From 8014eb72f9d6516d37454029198bfd35c037fa73a914bde806a6f15077c16ba4 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Fri, 20 Jan 2023 20:17:13 +0000 Subject: [PATCH] Accepting request 1059996 from home:pmonrealgonzalez:branches:security:tls - FIPS: Change all the 140-2 references to FIPS 140-3 in order to account for the new FIPS certification [bsc#1207346] * Add gnutls-FIPS-140-3-references.patch - FIPS: GnuTLS DH/ECDH PCT public key regeneration [bsc#1207183] * Add gnutls-FIPS-PCT-DH.patch gnutls-FIPS-PCT-ECDH.patch OBS-URL: https://build.opensuse.org/request/show/1059996 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=84 --- gnutls-FIPS-140-3-references.patch | 1334 ++++++++++++++++++++++++++++ gnutls-FIPS-PCT-DH.patch | 85 ++ gnutls-FIPS-PCT-ECDH.patch | 171 ++++ gnutls.changes | 13 + gnutls.spec | 7 +- 5 files changed, 1609 insertions(+), 1 deletion(-) create mode 100644 gnutls-FIPS-140-3-references.patch create mode 100644 gnutls-FIPS-PCT-DH.patch create mode 100644 gnutls-FIPS-PCT-ECDH.patch diff --git a/gnutls-FIPS-140-3-references.patch b/gnutls-FIPS-140-3-references.patch new file mode 100644 index 0000000..d57d38e --- /dev/null +++ b/gnutls-FIPS-140-3-references.patch @@ -0,0 +1,1334 @@ +Index: gnutls-3.7.8/configure.ac +=================================================================== +--- gnutls-3.7.8.orig/configure.ac ++++ gnutls-3.7.8/configure.ac +@@ -588,19 +588,19 @@ LT_INIT([disable-static,win32-dll,shared + AC_LIB_HAVE_LINKFLAGS(dl,, [#include ], [dladdr (0, 0);]) + + AC_ARG_ENABLE(fips140-mode, +- AS_HELP_STRING([--enable-fips140-mode], [enable FIPS140-2 mode]), ++ AS_HELP_STRING([--enable-fips140-mode], [enable FIPS140-3 mode]), + enable_fips=$enableval, enable_fips=no) + AM_CONDITIONAL(ENABLE_FIPS140, test "$enable_fips" = "yes") + if [ test "$enable_fips" = "yes" ];then + if test "x$HAVE_LIBDL" = "xyes";then +- AC_DEFINE([ENABLE_FIPS140], 1, [Enable FIPS140-2 mode]) ++ AC_DEFINE([ENABLE_FIPS140], 1, [Enable FIPS140-3 mode]) + AC_SUBST([FIPS140_LIBS], $LIBDL) + AC_ARG_WITH(fips140-key, AS_HELP_STRING([--with-fips140-key], + [specify the FIPS140 HMAC key for integrity]), + fips_key="$withval", + fips_key="orboDeJITITejsirpADONivirpUkvarP") + +- AC_DEFINE_UNQUOTED([FIPS_KEY], ["$fips_key"], [The FIPS140-2 integrity key]) ++ AC_DEFINE_UNQUOTED([FIPS_KEY], ["$fips_key"], [The FIPS140-3 integrity key]) + + AC_ARG_WITH(fips140-module-name, AS_HELP_STRING([--with-fips140-module-name], + [specify the FIPS140 module name]), +Index: gnutls-3.7.8/doc/cha-gtls-app.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/cha-gtls-app.texi ++++ gnutls-3.7.8/doc/cha-gtls-app.texi +@@ -206,7 +206,7 @@ CPU. The currently available options are + @end itemize + + @item @code{GNUTLS_FORCE_FIPS_MODE} +-@tab In setups where GnuTLS is compiled with support for FIPS140-2 (see @ref{FIPS140-2 mode}) ++@tab In setups where GnuTLS is compiled with support for FIPS140-3 (see @ref{FIPS140-3 mode}) + if set to one it will force the FIPS mode enablement. + + @end multitable +Index: gnutls-3.7.8/doc/cha-internals.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/cha-internals.texi ++++ gnutls-3.7.8/doc/cha-internals.texi +@@ -14,7 +14,7 @@ happens inside the black box. + * TLS Hello Extension Handling:: + * Cryptographic Backend:: + * Random Number Generators-internals:: +-* FIPS140-2 mode:: ++* FIPS140-3 mode:: + @end menu + + @node The TLS Protocol +@@ -529,7 +529,7 @@ For more information see @ref{Hardware s + + GnuTLS provides two random generators. The default, and the AES-DRBG random + generator which is only used when the library is compiled with support for +-FIPS140-2 and the system is in FIPS140-2 mode. ++FIPS140-3 and the system is in FIPS140-3 mode. + + @subheading The default generator - inner workings + +@@ -659,23 +659,23 @@ two distinct times, and being able to re + after observing the output of the PRNG. Given the approach described + on the above paragraph, all levels are immune to such attack. + +-@node FIPS140-2 mode +-@section FIPS140-2 mode ++@node FIPS140-3 mode ++@section FIPS140-3 mode + +-GnuTLS can operate in a special mode for FIPS140-2. That mode of operation +-is for the conformance to NIST's FIPS140-2 publication, which consists of policies ++GnuTLS can operate in a special mode for FIPS140-3. That mode of operation ++is for the conformance to NIST's FIPS140-3 publication, which consists of policies + for cryptographic modules (such as software libraries). Its implementation in + GnuTLS is designed for Red Hat Enterprise Linux, and can only be enabled + when the library is explicitly compiled with the '--enable-fips140-mode' + configure option. + +-There are two distinct library states with regard to FIPS140-2: the FIPS140-2 ++There are two distinct library states with regard to FIPS140-3: the FIPS140-3 + mode is @emph{installed} if @code{/etc/system-fips} is present, and the +-FIPS140-2 mode is @emph{enabled} if @code{/proc/sys/crypto/fips_enabled} ++FIPS140-3 mode is @emph{enabled} if @code{/proc/sys/crypto/fips_enabled} + contains '1', which is typically set with the ``fips=1'' kernel command line + option. + +-When the FIPS140-2 mode is installed, the operation of the library is modified ++When the FIPS140-3 mode is installed, the operation of the library is modified + as follows. + + @itemize +@@ -684,12 +684,12 @@ as follows. + @item Algorithm self-tests are run on library load + @end itemize + +-When the FIPS140-2 mode is enabled, The operation of the library is in addition ++When the FIPS140-3 mode is enabled, The operation of the library is in addition + modified as follows. + + @itemize +-@item Only approved by FIPS140-2 algorithms are enabled +-@item Only approved by FIPS140-2 key lengths are allowed for key generation ++@item Only approved by FIPS140-3 algorithms are enabled ++@item Only approved by FIPS140-3 key lengths are allowed for key generation + @item Any cryptographic operation will be refused if any of the self-tests failed + @end itemize + +@@ -698,7 +698,7 @@ There are also few environment variables + environment variable @code{GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS} will disable + the library integrity tests on startup, and the variable + @code{GNUTLS_FORCE_FIPS_MODE} can be set to force a value from +-@ref{gnutls_fips_mode_t}, i.e., '1' will enable the FIPS140-2 ++@ref{gnutls_fips_mode_t}, i.e., '1' will enable the FIPS140-3 + mode, while '0' will disable it. + + The integrity checks for the dependent libraries and GnuTLS are performed +@@ -706,20 +706,20 @@ using '.hmac' files which are present at + key for the operations can be provided on compile-time with the configure + option '--with-fips140-key'. The MAC algorithm used is HMAC-SHA256. + +-On runtime an application can verify whether the library is in FIPS140-2 ++On runtime an application can verify whether the library is in FIPS140-3 + mode using the @funcref{gnutls_fips140_mode_enabled} function. + +-@subheading Relaxing FIPS140-2 requirements ++@subheading Relaxing FIPS140-3 requirements + + The library by default operates in a strict enforcing mode, ensuring that +-all constraints imposed by the FIPS140-2 specification are enforced. However ++all constraints imposed by the FIPS140-3 specification are enforced. However + the application can relax these requirements via @funcref{gnutls_fips140_set_mode} + which can switch to alternative modes as in @ref{gnutls_fips_mode_t}. + + @showenumdesc{gnutls_fips_mode_t,The @code{gnutls_@-fips_@-mode_t} enumeration.} + + The intention of this API is to be used by applications which may run in +-FIPS140-2 mode, while they utilize few algorithms not in the allowed set, ++FIPS140-3 mode, while they utilize few algorithms not in the allowed set, + e.g., for non-security related purposes. In these cases applications should + wrap the non-compliant code within blocks like the following. + +@@ -748,9 +748,9 @@ if (gnutls_fips140_mode_enabled()) + The reason of the @code{GNUTLS_FIPS140_SET_MODE_THREAD} flag in the + previous calls is to localize the change in the mode. Note also, that + such a block has no effect when the library is not operating +-under FIPS140-2 mode, and thus it can be considered a no-op. ++under FIPS140-3 mode, and thus it can be considered a no-op. + +-Applications could also switch FIPS140-2 mode explicitly off, by calling ++Applications could also switch FIPS140-3 mode explicitly off, by calling + @example + gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0); + @end example +@@ -768,7 +768,7 @@ performed within a given context. + + @showfuncD{gnutls_fips140_context_init,gnutls_fips140_context_deinit,gnutls_fips140_push_context,gnutls_fips140_pop_context} + +-The @code{gnutls_fips140_context_t} represents the FIPS140-2 mode of ++The @code{gnutls_fips140_context_t} represents the FIPS140-3 mode of + operation. It can be attached to the current execution thread with + @funcref{gnutls_fips140_push_context} and its internal state will be + updated until it is detached with +Index: gnutls-3.7.8/doc/enums.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/enums.texi ++++ gnutls-3.7.8/doc/enums.texi +@@ -1169,7 +1169,7 @@ application traffic secret is installed + @c gnutls_fips_mode_t + @table @code + @item GNUTLS_@-FIPS140_@-DISABLED +-The FIPS140-2 mode is disabled. ++The FIPS140-3 mode is disabled. + @item GNUTLS_@-FIPS140_@-STRICT + The default mode; all forbidden operations will cause an + operation failure via error code. +@@ -1177,8 +1177,8 @@ operation failure via error code. + A transient state during library initialization. That state + cannot be set or seen by applications. + @item GNUTLS_@-FIPS140_@-LAX +-The library still uses the FIPS140-2 relevant algorithms but all +-forbidden by FIPS140-2 operations are allowed; this is useful when the ++The library still uses the FIPS140-3 relevant algorithms but all ++forbidden by FIPS140-3 operations are allowed; this is useful when the + application is aware of the followed security policy, and needs + to utilize disallowed operations for other reasons (e.g., compatibility). + @item GNUTLS_@-FIPS140_@-LOG +Index: gnutls-3.7.8/doc/functions/gnutls_fips140_set_mode +=================================================================== +--- gnutls-3.7.8.orig/doc/functions/gnutls_fips140_set_mode ++++ gnutls-3.7.8/doc/functions/gnutls_fips140_set_mode +@@ -3,7 +3,7 @@ + + + @deftypefun {void} {gnutls_fips140_set_mode} (gnutls_fips_mode_t @var{mode}, unsigned @var{flags}) +-@var{mode}: the FIPS140-2 mode to switch to ++@var{mode}: the FIPS140-3 mode to switch to + + @var{flags}: should be zero or @code{GNUTLS_FIPS140_SET_MODE_THREAD} + +@@ -12,13 +12,13 @@ That function is not thread-safe when ch + behavior with no flags after threads are created is undefined. + + When the flag @code{GNUTLS_FIPS140_SET_MODE_THREAD} is specified +-then this call will change the FIPS140-2 mode for this particular ++then this call will change the FIPS140-3 mode for this particular + thread and not for the whole process. That way an application + can utilize this function to set and reset mode for specific + operations. + + This function never fails but will be a no-op if used when +-the library is not in FIPS140-2 mode. When asked to switch to unknown ++the library is not in FIPS140-3 mode. When asked to switch to unknown + values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library + switches to @code{GNUTLS_FIPS140_STRICT} mode. + +Index: gnutls-3.7.8/doc/gnutls.html +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls.html ++++ gnutls-3.7.8/doc/gnutls.html +@@ -486,7 +486,7 @@ Documentation License”. +
  • 11.4 TLS Extension Handling
    • +
  • 11.5 Cryptographic Backend
    • +
  • 11.6 Random Number Generators
    • +-
  • 11.7 FIPS140-2 mode
    • ++
  • 11.7 FIPS140-3 mode
    • + +
  • Appendix A Upgrading from previous versions
    • +
  • Appendix B Support +@@ -8990,7 +8990,7 @@ CPU. The currently available options are +
  • 0x200000: Enable VIA PHE +
  • 0x400000: Enable VIA PHE SHA512 +
    • +-GNUTLS_FORCE_FIPS_MODEIn setups where GnuTLS is compiled with support for FIPS140-2 (see FIPS140-2 mode) ++GNUTLS_FORCE_FIPS_MODEIn setups where GnuTLS is compiled with support for FIPS140-3 (see FIPS140-3 mode) + if set to one it will force the FIPS mode enablement. + + +@@ -18459,7 +18459,7 @@ None: + --inline-commands-prefix=str Change the default delimiter for inline commands + --provider=file Specify the PKCS #11 provider library + - file must pre-exist +- --fips140-mode Reports the status of the FIPS140-2 mode in gnutls library ++ --fips140-mode Reports the status of the FIPS140-3 mode in gnutls library + --list-config Reports the configuration of the library + --logfile=str Redirect informational messages to a specific file + --keymatexport=str Label used for exporting keying material +@@ -19436,7 +19436,7 @@ happens inside the black box. +
  • TLS Extension Handling
    • +
  • Cryptographic Backend
    • +
  • Random Number Generators
    • +-
  • FIPS140-2 mode
    • ++
  • FIPS140-3 mode
    • + +
    + +-

    11.7 FIPS140-2 mode

    ++

    11.7 FIPS140-3 mode

    + +-

    GnuTLS can operate in a special mode for FIPS140-2. That mode of operation +-is for the conformance to NIST’s FIPS140-2 publication, which consists of policies ++

    GnuTLS can operate in a special mode for FIPS140-3. That mode of operation ++is for the conformance to NIST’s FIPS140-3 publication, which consists of policies + for cryptographic modules (such as software libraries). Its implementation in + GnuTLS is designed for Red Hat Enterprise Linux, and can only be enabled + when the library is explicitly compiled with the ’–enable-fips140-mode’ + configure option. +

    +-

    There are two distinct library states with regard to FIPS140-2: the FIPS140-2 ++

    There are two distinct library states with regard to FIPS140-3: the FIPS140-3 + mode is installed if /etc/system-fips is present, and the +-FIPS140-2 mode is enabled if /proc/sys/crypto/fips_enabled ++FIPS140-3 mode is enabled if /proc/sys/crypto/fips_enabled + contains ’1’, which is typically set with the “fips=1” kernel command line + option. +

    +-

    When the FIPS140-2 mode is installed, the operation of the library is modified ++

    When the FIPS140-3 mode is installed, the operation of the library is modified + as follows. +

    + + +-

    When the FIPS140-2 mode is enabled, The operation of the library is in addition ++

    When the FIPS140-3 mode is enabled, The operation of the library is in addition + modified as follows. +

    + + +@@ -20148,7 +20148,7 @@ modified as follows. + environment variable GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS will disable + the library integrity tests on startup, and the variable + GNUTLS_FORCE_FIPS_MODE can be set to force a value from +-Figure 11.5, i.e., ’1’ will enable the FIPS140-2 ++Figure 11.5, i.e., ’1’ will enable the FIPS140-3 + mode, while ’0’ will disable it. +

    +

    The integrity checks for the dependent libraries and GnuTLS are performed +@@ -20156,13 +20156,13 @@ using ’.hmac’ files which ar + key for the operations can be provided on compile-time with the configure + option ’–with-fips140-key’. The MAC algorithm used is HMAC-SHA256. +

    +-

    On runtime an application can verify whether the library is in FIPS140-2 ++

    On runtime an application can verify whether the library is in FIPS140-3 + mode using the gnutls_fips140_mode_enabled function. +

    +-

    Relaxing FIPS140-2 requirements

    ++

    Relaxing FIPS140-3 requirements

    + +

    The library by default operates in a strict enforcing mode, ensuring that +-all constraints imposed by the FIPS140-2 specification are enforced. However ++all constraints imposed by the FIPS140-3 specification are enforced. However + the application can relax these requirements via gnutls_fips140_set_mode + which can switch to alternative modes as in Figure 11.5. +

    +@@ -20171,7 +20171,7 @@ which can switch to alternative modes as + +
    +
    GNUTLS_FIPS140_DISABLED
    +-

    The FIPS140-2 mode is disabled. ++

    The FIPS140-3 mode is disabled. +

    +
    GNUTLS_FIPS140_STRICT
    +

    The default mode; all forbidden operations will cause an +@@ -20182,8 +20182,8 @@ operation failure via error code. + cannot be set or seen by applications. +

    +
    GNUTLS_FIPS140_LAX
    +-

    The library still uses the FIPS140-2 relevant algorithms but all +-forbidden by FIPS140-2 operations are allowed; this is useful when the ++

    The library still uses the FIPS140-3 relevant algorithms but all ++forbidden by FIPS140-3 operations are allowed; this is useful when the + application is aware of the followed security policy, and needs + to utilize disallowed operations for other reasons (e.g., compatibility). +

    +@@ -20195,7 +20195,7 @@ to a message to the audit callback funct + +

    Figure 11.5: The gnutls_fips_mode_t enumeration.

    +

    The intention of this API is to be used by applications which may run in +-FIPS140-2 mode, while they utilize few algorithms not in the allowed set, ++FIPS140-3 mode, while they utilize few algorithms not in the allowed set, + e.g., for non-security related purposes. In these cases applications should + wrap the non-compliant code within blocks like the following. +

    +@@ -20224,9 +20224,9 @@ if (gnutls_fips140_mode_enabled()) +

    The reason of the GNUTLS_FIPS140_SET_MODE_THREAD flag in the + previous calls is to localize the change in the mode. Note also, that + such a block has no effect when the library is not operating +-under FIPS140-2 mode, and thus it can be considered a no-op. ++under FIPS140-3 mode, and thus it can be considered a no-op. +

    +-

    Applications could also switch FIPS140-2 mode explicitly off, by calling ++

    Applications could also switch FIPS140-3 mode explicitly off, by calling +

    + 
    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0);
+
    +@@ -20249,7 +20249,7 @@ performed within a given context. +
    int gnutls_fips140_pop_context ( void)
    +
    + +-

    The gnutls_fips140_context_t represents the FIPS140-2 mode of ++

    The gnutls_fips140_context_t represents the FIPS140-3 mode of + operation. It can be attached to the current execution thread with + gnutls_fips140_push_context and its internal state will be + updated until it is detached with +@@ -20615,8 +20615,8 @@ Previous: +-

    GnuTLS has support for the FIPS 140-2 certification under Red Hat Enterprise Linux. +-See FIPS140-2 mode for more information. ++

    GnuTLS has support for the FIPS 140-3 certification under Red Hat Enterprise Linux. ++See FIPS140-3 mode for more information. +

    +
    + +@@ -24538,7 +24538,7 @@ unusable. This function is not thread-s +

    gnutls_fips140_set_mode

    +
    +
    Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t mode, unsigned flags)
    +-

    mode: the FIPS140-2 mode to switch to ++

    mode: the FIPS140-3 mode to switch to +

    +

    flags: should be zero or GNUTLS_FIPS140_SET_MODE_THREAD +

    +@@ -24547,13 +24547,13 @@ unusable. This function is not thread-s + behavior with no flags after threads are created is undefined. +

    +

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified +-then this call will change the FIPS140-2 mode for this particular ++then this call will change the FIPS140-3 mode for this particular + thread and not for the whole process. That way an application + can utilize this function to set and reset mode for specific + operations. +

    +

    This function never fails but will be a no-op if used when +-the library is not in FIPS140-2 mode. When asked to switch to unknown ++the library is not in FIPS140-3 mode. When asked to switch to unknown + values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library + switches to GNUTLS_FIPS140_STRICT mode. +

    +@@ -46665,7 +46665,7 @@ Next: gnutls_fingerprintCore TLS API + gnutls_fips140_context_deinitCore TLS API + gnutls_fips140_context_initCore TLS API +-gnutls_fips140_get_operation_stateFIPS140-2 mode ++gnutls_fips140_get_operation_stateFIPS140-3 mode + gnutls_fips140_get_operation_stateCore TLS API + gnutls_fips140_mode_enabledCore TLS API + gnutls_fips140_pop_contextCore TLS API +Index: gnutls-3.7.8/doc/gnutls.info-3 +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls.info-3 ++++ gnutls-3.7.8/doc/gnutls.info-3 +@@ -2459,7 +2459,7 @@ to 'more'. Both will exit with a status + --inline-commands-prefix=str Change the default delimiter for inline commands + --provider=file Specify the PKCS #11 provider library + - file must pre-exist +- --fips140-mode Reports the status of the FIPS140-2 mode in gnutls library ++ --fips140-mode Reports the status of the FIPS140-3 mode in gnutls library + --list-config Reports the configuration of the library + --logfile=str Redirect informational messages to a specific file + --keymatexport=str Label used for exporting keying material +@@ -3560,7 +3560,7 @@ to know what happens inside the black bo + * TLS Hello Extension Handling:: + * Cryptographic Backend:: + * Random Number Generators-internals:: +-* FIPS140-2 mode:: ++* FIPS140-3 mode:: + +  + File: gnutls.info, Node: The TLS Protocol, Next: TLS Handshake Protocol, Up: Internal architecture of GnuTLS +@@ -4092,7 +4092,7 @@ and abstract key types::. + kernel implementation of '/dev/crypto'. + +  +-File: gnutls.info, Node: Random Number Generators-internals, Next: FIPS140-2 mode, Prev: Cryptographic Backend, Up: Internal architecture of GnuTLS ++File: gnutls.info, Node: Random Number Generators-internals, Next: FIPS140-3 mode, Prev: Cryptographic Backend, Up: Internal architecture of GnuTLS + + 11.6 Random Number Generators + ============================= +@@ -4102,7 +4102,7 @@ About the generators + + GnuTLS provides two random generators. The default, and the AES-DRBG + random generator which is only used when the library is compiled with +-support for FIPS140-2 and the system is in FIPS140-2 mode. ++support for FIPS140-3 and the system is in FIPS140-3 mode. + + The default generator - inner workings + -------------------------------------- +@@ -4251,25 +4251,25 @@ after observing the output of the PRNG. + the above paragraph, all levels are immune to such attack. + +  +-File: gnutls.info, Node: FIPS140-2 mode, Prev: Random Number Generators-internals, Up: Internal architecture of GnuTLS ++File: gnutls.info, Node: FIPS140-3 mode, Prev: Random Number Generators-internals, Up: Internal architecture of GnuTLS + +-11.7 FIPS140-2 mode ++11.7 FIPS140-3 mode + =================== + +-GnuTLS can operate in a special mode for FIPS140-2. That mode of +-operation is for the conformance to NIST's FIPS140-2 publication, which ++GnuTLS can operate in a special mode for FIPS140-3. That mode of ++operation is for the conformance to NIST's FIPS140-3 publication, which + consists of policies for cryptographic modules (such as software + libraries). Its implementation in GnuTLS is designed for Red Hat + Enterprise Linux, and can only be enabled when the library is explicitly + compiled with the '-enable-fips140-mode' configure option. + +-There are two distinct library states with regard to FIPS140-2: the +-FIPS140-2 mode is _installed_ if '/etc/system-fips' is present, and the +-FIPS140-2 mode is _enabled_ if '/proc/sys/crypto/fips_enabled' contains ++There are two distinct library states with regard to FIPS140-3: the ++FIPS140-3 mode is _installed_ if '/etc/system-fips' is present, and the ++FIPS140-3 mode is _enabled_ if '/proc/sys/crypto/fips_enabled' contains + '1', which is typically set with the "fips=1" kernel command line + option. + +-When the FIPS140-2 mode is installed, the operation of the library is ++When the FIPS140-3 mode is installed, the operation of the library is + modified as follows. + + * The random generator used switches to DRBG-AES +@@ -4277,11 +4277,11 @@ modified as follows. + startup + * Algorithm self-tests are run on library load + +-When the FIPS140-2 mode is enabled, The operation of the library is in ++When the FIPS140-3 mode is enabled, The operation of the library is in + addition modified as follows. + +- * Only approved by FIPS140-2 algorithms are enabled +- * Only approved by FIPS140-2 key lengths are allowed for key ++ * Only approved by FIPS140-3 algorithms are enabled ++ * Only approved by FIPS140-3 key lengths are allowed for key + generation + * Any cryptographic operation will be refused if any of the + self-tests failed +@@ -4290,7 +4290,7 @@ There are also few environment variables + The environment variable 'GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS' will + disable the library integrity tests on startup, and the variable + 'GNUTLS_FORCE_FIPS_MODE' can be set to force a value from *note Figure +-11.5: gnutls_fips_mode_t, i.e., '1' will enable the FIPS140-2 mode, ++11.5: gnutls_fips_mode_t, i.e., '1' will enable the FIPS140-3 mode, + while '0' will disable it. + + The integrity checks for the dependent libraries and GnuTLS are +@@ -4299,20 +4299,20 @@ library. The key for the operations can + with the configure option '-with-fips140-key'. The MAC algorithm used + is HMAC-SHA256. + +-On runtime an application can verify whether the library is in FIPS140-2 ++On runtime an application can verify whether the library is in FIPS140-3 + mode using the *note gnutls_fips140_mode_enabled:: function. + +-Relaxing FIPS140-2 requirements ++Relaxing FIPS140-3 requirements + ------------------------------- + + The library by default operates in a strict enforcing mode, ensuring +-that all constraints imposed by the FIPS140-2 specification are ++that all constraints imposed by the FIPS140-3 specification are + enforced. However the application can relax these requirements via + *note gnutls_fips140_set_mode:: which can switch to alternative modes as + in *note Figure 11.5: gnutls_fips_mode_t. + + 'GNUTLS_FIPS140_DISABLED' +- The FIPS140-2 mode is disabled. ++ The FIPS140-3 mode is disabled. + 'GNUTLS_FIPS140_STRICT' + The default mode; all forbidden operations will cause an operation + failure via error code. +@@ -4320,8 +4320,8 @@ in *note Figure 11.5: gnutls_fips_mode_t + A transient state during library initialization. That state cannot + be set or seen by applications. + 'GNUTLS_FIPS140_LAX' +- The library still uses the FIPS140-2 relevant algorithms but all +- forbidden by FIPS140-2 operations are allowed; this is useful when ++ The library still uses the FIPS140-3 relevant algorithms but all ++ forbidden by FIPS140-3 operations are allowed; this is useful when + the application is aware of the followed security policy, and needs + to utilize disallowed operations for other reasons (e.g., + compatibility). +@@ -4334,7 +4334,7 @@ in *note Figure 11.5: gnutls_fips_mode_t + Figure 11.5: The 'gnutls_fips_mode_t' enumeration. + + The intention of this API is to be used by applications which may run in +-FIPS140-2 mode, while they utilize few algorithms not in the allowed ++FIPS140-3 mode, while they utilize few algorithms not in the allowed + set, e.g., for non-security related purposes. In these cases + applications should wrap the non-compliant code within blocks like the + following. +@@ -4358,10 +4358,10 @@ are macros to simplify the following seq + + The reason of the 'GNUTLS_FIPS140_SET_MODE_THREAD' flag in the previous + calls is to localize the change in the mode. Note also, that such a +-block has no effect when the library is not operating under FIPS140-2 ++block has no effect when the library is not operating under FIPS140-3 + mode, and thus it can be considered a no-op. + +-Applications could also switch FIPS140-2 mode explicitly off, by calling ++Applications could also switch FIPS140-3 mode explicitly off, by calling + gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0); + + Service indicator +@@ -4380,7 +4380,7 @@ within a given context. + 'INT *note gnutls_fips140_push_context:: (gnutls_fips140_context_t CONTEXT)' + 'INT *note gnutls_fips140_pop_context:: ( VOID)' + +-The 'gnutls_fips140_context_t' represents the FIPS140-2 mode of ++The 'gnutls_fips140_context_t' represents the FIPS140-3 mode of + operation. It can be attached to the current execution thread with + *note gnutls_fips140_push_context:: and its internal state will be + updated until it is detached with *note gnutls_fips140_pop_context::. +@@ -4838,8 +4838,8 @@ There are certifications from national o + practices, such as unit testing and reliance on well known crypto + primitives. + +-GnuTLS has support for the FIPS 140-2 certification under Red Hat +-Enterprise Linux. See *note FIPS140-2 mode:: for more information. ++GnuTLS has support for the FIPS 140-3 certification under Red Hat ++Enterprise Linux. See *note FIPS140-3 mode:: for more information. + +  + File: gnutls.info, Node: Error codes, Next: Supported ciphersuites, Prev: Support, Up: Top +@@ -9316,7 +9316,7 @@ gnutls_fips140_set_mode + + -- Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t MODE, + unsigned FLAGS) +- MODE: the FIPS140-2 mode to switch to ++ MODE: the FIPS140-3 mode to switch to + + FLAGS: should be zero or 'GNUTLS_FIPS140_SET_MODE_THREAD' + +@@ -9326,12 +9326,12 @@ gnutls_fips140_set_mode + undefined. + + When the flag 'GNUTLS_FIPS140_SET_MODE_THREAD' is specified then +- this call will change the FIPS140-2 mode for this particular thread ++ this call will change the FIPS140-3 mode for this particular thread + and not for the whole process. That way an application can utilize + this function to set and reset mode for specific operations. + + This function never fails but will be a no-op if used when the +- library is not in FIPS140-2 mode. When asked to switch to unknown ++ library is not in FIPS140-3 mode. When asked to switch to unknown + values for 'mode' or to 'GNUTLS_FIPS140_SELFTESTS' mode, the + library switches to 'GNUTLS_FIPS140_STRICT' mode. + +Index: gnutls-3.7.8/doc/invoke-gnutls-cli.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/invoke-gnutls-cli.texi ++++ gnutls-3.7.8/doc/invoke-gnutls-cli.texi +@@ -99,7 +99,7 @@ None: + --inline-commands-prefix=str Change the default delimiter for inline commands + --provider=file Specify the PKCS #11 provider library + - file must pre-exist +- --fips140-mode Reports the status of the FIPS140-2 mode in gnutls library ++ --fips140-mode Reports the status of the FIPS140-3 mode in gnutls library + --list-config Reports the configuration of the library + --logfile=str Redirect informational messages to a specific file + --keymatexport=str Label used for exporting keying material +Index: gnutls-3.7.8/doc/manpages/gnutls-cli.1 +=================================================================== +--- gnutls-3.7.8.orig/doc/manpages/gnutls-cli.1 ++++ gnutls-3.7.8/doc/manpages/gnutls-cli.1 +@@ -389,7 +389,7 @@ Specify the PKCS #11 provider library. + This will override the default options in /etc/gnutls/pkcs11.conf + .TP + .NOP \f\*[B-Font]\-\-fips140\-mode\f[] +-Reports the status of the FIPS140-2 mode in gnutls library. ++Reports the status of the FIPS140-3 mode in gnutls library. + .sp + .TP + .NOP \f\*[B-Font]\-\-list\-config\f[] +Index: gnutls-3.7.8/doc/reference/html/gnutls-gnutls.html +=================================================================== +--- gnutls-3.7.8.orig/doc/reference/html/gnutls-gnutls.html ++++ gnutls-3.7.8/doc/reference/html/gnutls-gnutls.html +@@ -20552,12 +20552,12 @@ gnutls_fips140_set_mode (GNUTLS_FIPS140_SET_MODE_THREAD is specified +-then this call will change the FIPS140-2 mode for this particular ++then this call will change the FIPS140-3 mode for this particular + thread and not for the whole process. That way an application + can utilize this function to set and reset mode for specific + operations.

    +

    This function never fails but will be a no-op if used when +-the library is not in FIPS140-2 mode. When asked to switch to unknown ++the library is not in FIPS140-3 mode. When asked to switch to unknown + values for mode + or to GNUTLS_FIPS140_SELFTESTS mode, the library + switches to GNUTLS_FIPS140_STRICT mode.

    +@@ -20572,7 +20572,7 @@ switches to

    mode

    +-

    the FIPS140-2 mode to switch to

    ++

    the FIPS140-3 mode to switch to

    +   + + +@@ -25479,7 +25479,7 @@ encryption

    +
    +
    +

    enum gnutls_fips_mode_t

    +-

    Enumeration of different operational modes under FIPS140-2.

    ++

    Enumeration of different operational modes under FIPS140-3.

    +
    +

    Members

    +
    +@@ -25492,7 +25492,7 @@ encryption

    + + + + + +@@ -25515,8 +25515,8 @@ operation failure via error code.

    + + + +@@ -27111,4 +27111,4 @@ transition to +
    Generated by GTK-Doc V1.33.1 + +- +\ No newline at end of file ++ +Index: gnutls-3.7.8/lib/fips.c +=================================================================== +--- gnutls-3.7.8.orig/lib/fips.c ++++ gnutls-3.7.8/lib/fips.c +@@ -113,7 +113,7 @@ unsigned _gnutls_fips_mode_enabled(void) + } + + if (f1p != 0) { +- _gnutls_debug_log("FIPS140-2 mode enabled\n"); ++ _gnutls_debug_log("FIPS140-3 mode enabled\n"); + ret = GNUTLS_FIPS140_STRICT; + goto exit; + } +@@ -122,7 +122,7 @@ unsigned _gnutls_fips_mode_enabled(void) + if (f2p != 0) { + /* a funny state where self tests are performed + * and ignored */ +- _gnutls_debug_log("FIPS140-2 ZOMBIE mode enabled\n"); ++ _gnutls_debug_log("FIPS140-3 ZOMBIE mode enabled\n"); + ret = GNUTLS_FIPS140_SELFTESTS; + goto exit; + } +@@ -632,7 +632,7 @@ unsigned gnutls_fips140_mode_enabled(voi + + /** + * gnutls_fips140_set_mode: +- * @mode: the FIPS140-2 mode to switch to ++ * @mode: the FIPS140-3 mode to switch to + * @flags: should be zero or %GNUTLS_FIPS140_SET_MODE_THREAD + * + * That function is not thread-safe when changing the mode with no flags +@@ -640,13 +640,13 @@ unsigned gnutls_fips140_mode_enabled(voi + * behavior with no flags after threads are created is undefined. + * + * When the flag %GNUTLS_FIPS140_SET_MODE_THREAD is specified +- * then this call will change the FIPS140-2 mode for this particular ++ * then this call will change the FIPS140-3 mode for this particular + * thread and not for the whole process. That way an application + * can utilize this function to set and reset mode for specific + * operations. + * + * This function never fails but will be a no-op if used when +- * the library is not in FIPS140-2 mode. When asked to switch to unknown ++ * the library is not in FIPS140-3 mode. When asked to switch to unknown + * values for @mode or to %GNUTLS_FIPS140_SELFTESTS mode, the library + * switches to %GNUTLS_FIPS140_STRICT mode. + * +@@ -657,8 +657,8 @@ void gnutls_fips140_set_mode(gnutls_fips + #ifdef ENABLE_FIPS140 + gnutls_fips_mode_t prev = _gnutls_fips_mode_enabled(); + if (prev == GNUTLS_FIPS140_DISABLED || prev == GNUTLS_FIPS140_SELFTESTS) { +- /* we need to run self-tests first to be in FIPS140-2 mode */ +- _gnutls_audit_log(NULL, "The library should be initialized in FIPS140-2 mode to do that operation\n"); ++ /* we need to run self-tests first to be in FIPS140-3 mode */ ++ _gnutls_audit_log(NULL, "The library should be initialized in FIPS140-3 mode to do that operation\n"); + return; + } + +@@ -669,7 +669,7 @@ void gnutls_fips140_set_mode(gnutls_fips + case GNUTLS_FIPS140_DISABLED: + break; + case GNUTLS_FIPS140_SELFTESTS: +- _gnutls_audit_log(NULL, "Cannot switch library to FIPS140-2 self-tests mode; defaulting to strict\n"); ++ _gnutls_audit_log(NULL, "Cannot switch library to FIPS140-3 self-tests mode; defaulting to strict\n"); + mode = GNUTLS_FIPS140_STRICT; + break; + default: +@@ -848,7 +848,7 @@ _gnutls_switch_fips_state(gnutls_fips140 + } + + if (!_tfips_context) { +- _gnutls_debug_log("FIPS140-2 context is not set\n"); ++ _gnutls_debug_log("FIPS140-3 context is not set\n"); + return; + } + +@@ -860,7 +860,7 @@ _gnutls_switch_fips_state(gnutls_fips140 + case GNUTLS_FIPS140_OP_INITIAL: + /* initial can be transitioned to any state */ + if (mode != GNUTLS_FIPS140_LAX) { +- _gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from initial to %s\n", ++ _gnutls_audit_log(NULL, "FIPS140-3 operation mode switched from initial to %s\n", + operation_state_to_string(state)); + } + _tfips_context->state = state; +@@ -869,7 +869,7 @@ _gnutls_switch_fips_state(gnutls_fips140 + /* approved can only be transitioned to not-approved */ + if (likely(state == GNUTLS_FIPS140_OP_NOT_APPROVED)) { + if (mode != GNUTLS_FIPS140_LAX) { +- _gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from approved to %s\n", ++ _gnutls_audit_log(NULL, "FIPS140-3 operation mode switched from approved to %s\n", + operation_state_to_string(state)); + } + _tfips_context->state = state; +@@ -879,7 +879,7 @@ _gnutls_switch_fips_state(gnutls_fips140 + default: + /* other transitions are prohibited */ + if (mode != GNUTLS_FIPS140_LAX) { +- _gnutls_audit_log(NULL, "FIPS140-2 operation mode cannot be switched from %s to %s\n", ++ _gnutls_audit_log(NULL, "FIPS140-3 operation mode cannot be switched from %s to %s\n", + operation_state_to_string(_tfips_context->state), + operation_state_to_string(state)); + } +@@ -941,7 +941,7 @@ gnutls_fips140_run_self_tests(void) + if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && + ret < 0) { + _gnutls_switch_lib_state(LIB_STATE_ERROR); +- _gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n"); ++ _gnutls_audit_log(NULL, "FIPS140-3 self testing part 2 failed\n"); + } else { + /* Restore the previous library state */ + _gnutls_switch_lib_state(prev_lib_state); +@@ -951,7 +951,7 @@ gnutls_fips140_run_self_tests(void) + if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && fips_context) { + if (gnutls_fips140_pop_context() < 0) { + _gnutls_switch_lib_state(LIB_STATE_ERROR); +- _gnutls_audit_log(NULL, "FIPS140-2 context restoration failed\n"); ++ _gnutls_audit_log(NULL, "FIPS140-3 context restoration failed\n"); + } + gnutls_fips140_context_deinit(fips_context); + } +Index: gnutls-3.7.8/lib/fips.h +=================================================================== +--- gnutls-3.7.8.orig/lib/fips.h ++++ gnutls-3.7.8/lib/fips.h +@@ -189,16 +189,16 @@ is_digest_algo_allowed_for_sign_in_fips( + } + + #ifdef ENABLE_FIPS140 +-/* This will test the condition when in FIPS140-2 mode ++/* This will test the condition when in FIPS140-3 mode + * and return an error if necessary or ignore */ + # define FIPS_RULE(condition, ret_error, ...) { \ + gnutls_fips_mode_t _mode = _gnutls_fips_mode_enabled(); \ + if (_mode != GNUTLS_FIPS140_DISABLED) { \ + if (condition) { \ + if (_mode == GNUTLS_FIPS140_LOG) { \ +- _gnutls_audit_log(NULL, "fips140-2: allowing "__VA_ARGS__); \ ++ _gnutls_audit_log(NULL, "fips140-3: allowing "__VA_ARGS__); \ + } else if (_mode != GNUTLS_FIPS140_LAX) { \ +- _gnutls_debug_log("fips140-2: disallowing "__VA_ARGS__); \ ++ _gnutls_debug_log("fips140-3: disallowing "__VA_ARGS__); \ + return ret_error; \ + } \ + } \ +@@ -213,7 +213,7 @@ is_mac_algo_allowed(gnutls_mac_algorithm + switch (mode) { + case GNUTLS_FIPS140_LOG: + _gnutls_audit_log(NULL, +- "fips140-2: allowing access to %s\n", ++ "fips140-3: allowing access to %s\n", + gnutls_mac_get_name(algo)); + FALLTHROUGH; + case GNUTLS_FIPS140_DISABLED: +@@ -235,7 +235,7 @@ is_cipher_algo_allowed(gnutls_cipher_alg + !is_cipher_algo_allowed_in_fips(algo)) { + switch (mode) { + case GNUTLS_FIPS140_LOG: +- _gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n", ++ _gnutls_audit_log(NULL, "fips140-3: allowing access to %s\n", + gnutls_cipher_get_name(algo)); + FALLTHROUGH; + case GNUTLS_FIPS140_DISABLED: +@@ -257,7 +257,7 @@ is_digest_algo_allowed_for_sign(gnutls_d + !is_digest_algo_allowed_for_sign_in_fips(algo)) { + switch (mode) { + case GNUTLS_FIPS140_LOG: +- _gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n", ++ _gnutls_audit_log(NULL, "fips140-3: allowing access to %s\n", + gnutls_cipher_get_name(algo)); + FALLTHROUGH; + case GNUTLS_FIPS140_DISABLED: +Index: gnutls-3.7.8/lib/global.c +=================================================================== +--- gnutls-3.7.8.orig/lib/global.c ++++ gnutls-3.7.8/lib/global.c +@@ -326,12 +326,12 @@ static int _gnutls_global_init(unsigned + + #ifdef ENABLE_FIPS140 + res = _gnutls_fips_mode_enabled(); +- /* res == 1 -> fips140-2 mode enabled ++ /* res == 1 -> fips140-3 mode enabled + * res == 2 -> only self checks performed - but no failure + * res == not in fips140 mode + */ + if (res != 0) { +- _gnutls_debug_log("FIPS140-2 mode: %d\n", res); ++ _gnutls_debug_log("FIPS140-3 mode: %d\n", res); + _gnutls_priority_update_fips(); + + /* first round of self checks, these are done on the +@@ -340,7 +340,7 @@ static int _gnutls_global_init(unsigned + ret = _gnutls_fips_perform_self_checks1(); + if (ret < 0) { + _gnutls_switch_lib_state(LIB_STATE_ERROR); +- _gnutls_audit_log(NULL, "FIPS140-2 self testing part1 failed\n"); ++ _gnutls_audit_log(NULL, "FIPS140-3 self testing part1 failed\n"); + if (res != 2) { + gnutls_assert(); + goto out; +@@ -362,7 +362,7 @@ static int _gnutls_global_init(unsigned + ret = _gnutls_fips_perform_self_checks2(); + if (ret < 0) { + _gnutls_switch_lib_state(LIB_STATE_ERROR); +- _gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n"); ++ _gnutls_audit_log(NULL, "FIPS140-3 self testing part 2 failed\n"); + if (res != 2) { + gnutls_assert(); + goto out; +Index: gnutls-3.7.8/lib/includes/gnutls/gnutls.h.in +=================================================================== +--- gnutls-3.7.8.orig/lib/includes/gnutls/gnutls.h.in ++++ gnutls-3.7.8/lib/includes/gnutls/gnutls.h.in +@@ -3336,16 +3336,16 @@ void + gnutls_alert_set_read_function(gnutls_session_t session, + gnutls_alert_read_func func); + +-/* FIPS140-2 related functions */ ++/* FIPS140-3 related functions */ + unsigned gnutls_fips140_mode_enabled(void); + + /** + * gnutls_fips_mode_t: +- * @GNUTLS_FIPS140_DISABLED: The FIPS140-2 mode is disabled. ++ * @GNUTLS_FIPS140_DISABLED: The FIPS140-3 mode is disabled. + * @GNUTLS_FIPS140_STRICT: The default mode; all forbidden operations will cause an + * operation failure via error code. +- * @GNUTLS_FIPS140_LAX: The library still uses the FIPS140-2 relevant algorithms but all +- * forbidden by FIPS140-2 operations are allowed; this is useful when the ++ * @GNUTLS_FIPS140_LAX: The library still uses the FIPS140-3 relevant algorithms but all ++ * forbidden by FIPS140-3 operations are allowed; this is useful when the + * application is aware of the followed security policy, and needs + * to utilize disallowed operations for other reasons (e.g., compatibility). + * @GNUTLS_FIPS140_LOG: Similarly to %GNUTLS_FIPS140_LAX, it allows forbidden operations; any use of them results +@@ -3353,7 +3353,7 @@ unsigned gnutls_fips140_mode_enabled(voi + * @GNUTLS_FIPS140_SELFTESTS: A transient state during library initialization. That state + * cannot be set or seen by applications. + * +- * Enumeration of different operational modes under FIPS140-2. ++ * Enumeration of different operational modes under FIPS140-3. + */ + typedef enum gnutls_fips_mode_t { + GNUTLS_FIPS140_DISABLED = 0, +Index: gnutls-3.7.8/src/cli.c +=================================================================== +--- gnutls-3.7.8.orig/src/cli.c ++++ gnutls-3.7.8/src/cli.c +@@ -1641,10 +1641,10 @@ static void cmd_parser(int argc, char ** + + if (HAVE_OPT(FIPS140_MODE)) { + if (gnutls_fips140_mode_enabled() != 0) { +- fprintf(stderr, "library is in FIPS140-2 mode\n"); ++ fprintf(stderr, "library is in FIPS140-3 mode\n"); + exit(0); + } +- fprintf(stderr, "library is NOT in FIPS140-2 mode\n"); ++ fprintf(stderr, "library is NOT in FIPS140-3 mode\n"); + exit(1); + } + +Index: gnutls-3.7.8/src/gnutls-cli-options.c +=================================================================== +--- gnutls-3.7.8.orig/src/gnutls-cli-options.c ++++ gnutls-3.7.8/src/gnutls-cli-options.c +@@ -785,7 +785,7 @@ usage (FILE *out, int status) + " --inline-commands-prefix=str Change the default delimiter for inline commands\n" + " --provider=file Specify the PKCS #11 provider library\n" + " - file must pre-exist\n" +- " --fips140-mode Reports the status of the FIPS140-2 mode in gnutls library\n" ++ " --fips140-mode Reports the status of the FIPS140-3 mode in gnutls library\n" + " --list-config Reports the configuration of the library\n" + " --logfile=str Redirect informational messages to a specific file\n" + " --keymatexport=str Label used for exporting keying material\n" +Index: gnutls-3.7.8/tests/cert-tests/gost.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/gost.sh ++++ gnutls-3.7.8/tests/cert-tests/gost.sh +@@ -38,7 +38,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs12-corner-cases.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs12-corner-cases.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs12-corner-cases.sh +@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs12-encode.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs12-encode.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs12-encode.sh +@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs12-gost.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs12-gost.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs12-gost.sh +@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs12.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs12.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs12.sh +@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs8-decode.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs8-decode.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs8-decode.sh +@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs8-eddsa.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs8-eddsa.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs8-eddsa.sh +@@ -30,7 +30,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs8-gost.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs8-gost.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs8-gost.sh +@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cert-tests/pkcs8.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cert-tests/pkcs8.sh ++++ gnutls-3.7.8/tests/cert-tests/pkcs8.sh +@@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then + fi + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/cipher-listings.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/cipher-listings.sh ++++ gnutls-3.7.8/tests/cipher-listings.sh +@@ -64,7 +64,7 @@ check() + + ${CLI} --fips140-mode + if test $? = 0;then +- echo "Cannot run this test in FIPS140-2 mode" ++ echo "Cannot run this test in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/tests/testpkcs11.sh +=================================================================== +--- gnutls-3.7.8.orig/tests/testpkcs11.sh ++++ gnutls-3.7.8/tests/testpkcs11.sh +@@ -27,7 +27,7 @@ + RETCODE=0 + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + +Index: gnutls-3.7.8/doc/enums/gnutls_fips_mode_t +=================================================================== +--- gnutls-3.7.8.orig/doc/enums/gnutls_fips_mode_t ++++ gnutls-3.7.8/doc/enums/gnutls_fips_mode_t +@@ -3,7 +3,7 @@ + @c gnutls_fips_mode_t + @table @code + @item GNUTLS_@-FIPS140_@-DISABLED +-The FIPS140-2 mode is disabled. ++The FIPS140-3 mode is disabled. + @item GNUTLS_@-FIPS140_@-STRICT + The default mode; all forbidden operations will cause an + operation failure via error code. +@@ -11,8 +11,8 @@ operation failure via error code. + A transient state during library initialization. That state + cannot be set or seen by applications. + @item GNUTLS_@-FIPS140_@-LAX +-The library still uses the FIPS140-2 relevant algorithms but all +-forbidden by FIPS140-2 operations are allowed; this is useful when the ++The library still uses the FIPS140-3 relevant algorithms but all ++forbidden by FIPS140-3 operations are allowed; this is useful when the + application is aware of the followed security policy, and needs + to utilize disallowed operations for other reasons (e.g., compatibility). + @item GNUTLS_@-FIPS140_@-LOG +Index: gnutls-3.7.8/doc/gnutls-api.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls-api.texi ++++ gnutls-3.7.8/doc/gnutls-api.texi +@@ -3275,7 +3275,7 @@ unusable. This function is not thread-s + @subheading gnutls_fips140_set_mode + @anchor{gnutls_fips140_set_mode} + @deftypefun {void} {gnutls_fips140_set_mode} (gnutls_fips_mode_t @var{mode}, unsigned @var{flags}) +-@var{mode}: the FIPS140-2 mode to switch to ++@var{mode}: the FIPS140-3 mode to switch to + + @var{flags}: should be zero or @code{GNUTLS_FIPS140_SET_MODE_THREAD} + +@@ -3284,13 +3284,13 @@ That function is not thread-safe when ch + behavior with no flags after threads are created is undefined. + + When the flag @code{GNUTLS_FIPS140_SET_MODE_THREAD} is specified +-then this call will change the FIPS140-2 mode for this particular ++then this call will change the FIPS140-3 mode for this particular + thread and not for the whole process. That way an application + can utilize this function to set and reset mode for specific + operations. + + This function never fails but will be a no-op if used when +-the library is not in FIPS140-2 mode. When asked to switch to unknown ++the library is not in FIPS140-3 mode. When asked to switch to unknown + values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library + switches to @code{GNUTLS_FIPS140_STRICT} mode. + +Index: gnutls-3.7.8/lib/ext/session_ticket.c +=================================================================== +--- gnutls-3.7.8.orig/lib/ext/session_ticket.c ++++ gnutls-3.7.8/lib/ext/session_ticket.c +@@ -539,7 +539,7 @@ int gnutls_session_ticket_key_generate(g + { + if (_gnutls_fips_mode_enabled()) { + int ret; +- /* in FIPS140-2 mode gnutls_key_generate imposes ++ /* in FIPS140-3 mode gnutls_key_generate imposes + * some limits on allowed key size, thus it is not + * used. These limits do not affect this function as + * it does not generate a "key" but rather key material +Index: gnutls-3.7.8/lib/libgnutls.map +=================================================================== +--- gnutls-3.7.8.orig/lib/libgnutls.map ++++ gnutls-3.7.8/lib/libgnutls.map +@@ -1418,7 +1418,7 @@ GNUTLS_FIPS140_3_4 { + gnutls_hkdf_self_test; + gnutls_pbkdf2_self_test; + gnutls_tlsprf_self_test; +- #for FIPS140-2 validation ++ #for FIPS140-3 validation + drbg_aes_reseed; + drbg_aes_init; + drbg_aes_generate; +Index: gnutls-3.7.8/lib/nettle/mac.c +=================================================================== +--- gnutls-3.7.8.orig/lib/nettle/mac.c ++++ gnutls-3.7.8/lib/nettle/mac.c +@@ -267,7 +267,7 @@ static void _wrap_gmac_digest(void *_ctx + static int _mac_ctx_init(gnutls_mac_algorithm_t algo, + struct nettle_mac_ctx *ctx) + { +- /* Any FIPS140-2 related enforcement is performed on ++ /* Any FIPS140-3 related enforcement is performed on + * gnutls_hash_init() and gnutls_hmac_init() */ + + ctx->set_nonce = NULL; +@@ -656,7 +656,7 @@ static void _md5_sha1_digest(void *_ctx, + static int _ctx_init(gnutls_digest_algorithm_t algo, + struct nettle_hash_ctx *ctx) + { +- /* Any FIPS140-2 related enforcement is performed on ++ /* Any FIPS140-3 related enforcement is performed on + * gnutls_hash_init() and gnutls_hmac_init() */ + switch (algo) { + case GNUTLS_DIG_MD5: +Index: gnutls-3.7.8/doc/gnutls.info-2 +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls.info-2 ++++ gnutls-3.7.8/doc/gnutls.info-2 +@@ -672,7 +672,7 @@ Variable Purpose + * 0x400000: Enable VIA PHE SHA512 + + 'GNUTLS_FORCE_FIPS_MODE'In setups where GnuTLS is compiled with support +- for FIPS140-2 (see *note FIPS140-2 mode::) if ++ for FIPS140-3 (see *note FIPS140-3 mode::) if + set to one it will force the FIPS mode + enablement. + +Index: gnutls-3.7.8/config.h.in +=================================================================== +--- gnutls-3.7.8.orig/config.h.in ++++ gnutls-3.7.8/config.h.in +@@ -82,7 +82,7 @@ + /* enable DHE */ + #undef ENABLE_ECDHE + +-/* Enable FIPS140-2 mode */ ++/* Enable FIPS140-3 mode */ + #undef ENABLE_FIPS140 + + /* enable GOST */ +@@ -125,7 +125,7 @@ + /* Define this to 1 if F_DUPFD behavior does not match POSIX */ + #undef FCNTL_DUPFD_BUGGY + +-/* The FIPS140-2 integrity key */ ++/* The FIPS140-3 integrity key */ + #undef FIPS_KEY + + /* The FIPS140 module name */ +Index: gnutls-3.7.8/configure +=================================================================== +--- gnutls-3.7.8.orig/configure ++++ gnutls-3.7.8/configure +@@ -3542,7 +3542,7 @@ Optional Features: + --enable-fast-install[=PKGS] + optimize for fast installation [default=yes] + --disable-libtool-lock avoid locking (might break parallel builds) +- --enable-fips140-mode enable FIPS140-2 mode ++ --enable-fips140-mode enable FIPS140-3 mode + --enable-strict-x509 enable stricter sanity checks for x509 certificates + --disable-non-suiteb-curves + disable curves not in SuiteB +Index: gnutls-3.7.8/doc/cha-support.texi +=================================================================== +--- gnutls-3.7.8.orig/doc/cha-support.texi ++++ gnutls-3.7.8/doc/cha-support.texi +@@ -135,5 +135,5 @@ There are certifications from national o + to an auditor that the crypto component follows some best practices, such + as unit testing and reliance on well known crypto primitives. + +-GnuTLS has support for the FIPS 140-2 certification under Red Hat Enterprise Linux. +-See @ref{FIPS140-2 mode} for more information. ++GnuTLS has support for the FIPS 140-3 certification under Red Hat Enterprise Linux. ++See @ref{FIPS140-3 mode} for more information. +Index: gnutls-3.7.8/doc/gnutls.info-6 +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls.info-6 ++++ gnutls-3.7.8/doc/gnutls.info-6 +@@ -8844,7 +8844,7 @@ Function and Data Index + * gnutls_fingerprint: Core TLS API. (line 3513) + * gnutls_fips140_context_deinit: Core TLS API. (line 3540) + * gnutls_fips140_context_init: Core TLS API. (line 3551) +-* gnutls_fips140_get_operation_state: FIPS140-2 mode. (line 138) ++* gnutls_fips140_get_operation_state: FIPS140-3 mode. (line 138) + * gnutls_fips140_get_operation_state <1>: Core TLS API. (line 3564) + * gnutls_fips140_mode_enabled: Core TLS API. (line 3578) + * gnutls_fips140_pop_context: Core TLS API. (line 3596) +Index: gnutls-3.7.8/doc/gnutls.info +=================================================================== +--- gnutls-3.7.8.orig/doc/gnutls.info ++++ gnutls-3.7.8/doc/gnutls.info +@@ -612,7 +612,7 @@ Ref: fig-crypto-layers757273 + Ref: Cryptographic Backend-Footnote-1760557 + Ref: Cryptographic Backend-Footnote-2760642 + Node: Random Number Generators-internals760750 +-Node: FIPS140-2 mode768114 ++Node: FIPS140-3 mode768114 + Ref: gnutls_fips_mode_t770750 + Node: Upgrading from previous versions774347 + Node: Support788341 diff --git a/gnutls-FIPS-PCT-DH.patch b/gnutls-FIPS-PCT-DH.patch new file mode 100644 index 0000000..a48674a --- /dev/null +++ b/gnutls-FIPS-PCT-DH.patch @@ -0,0 +1,85 @@ +Index: gnutls-3.7.8/lib/nettle/pk.c +=================================================================== +--- gnutls-3.7.8.orig/lib/nettle/pk.c ++++ gnutls-3.7.8/lib/nettle/pk.c +@@ -2498,6 +2498,48 @@ static int pct_test(gnutls_pk_algorithm_ + } + break; + case GNUTLS_PK_DH: ++ if (_gnutls_fips_mode_enabled()) { ++ /* Perform Owner Assurance of Pair-wise Consistency ++ * according to SP800-56A (revision 3), 5.6.2.1.4. ++ * ++ * DH params (see lib/crypto-backend.h) ++ * [DSA_P] [0] is p (prime number) ++ * [DSA_Q] [1] is q (prime order) ++ * [DSA_G] [2] is g (generator) ++ * [DSA_Y] [3] is y (public key) ++ * [DSA_X] [4] is x (private key only) ++ * ++ * Regenerate the public key from the private key with ++ * y = g^x mod p and compare it with the previous one. ++ */ ++ ++ mpz_t p, g, y, x; ++ ++ mpz_init(p); ++ mpz_init(g); ++ mpz_init(y); ++ mpz_init(x); ++ ++ mpz_set(p, params->params[DSA_P]); ++ mpz_set(g, params->params[DSA_G]); ++ mpz_set(x, params->params[DSA_X]); ++ ++ mpz_powm(y, g, x, p); ++ ++ ret = mpz_cmp(y, params->params[DSA_Y]); ++ if (unlikely(ret != 0)) { ++ ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR); ++ } ++ ++ mpz_clear(p); ++ mpz_clear(g); ++ mpz_clear(y); ++ mpz_clear(x); ++ if (ret < 0) { ++ goto cleanup; ++ } ++ } ++ break; + case GNUTLS_PK_ECDH_X25519: + case GNUTLS_PK_ECDH_X448: + ret = 0; +@@ -2780,8 +2822,17 @@ wrap_nettle_pk_generate_keys(gnutls_pk_a + } + } + #endif +- +- ret = _gnutls_mpi_init_multi(¶ms->params[DSA_Y], ¶ms->params[DSA_X], NULL); ++ if (_gnutls_fips_mode_enabled()) { ++ ret = _gnutls_mpi_init_multi(¶ms->params[DSA_P], ++ ¶ms->params[DSA_G], ++ ¶ms->params[DSA_Y], ++ ¶ms->params[DSA_X], ++ NULL); ++ } else { ++ ret = _gnutls_mpi_init_multi(¶ms->params[DSA_Y], ++ ¶ms->params[DSA_X], ++ NULL); ++ } + if (ret < 0) { + gnutls_assert(); + goto dh_fail; +@@ -2790,6 +2841,11 @@ wrap_nettle_pk_generate_keys(gnutls_pk_a + mpz_set(TOMPZ(params->params[DSA_Y]), y); + mpz_set(TOMPZ(params->params[DSA_X]), x); + params->params_nr += 2; ++ if (_gnutls_fips_mode_enabled()) { ++ mpz_set(TOMPZ(params->params[DSA_P]), pub.p); ++ mpz_set(TOMPZ(params->params[DSA_G]), pub.g); ++ params->params_nr += 2; ++ } + + ret = 0; + diff --git a/gnutls-FIPS-PCT-ECDH.patch b/gnutls-FIPS-PCT-ECDH.patch new file mode 100644 index 0000000..34895c6 --- /dev/null +++ b/gnutls-FIPS-PCT-ECDH.patch @@ -0,0 +1,171 @@ +Index: gnutls-3.7.3/lib/nettle/pk.c +=================================================================== +--- gnutls-3.7.3.orig/lib/nettle/pk.c ++++ gnutls-3.7.3/lib/nettle/pk.c +@@ -71,6 +71,9 @@ + static inline const struct ecc_curve *get_supported_nist_curve(int curve); + static inline const struct ecc_curve *get_supported_gost_curve(int curve); + ++static inline const char *get_supported_nist_curve_order(int curve); ++static inline const char *get_supported_nist_curve_modulus(int curve); ++ + /* When these callbacks are used for a nettle operation, the + * caller must check the macro HAVE_LIB_ERROR() after the operation + * is complete. If the macro is true, the operation is to be considered +@@ -406,6 +409,10 @@ dh_cleanup: + struct ecc_scalar ecc_priv; + struct ecc_point ecc_pub; + const struct ecc_curve *curve; ++ struct ecc_scalar n; ++ struct ecc_scalar m; ++ struct ecc_point r; ++ mpz_t x, y, xx, yy, nn, mm; + + out->data = NULL; + +@@ -425,10 +432,21 @@ dh_cleanup: + not_approved = true; + } + ++ mpz_init(x); ++ mpz_init(y); ++ mpz_init(xx); ++ mpz_init(yy); ++ mpz_init(nn); ++ mpz_init(mm); ++ ++ ecc_scalar_init(&n, curve); ++ ecc_scalar_init(&m, curve); ++ ecc_point_init(&r, curve); ++ + ret = _ecc_params_to_pubkey(pub, &ecc_pub, curve); + if (ret < 0) { + gnutls_assert(); +- goto cleanup; ++ goto ecc_pub_cleanup; + } + + ret = +@@ -436,7 +454,7 @@ dh_cleanup: + if (ret < 0) { + ecc_point_clear(&ecc_pub); + gnutls_assert(); +- goto cleanup; ++ goto ecc_priv_cleanup; + } + + out->size = gnutls_ecc_curve_get_size(priv->curve); +@@ -449,16 +467,111 @@ dh_cleanup: + goto ecc_cleanup; + } + ++ /* Perform ECC Full Public-Key Validation Routine ++ * according to SP800-56A (revision 3), 5.6.2.3.3. ++ */ ++ ++ /* Step 1: verify that Q is not an identity ++ * element (an infinity point). Note that this ++ * cannot happen in the nettle implementation, ++ * because it cannot represent an infinity point ++ * on curves. */ + ret = ecc_shared_secret(&ecc_priv, &ecc_pub, out->data, + out->size); +- if (ret < 0) ++ if (ret < 0) { + gnutls_free(out->data); ++ goto ecc_cleanup; ++ } ++ ++#ifdef ENABLE_FIPS140 ++ if (_gnutls_fips_mode_enabled()) { ++ const char *order, *modulus; ++ ++ ecc_point_mul(&r, &ecc_priv, &ecc_pub); ++ ecc_point_get(&r, x, y); ++ ++ /* Step 2: verify that both coordinates of Q are ++ * in the range [0, p - 1]. ++ * ++ * Step 3: verify that Q lie on the curve ++ * ++ * Both checks are performed in nettle. */ ++ if (!ecc_point_set(&r, x, y)) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto ecc_cleanup; ++ } ++ ++ /* Step 4: verify that n * Q, where n is the ++ * curve order, result in an identity element ++ * ++ * Since nettle internally cannot represent an ++ * identity element on curves, we validate this ++ * instead: ++ * ++ * (n - 1) * Q = -Q ++ * ++ * That effectively means: n * Q = -Q + Q = O ++ */ ++ order = get_supported_nist_curve_order(priv->curve); ++ if (unlikely(order == NULL)) { ++ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ goto ecc_cleanup; ++ } ++ ++ ret = mpz_set_str(nn, order, 16); ++ if (unlikely(ret < 0)) { ++ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto ecc_cleanup; ++ } ++ ++ modulus = get_supported_nist_curve_modulus(priv->curve); ++ if (unlikely(modulus == NULL)) { ++ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); ++ goto ecc_cleanup; ++ } ++ ++ ret = mpz_set_str(mm, modulus, 16); ++ if (unlikely(ret < 0)) { ++ ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto ecc_cleanup; ++ } ++ ++ /* (n - 1) * Q = -Q */ ++ mpz_sub_ui (nn, nn, 1); ++ ecc_scalar_set(&n, nn); ++ ecc_point_mul(&r, &n, &r); ++ ecc_point_get(&r, xx, yy); ++ mpz_sub (mm, mm, y); ++ ++ if (mpz_cmp(xx, x) != 0 || mpz_cmp(yy, mm) != 0) { ++ ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ++ goto ecc_cleanup; ++ } ++ } else { ++ not_approved = true; ++ } ++#endif ++ ++ ret = 0; + + ecc_cleanup: +- ecc_point_clear(&ecc_pub); + ecc_scalar_zclear(&ecc_priv); ++ ecc_priv_cleanup: ++ ecc_point_clear(&ecc_pub); ++ ecc_pub_cleanup: ++ mpz_clear(x); ++ mpz_clear(y); ++ mpz_clear(xx); ++ mpz_clear(yy); ++ mpz_clear(nn); ++ mpz_clear(mm); ++ ecc_point_clear(&r); ++ ecc_scalar_clear(&n); ++ ecc_scalar_clear(&m); ++ + if (ret < 0) + goto cleanup; ++ + break; + } + case GNUTLS_PK_ECDH_X25519: diff --git a/gnutls.changes b/gnutls.changes index 38fd390..c79d635 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Fri Jan 20 09:58:53 UTC 2023 - Pedro Monreal + +- FIPS: Change all the 140-2 references to FIPS 140-3 in order to + account for the new FIPS certification [bsc#1207346] + * Add gnutls-FIPS-140-3-references.patch + +------------------------------------------------------------------- +Mon Jan 16 12:52:55 UTC 2023 - Pedro Monreal + +- FIPS: GnuTLS DH/ECDH PCT public key regeneration [bsc#1207183] + * Add gnutls-FIPS-PCT-DH.patch gnutls-FIPS-PCT-ECDH.patch + ------------------------------------------------------------------- Mon Dec 12 08:58:58 UTC 2022 - Dirk Müller diff --git a/gnutls.spec b/gnutls.spec index 867a2ed..6a08915 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,7 +1,7 @@ # # spec file for package gnutls # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -68,6 +68,11 @@ Patch7: gnutls-Make-XTS-key-check-failure-not-fatal.patch Patch8: gnutls-disable-flaky-test-dtls-resume.patch #PATCH-FIX-OPENSUSE bsc#1199881 Verify only the libgnutls library HMAC Patch9: gnutls-verify-library-HMAC.patch +#PATCH-FIX-SUSE bsc#1207183 FIPS: DH/ECDH PCT public key regeneration +Patch10: gnutls-FIPS-PCT-DH.patch +Patch11: gnutls-FIPS-PCT-ECDH.patch +#PATCH-FIX-SUSE bsc#1207346 FIPS: Change FIPS 140-2 references to FIPS 140-3 +Patch12: gnutls-FIPS-140-3-references.patch BuildRequires: autogen BuildRequires: automake BuildRequires: datefudge

    GNUTLS_FIPS140_DISABLED

    		 +-

    The FIPS140-2 mode is disabled.

    ++

    The FIPS140-3 mode is disabled.

    +     		 

    GNUTLS_FIPS140_LAX

    		 +-

    The library still uses the FIPS140-2 relevant algorithms but all +-forbidden by FIPS140-2 operations are allowed; this is useful when the ++

    The library still uses the FIPS140-3 relevant algorithms but all ++forbidden by FIPS140-3 operations are allowed; this is useful when the + application is aware of the followed security policy, and needs + to utilize disallowed operations for other reasons (e.g., compatibility).

    +