmac_init() */ switch (algo) { case GNUTLS_DIG_MD5: -Index: gnutls-3.7.9/doc/gnutls.info-2 +Index: gnutls-3.8.0/doc/gnutls.info-2 =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls.info-2 -+++ gnutls-3.7.9/doc/gnutls.info-2 -@@ -671,7 +671,7 @@ Variable Purpose +--- gnutls-3.8.0.orig/doc/gnutls.info-2 ++++ gnutls-3.8.0/doc/gnutls.info-2 +@@ -687,7 +687,7 @@ Variable Purpose * 0x400000: Enable VIA PHE SHA512 'GNUTLS_FORCE_FIPS_MODE'In setups where GnuTLS is compiled with support @@ -1259,10 +1251,10 @@ Index: gnutls-3.7.9/doc/gnutls.info-2 set to one it will force the FIPS mode enablement. -Index: gnutls-3.7.9/config.h.in +Index: gnutls-3.8.0/config.h.in =================================================================== ---- gnutls-3.7.9.orig/config.h.in -+++ gnutls-3.7.9/config.h.in +--- gnutls-3.8.0.orig/config.h.in ++++ gnutls-3.8.0/config.h.in @@ -82,7 +82,7 @@ /* enable DHE */ #undef ENABLE_ECDHE @@ -1281,11 +1273,11 @@ Index: gnutls-3.7.9/config.h.in #undef FIPS_KEY /* The FIPS140 module name */ -Index: gnutls-3.7.9/configure +Index: gnutls-3.8.0/configure =================================================================== ---- gnutls-3.7.9.orig/configure -+++ gnutls-3.7.9/configure -@@ -3573,7 +3573,7 @@ Optional Features: +--- gnutls-3.8.0.orig/configure ++++ gnutls-3.8.0/configure +@@ -3775,7 +3775,7 @@ Optional Features: --enable-fast-install[=PKGS] optimize for fast installation [default=yes] --disable-libtool-lock avoid locking (might break parallel builds) @@ -1294,10 +1286,10 @@ Index: gnutls-3.7.9/configure --enable-strict-x509 enable stricter sanity checks for x509 certificates --disable-non-suiteb-curves disable curves not in SuiteB -Index: gnutls-3.7.9/doc/cha-support.texi +Index: gnutls-3.8.0/doc/cha-support.texi =================================================================== ---- gnutls-3.7.9.orig/doc/cha-support.texi -+++ gnutls-3.7.9/doc/cha-support.texi +--- gnutls-3.8.0.orig/doc/cha-support.texi ++++ gnutls-3.8.0/doc/cha-support.texi @@ -135,5 +135,5 @@ There are certifications from national o to an auditor that the crypto component follows some best practices, such as unit testing and reliance on well known crypto primitives. @@ -1306,11 +1298,11 @@ Index: gnutls-3.7.9/doc/cha-support.texi -See @ref{FIPS140-2 mode} for more information. +GnuTLS has support for the FIPS 140-3 certification under Red Hat Enterprise Linux. +See @ref{FIPS140-3 mode} for more information. -Index: gnutls-3.7.9/doc/gnutls.info-6 +Index: gnutls-3.8.0/doc/gnutls.info-6 =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls.info-6 -+++ gnutls-3.7.9/doc/gnutls.info-6 -@@ -8843,7 +8843,7 @@ Function and Data Index +--- gnutls-3.8.0.orig/doc/gnutls.info-6 ++++ gnutls-3.8.0/doc/gnutls.info-6 +@@ -7982,7 +7982,7 @@ Function and Data Index * gnutls_fingerprint: Core TLS API. (line 3513) * gnutls_fips140_context_deinit: Core TLS API. (line 3540) * gnutls_fips140_context_init: Core TLS API. (line 3551) @@ -1319,23 +1311,23 @@ Index: gnutls-3.7.9/doc/gnutls.info-6 * gnutls_fips140_get_operation_state <1>: Core TLS API. (line 3564) * gnutls_fips140_mode_enabled: Core TLS API. (line 3578) * gnutls_fips140_pop_context: Core TLS API. (line 3596) -Index: gnutls-3.7.9/doc/gnutls.info +Index: gnutls-3.8.0/doc/gnutls.info =================================================================== ---- gnutls-3.7.9.orig/doc/gnutls.info -+++ gnutls-3.7.9/doc/gnutls.info -@@ -611,7 +611,7 @@ Ref: fig-crypto-layers757265 - Ref: Cryptographic Backend-Footnote-1760549 - Ref: Cryptographic Backend-Footnote-2760634 - Node: Random Number Generators-internals760742 --Node: FIPS140-2 mode768106 -+Node: FIPS140-3 mode768106 - Ref: gnutls_fips_mode_t770742 - Node: Upgrading from previous versions774339 - Node: Support788333 -Index: gnutls-3.7.9/src/gnutls-cli-options.json +--- gnutls-3.8.0.orig/doc/gnutls.info ++++ gnutls-3.8.0/doc/gnutls.info +@@ -611,7 +611,7 @@ Ref: fig-crypto-layers730201 + Ref: Cryptographic Backend-Footnote-1733485 + Ref: Cryptographic Backend-Footnote-2733570 + Node: Random Number Generators-internals733678 +-Node: FIPS140-2 mode741042 ++Node: FIPS140-3 mode741042 + Ref: gnutls_fips_mode_t743678 + Node: Upgrading from previous versions747275 + Node: Support761269 +Index: gnutls-3.8.0/src/gnutls-cli-options.json =================================================================== ---- gnutls-3.7.9.orig/src/gnutls-cli-options.json -+++ gnutls-3.7.9/src/gnutls-cli-options.json +--- gnutls-3.8.0.orig/src/gnutls-cli-options.json ++++ gnutls-3.8.0/src/gnutls-cli-options.json @@ -372,7 +372,7 @@ }, { diff --git a/gnutls-FIPS-PCT-DH.patch b/gnutls-FIPS-PCT-DH.patch index a48674a..a764823 100644 --- a/gnutls-FIPS-PCT-DH.patch +++ b/gnutls-FIPS-PCT-DH.patch @@ -1,85 +1,55 @@ -Index: gnutls-3.7.8/lib/nettle/pk.c +From 51b721b69fd08ef1c4c4989f5e12b643e170ff56 Mon Sep 17 00:00:00 2001 +From: Pedro Monreal +Date: Thu, 16 Feb 2023 17:02:38 +0100 +Subject: [PATCH] pk: extend pair-wise consistency to cover DH key generation + +Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance of Pair-wise +Consistency check, even if we only support ephemeral DH, as it is +required by FIPS 140-3 IG 10.3.A. + +Signed-off-by: Pedro Monreal +Co-authored-by: Daiki Ueno +--- + lib/nettle/pk.c | 29 +++++++++++++++++++++++++++++ + 1 file changed, 29 insertions(+) + +Index: gnutls-3.8.0/lib/nettle/pk.c =================================================================== ---- gnutls-3.7.8.orig/lib/nettle/pk.c -+++ gnutls-3.7.8/lib/nettle/pk.c -@@ -2498,6 +2498,48 @@ static int pct_test(gnutls_pk_algorithm_ +--- gnutls-3.8.0.orig/lib/nettle/pk.c ++++ gnutls-3.8.0/lib/nettle/pk.c +@@ -2520,6 +2520,35 @@ static int pct_test(gnutls_pk_algorithm_ } break; case GNUTLS_PK_DH: -+ if (_gnutls_fips_mode_enabled()) { -+ /* Perform Owner Assurance of Pair-wise Consistency -+ * according to SP800-56A (revision 3), 5.6.2.1.4. ++ { ++ mpz_t y; ++ ++ /* Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance ++ * of Pair-wise Consistency check, even if we only ++ * support ephemeral DH, as it is required by FIPS ++ * 140-3 IG 10.3.A. + * -+ * DH params (see lib/crypto-backend.h) -+ * [DSA_P] [0] is p (prime number) -+ * [DSA_Q] [1] is q (prime order) -+ * [DSA_G] [2] is g (generator) -+ * [DSA_Y] [3] is y (public key) -+ * [DSA_X] [4] is x (private key only) -+ * -+ * Regenerate the public key from the private key with -+ * y = g^x mod p and compare it with the previous one. ++ * Use the private key, x, along with the generator g ++ * and prime modulus p included in the domain ++ * parameters associated with the key pair to compute ++ * g^x mod p. Compare the result to the public key, y. + */ -+ -+ mpz_t p, g, y, x; -+ -+ mpz_init(p); -+ mpz_init(g); + mpz_init(y); -+ mpz_init(x); -+ -+ mpz_set(p, params->params[DSA_P]); -+ mpz_set(g, params->params[DSA_G]); -+ mpz_set(x, params->params[DSA_X]); -+ -+ mpz_powm(y, g, x, p); -+ -+ ret = mpz_cmp(y, params->params[DSA_Y]); -+ if (unlikely(ret != 0)) { -+ ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR); -+ } -+ -+ mpz_clear(p); -+ mpz_clear(g); -+ mpz_clear(y); -+ mpz_clear(x); -+ if (ret < 0) { ++ mpz_powm(y, ++ TOMPZ(params->params[DSA_G]), ++ TOMPZ(params->params[DSA_X]), ++ TOMPZ(params->params[DSA_P])); ++ if (unlikely ++ (mpz_cmp(y, TOMPZ(params->params[DSA_Y])) != 0)) { ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_PK_GENERATION_ERROR); ++ mpz_clear(y); + goto cleanup; + } ++ mpz_clear(y); ++ break; + } -+ break; case GNUTLS_PK_ECDH_X25519: case GNUTLS_PK_ECDH_X448: ret = 0; -@@ -2780,8 +2822,17 @@ wrap_nettle_pk_generate_keys(gnutls_pk_a - } - } - #endif -- -- ret = _gnutls_mpi_init_multi(¶ms->params[DSA_Y], ¶ms->params[DSA_X], NULL); -+ if (_gnutls_fips_mode_enabled()) { -+ ret = _gnutls_mpi_init_multi(¶ms->params[DSA_P], -+ ¶ms->params[DSA_G], -+ ¶ms->params[DSA_Y], -+ ¶ms->params[DSA_X], -+ NULL); -+ } else { -+ ret = _gnutls_mpi_init_multi(¶ms->params[DSA_Y], -+ ¶ms->params[DSA_X], -+ NULL); -+ } - if (ret < 0) { - gnutls_assert(); - goto dh_fail; -@@ -2790,6 +2841,11 @@ wrap_nettle_pk_generate_keys(gnutls_pk_a - mpz_set(TOMPZ(params->params[DSA_Y]), y); - mpz_set(TOMPZ(params->params[DSA_X]), x); - params->params_nr += 2; -+ if (_gnutls_fips_mode_enabled()) { -+ mpz_set(TOMPZ(params->params[DSA_P]), pub.p); -+ mpz_set(TOMPZ(params->params[DSA_G]), pub.g); -+ params->params_nr += 2; -+ } - - ret = 0; - diff --git a/gnutls-FIPS-PCT-ECDH.patch b/gnutls-FIPS-PCT-ECDH.patch index 34895c6..5dbb403 100644 --- a/gnutls-FIPS-PCT-ECDH.patch +++ b/gnutls-FIPS-PCT-ECDH.patch @@ -1,7 +1,22 @@ -Index: gnutls-3.7.3/lib/nettle/pk.c -=================================================================== ---- gnutls-3.7.3.orig/lib/nettle/pk.c -+++ gnutls-3.7.3/lib/nettle/pk.c +From 5030f40332ada4f90e80838a2232da36ce03757a Mon Sep 17 00:00:00 2001 +From: Pedro Monreal +Date: Fri, 24 Feb 2023 22:02:48 +0000 +Subject: [PATCH] ecdh: perform SP800-56A rev3 full pubkey validation on key + derivation + +This implements full public key validation required in +SP800-56A rev3, section 5.6.2.3.3. + +Co-authored-by: Daiki Ueno +Signed-off-by: Pedro Monreal +--- + lib/nettle/pk.c | 128 ++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 125 insertions(+), 3 deletions(-) + +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 6adf958a61..d30bca594f 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c @@ -71,6 +71,9 @@ static inline const struct ecc_curve *get_supported_nist_curve(int curve); static inline const struct ecc_curve *get_supported_gost_curve(int curve); @@ -12,7 +27,7 @@ Index: gnutls-3.7.3/lib/nettle/pk.c /* When these callbacks are used for a nettle operation, the * caller must check the macro HAVE_LIB_ERROR() after the operation * is complete. If the macro is true, the operation is to be considered -@@ -406,6 +409,10 @@ dh_cleanup: +@@ -406,6 +409,10 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, struct ecc_scalar ecc_priv; struct ecc_point ecc_pub; const struct ecc_curve *curve; @@ -23,7 +38,7 @@ Index: gnutls-3.7.3/lib/nettle/pk.c out->data = NULL; -@@ -425,10 +432,21 @@ dh_cleanup: +@@ -428,17 +435,28 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, not_approved = true; } @@ -42,20 +57,19 @@ Index: gnutls-3.7.3/lib/nettle/pk.c if (ret < 0) { gnutls_assert(); - goto cleanup; -+ goto ecc_pub_cleanup; ++ goto ecc_fail_cleanup; } - ret = -@@ -436,7 +454,7 @@ dh_cleanup: + ret = _ecc_params_to_privkey(priv, &ecc_priv, curve); if (ret < 0) { ecc_point_clear(&ecc_pub); gnutls_assert(); - goto cleanup; -+ goto ecc_priv_cleanup; ++ goto ecc_fail_cleanup; } out->size = gnutls_ecc_curve_get_size(priv->curve); -@@ -449,16 +467,111 @@ dh_cleanup: +@@ -449,14 +467,118 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, goto ecc_cleanup; } @@ -64,7 +78,7 @@ Index: gnutls-3.7.3/lib/nettle/pk.c + */ + + /* Step 1: verify that Q is not an identity -+ * element (an infinity point). Note that this ++ * element (an infinity point). Note that this + * cannot happen in the nettle implementation, + * because it cannot represent an infinity point + * on curves. */ @@ -75,7 +89,6 @@ Index: gnutls-3.7.3/lib/nettle/pk.c gnutls_free(out->data); + goto ecc_cleanup; + } -+ +#ifdef ENABLE_FIPS140 + if (_gnutls_fips_mode_enabled()) { + const char *order, *modulus; @@ -90,7 +103,9 @@ Index: gnutls-3.7.3/lib/nettle/pk.c + * + * Both checks are performed in nettle. */ + if (!ecc_point_set(&r, x, y)) { -+ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_ILLEGAL_PARAMETER); + goto ecc_cleanup; + } + @@ -105,54 +120,63 @@ Index: gnutls-3.7.3/lib/nettle/pk.c + * + * That effectively means: n * Q = -Q + Q = O + */ -+ order = get_supported_nist_curve_order(priv->curve); ++ order = ++ get_supported_nist_curve_order(priv->curve); + if (unlikely(order == NULL)) { -+ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_INTERNAL_ERROR); + goto ecc_cleanup; + } + + ret = mpz_set_str(nn, order, 16); + if (unlikely(ret < 0)) { -+ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_MPI_SCAN_FAILED); + goto ecc_cleanup; + } + -+ modulus = get_supported_nist_curve_modulus(priv->curve); ++ modulus = ++ get_supported_nist_curve_modulus ++ (priv->curve); + if (unlikely(modulus == NULL)) { -+ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_INTERNAL_ERROR); + goto ecc_cleanup; + } + + ret = mpz_set_str(mm, modulus, 16); + if (unlikely(ret < 0)) { -+ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_MPI_SCAN_FAILED); + goto ecc_cleanup; + } + + /* (n - 1) * Q = -Q */ -+ mpz_sub_ui (nn, nn, 1); ++ mpz_sub_ui(nn, nn, 1); + ecc_scalar_set(&n, nn); + ecc_point_mul(&r, &n, &r); + ecc_point_get(&r, xx, yy); -+ mpz_sub (mm, mm, y); ++ mpz_sub(mm, mm, y); + + if (mpz_cmp(xx, x) != 0 || mpz_cmp(yy, mm) != 0) { -+ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ ret = ++ gnutls_assert_val ++ (GNUTLS_E_ILLEGAL_PARAMETER); + goto ecc_cleanup; + } + } else { + not_approved = true; + } +#endif -+ -+ ret = 0; - ecc_cleanup: -- ecc_point_clear(&ecc_pub); + ecc_cleanup: + ecc_point_clear(&ecc_pub); ecc_scalar_zclear(&ecc_priv); -+ ecc_priv_cleanup: -+ ecc_point_clear(&ecc_pub); -+ ecc_pub_cleanup: ++ ecc_fail_cleanup: + mpz_clear(x); + mpz_clear(y); + mpz_clear(xx); @@ -162,10 +186,8 @@ Index: gnutls-3.7.3/lib/nettle/pk.c + ecc_point_clear(&r); + ecc_scalar_clear(&n); + ecc_scalar_clear(&m); -+ if (ret < 0) goto cleanup; -+ break; - } - case GNUTLS_PK_ECDH_X25519: +-- +GitLab diff --git a/gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch b/gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch deleted file mode 100644 index 3ec109f..0000000 --- a/gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch +++ /dev/null @@ -1,114 +0,0 @@ -Index: gnutls-3.7.7/lib/crypto-api.c -=================================================================== ---- gnutls-3.7.7.orig/lib/crypto-api.c -+++ gnutls-3.7.7/lib/crypto-api.c -@@ -2228,7 +2228,12 @@ gnutls_pbkdf2(gnutls_mac_algorithm_t mac - if (!is_mac_algo_allowed(mac)) { - _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); - return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM); -- } else if (!is_mac_algo_approved_in_fips(mac)) { -+ } else if (!is_mac_algo_approved_for_pbkdf2_in_fips(mac)) { -+ not_approved = true; -+ } -+ -+ /* Key lengthes less than 112 bits are not approved */ -+ if (length < 14 || key->size < 14) { - not_approved = true; - } - -Index: gnutls-3.7.7/lib/fips.h -=================================================================== ---- gnutls-3.7.7.orig/lib/fips.h -+++ gnutls-3.7.7/lib/fips.h -@@ -100,6 +100,25 @@ is_mac_algo_approved_in_fips(gnutls_mac_ - } - - inline static bool -+is_mac_algo_approved_for_pbkdf2_in_fips(gnutls_mac_algorithm_t algo) -+{ -+ switch (algo) { -+ case GNUTLS_MAC_SHA1: -+ case GNUTLS_MAC_SHA256: -+ case GNUTLS_MAC_SHA384: -+ case GNUTLS_MAC_SHA512: -+ case GNUTLS_MAC_SHA224: -+ case GNUTLS_MAC_SHA3_224: -+ case GNUTLS_MAC_SHA3_256: -+ case GNUTLS_MAC_SHA3_384: -+ case GNUTLS_MAC_SHA3_512: -+ return true; -+ default: -+ return false; -+ } -+} -+ -+inline static bool - is_mac_algo_allowed_in_fips(gnutls_mac_algorithm_t algo) - { - return is_mac_algo_approved_in_fips(algo); -Index: gnutls-3.7.7/lib/crypto-selftests.c -=================================================================== ---- gnutls-3.7.7.orig/lib/crypto-selftests.c -+++ gnutls-3.7.7/lib/crypto-selftests.c -@@ -3090,30 +3090,6 @@ struct pbkdf2_vectors_st { - }; - - const struct pbkdf2_vectors_st pbkdf2_sha256_vectors[] = { -- /* RFC 7914: 11. Test Vectors for PBKDF2 with HMAC-SHA-256 */ -- { -- STR(key, key_size, "passwd"), -- STR(salt, salt_size, "salt"), -- .iter_count = 1, -- STR(output, output_size, -- "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44" -- "\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57" -- "\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16" -- "\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5" -- "\x09\x11\x20\x41\xd3\xa1\x97\x83"), -- }, -- /* RFC 7914: 11. Test Vectors for PBKDF2 with HMAC-SHA-256 */ -- { -- STR(key, key_size, "Password"), -- STR(salt, salt_size, "NaCl"), -- .iter_count = 80000, -- STR(output, output_size, -- "\x4d\xdc\xd8\xf6\x0b\x98\xbe\x21\x83\x0c\xee\x5e\xf2\x27" -- "\x01\xf9\x64\x1a\x44\x18\xd0\x4c\x04\x14\xae\xff\x08\x87" -- "\x6b\x34\xab\x56\xa1\xd4\x25\xa1\x22\x58\x33\x54\x9a\xdb" -- "\x84\x1b\x51\xc9\xb3\x17\x6a\x27\x2b\xde\xbb\xa1\xd0\x78" -- "\x47\x8f\x62\xb3\x97\xf3\x3c\x8d"), -- }, - /* Test vector extracted from: - * https://dev.gnupg.org/source/libgcrypt/browse/master/cipher/kdf.c */ - { -Index: gnutls-3.7.7/tests/kdf-api.c -=================================================================== ---- gnutls-3.7.7.orig/tests/kdf-api.c -+++ gnutls-3.7.7/tests/kdf-api.c -@@ -192,14 +192,19 @@ doit(void) - "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" - "34007208d5b887185865"); - -- /* Test vector from RFC 6070. More thorough testing is done -- * in nettle. */ -- test_pbkdf2(GNUTLS_MAC_SHA1, -- "70617373776f7264", /* "password" */ -- "73616c74", /* "salt" */ -+ /* Test vector extracted from: -+ * https://dev.gnupg.org/source/libgcrypt/browse/master/cipher/kdf.c */ -+ test_pbkdf2(GNUTLS_MAC_SHA256, -+ "70617373776f726450415353" -+ "574f524470617373776f7264", /* "passwordPASSWORDpassword" */ -+ "73616c7453414c5473616c74" -+ "53414c5473616c7453414c54" -+ "73616c7453414c5473616c74", /* "saltSALTsaltSALTsaltSALTsaltSALTsalt" */ - 4096, -- 20, -- "4b007901b765489abead49d926f721d065a429c1"); -+ 40, -+ "348c89dbcbd32b2f32d814b8" -+ "116e84cf2b17347ebc180018" -+ "1c4e2a1fb8dd53e1c635518c7dac47e9"); - - gnutls_fips140_context_deinit(fips_context); - } diff --git a/gnutls-FIPS-Set-error-state-when-jent-init-failed.patch b/gnutls-FIPS-Set-error-state-when-jent-init-failed.patch deleted file mode 100644 index 1c969b7..0000000 --- a/gnutls-FIPS-Set-error-state-when-jent-init-failed.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- - lib/nettle/sysrng-linux.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -Index: gnutls-3.7.8/lib/nettle/sysrng-linux.c -=================================================================== ---- gnutls-3.7.8.orig/lib/nettle/sysrng-linux.c -+++ gnutls-3.7.8/lib/nettle/sysrng-linux.c -@@ -49,11 +49,13 @@ - get_entropy_func _rnd_get_system_entropy = NULL; - - #if defined(__linux__) --# ifdef ENABLE_FIPS140 -+# if defined(ENABLE_FIPS140) - # define HAVE_JENT - # include - static int jent_initialized = 0; - static struct rand_data* ec = NULL; -+/* Declare function to fix a missing-prototypes compilation warning */ -+void FIPS_jent_entropy_deinit(void); - # endif - # ifdef HAVE_GETRANDOM - # include -@@ -72,7 +74,8 @@ static ssize_t _getrandom0(void *buf, si - # endif - # endif - --# if defined(HAVE_JENT) -+# if defined(ENABLE_FIPS140) -+# if defined(HAVE_JENT) - /* check whether the CPU Jitter entropy collector is available. */ - static unsigned FIPS_jent_entropy_init(void) - { -@@ -161,6 +164,7 @@ static int _rnd_get_system_entropy_jent( - - return 0; - } -+# endif - # endif - - static unsigned have_getrandom(void) -@@ -260,7 +264,8 @@ int _rnd_system_entropy_init(void) - int urandom_fd; - - #if defined(__linux__) --# if defined(HAVE_JENT) -+# if defined(ENABLE_FIPS140) -+# if defined(HAVE_JENT) - /* Enable jitterentropy usage if available */ - if (FIPS_jent_entropy_init()) { - _rnd_get_system_entropy = _rnd_get_system_entropy_jent; -@@ -268,7 +273,14 @@ int _rnd_system_entropy_init(void) - return 0; - } else { - _gnutls_debug_log("jitterentropy is not available\n"); -+ /* Set error state when FIPS_jent_entropy_init failed and FIPS mode is enabled */ -+ if (_gnutls_fips_mode_enabled()) { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); -+ _gnutls_switch_lib_state(LIB_STATE_ERROR); -+ return gnutls_assert_val(GNUTLS_E_RANDOM_DEVICE_ERROR); -+ } - } -+# endif - # endif - /* Enable getrandom() usage if available */ - if (have_getrandom()) { -@@ -300,8 +312,10 @@ void _rnd_system_entropy_deinit(void) - { - /* A no-op now when we open and close /dev/urandom every time */ - #if defined(__linux__) --# if defined(HAVE_JENT) -+# if defined(ENABLE_FIPS140) -+# if defined(HAVE_JENT) - FIPS_jent_entropy_deinit(); -+# endif - # endif - #endif - return; -Index: gnutls-3.7.8/tests/Makefile.am -=================================================================== ---- gnutls-3.7.8.orig/tests/Makefile.am -+++ gnutls-3.7.8/tests/Makefile.am -@@ -208,7 +208,7 @@ ctests += mini-record-2 simple gnutls_hm - dtls12-cert-key-exchange dtls10-cert-key-exchange x509-cert-callback-legacy \ - keylog-env ssl2-hello tlsfeature-ext dtls-rehandshake-cert-2 dtls-session-ticket-lost \ - tlsfeature-crt dtls-rehandshake-cert-3 resume-with-false-start \ -- set_x509_key_file_ocsp client-fastopen rng-sigint srp rng-pthread \ -+ set_x509_key_file_ocsp client-fastopen srp rng-pthread \ - safe-renegotiation/srn0 safe-renegotiation/srn1 safe-renegotiation/srn2 \ - safe-renegotiation/srn3 safe-renegotiation/srn4 safe-renegotiation/srn5 \ - rsa-illegal-import set_x509_ocsp_multi_invalid set_key set_x509_key_file_ocsp_multi2 \ diff --git a/gnutls-FIPS-disable-failing-tests.patch b/gnutls-FIPS-disable-failing-tests.patch deleted file mode 100644 index d4fefa7..0000000 --- a/gnutls-FIPS-disable-failing-tests.patch +++ /dev/null @@ -1,36 +0,0 @@ -Index: gnutls-3.7.7/guile/Makefile.am -=================================================================== ---- gnutls-3.7.7.orig/guile/Makefile.am -+++ gnutls-3.7.7/guile/Makefile.am -@@ -102,14 +102,11 @@ endif HAVE_GUILD - # - - TESTS = \ -- tests/anonymous-auth.scm \ -- tests/session-record-port.scm \ - tests/pkcs-import-export.scm \ - tests/errors.scm \ - tests/x509-certificates.scm \ - tests/x509-auth.scm \ - tests/reauth.scm \ -- tests/premature-termination.scm \ - tests/priorities.scm - - if ENABLE_SRP -Index: gnutls-3.7.7/guile/Makefile.in -=================================================================== ---- gnutls-3.7.7.orig/guile/Makefile.in -+++ gnutls-3.7.7/guile/Makefile.in -@@ -2335,10 +2335,9 @@ CLEANFILES = modules/gnutls.scm $(am__ap - # - # Tests. - # --TESTS = tests/anonymous-auth.scm tests/session-record-port.scm \ -- tests/pkcs-import-export.scm tests/errors.scm \ -+TESTS = tests/pkcs-import-export.scm tests/errors.scm \ - tests/x509-certificates.scm tests/x509-auth.scm \ -- tests/reauth.scm tests/premature-termination.scm \ -+ tests/reauth.scm \ - tests/priorities.scm $(am__append_2) - TESTS_ENVIRONMENT = \ - GUILE_AUTO_COMPILE=0 \ diff --git a/gnutls-FIPS-jitterentropy.patch b/gnutls-FIPS-jitterentropy.patch index 8f46739..244981a 100644 --- a/gnutls-FIPS-jitterentropy.patch +++ b/gnutls-FIPS-jitterentropy.patch @@ -1,122 +1,131 @@ -Index: gnutls-3.7.3/lib/nettle/sysrng-linux.c +Index: gnutls-3.8.0/lib/nettle/sysrng-linux.c =================================================================== ---- gnutls-3.7.3.orig/lib/nettle/sysrng-linux.c -+++ gnutls-3.7.3/lib/nettle/sysrng-linux.c -@@ -49,6 +49,12 @@ +--- gnutls-3.8.0.orig/lib/nettle/sysrng-linux.c ++++ gnutls-3.8.0/lib/nettle/sysrng-linux.c +@@ -49,6 +49,15 @@ get_entropy_func _rnd_get_system_entropy = NULL; #if defined(__linux__) -+# ifdef ENABLE_FIPS140 ++# if defined(ENABLE_FIPS140) +# define HAVE_JENT +# include -+static int jent_initialized = 0; -+static struct rand_data* ec = NULL; ++/* Per thread context of random generator, and a flag to indicate initialization */ ++static _Thread_local struct rand_data* ec = NULL; ++static _Thread_local int jent_initialized = 0; ++/* Declare function to fix a missing-prototypes compilation warning */ ++void FIPS_jent_entropy_deinit(void); +# endif # ifdef HAVE_GETRANDOM # include # else -@@ -66,6 +72,96 @@ static ssize_t _getrandom0(void *buf, si +@@ -67,6 +76,101 @@ static ssize_t _getrandom0(void *buf, si # endif # endif -+# if defined(HAVE_JENT) ++# if defined(ENABLE_FIPS140) ++# if defined(HAVE_JENT) +/* check whether the CPU Jitter entropy collector is available. */ +static unsigned FIPS_jent_entropy_init(void) +{ -+ unsigned int rv = 1; -+ unsigned int osr = 1; /* Oversampling rate */ -+ unsigned int flags = 0; /* JENT_FORCE_FIPS -+ * JENT_DISABLE_MEMORY_ACCESS -+ * JENT_DISABLE_INTERNAL_TIMER -+ * JENT_FORCE_INTERNAL_TIMER -+ * JENT_MAX_MEMSIZE_{32,64,128,256,512}kB -+ * JENT_MAX_MEMSIZE_{1,2,4,8,16,32,64,128,256,512}MB -+ */ ++ unsigned int rv = 1; ++ unsigned int osr = 1; /* Oversampling rate */ ++ unsigned int flags = 0; /* JENT_FORCE_FIPS ++ * JENT_DISABLE_MEMORY_ACCESS ++ * JENT_DISABLE_INTERNAL_TIMER ++ * JENT_FORCE_INTERNAL_TIMER ++ * JENT_MAX_MEMSIZE_{32,64,128,256,512}kB ++ * JENT_MAX_MEMSIZE_{1,2,4,8,16,32,64,128,256,512}MB ++ */ + -+ /* Set the FIPS flag. */ -+ flags |= JENT_FORCE_FIPS; ++ /* Set the FIPS flag. */ ++ flags |= JENT_FORCE_FIPS; + -+ /* Do not re-initialize jent. */ -+ if (jent_initialized == 0) { -+ if (jent_entropy_init_ex(osr, flags)) -+ return 0; -+ jent_initialized = 1; -+ } ++ /* Do not re-initialize jent. */ ++ if (jent_initialized == 0) { ++ if (jent_entropy_init_ex(osr, flags)) ++ return 0; ++ jent_initialized = 1; ++ } + -+ /* Allocate the entropy collector. */ -+ if (ec == NULL) { -+ ec = jent_entropy_collector_alloc(osr, flags); -+ if (ec == NULL) { -+ rv = 0; -+ } -+ } ++ /* Allocate the entropy collector. */ ++ if (ec == NULL) { ++ ec = jent_entropy_collector_alloc(osr, flags); ++ if (ec == NULL) { ++ rv = 0; ++ } ++ } + -+ return rv; ++ return rv; +} + +void FIPS_jent_entropy_deinit(void) +{ -+ /* Free the entropy collector. */ -+ if (ec != NULL) { -+ jent_entropy_collector_free(ec); -+ ec = NULL; -+ } ++ /* Free the entropy collector. */ ++ if (ec != NULL) { ++ jent_entropy_collector_free(ec); ++ ec = NULL; ++ } + -+ return; ++ jent_initialized = 0; ++ ++ return; +} + +/* returns exactly the amount of bytes requested */ +static int force_jent(void *buf, size_t buflen, unsigned int flags, -+ unsigned int osr) ++ unsigned int osr) +{ -+ static int jent_bytes = -1; ++ static int jent_bytes = -1; + -+ if (buf == NULL || buflen == 0) { -+ return -1; -+ } ++ if (buf == NULL || buflen == 0) { ++ return -1; ++ } + -+ /* Ensure the entropy source has been fully initiated. */ -+ if (jent_initialized == 0 || ec == NULL) { -+ if (!FIPS_jent_entropy_init()) { -+ return -1; -+ } -+ } ++ /* Ensure the entropy source has been fully initiated. */ ++ if (jent_initialized == 0 || ec == NULL) { ++ if (!FIPS_jent_entropy_init()) { ++ return -1; ++ } ++ } + -+ /* Get entropy bytes. */ -+ jent_bytes = jent_read_entropy_safe(&ec, (char *)buf, buflen); ++ /* Get entropy bytes. */ ++ jent_bytes = jent_read_entropy_safe(&ec, (char *)buf, buflen); + -+ return jent_bytes; ++ return jent_bytes; +} + +static int _rnd_get_system_entropy_jent(void* _rnd, size_t size) +{ -+ int ret; -+ unsigned int osr = 1; -+ unsigned int flags = 0; ++ int ret; ++ unsigned int osr = 1; ++ unsigned int flags = 0; + -+ /* Set the FIPS flag. */ -+ flags |= JENT_FORCE_FIPS; ++ /* Set the FIPS flag. */ ++ flags |= JENT_FORCE_FIPS; + -+ ret = force_jent(_rnd, size, flags, osr); -+ if (ret < 0) { -+ int e = errno; -+ gnutls_assert(); -+ _gnutls_debug_log("Failed to use jent: %s\n", strerror(e)); -+ FIPS_jent_entropy_deinit(); -+ return GNUTLS_E_RANDOM_DEVICE_ERROR; -+ } ++ ret = force_jent(_rnd, size, flags, osr); ++ if (ret < 0) { ++ int e = errno; ++ gnutls_assert(); ++ _gnutls_debug_log("Failed to use jent: %s\n", strerror(e)); ++ FIPS_jent_entropy_deinit(); ++ return GNUTLS_E_RANDOM_DEVICE_ERROR; ++ } + -+ return 0; ++ return 0; +} ++# endif +# endif - ++ static unsigned have_getrandom(void) { -@@ -164,6 +260,16 @@ int _rnd_system_entropy_init(void) + char c; +@@ -162,6 +266,24 @@ int _rnd_system_entropy_init(void) int urandom_fd; #if defined(__linux__) -+# if defined(HAVE_JENT) ++# if defined(ENABLE_FIPS140) ++# if defined(HAVE_JENT) + /* Enable jitterentropy usage if available */ + if (FIPS_jent_entropy_init()) { + _rnd_get_system_entropy = _rnd_get_system_entropy_jent; @@ -124,28 +133,36 @@ Index: gnutls-3.7.3/lib/nettle/sysrng-linux.c + return 0; + } else { + _gnutls_debug_log("jitterentropy is not available\n"); ++ /* Set error state when FIPS_jent_entropy_init failed and FIPS mode is enabled */ ++ if (_gnutls_fips_mode_enabled()) { ++ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); ++ _gnutls_switch_lib_state(LIB_STATE_ERROR); ++ return gnutls_assert_val(GNUTLS_E_RANDOM_DEVICE_ERROR); ++ } + } ++# endif +# endif /* Enable getrandom() usage if available */ if (have_getrandom()) { _rnd_get_system_entropy = _rnd_get_system_entropy_getrandom; -@@ -193,6 +299,11 @@ int _rnd_system_entropy_init(void) +@@ -192,5 +314,12 @@ int _rnd_system_entropy_init(void) void _rnd_system_entropy_deinit(void) { /* A no-op now when we open and close /dev/urandom every time */ +#if defined(__linux__) -+# if defined(HAVE_JENT) ++# if defined(ENABLE_FIPS140) ++# if defined(HAVE_JENT) + FIPS_jent_entropy_deinit(); ++# endif +# endif +#endif return; } - -Index: gnutls-3.7.3/lib/nettle/Makefile.in +Index: gnutls-3.8.0/lib/nettle/Makefile.in =================================================================== ---- gnutls-3.7.3.orig/lib/nettle/Makefile.in -+++ gnutls-3.7.3/lib/nettle/Makefile.in -@@ -398,7 +398,7 @@ am__v_CC_1 = +--- gnutls-3.8.0.orig/lib/nettle/Makefile.in ++++ gnutls-3.8.0/lib/nettle/Makefile.in +@@ -399,7 +399,7 @@ am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ @@ -154,10 +171,10 @@ Index: gnutls-3.7.3/lib/nettle/Makefile.in AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; -Index: gnutls-3.7.3/lib/nettle/Makefile.am +Index: gnutls-3.8.0/lib/nettle/Makefile.am =================================================================== ---- gnutls-3.7.3.orig/lib/nettle/Makefile.am -+++ gnutls-3.7.3/lib/nettle/Makefile.am +--- gnutls-3.8.0.orig/lib/nettle/Makefile.am ++++ gnutls-3.8.0/lib/nettle/Makefile.am @@ -20,7 +20,7 @@ include $(top_srcdir)/lib/common.mk @@ -167,10 +184,10 @@ Index: gnutls-3.7.3/lib/nettle/Makefile.am AM_CPPFLAGS = \ -I$(srcdir)/int \ -Index: gnutls-3.7.3/lib/nettle/rnd-fips.c +Index: gnutls-3.8.0/lib/nettle/rnd-fips.c =================================================================== ---- gnutls-3.7.3.orig/lib/nettle/rnd-fips.c -+++ gnutls-3.7.3/lib/nettle/rnd-fips.c +--- gnutls-3.8.0.orig/lib/nettle/rnd-fips.c ++++ gnutls-3.8.0/lib/nettle/rnd-fips.c @@ -129,6 +129,10 @@ static int drbg_init(struct fips_ctx *fc uint8_t buffer[DRBG_AES_SEED_SIZE]; int ret; @@ -193,3 +210,16 @@ Index: gnutls-3.7.3/lib/nettle/rnd-fips.c ret = get_entropy(fctx, buffer, sizeof(buffer)); if (ret < 0) { _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); +Index: gnutls-3.8.0/tests/Makefile.am +=================================================================== +--- gnutls-3.8.0.orig/tests/Makefile.am ++++ gnutls-3.8.0/tests/Makefile.am +@@ -208,7 +208,7 @@ ctests += mini-record-2 simple gnutls_hm + dtls12-cert-key-exchange dtls10-cert-key-exchange x509-cert-callback-legacy \ + keylog-env ssl2-hello tlsfeature-ext dtls-rehandshake-cert-2 dtls-session-ticket-lost \ + tlsfeature-crt dtls-rehandshake-cert-3 resume-with-false-start \ +- set_x509_key_file_ocsp client-fastopen rng-sigint srp rng-pthread \ ++ set_x509_key_file_ocsp client-fastopen srp rng-pthread \ + safe-renegotiation/srn0 safe-renegotiation/srn1 safe-renegotiation/srn2 \ + safe-renegotiation/srn3 safe-renegotiation/srn4 safe-renegotiation/srn5 \ + rsa-illegal-import set_x509_ocsp_multi_invalid set_key set_x509_key_file_ocsp_multi2 \ diff --git a/gnutls-Make-XTS-key-check-failure-not-fatal.patch b/gnutls-Make-XTS-key-check-failure-not-fatal.patch deleted file mode 100644 index 51b7324..0000000 --- a/gnutls-Make-XTS-key-check-failure-not-fatal.patch +++ /dev/null @@ -1,242 +0,0 @@ -From 00fff0aad2b606801704046042aa3b2b24f07d63 Mon Sep 17 00:00:00 2001 -From: Zoltan Fridrich -Date: Thu, 29 Sep 2022 15:31:28 +0200 -Subject: [PATCH] Make XTS key check failure not fatal - -Signed-off-by: Zoltan Fridrich ---- - lib/accelerated/x86/aes-xts-x86-aesni.c | 1 - - lib/nettle/cipher.c | 73 ++++++++--------------- - tests/Makefile.am | 2 +- - tests/xts-key-check.c | 78 +++++++++++++++++++++++++ - 5 files changed, 103 insertions(+), 52 deletions(-) - create mode 100644 tests/xts-key-check.c - -diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c -index 0588d0bd55..d6936a688d 100644 ---- a/lib/accelerated/x86/aes-xts-x86-aesni.c -+++ b/lib/accelerated/x86/aes-xts-x86-aesni.c -@@ -73,7 +73,6 @@ x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) - /* Check key block according to FIPS-140-2 IG A.9 */ - if (_gnutls_fips_mode_enabled()){ - if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) { -- _gnutls_switch_lib_state(LIB_STATE_ERROR); - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - } - } -diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c -index c9c59fb0ba..9c2ce19e7e 100644 ---- a/lib/nettle/cipher.c -+++ b/lib/nettle/cipher.c -@@ -448,12 +448,14 @@ _gcm_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, - length, dst, src); - } - --static void _des_set_key(struct des_ctx *ctx, const uint8_t *key) -+static void -+_des_set_key(struct des_ctx *ctx, const uint8_t *key) - { - des_set_key(ctx, key); - } - --static void _des3_set_key(struct des3_ctx *ctx, const uint8_t *key) -+static void -+_des3_set_key(struct des3_ctx *ctx, const uint8_t *key) - { - des3_set_key(ctx, key); - } -@@ -476,50 +478,6 @@ _cfb8_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, - length, dst, src); - } - --static void --_xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key, -- const uint8_t *key) --{ -- if (_gnutls_fips_mode_enabled() && -- gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) -- _gnutls_switch_lib_state(LIB_STATE_ERROR); -- -- xts_aes128_set_encrypt_key(xts_key, key); --} -- --static void --_xts_aes128_set_decrypt_key(struct xts_aes128_key *xts_key, -- const uint8_t *key) --{ -- if (_gnutls_fips_mode_enabled() && -- gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) -- _gnutls_switch_lib_state(LIB_STATE_ERROR); -- -- xts_aes128_set_decrypt_key(xts_key, key); --} -- --static void --_xts_aes256_set_encrypt_key(struct xts_aes256_key *xts_key, -- const uint8_t *key) --{ -- if (_gnutls_fips_mode_enabled() && -- gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) -- _gnutls_switch_lib_state(LIB_STATE_ERROR); -- -- xts_aes256_set_encrypt_key(xts_key, key); --} -- --static void --_xts_aes256_set_decrypt_key(struct xts_aes256_key *xts_key, -- const uint8_t *key) --{ -- if (_gnutls_fips_mode_enabled() && -- gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) -- _gnutls_switch_lib_state(LIB_STATE_ERROR); -- -- xts_aes256_set_decrypt_key(xts_key, key); --} -- - static void - _xts_aes128_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, - const uint8_t * src) -@@ -1041,8 +999,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = { - .ctx_size = sizeof(struct xts_aes128_key), - .encrypt = _xts_aes128_encrypt, - .decrypt = _xts_aes128_decrypt, -- .set_encrypt_key = (nettle_set_key_func*)_xts_aes128_set_encrypt_key, -- .set_decrypt_key = (nettle_set_key_func*)_xts_aes128_set_decrypt_key, -+ .set_encrypt_key = (nettle_set_key_func*)xts_aes128_set_encrypt_key, -+ .set_decrypt_key = (nettle_set_key_func*)xts_aes128_set_decrypt_key, - .max_iv_size = AES_BLOCK_SIZE, - }, - { .algo = GNUTLS_CIPHER_AES_256_XTS, -@@ -1052,8 +1010,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = { - .ctx_size = sizeof(struct xts_aes256_key), - .encrypt = _xts_aes256_encrypt, - .decrypt = _xts_aes256_decrypt, -- .set_encrypt_key = (nettle_set_key_func*)_xts_aes256_set_encrypt_key, -- .set_decrypt_key = (nettle_set_key_func*)_xts_aes256_set_decrypt_key, -+ .set_encrypt_key = (nettle_set_key_func*)xts_aes256_set_encrypt_key, -+ .set_decrypt_key = (nettle_set_key_func*)xts_aes256_set_decrypt_key, - .max_iv_size = AES_BLOCK_SIZE, - }, - { .algo = GNUTLS_CIPHER_AES_128_SIV, -@@ -1144,6 +1102,21 @@ wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize) - return 0; - } - -+ switch (ctx->cipher->algo) { -+ case GNUTLS_CIPHER_AES_128_XTS: -+ if (_gnutls_fips_mode_enabled() && -+ gnutls_memcmp(key, (char *)key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) -+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -+ break; -+ case GNUTLS_CIPHER_AES_256_XTS: -+ if (_gnutls_fips_mode_enabled() && -+ gnutls_memcmp(key, (char *)key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) -+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -+ break; -+ default: -+ break; -+ } -+ - if (ctx->enc) - ctx->cipher->set_encrypt_key(ctx->ctx_ptr, key); - else -diff --git a/tests/Makefile.am b/tests/Makefile.am -index 3e126f0046..1122886b31 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -233,7 +233,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei - tls13-without-timeout-func buffer status-request-revoked \ - set_x509_ocsp_multi_cli kdf-api keylog-func handshake-write \ - x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name \ -- x509-upnconstraint cipher-padding pkcs7-verify-double-free \ -+ x509-upnconstraint xts-key-check cipher-padding pkcs7-verify-double-free \ - fips-rsa-sizes - - ctests += tls-channel-binding -diff --git a/tests/xts-key-check.c b/tests/xts-key-check.c -new file mode 100644 -index 0000000000..a3bea5abca ---- /dev/null -+++ b/tests/xts-key-check.c -@@ -0,0 +1,78 @@ -+/* -+ * Copyright (C) 2022 Red Hat, Inc. -+ * -+ * Author: Zoltan Fridrich -+ * -+ * This file is part of GnuTLS. -+ * -+ * GnuTLS is free software: you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GnuTLS is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GnuTLS. If not, see . -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include -+#endif -+ -+#include -+ -+#include "utils.h" -+ -+static void test_xts_check(gnutls_cipher_algorithm_t alg) -+{ -+ int ret; -+ gnutls_cipher_hd_t ctx; -+ gnutls_datum_t key, iv; -+ -+ iv.size = gnutls_cipher_get_iv_size(alg); -+ iv.data = gnutls_malloc(iv.size); -+ if (iv.data == NULL) -+ fail("Error: %s\n", gnutls_strerror(GNUTLS_E_MEMORY_ERROR)); -+ gnutls_memset(iv.data, 0xf0, iv.size); -+ -+ key.size = gnutls_cipher_get_key_size(alg); -+ key.data = gnutls_malloc(key.size); -+ if (key.data == NULL) { -+ gnutls_free(iv.data); -+ fail("Error: %s\n", gnutls_strerror(GNUTLS_E_MEMORY_ERROR)); -+ } -+ gnutls_memset(key.data, 0xf0, key.size); -+ -+ ret = gnutls_cipher_init(&ctx, alg, &key, &iv); -+ if (ret == GNUTLS_E_SUCCESS) { -+ gnutls_cipher_deinit(ctx); -+ gnutls_free(iv.data); -+ gnutls_free(key.data); -+ fail("cipher initialization should fail for key1 == key2\n"); -+ } -+ -+ key.data[0] = 0xff; -+ -+ ret = gnutls_cipher_init(&ctx, alg, &key, &iv); -+ gnutls_free(iv.data); -+ gnutls_free(key.data); -+ -+ if (ret == GNUTLS_E_SUCCESS) -+ gnutls_cipher_deinit(ctx); -+ else -+ fail("cipher initialization should succeed with key1 != key2" -+ "\n%s\n", gnutls_strerror(ret)); -+} -+ -+void doit(void) -+{ -+ if (!gnutls_fips140_mode_enabled()) -+ exit(77); -+ -+ test_xts_check(GNUTLS_CIPHER_AES_128_XTS); -+ test_xts_check(GNUTLS_CIPHER_AES_256_XTS); -+} --- -GitLab - diff --git a/gnutls-verify-library-HMAC.patch b/gnutls-verify-library-HMAC.patch deleted file mode 100644 index c706e0f..0000000 --- a/gnutls-verify-library-HMAC.patch +++ /dev/null @@ -1,21 +0,0 @@ -Index: gnutls-3.7.8/lib/fips.c -=================================================================== ---- gnutls-3.7.8.orig/lib/fips.c -+++ gnutls-3.7.8/lib/fips.c -@@ -402,6 +402,8 @@ static int check_binary_integrity(void) - ret = check_lib_hmac(&file.gnutls, GNUTLS_LIBRARY_NAME, "gnutls_global_init"); - if (ret < 0) - return ret; -+ /* Check only the binary integrity of the libgnutls library */ -+#if 0 - ret = check_lib_hmac(&file.nettle, NETTLE_LIBRARY_NAME, "nettle_aes_set_encrypt_key"); - if (ret < 0) - return ret; -@@ -411,6 +413,7 @@ static int check_binary_integrity(void) - ret = check_lib_hmac(&file.gmp, GMP_LIBRARY_NAME, "__gmpz_init"); - if (ret < 0) - return ret; -+#endif - - return 0; - } diff --git a/gnutls.changes b/gnutls.changes index 59f268c..7353c50 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,3 +1,73 @@ +------------------------------------------------------------------- +Tue Feb 21 10:17:00 UTC 2023 - Pedro Monreal + +- Update to 3.8.0: [bsc#1205763, bsc#1209627] + * libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key + exchange. Reported by Hubert Kario (#1050). Fix developed by + Alexander Sosedkin. [GNUTLS-SA-2020-07-14, CVSS: medium] + [CVE-2023-0361] + * libgnutls: C++ library is now header only. All definitions + from gnutlsxx.c have been moved into gnutlsxx.h. Users of the + C++ interface have two options: + 1. include gnutlsxx.h in their application and link against + the C library. (default) + 2. include gnutlsxx.h in their application, compile with + GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link + against the C++ library. + * libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST + priority modifier have been added to allow disabling of the + status_request TLS extension in the client side. + * libgnutls: TLS heartbeat is disabled by default. + The heartbeat extension in TLS (RFC 6520) is not widely used + given other implementations dropped support for it. To enable + back support for it, supply --enable-heartbeat-support to + configure script. + * libgnutls: SRP authentication is now disabled by default. + It is disabled because the SRP authentication in TLS is not + up to date with the latest TLS standards and its ciphersuites + are based on the CBC mode and SHA-1. To enable it back, supply + --enable-srp-authentication option to configure script. + * libgnutls: All code has been indented using "indent -ppi1 -linux". + CI/CD has been adjusted to catch regressions. This is implemented + through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s + commit-check. You may run devel/indent-gnutls to fix any + indentation issues if you make code modifications. + * guile: Guile-bindings removed. They have been extracted into a + separate project to reduce complexity and to simplify maintenance, + see . + * minitasn1: Upgraded to libtasn1 version 4.19. + * API and ABI modifications: + GNUTLS_NO_STATUS_REQUEST: New flag + GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member + GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member + * Merge gnutls-FIPS-Set-error-state-when-jent-init-failed.patch + and gnutls-FIPS-jitterentropy-threadsafe.patch into the main + patch gnutls-FIPS-jitterentropy.patch + * Rebase gnutls-FIPS-140-3-references.patch + * Rebase patches with upstream version: + - gnutls-FIPS-PCT-DH.patch gnutls-FIPS-PCT-ECDH.patch + * Remove patches merged/fixed upstream: + - gnutls-FIPS-disable-failing-tests.patch + - gnutls-verify-library-HMAC.patch + - gnutls_ECDSA_signing.patch + - gnutls-Make-XTS-key-check-failure-not-fatal.patch + - gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch + * Update keyring with https://gnutls.org/gnutls-release-keyring.gpg + +------------------------------------------------------------------- +Thu Feb 16 19:43:04 UTC 2023 - Pedro Monreal + +- FIPS: Make the jitterentropy calls thread-safe [bsc#1208146] + * Add gnutls-FIPS-jitterentropy-threadsafe.patch + +------------------------------------------------------------------- +Thu Feb 16 12:31:25 UTC 2023 - Pedro Monreal + +- FIPS: GnuTLS DH/ECDH PCT public key regeneration [bsc#1207183] + * Rebase patches with the version submitted upstream. + * Avoid copying the key material: gnutls-FIPS-PCT-DH.patch + * Improve logic around memory release: gnutls-FIPS-PCT-ECDH.patch + ------------------------------------------------------------------- Fri Feb 10 13:12:25 UTC 2023 - Pedro Monreal diff --git a/gnutls.keyring b/gnutls.keyring index 8194fcd29a6f48377915695681fe8379a96d27ceb02572600b676c11795e7446..25b14b4f1e2f75ee5a28ca36df87ba0c9bbf41003a3160c7c86a6ab3ed9881d9 100644 GIT binary patch literal 26256 zcmb5VbCBfEw(i}wZQHhO+qP}n=Cp0w*0k+ubK2%R^V?^ivrpWJ`^NpJqADZmsqd=z z1cCNXS%-ZdIEr9l+^-ekVOy@?b|oZsxs?ZaQsxKVXF^Na{kWQEZ=6+vleOifX9)G@Adc=}I4S``t(+g>y|TbL$&C`4u4T7u zsBnc6rG`*&fX4$rIK0+|Nf@UA!6&PAc3tiJ!;s4P+A1+!mXk5%Dbg)ArWJA073nxB znyUfylb_*MK*=~lrHelt)2j5gMK(sHiOmU`?mOa(Dk9XEUK21PkeXB%)9zVJ@JyPj zHgUQ4AJ9`2i*FUcUu6C9luFj@TboNf>e33vZAjp6~ z0DM5$z(9C_KTnnWnAT7ol%qg#e3(ACckeK0aDiljL8My|Mq(6&A5*hzU#D5=olmlE|&K=g~ z_UM7yjtoILprB7pg!|FUeyt+d@Y}w!D5*Ws1k8i9H-WAj;^$-(N3ikQqEs8=BVZ-X za5G=Y6qyL@jKKY5a+a-t+`}t=T!h((?JM-2bYT#O4B)p_R+bTykJS?-?U&MT4=QEU zG&j`!&rG7)#{-wxO9oF>9n&?kg-5fFUb5N_oQTAdo3=LB#I}YUDI?0mbC7Jqcx)2# zwIaV>vSP-Eibg=7X!TKsK)@1wn!fYfb+@7U##1tJacvXP+d5H^40|zVB`tM^JVpS2qRSRtH98Wrdi-tx6eHU!M7@_Ljm5|=Mb(( zbKJU1YT$;tD_u&$GBRJ2>^1kmwNsFrDawiUTmel^C&6+{A5Wv%bo9>9sfsSc>OzEH zQ}8?XQQ}*=afy+I4!HyiXB{mHXISDKU|(^fh$vl%bvi}Rj72yV6ZK=Bw+}*oFXZ_i zU~3@Y?gV~B;xQTv)9iQ=Vju{JKmcH%KvL!ps(<#P6M?J(`m&nV@Bad0!I!`tjLNHv-258Bi9zAR1N|D`#{(n^YY_gJ2mcx}7h& z@eNgheMliy@r zR5pZAliwY_Nav$?Z9b&Jbv%I~_e0s-2Sg$xKHd%TjHC(_x=2Qi4m46upTBGR8LEc2 zk3tr_$HiPS-Qoy1^%|JWT6S8P0rw6cxghLqAj6&&$2hZj&jIF5;2Ocn7^Fl^eyJS> z3WrX4?e+>!x!p;9NysaE?Hne+(PD=;$W_8^76>uOZoaj&r&G5aEe*C9$RzX`KyUi| z8VRpLX_QuGDUw2UZI$bEH-v;pFxwe~*bM~is5Laf8K#rJ87`>9%vla4t{zOF+5_dR zISx^U&Gr#+VK2vstyH(4xAUAJyk&e=HEpVbiq~~rLD3f@Nnez$=8IpAkND9n9NI@c zK;qjk4ap)O_l|7M`X+fp?%;?a^3mT54rp_E05f(+o$FARoo@eIKfXV8KtY@8{S)D+ z%0Gs0@jG<91?_(Tl=lC~{7Z-KzGRvY$VV)p5eE>9s^uAQ9sL z$aB<8u5wNvG!STUG3I;0z+UouHv-6|G{2I{q)JgLZovXFO8hi3(F&A|Q2R5np#M&+ zf5&xK6IzWY)MPGF3b5;g!$zLyIeKAxyHBcyl+0RBfq%v7b^v>Lpo{^qD|prC4ebLE=c;Bg}UzW+dPB*G1xwX;* zWxOZ^li(`_hBo;Hsdx%C>CGm^UioY;%gMyN*7VeWT*ldIqhD@;=F+=!6J(%W+HGNrWzfp3CoR3b2b+t z`UhXA|H3T&FC95x%zLe*kfBLC0O{ z1nJ_FBhfe@*^|xx(E4u~;=eLSv_uYO_$z7O)DjK6-_r|CbO%{y%YnIP{cG537fl z!+*Q{@(z=)fV4-3CH%x;ww|eDwwMX3olqZa5lG8Kd}&}pJM8-=txnNff@#-2Pt<(; z3flXLb*rUH{=!EdohZTkxpKV3)udji_n=158sjF%Z4sqOViLnx>z_PG(KX%RWY$Tr zR7^i~He*-Agm~f^v;U3uJ(zJ$ekc2yrQKuG1Vtxr{Q{(TBa>%%O}7aK*fWbPb%z=x zZ^HP>PP5Lyf7?3-XOH?=AWZlPA=VI+Xy6SdLd9O7ya^sM>?T>61C^0R@EV_JOW!f! zV~)sVWC}~Y!l#9ZxWSk$3c6!oM@WZm)MxIW8~sl8bA8RnhekmAcMO$QS1BM5vw$96p!au5PAjmhG0sZlbW>T?@68ig~tuS zUp#6z2~G5a;iR0a;lGs=pGy5gyp@o1XNlJor_%3N4>N4d@?Lxf5834cHb zvxv2J?{R@wJ5Q|&$H-_K7gY;blVYgmx1I1?`;O~x)-O0je~mi8c7V*R)`9M zbCpM8uZIMg0Z%7>AD~*%a_@?K?)z=h#k(Mq-?BajN5-+#EOx_Y^c6d)`DiY>@8fi> zHd2afrtyQ!;Ul0pNN2b+Q&HrFhckzFtFqEttCeQHxm+BDL!JH!O$c8 zFIVw-B{bHA`+YXnHDWfLfha6$@Lax2+f!gfQJ*J81o6VTeT8F-{`hAEVGV3Td1{zt zMkKm$+#@krfgqaelp7RPPj zmqa4i4o)0~2>S1A)#+7VuZLc&y>)4apgNZ(g&=ouKUn!Tm7fS|2UiY1+LI zSEBkEoQh;IGYnd$ixd!5GnHXgJ76miRxQa)u;Ea9`K_LoI-QDYNS1kyXqi|s-jo*) zeJ^h%6GQ1a9s&U#QA4T}%cfCoNmp5i2cC%vbrp(LmaGk7^KJjyN_a>>b?NyQmLeQlg_+EOwod&)ws1s4au9Mno40(VJt3m7ia~d4#@f{jx$!#pZ z5mb#V(5!8T6xJXLf2tWcBJ9Z))o++BbgZajkJ^j@zv z6EJ-pzx`tHCwyY3A-GDikc-@qHdbJYA6*2$F7Yy_iYgKHNsvD2fsOW_9WQC`)@8@MzONzH)d!FiDjtV30zGLK4GYR#P}^>Yf45D(miE0DOC9x!cu9w41$ZZ zSl3(N=+@1ceTCrzb0X-9of~s%x}Fs{XP5VGv3pkNioa=%M+h#PSE?0~-aZ*&3!BP^ zF`IjkPq(vi=NC9@+Col2SJolTg>Vf!^IKFAOVey@j_$udB4r%eJWmh?LM~Rf(B51K z0PDJN`G~BfFm`)+ms&p#qd-(jLc>4f+EWh%?S;Fa`d*>egkvU?$B9I`QfCwafYQyT znUc%{W<;2ri80Q34i9^fzfK6o+a4reW+Z?c4SLCD?EMTGTS3*@Wld(!^t^mFvQ^{# z;4|BZoHxMyWHiRg_NFav$}fIRMG;0ZSh}C$N#0Fs=E9N57XEIxXAuv><{e@S#8l9e zZaC_*0gzV>o$#wd?+mZxh83GXcC)K;oGW{Nv5C284%k4rYTJI4xr^z*M_m+{PU1iH z@!6$8dyLmQLcg;f;7ieZX}{V~oc6lVC~iW)hERJouls;l5Vg!sQfpg(&Aoaqx7mCn zU@m8go{E20#c}qvHrLka5Dy#nnGNo>$NKcY`^i4}PSL38(x2$f-ZUeT7%UKJRv{XV z=oT++c%BdRF;bYZJ9oZ}i=T-Nr4Z@73Hkwm#_0dQYL6lgyT5qY(;2MzYnweQYajsB z$pbxu`%AZS3!UB-s6e>!D^huZ`!`{skp~tQwXz$|szo5whuExt?#9`PP91e~KKIo}7~2do`Sk5D=L9kO3MZ`Thu$HKcn zVjU9C4DCqiY4OLLl$h9Wjdaaj`b@iC?{sw_yR4)fn_HA)q z`1JbTjnc2>*r4qgH~&6N&Xz$;SsRKHAZX0mik`>v=?t_E9htK(8VEpV_1E)ABDK zdx~6{_%kOYEfEL+v0X@CoH+5()`KCqW`L<1P89vbBblg$O45!%cX92<4@5SdE4ll3 zXZlsfPoUiI^x;1?#Zx39*yQtRJaUIz%Bot{s5RMQ7FE;0q${|A^ef1We967;R`rh1 zqhETgWcUf662rNIux$aZ7#Qf->WlJG@Djxqr2V{L^8QrtO^bu=A-`OtYYvl<>?V7~ zhGczSjaqsI%^)etx#0UT3M!SBiLTgDrEZ2oTZ`7)KOqHD_kKM~mWriH#c{3;XArE9 znszPog5#*QYED$>tV(qjT~#$;#V_%r>ta;&D&@RN1~1_;?!Lf{L(N=&U7s|S%Cd6 z-Ufa4!XMMko}=|s+~E4rl5#L+0B4uU(ml=s;ZyI#v;h_wx`=G*@0w^{rs*I<+?pz) zVc;FZ6ms$PfWthHVT*$oYpQ^Ct$)f4Z_2=k%EZ{eWF!D0=d?z}2B@~mgy!a~L`tcH z1m0_HBo7o97CaKN=js1R&YzRQ7@M*$lpI__c~V+Rdv_Sy|1{H`F{%sV9nqRYYyK5H z%K7jzhpPfGbkB0LVX4eK+TSEE+)Ll8qep7*Pz)7mDv3d(Xv@{15iH#X} zgX>qR_MdnZN%Q>0!(^L(sVsXWzY+)ji;s3IvB{BfN-s8&cL2~HY}vWd}C6GrfU@}ZwAT8t2hokrT-{+0vq5TD^Y^PST>St zrEN2@!H>`SdE1Gl?$*9(n?e?trF|K4>cj+C63L2i9(}Xgj~=yBsqj;x7j^pH^pV`x zgmn_t0mZf!=biDy^@K9$HUB?0$R)Fhf9a@%nZKHg7XM1&2goms4I}ZwH`Ab&J>6bD z;!}vF-G>6mWf`53d&X#(J#s z$Fdm4{zOyuYgpFWa`1ssq&zOeOwm-#lYTg+Vo#gZ2UgPxOSG7!6$_Gni=Y98EYg^j z9#PhoXKS8af^8DRWcjHDjLV>9hm)Kw&3wl~*$Aj|M~LWvvv4-RI^V(g=6QueP*~%C zQ@PGvB`BJRUYq z{LKd~Gir#CKoT`n_=5VD`^I}y6WB3K(PCWba_()Nr)UfCS3~D%mHZk-9GR^V+f8zr zu^pg%&qFS8=V2^iIcLN|e@s`6~h3{l7lfp`#9rRma`6CqD<2{_EBW7 z#IXL%Tc_=jK?C0DL2A`=jzQedz%ZO~(nySx3R})t`t!)}z=rwj}{lr~``vUCH$A>AuQL5FZez}=68)fP;w1?)C zY7QX*{@e6THR=G|yPPH&v||Pf6%^|R3fgPKkf8dP7+`F0#))$mZY{w!KyQ6qI)^C< z5WL`f9^`m0IvyvUHAEjTQ^ci?HmpGHEHKxJgmuj z&TEherM#LE06LrFzj>)q=t!UJEBQ0qt=rQN%2^u0CH>$hp+4g7^*}~(&xr^xp^j%X ztX1foa;1Ar#ePYJOCH@WIs55B_8||Qm1qf%VCWoP_T>Lm&~TkbP}_%#fb2~!mB9r1orHsgD!JSh3tuuZaI2&9tCN%vHxHMuS=7R;;(S*s{sDSf8F9+oo>HTJ z$KCXs6u7N+H&|3>Ht>@lH9orNK#W+0u_^21VSQ1(*5N{GMk{Gj07P4%KiI0I6`9p> zP$&>T3%z1KF{cMU{W3za{hwN6~a(nP|QGo9Mt&E;xA zxZ71mT}bP-)QeqiGv#K*LMuaPRV zj#ruwvb}ka>enjK)w93Daz@jL99kR(ZgX90Y6Gi@y5^Qou1q2uFqbKmVbz{6+0W0X zU&z~G8t@Royl9iSVhLYPHwl}G3$&QJ;XJJq7~P3$yQ_kCvAi6D4tVb%y`beK4*emd zSq1-rhmr#L?O!}-Oib#i;$(o1J>kE2TjQ{oSq-e!a?>Ho#CLs2)a4P+G{HlRIL_qE z7fu)XkP!-sAF$#*xywsLC(^=6@+b#_=M$Kwud3+-^#!MNEQYbG%24oyA>)7t{L`Yql9=FcE;lJ>x?k{ zNCxyB&o{3CGzL3PnKZj-4=VX0%8LG*LPy2#I?Y1Aov)n{KUgfrRDWs3mSmP1% z4E~vZM66#QF^XgCQ$JEqO>?-x4vLzZWMU80phUvn_K;jASBPULN%}%VyjMMmuYBc%ZjJdFV8UVIPMc5_`hmTqXdT2@#MDX+!@9mX
    n^Dxx1;9Sg68?Jw^7- zD-$WrcZ$jNym8{Q3@bU^NWlN@IjCHvIRC{1pjod+rmVB~Ne=uCs4`(9Ou84JyRW0# z6w*&5UM;LWIn35l1sV1GA(jXRJyP$pvRE8f{+(dy`tV7U+o7O|UO^9T-1(J5GZ#dd zOTyWOK`k`Or(|H3clH`nw!T9s3srYMlb0o~9tEWj;Z$*RSg^gH`khDVg5iu1&EF}+ z-xm1EcLZpML!4&AJj=U*ksdmA((6exdp&(FHYGo3LIg&BtusW#pv@wlQ_lSS?wfb> zK%VWwFXmL+{%hnR-AP5cjMPK|FDat;q;#5YrrQ6zgHk7X|5_*>Mtq zz!glnbJ<(JC{GgmXf&=a?1PXAeUtK>>)6F5NXma5o4h~SR&?ObfD?PiZ zdd#V)MioqB2mtik7$R9xJVSama!XIdH$XEfTVgm--=Wz*JgtCZ1_N8*%~_si$kN4> z`<2>~(R>RFQ6h1oBOc~hBK4xmr4$*ozm8SGfTYD3J>hV-Vc9^N*ZUpIY3fK4TkUNu zWU!m+JJI!odw8I#OY6RJk(e^&?*%eN{KS@Cj zZRGX~zpcE}N5%7EMl)30k}|0<`7gJkWnFMEV_Wc8h{euf>dS<&{oHW8MSKdd?`iO5 zv5F@7OppvAm80bs)Ct@Fza(s(Vfb%h#j4?>mXl*K$aiSSnZ7H^?uvf=S>?VEQuoes zJ8O_hV$16~sOG2~H-s$DZO1tJUMj&|?)Mcfl9b{1u`@d^zHKSgeL>#4?BWTujzr~P z3eu7UR6Fk#S|2J16LgM|(`NJC92v?yR})7I%yIxlXhm=w z&9Dx>B>2cT0}9W3_ZU6wn2}GLO)ErqJ&NHkJPHaB6S6dN_vZ3cKF|cA=asbd%k*3{ zlcSB8(p`M|X+hyINRhmxUrV{bf=X|I_5U<9+le~%IpoK>>UoX2TR;-H%%(Ugmm0M3 zT5uy7Zh8Q%7c3p!w&n~7Ia5dS&ylq-%9z7gTyl5r4YrQ6fzn}?jU6)(@KchfF%`+A z+z{Gs83ds~sj-0>ySI!`?|U#<#rdVuyVU4}7@e>Ih)$oGPXo}nj4n__5B-Rt z^=2Ah!~vK2y4&1+jy=(YQ_Qwmvt)IA6zRO}AYmLlv8xhdCfTub;@!th4jYxc0Xske z6+mmVQ?ldX6yozbF*x7&|B|r3Si!%ztI~y2SrdedTMO9i&MYnZbz*unsgn61^{pvM zk2!w=zvVNEwW45krfIOHL%)yvA#t!5bX+4R@#DVpq^JrYfRpd3!*;Ic)*(CEc|cBB zMO}gN&oeb0ol)dv$<{34^J$Mx*jzn<`Cp_Fm(g>t80MRNQ7 zb_$cXXy$kIF+5|3d-kOw zXj|Qe=w6$l=%!Cc1!w^EbfXZl%CoZITc;nuR0Y4V83hr7`lLX8QsV8SHodzwvJ*YwB zIraEP9j@5UI!-TY_C4~D<2Y;suOkViTT)N`fON;pUvKXkgrglyk!-~1h(&}a0RUsC zlc9hwFZ2sO2fOKCd>+00{+?5r0|hqx$HNy1gb#x8$D;@N$Mo?B3m|Nmza`GU?RE^+ z2mpCSK|A#v{n2AOmtwSM!zKt-4Q49Il7=~MBvNke^)2D^EVueuf^K?OX{SFT)%(~Z zLe9LzRZ3^?N+%cuw}x;tedcKYRRIR8yN|2YNsU1(B407qzE90Rfn~V)fHwN zhENre5`x&K1qX9yiQ<%Mxe2JcJ$4*2YoD@o6jgClWIQ^ysYrbLG&M1II10n_%s>^SW07V)`twD)1@88F;!Kg(lEpQp!M!OKb3L`?Q zi76qqg%B_YGm!$T2d=c35t6JK5gP~ahz3kJq9duGeffj+}?B4U>8XK0GG z`)q01q=ktqO>g0^fVjLF9bQxj!JUP!v~Lzk;Cc$d^&{7B*C?+;glW_}yD^DHM_F9z zh@$?bW9E~~YN!JZxGO9y@QI&Sc-|y?f#@}dv(4{wSCby!095)~b=xCuE22*s%piut zT19A()L?)hfE(iQfPmlvNAf`SVKN33SAexOCQg>d76d$AX8(FC;ACoIVdz3PJvW;6ZbMf83)$z(hcRVE;Hsf&QzI1pnhK{Y&k?zh=1x z2vDfJ!|xGIY0h)2u6H)6)(9Z|v@>Hz^(t1ROu9-^WdaCr3tI(1VCKrD;uqRRWBZdN zmUP+qIbncKgTaV-26zLgo#UUlk)ZyGJ6#nJ^l#w94w8gXv6$gMHxZ zALvUIGBREZ-!lXVraaRE0ep+UWo1B`2LS-jn6&T^`n;QVBDL}1>ZX1D?j2CFyN1pD zljD`EkrV#p_@OUZ+Pe)taY^{Fp5ouz@LxGfMldD=WEp{*FCXJ@--Or#%ruqLW<#@N zT8>hbD`R`0NaYky%M^vAT3ZEi+bk;;2}MR0Lqd}Zj0s)BL%UaH0;q06{#S(8)fEne zJqw_quK8(zHIBY@jDoGAJ#0u@FFZ#Dd%JvdfDjSQdO>iQ1ShX3^rh*2t6qj+{H?w_ z5;V(&xOWk?y{((WcR9r8Qw=Y(32RPn5aey|DAzH8rN;60U?_iz9KIojY{ZY$4+w57 z4)1|_6kCv>B;hu^hbn=bv+8WZ)Wm`_tPhJFu(bF|MUIFB(fT!C*K5X3Wh49T z7x}L>o7=MPl%V^9o7=Vv{bmsWr0${#K^fpd>Y)WVa3 zQy{A{68w=piT>XGZJ(~b@NfVz9-4Owx<=`EB*h59Q-kI)5yEt%AP`u&&qbZ$CP*Zp#s0EaP z+thE}JKk8yWQCcb>OA{bDKXwf#57lWhCH6Mw^-WW<54JRX@Ue<%S z-6FPg`yx^g8z(rnnr> zk8Em~SjIVK7(aR5$kIBprXW;GgIgr8$P8$fj{Z0hRE@=m@rRmEagvuF_YW2^BV70Q zh~K;1wcd3@if3s9mb`=5{?Z@A3M-9C`H-03Mk3|C zQh@0Bxtwz?Uzv>pJE^vP!ukftLW$fIIbnHX2om$F$^UV$?||cK9TA@ptl8@s3$&&B z1XHJ`jygZLEY57^8KKRuEWPAjPO@k`kj?vsg)D`sSa>71c>Sg|Vf+mTpiN&B4$*oP zp%S3?X$S|$2i{M1ohJGGCiC*KUMJ&KGRUomxT5}YV}=WF#K_=wWTa1376he*S@5tv z50tZRKrM{1C2;Ar_CF3!<-V<+zZnfu&wa%6r)e0cCqVw;1~)zEOU9&}rDZ5Y8WMz5 zvbQEco`Boq`V~D1@(^P0F63!%m|Dvxg ze(>uDVUVcM!D$qQaF%|%hgD)GhC%ZApw}zJR=ECD8$9W5rttK(NG8;n%E`lj3kk30 zug*zW+QTL_M zEubxS$o<`-G(&NHXDemp1&0e=>LkvTd(zc+8Qq;_dedn&&-_3BA z%|`3ZYxUZ6qKiz}aczrHC018;=}o>+_2}*RURD(>Z1iXWrAqA%ZBe4_9rCrE zWyYuB0W6Bul$bGgnHpZbfgsiB>VoeGreHCvgGW3%qs6SMR-LBpD;6hky&{1B3PpC$ z(*6~7P)a|S2hfR+5>X_3JVkB0ek0D79_wzmY1@}C8|{MLlQXfS+{ z$?1loEwGit-k@V{gI!`+CaLJ-6ktgF^%@Q@!}eWfw*cHH9njfgW$m7c!(COfg-qKx zQ7iuRHI<+=2rw^{NWr-!wr#1Re5Qu$lI0wI1@NYH4!yE^6wKO)Gv;3xN}&F^Q1X9X zCHYrs`m^ZbH2QXD7)sM>2%6abJ4=BA>9}o`fkMK>GNAv(>fht1Tz^iKyaCaFteSfP z!(B67Pup(ed4td%eUSEeVdQ&OBxk4cA#WClF|?+EwqQCp)^tZVuC**+ikqS6$;8;! zY2rg#4oE}2D z=9cC2L^dH2xHL#LDuTYN9CT(~FAiGp+u1WttG0q_Hwtgy=v5HRUVw#p5N)H4dOz~Q zdOg0gs-BrYw@Li|ViWr`t)l%JO?37^b7?vq>)k=*$G0ysoHhsP+s-i}hL^r5U76e; zOD$Y(@ZF4BTw^rLgHaUwWBliKB992(r;Iew3C~-j6^fGJTz2N44tNUB>H_y>=0FP} zTyr2#5xGx9oW|BqTJDx97~G)GY$cxT1_nvho^eB9JR^SjFJp1hnTN9^;&`bMyR!^c z6ue9AFV*KapQq3ew2v(sA*Bys@^a9xlVbg)?<~{zIE_ zLVl_t{3n`8Q+8U7Fg<&Zn!K0n@#v^HlL1Cr-2q%JX?2985)W0zP>2oC_G28v#+LsD z`D7{9x=6Nn-sP)+aAi z))s(6(iwVseSP*a(2=Rkg7aU*qit8E6V6%4^x zBW?!A@CZU?Qzhnca@F$-}H73jS_yE7ANp~bY-nS;tb z0seKyu;~NOq%lQDp?!5Xt#BxTW20Q#LLyiKv>fvjvw3?iMLsF|+j^n0?v?-8Kywiv zvw5W)w9gmo7nsDw%he2~_i5w#xsnx&8FjJPk;BUAdBDIFn;3|FEP3p#pLvcqFrL!* zpxWEvcpC;0nFk-@43SPE-IiRHjmv}~ngMuy3Z0_Vpn&Y&?NrX}C&vv<#-r01#CgYm z;GsUf>G&6q&08-of~AXtehm0;&!Kjk0@MW~!G}j6jthomBAK${-|&-xq%7u+7&Ou0 z1oB<$25-DNcXT`bSnVC&sg*)bbPxb+-P{ZNiw7qS;Nd@GAH4lfD5Rq7xF#SHSy|kXErI0ESsD9GUG5lUaQ>w@x|Q6o z)Gy-;><{y+poO_Y&Rd!zpw*Da-?|enGiDe)0e9N+fI{#+Fb%9}IX_;{A_2LUfAzox zMPP6Bhrzif%Oh(mA?N)?ng{+ABIk1Octo?6WV7vYXlR@JSZ3S%(HqdQ#s{aOmPvKGPH(;EibESTnJ=!6I{Kkyi0jbBe~%gH0+Hfnl> z=w~hc9d}F&J(ofoZ4}!Y)IrfP54RRb@4`^vvKMq>EXG(H1hy7E7w`yiAQFoV@<5L| z=PQn>$L*=74@MHgOV;Zxk2&7-$rRp@IC?{jt7G-+$a_JMwn`YNvm%A|eb8 zBn9aw=QXTye=+!Wyx^~A|Cx!;q+yh!xYMSRutI{2Y-Gc(Ieu*%Z6#GtQCqLuW6JHj z56wBGRQuet8H)rZ<0^8~LMN9Dh{ebV3mO}i08-CU1;gjVf3}hkby$qqc~teKeR58 z#RrVvt7J=)aHX2cI;^qdCwfs$+Qs9-ukO!jWkJs>h?fR`+K7e_6c!y*h!jS>)PFBY zd%8odu(Skt)Msbf7Vl>hF|AG5fM-$jo(FpCCg`WUwGf*^Tw z{iO!^&t0a!)bJdds78f+j^;GOyhB1GX7XlTwEU$eljCo$`S(bW0|G!4YOw!Kh3>c4 z>J_#S<||cgqd=FP(joGm$0x9*$Le$)&hcw{FHm>X6k$Lwxp5Usf#heDV+Y@;X36v2bde{ zc68XIJM=YQq>P zy=U64La%4M>I93Fz6^k*qu5v|23^j9+9HvNYlD|!@eYd(5^spH>4|a9#9;<8RRsa} z)tGg_*abf$6MmnmbzE&C{#4k*LZY|ZFlUEf$oiqRZ*U{5g3SNph$HT`y;oBN$@e+9 zl@!2vK12e;U`2Q`)n(|NtGb<;8#K;dgJ+ykdGgeuY`#EPFI^p|NZ1;k-PR2w`o=_B2$qz~lln^{*okG4My14N z@K1fY8zgjuobJ`^3Ai-kJ@A{Qd64FZNsIL+^nND!<@UO`|K6wn-J$;9rd*o=fltyR80xPftxC$7>;V2c7|c>4=wWB#O9_nLl8D(5VQ z<#FeWw_h*fA;LPc!dq~o95_{XUk7+OzB1Upc-EhI;`hZ<*eYk^x@3pkK|hYx$8Ea| zpbWHN?X7SUkLbZXR3(j87Jv4K<>&V1c8+WHwC$(3q>aS(3~zHqfw*xX$L_3UY$W8% zs+cXY)|M`O8uri`E`J6i;ZK)hTld2g)1G0IKHkJn1=Of9Z=F$s(l{^m3qVBqC)lxe z2@v1_DA0&dbM4xdHjz{t!7(efnkyjn@CWC3zZlD$5)Im}2uL7_6=$n1VGA#5W-(VU z7b>KmC)d~K$w5XqcM*=ZrnT2IBe!-IEV7OmVlhDw*o8HlEoRX4;mX$p}1Vk>D75Sjyg@Nabl?C^WNyhBihwdsIF<@Ax|J za|QB@u4~IL!hxb|Bo-^x!$xLzD}GE99#+n?hna694*y4n^MANQ#^Cf!6FbfdILGoo`I; zt5G@Bit?o8vmt;?&Hn)5_L$%Nt77;(cVq@_pCKu2fnu$BZYLLBsI}Y_yn(&){A@;P{ z3JhkIOb)lz(X~vGUsd9=@`KWX%~1|!0jGDv22k5o?E4aKMhhJOF7YLl*Bk1HwF|5wUa2F1B-?GEmm z;O-hcIKiF4-Q67$T!VYC;4(PDU4y&3y99TF!#6p5pL=%QQ}zA0x2I}qs^4c;_dE5@ z>RwMjYnj<7hW~UYx=^$kBAwA8bvw~8K^nr1*|(m%X%fkm3^?iP_!{5r9VgR7Te|d; z*rcyeohFuR-?Z=UoZQ-xJ$$ppeL;|?o;s3i~dehzHL@w>=NPZWl56)Qr7d@j@Ix7FiyOfV6 zOY%Q72IhzY-n327W>DQN>bSpkV649$$h}u{qRA17s5NnaQk*G}s)mlu20>VSK=&#pwx$_|NLvRv6yEsm2Y_(@&;| z=cyS+VNg~EUS0cKTL0MpchABy+?xvPZ4**1My%k^eiw|_B&f}lnWk*oC|# zTQq!t5-ff=qX_u|@TacS1BWMC!LE7u-wu#FM5pilIPC-z_cH?_p*IN*h4gi&?{tzp zIplNlJ?Ji_vho5}(PQdGSUR~zduWYD$wh!wH z(pmiJnDLjN3*lq=BdEs8LanMfoY^t57G5=~Qq2qSb@-RMjJmJmkMWde5;TLR#YYWw zk$wqpOLmi;l0#==(>B`OYb|`oKQ?d-XC2+!X*-(=NW77CX7S>_*rqLW>o_b{+fD~f zNJDujtT&C!&Jg6#S+AFup8SNf<8Bv}br3wif*|5;mEhtn^BXrfYhus!vaz-E(Cl-H z*%H*(FS_;iL+Y{B92Qwd1YH-cF z$5NG}dPUVs9P1i0BPg+Z*vTAF?r_GKIA-$*pjEyAeH#09Re<67U8$qYDIGL z&&GajuIS8i1cO(*v|3usBgpp<%G?jGA%)dR%o{$@xEe}^kK+!H09WqV#BODR*a#Ft zv-@*K=5qoFpWNse1?&QkVpO1syz1#`K|JJ7H%hw(M;Hm2{HdY+y}ZE96u%i0EK9zK zb^H`~U>m`4mmW1_xTVy9^2+Ch_;PwFNNc2NUdo`)*mGf@!3o%ZZE4GKK*aYIilJ2YI6s%Iu%v7nwrG&3!?c z)lGd_=>ojcvIOv-P&i3eYPp^{P8F?XE~U-Kn(+%hP()02tf%7sGXP6AF{^jnqx{VG zvj!B{TMu(?!!Hh|{v05c|BUTT z4V^;QqN#mT<2flj`WB_07@^X5J5{}MAJ@8)iYzBT2n(*2z9%ex_DevEm6yCAvh0pM zU=~Coy84b5kwi#l==1gUhQ_bhLq%(!m*&2}MqcML$^>f{(#fruxOL&GbUd8i&v(DB zxl_$J_1MMDb}tI=rP2*W9p&8ek!6k)agXCWspX~TVgx?6rFVtnw-fQB>5C!G@VX3z zpBg>m72O8wi9lI|EfAb4z{)pvtDx@}t*w)6ux#bQ?F*o0+LCi5?cNVsx&@krptAA*vH5hG*zdmL3#P8woP$hgCu9To7}Ol;D=*g_=jQo zQ`}3dCUC2K)8u+_P~CplLnV>150h^sY}|=_K)FVWE|dQ z@D789Oe3T>42F-dv!)0l&fJjLa@!P{GdI z35SW6rpbw1-~z9kpX57_vidkX8$7k5Pw({GU0s=(tR%h!j`7gsYo;RQ zC+?J9sI%jng_I@<%UMY^on;)57_IO!VN{ik zg*j22d!44ujfaNhh60R^J6h5alQ0Jp0HWY?iT1ED0s@kH&qsB@Oht;|Un# zeZZ8hny*J>qY(0enfqd&IqI_RHO!1P(hSi?Nb`QzR{c#NeVCOpCvDGKI-^VOEP{Bj zN&8&7sM=wKc5%I8*N-`UHz1Djy^8}CYuyEm;PtrY{MSMzD(a*DRAOR#@t$rUfHT1aNMH@(}DB zC!!w1o8Am?8|?9KyZ(i4 zE~2SiptwMpeWCmeyh;)>@~kllCp)|K^=y(?tm{I@uV(LI8dv{@aK2tntm@Cl;bAms zk&&lw87OWVDK)GD37(84EOZ@y_1VCzXL{cTQssRbmmHX`L>OBr$|i`j4^I+d^5u0@~KtzRSAN2zKOmlOC&20P=xp z$PhEzzU@LKM*Lo1-O=ZQz6MFzpef#W{62HOoVS}*SyDf{p0iK{HC)2i725l=iS^M& zWqt%vNLGg_&ceuS_if^>3sN5lM<|GQpK0AfHV-XEFV|Vsm(~3aD=IZn3(u#L9`1Pa zDFXrpCo)FRBk8s0&U!zPe2cV7haAB)A}sW60z!#jTMqd3B>XU39hhL`bg5pyTuOQO zi(@ZV@}zrfn#DO^Ea{h}_g1uf@Kb<=3ynk&VE=Tqd#rHq#`gi4T;|f zVM<*Smo|`Y1&@M_Q0z2Gn#bN@3Fn`gbeDmOu36j=lS$=m@!%peI?R0J&LGY+K^#|QqpN>F|imU7X^WpmuXn%%7a zO2Mr#*E4k`)~Y6_h`fguhqCvq!2=Wp!`ucWG()f@#@Il7*mqIdyD}=O_X=TPr~Myf;Trh&s78Z=#cb*^?rJ~R~ zJYHmmN2pR|jx#E)Vr)yN+CXJ%HaTG3mlKX~&xfR?uQv>>TWEz?Bz`9jt84Oqs0g%^kpk9X<1@F#OlrVdU0iK>&M)oI616$w zKR0pda&UK#ny$?@YwH3nqowDRoV7loi_H_`{joj92iw`~i&t=ctJOOk*}{3rxht9N zFy{ybG3hHRS>Jf8j7-5ZT*e_`ZoW>*+3eVmXm+)m-Z>VlSzQd%L~stO#@ee^q2I6t z(`L*-oYb>tWs8kXJx>6`+f=kQ3jWy7IiyB|I+>8pbYAam`l3}+z30_*nolNhnJvC{ zo|*w%EG^J*ws{YNO%SMRHY$=#`AYl2%P%E^6Rb9A!Nixdnn~vqL6HNP{8MG4BiPN~ z4T|DSeI%03eCVozsgF7AZh|JSZu*VOrg|89=)nF40s`=l_O|%82|$;Tkd^>nfCT7+ zUx2q2fG7Y8@=yEo4h3$|u+V=RJS;2>ECM_txXdR40wOXRG9nTx5&{AW1_~+~IyweA zA~NPXO!Rl)&**QR03>*TKfoUX0t4{Y3m^nQ0KkP8|2aAw0t5^!6g(vODjRrSP!KRM zaL|xYf6opA5(*X?1_6VWe(W7()7d)V--!w67Knjwf41Gg?FIr<0T6P*_!K5 zLS)gE{@!Dv_4nAvs87jet+;4GulCI@0u)-d($KS16&{w$%7UuN6nUBNga zB8qyha6u(c_FRh;FMEQ4RAghUriwE&2GoYB7b(Pw<;>n+U>wBMG@r7Qh%e|S_P>Dj z{}+(pFJM&ds6Zpi&S(fL;;M!lTT-~To^n?|Wyl{5MNT}OVBDWO$xzHLZl^f-Z(y8%>1oNTydxO*zuZavw8%f~ zse9QA6Sl_GmDDKsQmf zCjuE8)%qXC*e^+Ysm7kDR##^PF(0tPwapS9<52WdwUd1RH4TCmhnBHnsHI9>_w0esFJ2fd%|!v{jWMq&7L{+}c1;gGj3T?C32~jp;~#$IU#Dzm~6$ zA_)wGdt3T{TPNtm(Vh`P*fhI^ma#nCYS7^Z(gJG+_N!JYL_;olTGF}sa*}>HYvbg# z|FH2JNWUqlD9mCEoq#NP9iV>5=`gBG8+Y3f`F64Vvk^#uJpXp#3SrAeV!cGQA?6`W zbf|vLI#R8*D$bEYvbfMZVS~^PaZD1~nOPUztN9i^;{7~fgpcJ(` z&)+xDPNca(__5VksERoe&=L$dcshAc1DPmD^cTxoDy7(c z$~Xcry21a5Vq45a7kcG368aANAB??BO|_W$OeKe+pT|V*RkAYKIf-}ik1l#IjP90< z#524@kkky=D2cB;<I=%~NQ92;4X6DJLJ0lE5umYiBz{3lO*m^IQcTuv2}9DoVt0 z`u)!N8_ucCSF5aY8Iqxa19ycx;hOB3QhPo8$bkt|9-c)+Z6>~XA~LSg0%Gn)f?3|tXgpTu~O1dA5sjEHE0_!t;S#k0LK6YZXcbq zqLPg=0bha!a}Nkp2L>QI3WnFVmlkiFnZxQd$zEgK_dO0}!q3iVliKBN&QGowhS;KF zrt*heo3C%Xe*)dVx2C<&6j0m^2_JuHe|{W9Adlvtoc?5EW&ZSJN>@?(N)e(HC2TCD zP1I9Oez|2=9V08v(5H2dt*-|NdB~1Df04U%^p};@VlNHc%%g&GRTs^U!GO|i^?&b) zzZx|+M2{E54Ud90V$z85b=Nsk2%p@o%!G)rZ=SMoZDD@q)JdQIq&R`hTphNr0Op%p zu{(`>=+Tj)ygiqn@Kvs*Qh|qilQO1(3&LD1(CBb7LQ5=K0RQo|e@&FnHiMHU5D)+H zyDFrab)jHjK|5W6Y%O2M2OVjtbm}QZlj1boO5rxn7cN|9Wc1WI^7CzC;Knn_45QCW z?C&%8HuWv#HI2k2ZaUkTNVBsWhV9Ru(axw<1(RqEm=qqFr{V$w89F{(-_eq>x zn{0hNilY)t@|GqQ+Vzna2AR4p1g;pPX(ENwEQ3E3lUVXaTMn`{en*Frm6ur8yMUp^ zart3{cJYPszy^eH`mRAMzW}Qcl~CD*RcPcR6+2zM6c6!OUL8E|RSFd`O^j2Qe_%7j zE=p^91{`)D@=;ORDfD@oByYXNmA*Xh*4VRDjFjyZa5ndq%Aj5f56Nri!DBG#@Ky|q zca_5w+s`ZBLlJ)|Jdmk|G)0{#T!87Kzg&o@?w*1CC;!gZ#&^j;xsP>5Jjo4`M_Cq| z7>cT{eR;7u|41Z)|C31c=dt)Zk?7w$%c(uI7tBK$E=dbcCmJc*a_q5h623w4_wLjp z4+i151T+4P9#<;f)+Fa8u-VyOvjzb7^|_AlxABR2rLrc2PYYArVif%?v^(#VOlBs^ zMC*r8<&T&@BJ@j$m1=FQDK1^_tsJT=1k32BzUo!Gt*UkAktlt>6C_Dqz}X^K077S- z$Y{UT3^MU2E+XRM#eaD(7VdgIM%dp=2wXLb(>VP>UOhVEXtl_V=wJoMgw9#j#GgaY zIF6N}V^HAbOAg8tHr^Ouy8e`@dl^{uDAr3lRU9moKG;)9-^NG7RY)GLHTeo2e zN_<(j`88ef+cAE%^xlacX;FK%2OSbG+o%lo7@vaCSM-rk%F_q3OOmh3>e|RhRF_$o zH31$diJj`H<>BT$5!PGEL^|+L#JXn&bSrPQNM3o)y$NU8S-k_bwz6+0zI7fMPelpQ z>r-}ArKS&4#!eFGlA&1p-%vtVs&Iz`%_DDmkBdaZJK7 zD2~@HiAb`3+oZorgZm!3Ha9?PF0&T|5^i-U&XMo#$t59hr~-N?pUHMp6J>ISP4Xl< z>lJU4);$a>W6_l1k!3D9!-uay@6fMbPiAjRo*}?HC=1yHM7>`(l6xLBBv}MU`TnU` z2I)tR9EV(a0KqmK%;xv99(xkV7NviA3@#7w=JIFn$;ZNgG0o57ZoBm#DXHmOyQiJn zVjJ8GSi?3AcV%4+k92Dww6}=_n-s6K&_TV_*+&!@SJ1E-1S&_(zN6I)J{ID8m%{K+ z1c(IDQ)L!(6n;57v)_G2jC-o^wXzrR&$fv3(_i~kQCAXc4 zcYc7(%#w(jpI9A#1{g&@Hk>NAi*WRzL>&b$-+9Th&eo()a)OZE_yq(aVR@p_YNGH& zVxsuTv0@VY*7W6wQ|`4WyRPx=fzlEXzGa32h0k?0Y`WSKGwlwEWVaIVCito_@NL5f8)_Fg$9^(t(!9E4V`L8je>x7+x*$}x2{8vrX76HAAUd1sgv&P#Vfy2-UlNfy7>I%F`z$zsjSJIv|PeT8V#L<;3gxl|&HFhrLl&t0#=EFrZE9mKXD@(C<(f#&HNlDjkAVxK&Yjwzoy2W%j6Uq>KN53^LU6Dil z(8u5nDfN5sU871R>V{vM^JC&(SJT@r%Fn~+c|lAOl^VlTTTz%69VNIGWP_GRV>j36 z?2NA#)xp8Pjq=bPM}y`is6alWZI#~k-Y_;;@l}A4`7(Q1vAD-Vwx(C^$y++udu)jr zCUla&qILXpaLsQ$nMNQp;(!NwlE0-ZTsM2E^1uxA!aZXp2B5_hcuoPTuuPPmLv*|Eo+o6EOjL*5d4Z+AeI!_i%~#jxRm=Dy<5*fo6b(6pDlYRe?6Bim z4v?9vu=S;sUku4CmxflKXWNITSLbv^4c33+%2wSShu&;U%WoKuau}e;CW=1 z*=w2#ng1T4h-I$}s(M9cV0*{!t`GOVHjA2e@>5>9FCdYB`NZ;KD-yN;n3Ge}1-7p` zl~>bxO;Or`5CcAS7afqf?KVvnk7aP*Uti~w0F|3LD1<5Ao(-t(M#`fh*cG790cVug zSvt^;6b0=hE{LdW36xlX9E|v<#I78_kI)!EnRQGJ+uY73weU&V6oetCO=iwA5J*sM z_zoUC&l3I;;nBh|U@K+C5Y%AvLa4wEhAsihqbTu6tLK?f#uS{3WeU7QpLdh`PV0sQ zuG0HiBf?tg7wg`z#EcF*2>q zQ%1Jq_T4JQ97A1XQjtn>goslS$UP8QCXYyo?2xgvlDE!omGS8Y_35NTj&SmJ=p`!s z3O$+DZ*D!@UPYP4_7_@{L1DC#M|iFARO4Rx{(-vP7WC~tM5L$~O@~b zdrTr)Eju;Ts&r$*&qxi&jLli|9&VYxdQPNH*pe53X36+CfgYC%s=-Ip3=fFl>NHIRE z4+T&HfUDTICkGcGBt*lHEDZqyyBbYo^)+H?uDWawzk*`sC=gIrwmt*_Du$amU{bOG LSo~<#|J3zA@*qUZ literal 23391 zcma&O$Fi%ywk6ufungcs=RU+#TO)v0%@;wfS+Edykd%$#P7 zG4((G2YB(4qFMjtD9(R5A^+5b|1zZXzxbyu7=QlzKOkswHH(+)#hOcA;)Jo6ui8v( zt+3|X8K`P?P>I~E2+{b?-I$^^d{T~#_l+pjVAe0FczG30Czu=54}Ez=gxuinKv8kv z`L*TMuxs`Po77z6u5H|Szq0Z>{UsVswdr0KL(f+u`Wj=si{56{Un+@@mzc_Rq~r`U zGSNYL@O4fo?^wU$(!QzlYxb&(JALp^Uw%PX@O;8@b-|&5nd+Iix>#R2-pzvDR2oXW zns0sx0db!@pS2poI$nW@wI`CYexj%f^^f2C9Y|@=*ZBxDC}CdAQ_q%$s9bc!zaK@J zKWk^HJNB?0ZMV^?DdF_xkowWz8wwr7o4AF=i2Zc+Du;d?*?!WGHbh|3_fIQ+ zLNhA37`)u|AqqwGou>(3NvMAn%Fn>2Q&yuxtHPixY~xuY!E*}M5WRyUj4x>$fqEUI)0smrQe_F%C8jhEA-A^qpzVAaJ}JIkR&Ik%eH)1{c^|R!F{{jU)0vz(?W2ot{h@G~t4Cj8m0Q;C#;57`#Srz{ zAuZ#}d7R7f&@R0ALW#&UriLuhnhk0r)UyME`6+Kh-K=MnovEWCE^&%?4_mFBDI z04k$cT;OswJ$Gk^E*)idp%u8e^;{BktT&-XsrFT+o`tb`< z8=483^SIXOett04;)8(he3q!3nU(OL@I{egHWRuyz|$^H_L;D`o9+y0`Tk0=P+OTA zUUwfuL>FA*-EH#5T+@*J=mNMXB&|w?)#dg?v&`Vp%<^XX^DpR@Z_ierl!cbZj#g>$ zrR!L{FFM$T$FO(`M--?WSlILPkz01iwC#<4woG?6iKRs?+^dJB{p3J}nq?bRMKsXs zF3f(^TT@(^Sw_W}82JA47L&c>kVak+?ZH~d?nvW#e0~i|iqQ{|e-Q1|q&V-nxqDmr z^^7>eu5o6nANGyylzLbNZr5IRXGzAiMa<-$nfP=Odu($1hoM2`XLda4ee2;457Sh> z1LRPIpY8??^OfrGO~OhaSP^Rmk*U1HgqMd=tl}S5zmRd7p!zYtpNC*y6t5xbavsyZ z?!m+x2;%ke$5J*N#@vHQ7|&=op#WREGnTr{Wa2^S+Z%EwQ+*dRTqJYa1m*W=T(vM9 z%3&H_93!x!%VU<+seP^NQudA+A9?FB7bbTR^MEC&dz8Kd#`&3Bd}ObBrud-_^N4w) z^QMIp{quHK3*5&UDCzR^zV|5_t^|x);yLhw{(Sq_3t@YN#xPu{b4^wD18*D6H^dw7c z9^gR96`HRvU79O>A1);EBJ$<9r@#pur-4yDi9;SPr*hzD?#~YV$5j6{OO7jb&J7jr z+X#P-gUlBE%Qbo44ORZn3IBdc0`~>8a|h21T&zqCp8qz!=IeawnUO|IL+E)OG}K7W zaSgZ&j&r`k^5Hmj&lugxlS;9crI>!`n$PiP*~2S0qCE_vNLlg{; ziTF0YUwJlNdl3149?!28-=g$^B~M&e4!R#+N{9G}dn)}3=UMzNPCO{ zsp0$U{mSOIcd(-){kg8f&iQX2_uN=2%Er{Byl#^zmHldnv zuRotJoF!7$k!Yi)+3_8q$Nl(G+-iKi-9zSp(DY^Ew`fgt$SKkE&p>uR^AU0nUY2N!Hp%lQY#+td;iUf zL?t@V10TKi|9Nxmtk)Dc6{_>Ui?TV{uiheZ{{_yaneGUF8wu;rZ%;}F>yu@F7pR(| z<S$c{#hWNj;j~;9(`}2r8c}G-}_+e zY>oj1>EZ!zLw-3ovi&MK(`c&(Klb-x%)Yk{g+47q6?Yl>SZ+Isg5RGjatW?lx#hLJh`+d2$5rz)JO^P}80_0kss7k6^ z;%asJ821I|UqZ0N_LQh&-bkAkqJ_|NnYP&l-;s+t(K)B5cXzA5uQ5Z&R!(p(AZY>iYscfGdCA$g*%F`FD zTRi(@0^1Kg!)US-e-A??<;Oy{sdlGF(&}x*5-ZMf-lZ9e1Suc*l3mLENb@f5q;RY2 zyLeJ4Ijl5>5t)X-jp8&3O08SXVEHYwN~Ip-;|VhOKwqIYu?ev_yGAJ0De?$mBwDg0 zjmvxK_xNGT#7hLfDK4C)%jD+=KG~}nldjL@^hJw>R?+9BQUi`c`4qenmiO$R{9`$B zdVQMiaXdjvBhWJ)TG%gqk|9OE%wJkj{JK2M;0vX7ouy%1)>`_EqQ|ZC%v~LzO1iUY z61vr?J2Hukm=?I2XWJ#7*_#*9qS8X@@d-YVdB+JySD{R(xI`G93}b79Pt_WJ>btBz zm4py(Vbmx+ABnd-ugAl-gLf*7pTlO;7o-KXIeR3zU#IM5HcdQf7O;C zaRap_eA!=Y{-{>0Ml$q*ea!OR$yiSTeJhWi$;dfSG*S@RtHm`BCUU--p)5_Gl)rWcXH-(`LG<{*;Nb z{4nLAdbt`WFCP0-yAydLqWE%u7@H2c z9&(=bLZL9uXM4sP*G*u@#f{b26xcRfL51(!A=$|+)NiV=Wv4Uu9azVwuo$!qTnm!% z_MO*1kIjN&Y5MC{ZmfkB;Tl!*-AkVG<5ul2ZCtcA#^>@9Y}1dNmXd1i^knA?umeBt4X zfHf(raoUu;^!l9VN@kS1u`LO)weE${wO=F^_M2MXu{0f1V7y(ckq@gnD4_^NPX;(m zjeL)6BokuC>{HxXWO_eoXtWdlaF9VPm>IEBL>ly9n}n>8O!*jhk7qYCVOBbQztBE| z%LcEmHcjv}H{H^_B?ueR@$)9k(_kOP`zz;H>~Ea-#Fp#uQQw7^)ErMX7oYMd@T}|% z9Q!1>Tp8R(K1l=W(1blLc!qz(6nD(>X@8QYh~v|?{H{(P$AW9^%}j+7+?8Im@l}lG z?3d|1suYP8P-Aduc1H9QB)V^%w`dtt*eE~iU>m9L@abi(3}z_jc|CH48cK zzF4B{RFbJ)6)Mdneqy(+?|(MhK1Em*wp;pLWYU!3Mv;?Yaqx%6U`}@*_;G!phpjxt ztyrx-OUrK|Z`nY{%K8dHk*)HQ1_A>xU7~xj+BmdP4VyW(t9ZcC$_r#AKI9d6%{^5? zpv|`eyR5Nr-yL}PTzPzMx{^pLNL=7roqT+MCbo4fS$e#MYBSA14?fgR3ehGFoB+1WMOix0hpUwz5nYOM!LqSMdVKC~^VvV{+ zj|}R+9M5zy0Mv|kO9;4l??jYz)9g_{b-afnh<|n`+4Nk#Lkv3LR%+YVsfte(JGWtd zb#!CPsuAW#`qYrA9`)0GGjE**POmOCHe7e@h-S==fjhXMnbygs0UqnZJgpkGWqHuM zLX=PEM8)&mPV`%%PNE~}T|8PLHdG`cKI0K$+Pknz2RdYU>LVFIRThX$^|)5WCz^7&fY7bYL7`XMRNwzn%nL%TYx?v?vNa73Jck z4g<04ELGF-=SkjO5M9qbO?8eWN$5$cu181K;>_c9p8UVFk-tc{DDi?R+Rr?&s#pH1 zS55E@%Mt?Lnf5t5PX@|_=~zy(Z^y%QW1WjzLfri4MaKBm54&zWqKvt+Dscq`&fq75 zVCEwcI3L|JlU@XfG|Z7Byx65+TXL=RAi1z=*Rr<~-DoGt<{C?U?EQWzBBdHnm;ZDx z`s!8h2V#;>K*Xz#Q5d_DZrv8$Y_l;{t~`{7r216Ci)`U_2|?y>5iH1G0KB6@J(i z`YyXrN_V+pu>2_&taY`w$O{?fKTooyECTt~=zXzBir~z(1%BqYBlo-EoEYBjJ>;_q=7`143kkU?uN-&!=zXZAk zhJT0zfS=KKhbnmvu)>9BKQ@VdZqXpdixYj6QV0MZ^L~?*^xldHkLz~3ewz0VNlcc_ zMi|WvS%z=(a?K6X19RTPhEg}Y-?@f<%+08Fm0gw!*Q^6iaX2$kUsc{h6QY+YXWZbN z25{}TzLSBZ$&z^Z8U<()*}@DJ)*~46`Qcf?4po(1MAwld2Wx35ZVc7L;a3rtR$$|5CGGcIjyIS-rv_%5XQ@+%7}jP$s|?Q8Euzw+TwCrMkiNIBtH6UMtn3F!;*F zLy!<<(3*~uoz4pxX|MR(0HWu2B=@^O81q@t)_v*D@unE*Vyw+akgZ-l>J9!hkOY7f z(Gk!C0fol;<+Z%pUdc4LXsy!wZ_OWyetlRLHuYcb*OGOD+!Z(lH!&&teWD2V9l>%# zi>{YTx++sf$gSWq%-Ky7qZW8tw59;~t($_o4H3$`_ zupIFZ*$F6I&c5tdo8l`kJkhl71*pP%tsbmUlS6$7ZhM9Uzc%SNBqrHJ%(emeL8~&R z!A)LNPw@P;?1A`vIppL^|M0wLRYi)ZR15U~*f~N$e_2WZ5dU8&%)f{H|KmBO`OS3X zpIWp36;yeUf2bb>DyD1POE!yJ|zd*-jBMUG^r z#{*RL_yTO?;Oqoh9>ZzOwRh;kYpU2G$x3W|Jmf_I2^{niqI6bZ;0y%WVTB2x`DrWD z;o+%%mfU*q#bR^%%uJK^xJKT|8Aq%>67=iGImV6CGdiT8PE`?1j+6w9gOgw_*eUs$l?fKi9h{tkmD_c z@#_yl@TOWq6ULhtmY4dl&HeQx;;w)ckobZmEl%pqgXPc@PO93zrpJw$ar~Y&o!;Va z&Z79XKNakjuuqEPLx%x+%>cl{g7mNQ+MmPdcPL5FQED7BIW(Vu=r}cvY<@=#lz5AK z^WG*rygJE)D~v_c=-)giKT2sluDQ=gSxlXpcwv9uUFCJWeCjNx67B$7`UigG8V>mb zKl05#&_=FFBS_#h9nde*KX^>70(=gjbJCWV(oQdJwD|ez`_bx!mCCKgB-Gqqpq4F` zYheIsl0%D6T7P5B|8jtOJpfMG3iHEC4Z9}q#yMQR<`Z^$udt<^FV_%_cudubgJ|-6 zdwb~739s)J&US^-2$kg-W}1yLyN>aNs;89jo!!QMpn+(B&jfk$z@%Vj4ywr{EuEeJA$tyS@8691no~ct< z*zEo+*T@5amE#ho{C0sKR;kb8Gd)pgo%7i+@9CG4>+NX)Of_$869TFLOvFo+-NA$YzZ zZd+S0ZY{NSssk!k`KO@6OW3~T=kZ{0v{T&Yu)02sLxxmYScYFcpqL?=6?yQ-iAI7dNuU9MN zfR?!W4u*|Et!?CtNdT$4ThmtcTqIoZB-ULh<0}pi8o}VW z`IM&g8DPCWAs+x$e0b*kCYotnRNaw1K$V&^D?xSV)0YNuo9_O-NPu`yS0AL$(uTP5 zCMkeX#a75p1&NLT#YJHjC|FXI?*mMI{mzfI_S4r$M9b>S7ogE8Ke(^a(}x)!p0B;s zB!l;NsNjC;1D~{rLD1AHOH%e>?5W?<`>}PPM2lW7|L!b*y_od)h-Vje--e$B;bY?Y zL;&#TM;~}tBAgTE4eMTREWvU41{gb2b<8I01t!Y3a&aA1n?EY$V*CC4$WqeQqxmep zAi-s&l1G0GbG=_IM+~5D^d=mQ^CY>=)Th_FAIwG_ienK>8Yp~L9VRY3XtzjbBmjWP zT*S$10T3*TwHpnoV6UP1zH`BKfqDNEk_?&I1I!kHBsl?1R?M841xET%g^>PON7Rn2 zj2Gu;-dYng=W)*^+ReuP5;)CR=l3vD{oCY_r7^=Cm-&Sr#|9t2pklsN(znH`J*r1A z^p6+(yTd5tT>h@x=!?^MMxPP^ToCux^Ur$l0pgjfGtvOzn+AM`F#Z9@kK$SIQ_YFV zg?L|K163POnIi}pZ-@GX^RI#1;0Tq^07ydYZU=U@sl~?|0){57%vYjeZmA4qiL1Q>l{KS37mgVk9Q`^7x`UA$&;M9hYS!(i`E+9W5szn0TY= z;I%nOM>IJai|Nrg>YsP^k0NQV)aVBkOGiQIK>P6-goty4KPn5S(F*SS&j`(hPe2r^ z+&7H=3Msx}3=|jO!Tx9DhW>A%`@f6a%#wmC5k)@2*Xm7lht>)(kW7dPT<(aE$h3ij zkk3C98#U_-6+J&@FppR_H1~i!xxyN&_|;s3v~x;LS_P!B@9U0ey~U-k;(vh-O^u9} zy67SPdge0wDP@(7zPT09cY%rvJvu_=tgm&QOR1>>v^ju1@e8ASHPSF5j?(#hkA$6r z*gBP=;$k#Ry8<0U(nJSuYDOu$$qfQleZv;ahLBsRdqD%wy>?#4Wu#uv?sNTWKXWl` z&FXQ>GWJWwI1mu7rwh*|5IS*$?K+MzQ1cGC5`)4XYXlda{#m05;n~p}zWlt0*e7S2F>>I2{E!t?N*Bx&pY&ig;xT zv1OQ%cJG01{31;sg)Y?ThoE77aW9B9rkit(XY@$FjjN36eIxX#X0OfhwxgLm^i^b1 za;<12A%cd}(hCR=@$A~SGI|{=6jxTe$!~p5AL7{O?ZZvqgI#ztBi@o3E+Sis0;7*p z^I9Ht#cCRe!d4A(=cAyT7K5l4$0RQ==5hIjt-J4{mx*j2Vy#Va-8LPkykICex_MeR zMOrrI{P1hujwfM0$4Ew@OMVGj%{)bxI=i7Rla%(lT>rj15eTj(EVPH*`!x#kp=8PP z87XJW&v&~%*FE2bs6th(q5x?nb($yny^(mLZ0b%|d%5?2L0NTDDgogT@NB8f4fC6o z!@sILo+qi5P$P&Hmrnq6MU(d4$@$L(3>ngfFheyf1|*s^+r=P8^+B@~f@It$Ox50V zxmud2g-Bd~H{UvrIQ`CE8v?mjk1O~|V<@yQX)K4+AxF4rf~U85$@frx@Ti`o|Dmfpf` z*aOS33^|GMV4aE79kf9ys&CWRVE0ncI?00y)CB<|N}v3ZyFgC}_F7W4kV*pfQcM`;0SciqObW_VBd!m~pND0X zjbZmbU@|J3PF~)GAaDG;NZUVe;a_Vc-fJ3f>R|jb)SozueL$)Rym0ac0}~h7MX@xS z*d{b!)gqky5(7{crQkrGF07{ksG~guY>4>#vC91-m@f-mE!S1#=LHnv%0K-d(6apT ze@A=3?ms+_o$Ra0g^rH}87I^gdIV~1E?IiQ&|{T_A1%DUfQ^kZlKVUnfpvV;%7K%r z98N!V!1Q^ei)X~YN~3?~j?Yg4F7P*b)XEd=N~`GN&nkfgqK{NugUQ?g;$)?n56x$q z^4p>UOsTeSZrZX0IkoXBUtZt?J08)OZtr$GSF!s+wj;_KRpWE z^kM#OP3Z@zxvfee89aK@_goNl8;?qkD?;Fpo@!#Iu(ZW3>DV8B!(ZQ;6bO|;^5NkF z2@Q?q;xxj82xT(fZxT#BKdD#wk%SEiRVOBVw9ik8_)m_e>)+&Ju$vMhV!2!$E^^@0 z`}b3xd167tW7)qCmVNt9*)WD)W3Hjv>}{gmn_n@fe;*7GMRC0kB&kIYgeac)QBCA@ zcEPh`4GKd2bL2-%5o_~y5x|` zu<+|n@OuWahed|89$ude+pO3Pca`8Agr_pSi-AZp!xaxG>a(aLqf898*ArlkP$z|d z5(wkp8;C0ZZlJfD{>UO7g*5hwMo3&~m8I+*QlI`@b{C}zfVO*k3IW`zp$<_L4FPE3 zCJ;zp>b=EJmGg^x_5bNSKmYIxw8ChA9gjHbKcJm}9SPE|YX-h3w4$d4sKc&Q(i)o! z#6Y{tsS%*S0V#MqR(J#3#o=~gOR`kBM3X^i1tXa*ykxJCZ190-13w}*uX26&%?Pk`E3(7E<2 zN!-7ZtfLdaYW-<_c)Q;B%t85o$(6c*)`yqPGwlG+Li`9sUu9L%T7S#q2PD733e*fB zZgS&1c<@uYv(FkAr^%>Fj!ySM|%a9(l!?Y?w`PHK8;d#ki z?3Rvj0^oG{e&hoxbUC)WoeJqb3F=!?VwyyK1EtPE29R_9h~`K~8dxU}&ldqTb`+t# zTFD3K69C|aL%o{WHr|0AB5&wL<)|q~FrKHiCHi!9VmJ$kNSD;H2AW3^lS!VB7T|o9ub?% zqE@58kX8jiPdo$2iv_4>0{mM^mzwFzj2e@kHX!r#3LmEKE4 zE<^l_I@en|WZXb90jlaLm-HD4-oAB*!Q|` zZ6?E_ILyBln0H92`241&3e)Z?N!BBbzYK5e1I@#N@j@*NQ6T$RjaD)TvQtWdG*Qrg zM13@pjDY5E`JOzyKmB+5AX1%&s}FnKiaOc=rabtzi~wT{=|IdHF|9WTkI73y^XItd zm$sht;;|ZI&~qbMpx0ngDfV-I&R*=8;k8rB3;pU&Q^C*ekT*Z_$;AEADG%7-E z5yW@oNT4be+`#6kvWFiM&{EIDK?0^1#)jiZ_?{tP5dPw9z3;B29}UnF!$HB!+?i>*xjk$sBcf{Cl9Vn9l_sqdcIimDN%FnX|~1hgPemmI|@HwA~i zcroTT&|(K<&w=D?uN7z{(qi=m&~P~1kVZ{*-X)-`p(U>0c=Vs@SNrZ3v=g=|=cuQx z+C>DBesu5qj4lF9X7DxZ2!_(sniE2(J^EE_;H}Xn7C_#~B(!hQ>8s9LjP{oPc>9_0VfyBEWwD?x^|zoX4I-YHIimk*-+#=TeUpF9yN+RGJT6|7oEO_5uyx@t-%HI9 z@K@;5lb}5J+=7p={<&#eLemk@#*cFLK*k)oB=zYsxbnEr5rF$_)+3q^xZE)6-}fuB z;u1C>-==llGEyZyem67ivf_~^GT%?T?!V_Rz-O};M(Wmp!U)vlI#BajWB18@kSBuv zJ#_*KeFkW2W(v$z`5^@|;l@M37*WCj97{UHP~dodB#odtFp3x@hQP>2Jbgq_f+ z-oqozyaU_ZtT)3y)NrbB(uxG4E*T& zkoY`}G#+$il7ri|ndkQeGVJp<>s>3LIGhYn(csf+xeGzHqCXceQv*sZZ{3upOhBZ` zPFhjFCMC(3LQf_YCxCfNY`|eLC1erPoPwtVPh5X}weO_=xk+6Hx!InhlDRes4>6@(r4Qe^{1}LWKGL#xGUS!M$DkPp5wyfM`a@b z5co-J2Rcjv5&H&dK=X#+a^!oQ=m+>t2kzB<-?KH@s@a-#ECX!Z%1mNP-W!YSd(;yT zXDagUB{xcqUg@e6qPx2w}@qSx{zyjcY72m3%9>*F$O{bIx4-9Lv~ep%cP zbd=D5oF?vX46!MjQ(k@N4+$RSl{{=F4@-=u0hqmATp`E>mC?vUuyi2UIec(e8JsZ( zOSc=2d>Y848?<{I4vd9mNnmS+?d1_x%BB9ChM`X7#E{4K1-<6mXB$TllV!$Y9NX6w z(bdKYTEh4#CAs6{D(EMCK0x1KN&u7+^H4x4Zbqn$Km40K0IGihG3Ecqydhiphx;yW zs=?lDk)5v~1`Uxb`ViRf3-Os0h>83A6S>-}XFcQnQESG`<*wpCi;Y7Tt~${NbmNB+ z^MbeQw+WP%68-kY$Zh9Z(BdeO%m+^$*U~|2^kYq26zQ#|3Rw~)!pgA`M0 zIA!B)!IW69EQ^1yr*Dab3pyIz9xYwJU+v^2CU4s4icb$u=*GSwU6Ea6T2R_Cl0dg^ zAZXW}MJ$?|1nWjtKXT0Itb}i-H$((QOdr&#KYTcuuA*!40iiD-(&K(kk8}u}3;?rZ ztpy_j>@C00_k|B*n5HiTJty7?@0Ef@G?Z1G3||od3C<7XZnE}^t+15&SBch(xyC;s1Br8IYa}645a_Cw7fl!fQpmtNrg7o{RRUNc} zgXj*}Q~LcxL2o3%qCEIS1@YlgBHvHl*7=h3ERA0IKua~pa#%4Atr)XT2EFZ9S>6iy_st}dJbvW z@|Gt(wS3=f>G}RyNb|6O&jTMruv3rQ1?isDt59-{OZI?YN7zZxsy{RShfD>Ky4ozu zf`F~jDK)mJUZ4(Pi??5jW8GYDHmly@zBdiT{dDs!ixes`u!MAII%VHT<7WQVZJ32H zVN|}OM*QNBNR=&cfcIP0BtLsEi=tdQp;)s2cl+*;c=+qS$w;Cn53vFMiFLrd`vOSf z`l0N}ef@siSJo&Iguk`VS8(LXi@R{xFYYw#!!A&5x@izez(xff{J4Yj0O|l@#}WsE zNZ)PnfCdF>3aLo2suNOb-Y9H_^`>Ue7>Is8BhCqC@?5wCZ zC|U|vJWP>0AZrC(KD=8EVd47(MT`0aRLA)beHdhG^Qcb~!*J;bFhb>vVu0N=Fi;Ur zg5Q1Y2H_yZP?m5HJEkuq{}cg=oA-FpvqC6DWF-p@Cz!M%_*ta%LhB<1JkU6k^0pT zUQ^F$?}D#kw;xAtZJDYO6i~)^Xr_2b4o1+>;Y`u_^sJvlUyAr|z0+$%C8#1h{0%y9 zkdLF-bwHv#7ILQZvm7zcBlCA{!Y@E=pz+Si*DAf8z_v)H|1O@`+kOP{1FOEohZCaQ zqAS^22>T0nvoy+(=k5@HoWHb$gupl zknxVr5MXfjB4@-xQMynST@r)Ni;z$60eq^54ZXXhw;0;;w1~r5=eZkPgs5+$K((Hg66lp7}=|#fyv1%ovVC&6L(Eb2jLi*Ol0!aX}-anQ1_bK}1z3WJn7+(GX zqBk9>=Uac+13w7&Vv8nFb-6j?2Q3ZRliI;)uKj?XOa+BwqI9ANKJ_C`jqT*~lCD&Bc4HH9fLX0R5Bq~U7-f@=htid9JF2%JxZa!+>OIelt`0$m3?1; zJ{iy~onZ3Px;D&Spm+Yd@-L()BdpLr>;G-#yqR5PlP#R{R}_E%AqXbGI|<=khLP~X zJN^3G=ge1Abtk&P4V3L&g~V&RSFiQxMcQj`S4#PM&YWCyGSZ;F-GL3+6Fr*Vj`O6? z!?b7)(^nLZ8Qxj{iDYDVQDyK|O*Z_>ouXyI?O7o&$QPC zLT)S9v#5UCuQVGX)sl?f^H8@kG-y1$YQ(iMvfj@)dzs4L{RvK{+u89DBmPI-{AX}O zg=PbjA%wU2Q81JhQx^ptEEMF(s*a-OT{2z3F9u~0{>{BvwL?_=AKTwEeYsl}%^BK& zbsR_H@YR;ZLK*`8-x~-r1jXMC)UTihr|FGtBuy+(Mkz@O>SGLonomS(jmw<-386rA zKoW=Bn8mHs+FxwLZdFgTGxK4uaZ(Oa|2wa8(QH)3?-HLF(GS}s#Jeu0F}dcI#ea6$ zU_YrB6qifV@^qnw`O&pC%!TC9;LgmrpF?Hh6-%4r^8Kz7&sUK6NB41Q?jt5ijs0F5 zw68^ZM6;9PdjFwUcLGz6aIco|d1afC&+->#8SD$!dNT&{!#Dm@dSe)e4zx6M`hJRq zV+WFTnJ3!a_BXS{EFsHYP^(b0TbHGwdj{P9TtLX{O+pEIW>Z4YXXZB9A>ke1j`JVLumbWrIg6z;3mJjz|@~xj7TUqPtMPDks}AXyp65&Awa- zl%Lmlni8kw)on%()rjj|aCJB9q~jc`lcun!=gpUSO-8y>tCa8w5Te zaB4N6V#c4;uU1z1==qH8!L5ehmxHFvDHgceWD)HCWX(QP?x$$f*SfWav32c~+-GFH@61L;) z-{ugjjN;t08nr?0rx!QfJlLqH*CW((c&LvDcdliz8HxAR3`NfEpO zqgp95zosv^To>>0)uEBPw)V>DCH8IUKgrgX)V9L}X~0h`+Ka-MJ8y~b^rZ6ovpHZU zQNU-SJcP0#(vD>scV=5n+{Z--r?Of#6Myol0~_nJ`R36H<>SK>j7dY|nbD9lWC2`~ z$XWvV8Q%8={aCN6*}iGgC&8B8f2b0z+mRo`6D3%7zxi2`$t7P(?@oD_;1qCXi%p}9 zL0p2x4#;&{#}}mihJQ;=-P6nyjHpXf?vCVrff9z95Z~iy|H#Nk->NqLQCteM0~imC z@9E?8DAYo}D`v|#1(e5Z+=%!?x9t7B5~Lx)=#4{N+ONsACb6jY1^L&l9}Lfp5ShNh zF5{K4E#31h$&HU8v&%mA~$e1z7_Z+%mz|b)O2%VYehc59kFQO-oM@Wf_vHY3vj7 z#?5ACM~ko01IGUxzB%GY4p}l)$1b56=Lb--KhE1#07KcG_z;5MJxmF4%j6|P*l4;Z z{_OgVfBj}3?e=WkNO*Og9wl380dWb1>rG^EIbdnE_+i0WUggHTod~T7DWoD6*@p)5 zk!teev~dFst&eV)Zpmfb{mwl|Y1I9FSFN@i<^Q$35f-)*hyIyoHP%D6n+dLOmwiB_ z6up=!JRRd*BY6qFL#7Vc=kww1&^?qPu-;-+L%!DSJ`QC(FXF+MgJ~r-0SBz^OJ|%Y znnn+RhO-;tVcbDzFMNgrp{GB%bs7#R&=-6~aAJS~n>C)@Tk-)Q6NHg8=B@Q?=;^Ee zX0Nul9GDeNa)(Uo9Ur0`?^}V#WrdXw2kOL5rfRUtg`kptHSo`5RS^R-CE7ujeGVOU zuatrAtIg`!A$u)7dkN5@`QtHEl)UF}`IP^VrcE zeKX^u1Ukw!;BmC9H1}02I-)#uC6wSl`{yGQE-K_Z2&~Q$#y#TX1pBMjQ}gb`_Hr{( zYVtUzcFFPEZ)3uaab+On<_!_In-7td$mqhz3oL7@NWv)S{b7_R$72H1T4lp)K&2vX zAJx(;Hf=m2SaF^}>hH9T#@GJB;$g8(QK;bgT6>9seC`D8C;?O5m4U z0jKo%Zu~jB0r|Qp0VemO{v!HM@7kdZ@FJ^?7r+DaHHQeoH#_@~b%lTxiu(+#G zCXq-GlcMz-)QqrpzlRx`9&*1Q0hy)Nm>(_Qm41%J4P&U(E^!VjzDgUXA>RIEr_1kf z5b7rksttEiZ=2{#bSF6vf<%f{20v8pZ?B zBk${9`-(5qiT;R`#Auu%{$Pog4F#`#OK6@)Wo;}L?*`WU?T@2nrsfZNx#|AtBFB3H zFBB1$TbO(%NDZ!uql&^R=;d!fCl-#UB{$)$EacZcU&kkTm2R)^1yAZmUGfW3-HONg zXn4W09|?A$0oB0vSp0KZDk{)>aP|5!$H}jpgco*kY=^zyPaBi%N3~qM@rx7+n4ffr zD9L+BN^1%)L1*)QUSgYHifD<2^=Qp0R;-eQFHJ#qT&>j?CgBq^|NA_D@dJzSG|NZP#uq(uka49>EnX%0c*AUxAY>5&-jyW zzDI5BSHfcZROs*aD5H02d-2mH5MJ;N>9~)kw*d6Rm-F;J4Y{YdTu&nYJw8rdY)Y>` z9`2nLGamvfJ>)FTw_l-xw?JOVl_s#~@i5PR@N0bt(v4mbeftcqa1;Sl$Ng85E}Q7^ zd^YTIiG$pu?}lo7paMu)Kw5y?O!oLTh1i@kxbkss0Rk}uE&~W)no7dueR{&<1~#++ zY;s|fOhDSH>k^YbJK;8oQRHbK=EW`T-1#nLsHvL>^X)!i2_!1j9o|ju4KsQo10>9|&4N=)OB z9JaX>Th-DsfFP_*5z_oQ#9DkKFiR|Eh?`-rEqqq3_^=EI25wJP5Iv;?y1j(p+m%OW~le2}{0~o~vi1>2FHyBG= zoVH;qy6t5NW&#QTvbNQu@i>*t>t8C~%pnbi29z|PT^_<{ZyQfcpmaFK?l)sdikFzs zu41U&y5X+29)oc6%G`ff0&Naj!(WeGekF#4=67Rye)sDI_YxAaa{}v3GYWw}&)JV) z21-S^Ew=&}5GgUd#iF7Y4%PJIW*wg9H?bp5qpAuoi0*hoND|&6N2O-Om5Q%V6BObz zFXLAq>QJFv-U=C{K2J*YVQ`||H3VftaC=qp7SJO7pae5IDi=%4&A7U~tKKT^W0gAu zm1ru+!YwZV>t(yFw0Fs#Wm|0!qdsA-7$mPYv+eNG9r#DT`jALWMF^N#7|;utdwIKS zP+=kxNS?pDd&gdP{cX~$-ZII=5K_Lx5>x!^U&z1oeQEz6lfA-Ij9@YLN2KX{1W6Yq zv3DA%jX8VsXg($5XT;Yln^4PW=&5~#zcX|23d}XXpsA2l7VyuT!Zd%_QpGOQij%Xh zZQxTUJWId3_=I{LJ_eh0ev`-&_UMc)bt$z2uMi>?J!_Sa!hpfwxih!{<7m$H14e;) zW>ftxj`{@eczH-;{ntBgH3HZt00s9ql*uFP3GhrS`X|<*{wJ8p?cgu^w-=TIc%(X` zO(n=*I3f57hB4?{orn1MI}rbRAI>&8S#iUO`L+VjM($z!e?6TkW<{2^@QLNQE_Vm- z(+9*uCZ3v#wbu}a*H3YUqK>PcFwnsZ9k!DF_fbV)1#ksezv3M7DBj;6^w10HBw30X z-Fx1pF diff --git a/gnutls.spec b/gnutls.spec index b02f8ef..5de7e38 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -25,6 +25,11 @@ %else %bcond_with dane %endif +%if 0%{?suse_version} >= 1550 +%bcond_without srp +%else +%bcond_with srp +%endif # Enable Linux kernel AF_ALG based acceleration %if 0%{?suse_version} >= 1550 # disable for now, as our OBS builds do not work with it. Marcus 20220511 @@ -34,50 +39,37 @@ %bcond_with kcapi %endif %bcond_with tpm -%bcond_without guile Name: gnutls -Version: 3.7.9 +Version: 3.8.0 Release: 0 Summary: The GNU Transport Layer Security Library License: GPL-3.0-or-later AND LGPL-2.1-or-later Group: Productivity/Networking/Security URL: https://www.gnutls.org/ -Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz -Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz.sig +Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz +Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz.sig # https://gnutls.org/gnutls-release-keyring.gpg -Source2: gnutls.keyring +Source2: https://gnutls.org/gnutls-release-keyring.gpg#/gnutls.keyring Source3: baselibs.conf # Suppress a false positive on the .hmac file Source4: gnutls.rpmlintrc Patch0: gnutls-3.5.11-skip-trust-store-tests.patch Patch1: gnutls-FIPS-TLS_KDF_selftest.patch -Patch2: gnutls-FIPS-disable-failing-tests.patch -Patch3: gnutls_ECDSA_signing.patch -%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 -%ifnarch s390 s390x -#PATCH-FIX-SUSE bsc#1202146 FIPS: Port gnutls to use jitterentropy -Patch4: gnutls-FIPS-jitterentropy.patch -#PATCH-FIX-SUSE bsc#1202146 FIPS: Set error state when jent init failed in FIPS mode -Patch5: gnutls-FIPS-Set-error-state-when-jent-init-failed.patch -%endif -%endif -#PATCH-FIX-SUSE bsc#1190698 FIPS: SLI gnutls_pbkdf2: verify keylengths and allow SHA only -Patch6: gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch -#PATCH-FIX-UPSTREAM bsc#1203779 Make XTS key check failure not fatal -Patch7: gnutls-Make-XTS-key-check-failure-not-fatal.patch -Patch8: gnutls-disable-flaky-test-dtls-resume.patch -#PATCH-FIX-OPENSUSE bsc#1199881 Verify only the libgnutls library HMAC -Patch9: gnutls-verify-library-HMAC.patch +Patch2: gnutls-disable-flaky-test-dtls-resume.patch +# FIPS 140-3 patches: #PATCH-FIX-SUSE bsc#1207183 FIPS: DH/ECDH PCT public key regeneration -Patch10: gnutls-FIPS-PCT-DH.patch -Patch11: gnutls-FIPS-PCT-ECDH.patch +Patch100: gnutls-FIPS-PCT-DH.patch +Patch101: gnutls-FIPS-PCT-ECDH.patch #PATCH-FIX-SUSE bsc#1207346 FIPS: Change FIPS 140-2 references to FIPS 140-3 -Patch12: gnutls-FIPS-140-3-references.patch +Patch102: gnutls-FIPS-140-3-references.patch +%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 +#PATCH-FIX-SUSE bsc#1202146 FIPS: Port gnutls to use jitterentropy +Patch103: gnutls-FIPS-jitterentropy.patch +%endif BuildRequires: autogen BuildRequires: automake BuildRequires: datefudge BuildRequires: fdupes -BuildRequires: fipscheck BuildRequires: gcc-c++ BuildRequires: gtk-doc # The test suite calls /usr/bin/ss from iproute2. It's our own duty to ensure we have it present @@ -112,9 +104,6 @@ BuildRequires: unbound-devel BuildRequires: libunbound-devel %endif %endif -%if %{with guile} -BuildRequires: guile-devel > 1.8 -%endif %if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 BuildRequires: crypto-policies Requires: crypto-policies @@ -213,17 +202,6 @@ Requires: libstdc++-devel %description -n libgnutlsxx-devel Files needed for software development using gnutls. -%if %{with guile} -%package guile -Summary: Guile wrappers for gnutls -License: LGPL-2.1-or-later -Group: Development/Libraries/Other -Requires: guile > 1.8 - -%description guile -GnuTLS Wrappers for GNU Guile, a dialect of Scheme. -%endif - %prep %autosetup -p1 @@ -233,10 +211,8 @@ echo "SYSTEM=NORMAL" >> tests/system.prio export LDFLAGS="-pie -Wl,-z,now -Wl,-z,relro" export CFLAGS="%{optflags} -fPIE" export CXXFLAGS="%{optflags} -fPIE" -autoreconf -fiv -# Rename the internal .hmac file to include the so library version -sed -i "s/\.gnutls\.hmac/\.libgnutls\.so\.%{gnutls_sover}\.hmac/g" lib/Makefile.am lib/Makefile.in lib/fips.c +autoreconf -fiv %configure \ gl_cv_func_printf_directive_n=yes \ @@ -258,16 +234,15 @@ sed -i "s/\.gnutls\.hmac/\.libgnutls\.so\.%{gnutls_sover}\.hmac/g" lib/Makefile. %else --disable-libdane \ %endif -%if %{with guile} - --enable-guile \ - --with-guile-extension-dir=%{_libdir}/guile/3.0 \ -%else - --disable-guile \ +%if %{with srp} + --enable-srp-authentication \ %endif + --enable-shared \ --enable-fips140-mode \ --with-fips140-module-name="GnuTLS version" \ --with-fips140-module-version="%{version}-%{release}" \ %{nil} + %make_build %install @@ -287,11 +262,11 @@ sed -i "s/\.gnutls\.hmac/\.libgnutls\.so\.%{gnutls_sover}\.hmac/g" lib/Makefile. # the macro is too late. # remark: This is the same as running # openssl dgst -sha256 -hmac 'orboDeJITITejsirpADONivirpUkvarP' -# note: The FIPS hmac is now calculated with an internal tool since +# Note: The FIPS hmac is now calculated with an internal tool since # commit a86c8e87189e23920ae622da5e572cb4e1a6e0ed %{expand:%%global __os_install_post {%__os_install_post -./lib/fipshmac "%{buildroot}%{_libdir}/libgnutls.so.%{gnutls_sover}" > %{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac -sed -i "s^%{buildroot}/usr^^" %{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac + ./lib/fipshmac "%{buildroot}%{_libdir}/libgnutls.so.%{gnutls_sover}" > "%{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac" + sed -i "s^%{buildroot}/usr^^" "%{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac" }} rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot @@ -318,7 +293,8 @@ rm -rf %{buildroot}%{_datadir}/doc/gnutls find -name test-suite.log -print -exec cat {} + exit 1 } -#Run the regression tests also in FIPS mode + +# Run the regression tests also in forced FIPS mode GNUTLS_FORCE_FIPS_MODE=1 make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null || { find -name test-suite.log -print -exec cat {} + exit 1 @@ -346,7 +322,9 @@ GNUTLS_FORCE_FIPS_MODE=1 make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE= %{_bindir}/ocsptool %{_bindir}/psktool %{_bindir}/p11tool +%if %{with srp} %{_bindir}/srptool +%endif %if %{with dane} %{_bindir}/danetool %endif @@ -414,11 +392,4 @@ GNUTLS_FORCE_FIPS_MODE=1 make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE= %dir %{_includedir}/%{name} %{_includedir}/%{name}/gnutlsxx.h -%if %{with guile} -%files guile -%license LICENSE -%{_libdir}/guile/* -%{_datadir}/guile/site/* -%endif - %changelog diff --git a/gnutls_ECDSA_signing.patch b/gnutls_ECDSA_signing.patch deleted file mode 100644 index 9ad998b..0000000 --- a/gnutls_ECDSA_signing.patch +++ /dev/null @@ -1,172 +0,0 @@ -Index: gnutls-3.7.7/lib/crypto-api.c -=================================================================== ---- gnutls-3.7.7.orig/lib/crypto-api.c -+++ gnutls-3.7.7/lib/crypto-api.c -@@ -1056,6 +1056,7 @@ gnutls_hash_hd_t gnutls_hash_copy(gnutls - int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size) - { - int ret; -+ bool not_approved = false; - - FAIL_IF_LIB_ERROR; - -@@ -1066,6 +1067,10 @@ int gnutls_key_generate(gnutls_datum_t * - if (_gnutls_fips_mode_enabled() != 0 && - key_size > FIPS140_RND_KEY_SIZE) - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -+ if (key_size < 14) { -+ not_approved = true; -+ } -+ - #endif - - key->size = key_size; -@@ -1082,6 +1087,15 @@ int gnutls_key_generate(gnutls_datum_t * - return ret; - } - -+#ifdef ENABLE_FIPS140 -+ if (not_approved) { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED); -+ } else { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED); -+ } -+ -+#endif -+ - return 0; - } - -Index: gnutls-3.7.7/lib/fips.h -=================================================================== ---- gnutls-3.7.7.orig/lib/fips.h -+++ gnutls-3.7.7/lib/fips.h -@@ -145,6 +145,30 @@ is_cipher_algo_allowed_in_fips(gnutls_ci - } - } - -+inline static bool -+is_digest_algo_approved_for_sign_in_fips(gnutls_digest_algorithm_t algo) -+{ -+ switch (algo) { -+ case GNUTLS_DIG_SHA224: -+ case GNUTLS_DIG_SHA256: -+ case GNUTLS_DIG_SHA384: -+ case GNUTLS_DIG_SHA512: -+ case GNUTLS_DIG_SHA3_224: -+ case GNUTLS_DIG_SHA3_256: -+ case GNUTLS_DIG_SHA3_384: -+ case GNUTLS_DIG_SHA3_512: -+ return true; -+ default: -+ return false; -+ } -+} -+ -+inline static bool -+is_digest_algo_allowed_for_sign_in_fips(gnutls_digest_algorithm_t algo) -+{ -+ return is_digest_algo_approved_for_sign_in_fips(algo); -+} -+ - #ifdef ENABLE_FIPS140 - /* This will test the condition when in FIPS140-2 mode - * and return an error if necessary or ignore */ -@@ -205,9 +229,33 @@ is_cipher_algo_allowed(gnutls_cipher_alg - - return true; - } -+ -+inline static bool -+is_digest_algo_allowed_for_sign(gnutls_digest_algorithm_t algo) -+{ -+ gnutls_fips_mode_t mode = _gnutls_fips_mode_enabled(); -+ if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST && -+ !is_digest_algo_allowed_for_sign_in_fips(algo)) { -+ switch (mode) { -+ case GNUTLS_FIPS140_LOG: -+ _gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n", -+ gnutls_cipher_get_name(algo)); -+ FALLTHROUGH; -+ case GNUTLS_FIPS140_DISABLED: -+ case GNUTLS_FIPS140_LAX: -+ return true; -+ default: -+ return false; -+ } -+ } -+ -+ return true; -+} -+ - #else - # define is_mac_algo_allowed(x) true - # define is_cipher_algo_allowed(x) true -+# define is_digest_algo_allowed_for_sign(x) true - # define FIPS_RULE(condition, ret_error, ...) - #endif - -Index: gnutls-3.7.7/lib/privkey.c -=================================================================== ---- gnutls-3.7.7.orig/lib/privkey.c -+++ gnutls-3.7.7/lib/privkey.c -@@ -1284,10 +1284,24 @@ privkey_sign_and_hash_data(gnutls_privke - int ret; - gnutls_datum_t digest; - const mac_entry_st *me; -+ bool not_approved = false; - - if (unlikely(se == NULL)) - return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - -+ if (se->pk == GNUTLS_PK_ECDSA && !is_digest_algo_allowed_for_sign(se->hash)) { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); -+ return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM); -+ } else if (se->pk == GNUTLS_PK_ECDSA && !is_digest_algo_approved_for_sign_in_fips(se->hash)) { -+ not_approved = true; -+ } -+ -+ if (not_approved) { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED); -+ } else { -+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED); -+ } -+ - if (_gnutls_pk_is_not_prehashed(se->pk)) { - return privkey_sign_raw_data(signer, se, data, signature, params); - } -Index: gnutls-3.7.7/tests/fips-test.c -=================================================================== ---- gnutls-3.7.7.orig/tests/fips-test.c -+++ gnutls-3.7.7/tests/fips-test.c -@@ -38,6 +38,7 @@ static void tls_log_func(int level, cons - fprintf(stderr, "<%d>| %s", level, str); - } - -+static uint8_t key13[13]; - static uint8_t key16[16]; - static uint8_t iv16[16]; - uint8_t key_data[64]; -@@ -269,6 +270,7 @@ void doit(void) - gnutls_pubkey_t pubkey; - gnutls_x509_privkey_t xprivkey; - gnutls_privkey_t privkey; -+ gnutls_datum_t key_invalid = { key13, sizeof(key13) }; - gnutls_datum_t key = { key16, sizeof(key16) }; - gnutls_datum_t iv = { iv16, sizeof(iv16) }; - gnutls_datum_t signature; -@@ -309,6 +311,14 @@ void doit(void) - /* Try crypto.h functionality */ - test_ciphers(); - -+ /* Try creating key with less than 112 bits: not approved */ -+ FIPS_PUSH_CONTEXT(); -+ ret = gnutls_key_generate(&key_invalid, 13); -+ if (ret < 0) { -+ fail("gnutls_generate_key failed\n"); -+ } -+ FIPS_POP_CONTEXT(NOT_APPROVED); -+ - FIPS_PUSH_CONTEXT(); - ret = gnutls_cipher_init(&ch, GNUTLS_CIPHER_AES_128_CBC, &key, &iv); - if (ret < 0) { From de18c17340f0f0c63535c7204dd7b192c856b3aa18ff8d35b0d85863aa122021 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Mon, 10 Apr 2023 16:20:06 +0000 Subject: [PATCH 2/2] Accepting request 1078279 from home:pmonrealgonzalez:branches:security:tls - Temporarily disable GNULIB's year2038 support for 64bit time_t by using the --disable-year2038 flag. This omits support for timestamps past the year 2038: * Fixes the public API on 32-bit architectures avoiding to change the size of time_t as it cannot be changed without breaking the ABI compatibility. * Upstream issue: https://gitlab.com/gnutls/gnutls/-/issues/1466 OBS-URL: https://build.opensuse.org/request/show/1078279 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=89 --- gnutls.changes | 11 +++++++++++ gnutls.spec | 3 +++ 2 files changed, 14 insertions(+) diff --git a/gnutls.changes b/gnutls.changes index 7353c50..218a5fd 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Mon Apr 10 14:48:41 UTC 2023 - Pedro Monreal + +- Temporarily disable GNULIB's year2038 support for 64bit time_t + by using the --disable-year2038 flag. This omits support for + timestamps past the year 2038: + * Fixes the public API on 32-bit architectures avoiding to + change the size of time_t as it cannot be changed without + breaking the ABI compatibility. + * Upstream issue: https://gitlab.com/gnutls/gnutls/-/issues/1466 + ------------------------------------------------------------------- Tue Feb 21 10:17:00 UTC 2023 - Pedro Monreal diff --git a/gnutls.spec b/gnutls.spec index 5de7e38..0bf8711 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -236,6 +236,9 @@ autoreconf -fiv %endif %if %{with srp} --enable-srp-authentication \ +%endif +%ifarch %{ix86} + --disable-year2038 \ %endif --enable-shared \ --enable-fips140-mode \

    GNUTLS_FIPS140_DISABLED

    @@ -711,7 +711,7 @@ Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html  

    GNUTLS_FIPS140_LAX

    @@ -722,18 +722,18 @@ Index: gnutls-3.7.9/doc/reference/html/gnutls-gnutls.html application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility).