From a4ac49a50a093400461826276851317962f6ef1e7b957d54584a4235ae767119 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Wed, 27 Mar 2024 18:58:32 +0000 Subject: [PATCH] Accepting request 1161324 from home:pmonrealgonzalez:branches:security:tls - jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread. [bsc#1221242] * Add gnutls-FIPS-jitterentropy-deinit-threads.patch - Update to 3.8.4: * libgnutls: RSA-OAEP encryption scheme is now supported To use it with an unrestricted RSA private key, one would need to initialize a gnutls_x509_spki_t object with necessary parameters for RSA-OAEP and attach it to the private key. It is also possible to import restricted private keys if they are stored in PKCS#8 format. * libgnutls: Fix side-channel in the deterministic ECDSA. Reported by George Pantelakis (#1516). [GNUTLS-SA-2023-12-04, CVSS: medium] [bsc#1221746, CVE-2024-28834] * libgnutls: Fixed a bug where certtool crashed when verifying a certificate chain with more than 16 certificates. Reported by William Woodruff (#1525) and yixiangzhike (#1527). [GNUTLS-SA-2024-01-23, CVSS: medium] [bsc#1221747, CVE-2024-28835] * libgnutls: Compression libraries are now loaded dynamically as needed instead of all being loaded during gnutls library initialization. As a result, the library initialization should be faster. * build: The gnutls library can now be linked with the static library of GMP. Note that in order for this to work libgmp.a needs to be compiled with -fPIC and libhogweed in Nettle also has to be linked to the static library of GMP. This can be used to prevent custom memory allocators from being overriden by other applications. * API and ABI modifications: - gnutls_x509_spki_get_rsa_oaep_params: New function. - gnutls_x509_spki_set_rsa_oaep_params: New function. OBS-URL: https://build.opensuse.org/request/show/1161324 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=107 --- gnutls-3.8.3.tar.xz | 3 - gnutls-3.8.3.tar.xz.sig | Bin 580 -> 0 bytes gnutls-3.8.4.tar.xz | 3 + gnutls-3.8.4.tar.xz.sig | Bin 0 -> 119 bytes gnutls-FIPS-140-3-references.patch | 337 +++++++++--------- gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch | 75 ++-- ...ls-FIPS-jitterentropy-deinit-threads.patch | 34 ++ gnutls.changes | 41 +++ gnutls.spec | 4 +- 9 files changed, 296 insertions(+), 201 deletions(-) delete mode 100644 gnutls-3.8.3.tar.xz delete mode 100644 gnutls-3.8.3.tar.xz.sig create mode 100644 gnutls-3.8.4.tar.xz create mode 100644 gnutls-3.8.4.tar.xz.sig create mode 100644 gnutls-FIPS-jitterentropy-deinit-threads.patch diff --git a/gnutls-3.8.3.tar.xz b/gnutls-3.8.3.tar.xz deleted file mode 100644 index e8cb6d8..0000000 --- a/gnutls-3.8.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e -size 6463720 diff --git a/gnutls-3.8.3.tar.xz.sig b/gnutls-3.8.3.tar.xz.sig deleted file mode 100644 index 0531c45239d4089f12a61f514bbaf7de0dc943fc38f910e6c30f1f168abbecf9..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 580 zcmV-K0=xZ*0zm`-0SEvq79j*iA|=DLZ#0LW$VqJ01%!^*=9qB>0%fLFNDUlyWo~ak zXKr;aZ*pe<3JDO_1%!^*=9qCZG!Oumhk1iC7LA9{Iy<5g(#DGjXTXi_n&%5^3HaA`nq+>Nkf;N5tpu}3YC4?iru^_7ZGMvgvWVfam#c7Dj z?900PdDUORn8+DK?;i@j+CG0BB^;i7P8+L^Lgx!iS__Q} zt8HQH|D6_=WxS(Olj6~m8;}k@w(r#e}Ee#4>&TA zu*)T@vjrezg1%t}EehHXa#s+*h5RNb{TarM1*Oys~TvRKZ{9iCO* zI5e^Cv6j(dWjcBK2+FZUhyf;5XpWJFnYT!ZN+MRatxOAwv2ax7=3)_-@^#W9Ws!~X z^)o5VLqLJxe?Jn@v)@CXZOmLA;N4PfFcf*A_vhY1Dzfe{YyW#5lMgd7_LerpN|GsN ztBKtacj#9%-(a?+WbD@`U+XTStM-6_`-vX=$T&WrO-5IIm@-~*5vzYPu+XGp1tnBk zMz5s*0Eyw!7^8f{r{zWT S*dtV_4{}u3XmHM}7d8#R5fjY- diff --git a/gnutls-3.8.4.tar.xz b/gnutls-3.8.4.tar.xz new file mode 100644 index 0000000..4194b4e --- /dev/null +++ b/gnutls-3.8.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2bea4e154794f3f00180fa2a5c51fe8b005ac7a31cd58bd44cdfa7f36ebc3a9b +size 6487520 diff --git a/gnutls-3.8.4.tar.xz.sig b/gnutls-3.8.4.tar.xz.sig new file mode 100644 index 0000000000000000000000000000000000000000000000000000000000000000..203aae422e8325243c282c862f3414c5f493bb5e98f8702dd7831673ee804100 GIT binary patch literal 119 zcmeAuWnmEGVvrS6WQlb<&0l81x}4QC>`PVYGLOwam3Ua0Qh#o2X5iu!fQj_iFf#no zb#R->|NCmBfz+y=2SW8ZJNg@6bKKhSrCmeqq;oSH!(WM5nQo8J=5M__ZcIC6^wHXL UqT~1epP~zYh|RmDm_Cso06lCmjQ{`u literal 0 HcmV?d00001 diff --git a/gnutls-FIPS-140-3-references.patch b/gnutls-FIPS-140-3-references.patch index 526e342..c32f32e 100644 --- a/gnutls-FIPS-140-3-references.patch +++ b/gnutls-FIPS-140-3-references.patch @@ -1,7 +1,7 @@ -Index: gnutls-3.8.3/configure.ac +Index: gnutls-3.8.4/configure.ac =================================================================== ---- gnutls-3.8.3.orig/configure.ac -+++ gnutls-3.8.3/configure.ac +--- gnutls-3.8.4.orig/configure.ac ++++ gnutls-3.8.4/configure.ac @@ -623,19 +623,19 @@ LT_INIT([disable-static,win32-dll,shared AC_LIB_HAVE_LINKFLAGS(dl,, [#include ], [dladdr (0, 0);]) @@ -25,10 +25,10 @@ Index: gnutls-3.8.3/configure.ac AC_ARG_WITH(fips140-module-name, AS_HELP_STRING([--with-fips140-module-name], [specify the FIPS140 module name]), -Index: gnutls-3.8.3/doc/cha-gtls-app.texi +Index: gnutls-3.8.4/doc/cha-gtls-app.texi =================================================================== ---- gnutls-3.8.3.orig/doc/cha-gtls-app.texi -+++ gnutls-3.8.3/doc/cha-gtls-app.texi +--- gnutls-3.8.4.orig/doc/cha-gtls-app.texi ++++ gnutls-3.8.4/doc/cha-gtls-app.texi @@ -222,7 +222,7 @@ CPU. The currently available options are @end itemize @@ -38,10 +38,10 @@ Index: gnutls-3.8.3/doc/cha-gtls-app.texi if set to one it will force the FIPS mode enablement. @end multitable -Index: gnutls-3.8.3/doc/cha-internals.texi +Index: gnutls-3.8.4/doc/cha-internals.texi =================================================================== ---- gnutls-3.8.3.orig/doc/cha-internals.texi -+++ gnutls-3.8.3/doc/cha-internals.texi +--- gnutls-3.8.4.orig/doc/cha-internals.texi ++++ gnutls-3.8.4/doc/cha-internals.texi @@ -14,7 +14,7 @@ happens inside the black box. * TLS Hello Extension Handling:: * Cryptographic Backend:: @@ -162,11 +162,11 @@ Index: gnutls-3.8.3/doc/cha-internals.texi operation. It can be attached to the current execution thread with @funcref{gnutls_fips140_push_context} and its internal state will be updated until it is detached with -Index: gnutls-3.8.3/doc/enums.texi +Index: gnutls-3.8.4/doc/enums.texi =================================================================== ---- gnutls-3.8.3.orig/doc/enums.texi -+++ gnutls-3.8.3/doc/enums.texi -@@ -1188,7 +1188,7 @@ application traffic secret is installed +--- gnutls-3.8.4.orig/doc/enums.texi ++++ gnutls-3.8.4/doc/enums.texi +@@ -1190,7 +1190,7 @@ application traffic secret is installed @c gnutls_fips_mode_t @table @code @item GNUTLS_@-FIPS140_@-DISABLED @@ -175,7 +175,7 @@ Index: gnutls-3.8.3/doc/enums.texi @item GNUTLS_@-FIPS140_@-STRICT The default mode; all forbidden operations will cause an operation failure via error code. -@@ -1196,8 +1196,8 @@ operation failure via error code. +@@ -1198,8 +1198,8 @@ operation failure via error code. A transient state during library initialization. That state cannot be set or seen by applications. @item GNUTLS_@-FIPS140_@-LAX @@ -186,10 +186,10 @@ Index: gnutls-3.8.3/doc/enums.texi application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.8.3/doc/functions/gnutls_fips140_set_mode +Index: gnutls-3.8.4/doc/functions/gnutls_fips140_set_mode =================================================================== ---- gnutls-3.8.3.orig/doc/functions/gnutls_fips140_set_mode -+++ gnutls-3.8.3/doc/functions/gnutls_fips140_set_mode +--- gnutls-3.8.4.orig/doc/functions/gnutls_fips140_set_mode ++++ gnutls-3.8.4/doc/functions/gnutls_fips140_set_mode @@ -3,7 +3,7 @@ @@ -215,10 +215,10 @@ Index: gnutls-3.8.3/doc/functions/gnutls_fips140_set_mode values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.8.3/doc/gnutls.html +Index: gnutls-3.8.4/doc/gnutls.html =================================================================== ---- gnutls-3.8.3.orig/doc/gnutls.html -+++ gnutls-3.8.3/doc/gnutls.html +--- gnutls-3.8.4.orig/doc/gnutls.html ++++ gnutls-3.8.4/doc/gnutls.html @@ -484,7 +484,7 @@ Documentation License”.
  • 11.4 TLS Extension Handling
  • 11.5 Cryptographic Backend
    • @@ -228,7 +228,7 @@ Index: gnutls-3.8.3/doc/gnutls.html
  • Appendix A Upgrading from previous versions
  • Appendix B Support -@@ -9035,7 +9035,7 @@ CPU. The currently available options are +@@ -9041,7 +9041,7 @@ CPU. The currently available options are
  • 0x200000: Enable VIA PHE
  • 0x400000: Enable VIA PHE SHA512
    • @@ -237,7 +237,7 @@ Index: gnutls-3.8.3/doc/gnutls.html if set to one it will force the FIPS mode enablement. -@@ -18446,7 +18446,7 @@ None: +@@ -18452,7 +18452,7 @@ None: --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library - file must pre-exist @@ -246,7 +246,7 @@ Index: gnutls-3.8.3/doc/gnutls.html --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -@@ -19468,7 +19468,7 @@ happens inside the black box. +@@ -19474,7 +19474,7 @@ happens inside the black box.
  • TLS Extension Handling
  • Cryptographic Backend
  • Random Number Generators
    • @@ -255,7 +255,7 @@ Index: gnutls-3.8.3/doc/gnutls.html
    @@ -302,7 +302,7 @@ Index: gnutls-3.8.3/doc/gnutls.html as follows.

      -@@ -20166,12 +20166,12 @@ as follows. +@@ -20172,12 +20172,12 @@ as follows.
    • Algorithm self-tests are run on library load
    @@ -318,7 +318,7 @@ Index: gnutls-3.8.3/doc/gnutls.html
  • Any cryptographic operation will be refused if any of the self-tests failed
    • -@@ -20180,7 +20180,7 @@ modified as follows. +@@ -20186,7 +20186,7 @@ modified as follows. environment variable GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS will disable the library integrity tests on startup, and the variable GNUTLS_FORCE_FIPS_MODE can be set to force a value from @@ -327,7 +327,7 @@ Index: gnutls-3.8.3/doc/gnutls.html mode, while ’0’ will disable it.

    The integrity checks for the dependent libraries and GnuTLS are performed -@@ -20188,13 +20188,13 @@ using ’.hmac’ files which ar +@@ -20194,13 +20194,13 @@ using ’.hmac’ files which ar key for the operations can be provided on compile-time with the configure option ’–with-fips140-key’. The MAC algorithm used is HMAC-SHA256.

    @@ -344,7 +344,7 @@ Index: gnutls-3.8.3/doc/gnutls.html the application can relax these requirements via gnutls_fips140_set_mode which can switch to alternative modes as in Figure 11.5.

    -@@ -20203,7 +20203,7 @@ which can switch to alternative modes as +@@ -20209,7 +20209,7 @@ which can switch to alternative modes as
    GNUTLS_FIPS140_DISABLED
    @@ -353,7 +353,7 @@ Index: gnutls-3.8.3/doc/gnutls.html

    GNUTLS_FIPS140_STRICT

    The default mode; all forbidden operations will cause an -@@ -20214,8 +20214,8 @@ operation failure via error code. +@@ -20220,8 +20220,8 @@ operation failure via error code. cannot be set or seen by applications.

    GNUTLS_FIPS140_LAX
    @@ -364,7 +364,7 @@ Index: gnutls-3.8.3/doc/gnutls.html application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility).

    -@@ -20227,7 +20227,7 @@ to a message to the audit callback funct +@@ -20233,7 +20233,7 @@ to a message to the audit callback funct

    Figure 11.5: The gnutls_fips_mode_t enumeration.

    The intention of this API is to be used by applications which may run in @@ -373,7 +373,7 @@ Index: gnutls-3.8.3/doc/gnutls.html e.g., for non-security related purposes. In these cases applications should wrap the non-compliant code within blocks like the following.

    -@@ -20256,9 +20256,9 @@ if (gnutls_fips140_mode_enabled()) +@@ -20262,9 +20262,9 @@ if (gnutls_fips140_mode_enabled())

    The reason of the GNUTLS_FIPS140_SET_MODE_THREAD flag in the previous calls is to localize the change in the mode. Note also, that such a block has no effect when the library is not operating @@ -385,7 +385,7 @@ Index: gnutls-3.8.3/doc/gnutls.html 

    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, 0);
    -@@ -20281,7 +20281,7 @@ performed within a given context. +@@ -20287,7 +20287,7 @@ performed within a given context.
    int gnutls_fips140_pop_context ( void)
    @@ -394,7 +394,7 @@ Index: gnutls-3.8.3/doc/gnutls.html operation. It can be attached to the current execution thread with gnutls_fips140_push_context and its internal state will be updated until it is detached with -@@ -20654,8 +20654,8 @@ Previous: @@ -405,7 +405,7 @@ Index: gnutls-3.8.3/doc/gnutls.html

    -@@ -24569,7 +24569,7 @@ unusable. This function is not thread-s +@@ -24576,7 +24576,7 @@ unusable. This function is not thread-s

    gnutls_fips140_set_mode

    Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t mode, unsigned flags)
    @@ -414,7 +414,7 @@ Index: gnutls-3.8.3/doc/gnutls.html

    flags: should be zero or GNUTLS_FIPS140_SET_MODE_THREAD

    -@@ -24578,13 +24578,13 @@ unusable. This function is not thread-s +@@ -24585,13 +24585,13 @@ unusable. This function is not thread-s behavior with no flags after threads are created is undefined.

    When the flag GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -430,7 +430,7 @@ Index: gnutls-3.8.3/doc/gnutls.html values for mode or to GNUTLS_FIPS140_SELFTESTS mode, the library switches to GNUTLS_FIPS140_STRICT mode.

    -@@ -46927,7 +46927,7 @@ Next: gnutls_fingerprintCore TLS API gnutls_fips140_context_deinitCore TLS API gnutls_fips140_context_initCore TLS API @@ -439,10 +439,10 @@ Index: gnutls-3.8.3/doc/gnutls.html gnutls_fips140_get_operation_stateCore TLS API gnutls_fips140_mode_enabledCore TLS API gnutls_fips140_pop_contextCore TLS API -Index: gnutls-3.8.3/doc/gnutls.info-3 +Index: gnutls-3.8.4/doc/gnutls.info-3 =================================================================== ---- gnutls-3.8.3.orig/doc/gnutls.info-3 -+++ gnutls-3.8.3/doc/gnutls.info-3 +--- gnutls-3.8.4.orig/doc/gnutls.info-3 ++++ gnutls-3.8.4/doc/gnutls.info-3 @@ -2247,7 +2247,7 @@ to ‘more’. Both will exit with a st --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library @@ -512,7 +512,7 @@ Index: gnutls-3.8.3/doc/gnutls.info-3  File: gnutls.info, Node: Error codes, Next: Supported ciphersuites, Prev: Support, Up: Top -@@ -9151,7 +9151,7 @@ gnutls_fips140_set_mode +@@ -9152,7 +9152,7 @@ gnutls_fips140_set_mode -- Function: void gnutls_fips140_set_mode (gnutls_fips_mode_t MODE, unsigned FLAGS) @@ -521,10 +521,10 @@ Index: gnutls-3.8.3/doc/gnutls.info-3 FLAGS: should be zero or ‘GNUTLS_FIPS140_SET_MODE_THREAD’ -Index: gnutls-3.8.3/doc/invoke-gnutls-cli.texi +Index: gnutls-3.8.4/doc/invoke-gnutls-cli.texi =================================================================== ---- gnutls-3.8.3.orig/doc/invoke-gnutls-cli.texi -+++ gnutls-3.8.3/doc/invoke-gnutls-cli.texi +--- gnutls-3.8.4.orig/doc/invoke-gnutls-cli.texi ++++ gnutls-3.8.4/doc/invoke-gnutls-cli.texi @@ -102,7 +102,7 @@ None: --inline-commands-prefix=str Change the default delimiter for inline commands --provider=file Specify the PKCS #11 provider library @@ -534,10 +534,10 @@ Index: gnutls-3.8.3/doc/invoke-gnutls-cli.texi --list-config Reports the configuration of the library --logfile=str Redirect informational messages to a specific file --keymatexport=str Label used for exporting keying material -Index: gnutls-3.8.3/doc/manpages/gnutls-cli.1 +Index: gnutls-3.8.4/doc/manpages/gnutls-cli.1 =================================================================== ---- gnutls-3.8.3.orig/doc/manpages/gnutls-cli.1 -+++ gnutls-3.8.3/doc/manpages/gnutls-cli.1 +--- gnutls-3.8.4.orig/doc/manpages/gnutls-cli.1 ++++ gnutls-3.8.4/doc/manpages/gnutls-cli.1 @@ -398,7 +398,7 @@ Specify the PKCS #11 provider library. This will override the default options in /etc/gnutls/pkcs11.conf .TP @@ -547,10 +547,10 @@ Index: gnutls-3.8.3/doc/manpages/gnutls-cli.1 .sp .TP .NOP \f\*[B-Font]\-\-list\-config\f[] -Index: gnutls-3.8.3/doc/reference/html/gnutls-gnutls.html +Index: gnutls-3.8.4/doc/reference/html/gnutls-gnutls.html =================================================================== ---- gnutls-3.8.3.orig/doc/reference/html/gnutls-gnutls.html -+++ gnutls-3.8.3/doc/reference/html/gnutls-gnutls.html +--- gnutls-3.8.4.orig/doc/reference/html/gnutls-gnutls.html ++++ gnutls-3.8.4/doc/reference/html/gnutls-gnutls.html @@ -20866,12 +20866,12 @@ gnutls_fips140_set_mode (  -@@ -25904,7 +25904,7 @@ encryption

    +@@ -25911,7 +25911,7 @@ encryption

    enum gnutls_fips_mode_t

    @@ -584,7 +584,7 @@ Index: gnutls-3.8.3/doc/reference/html/gnutls-gnutls.html

    Members

    -@@ -25917,7 +25917,7 @@ encryption

    +@@ -25924,7 +25924,7 @@ encryption

    -@@ -25940,8 +25940,8 @@ operation failure via error code.

    +@@ -25947,8 +25947,8 @@ operation failure via error code.

    -@@ -27575,4 +27575,4 @@ This is used by
    Generated by GTK-Doc V1.33.1 - \ No newline at end of file + -Index: gnutls-3.8.3/lib/fips.c +Index: gnutls-3.8.4/lib/fips.c =================================================================== ---- gnutls-3.8.3.orig/lib/fips.c -+++ gnutls-3.8.3/lib/fips.c +--- gnutls-3.8.4.orig/lib/fips.c ++++ gnutls-3.8.4/lib/fips.c @@ -121,7 +121,7 @@ unsigned _gnutls_fips_mode_enabled(void) } @@ -633,7 +633,7 @@ Index: gnutls-3.8.3/lib/fips.c ret = GNUTLS_FIPS140_SELFTESTS; goto exit; } -@@ -694,7 +694,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -710,7 +710,7 @@ unsigned gnutls_fips140_mode_enabled(voi /** * gnutls_fips140_set_mode: @@ -642,7 +642,7 @@ Index: gnutls-3.8.3/lib/fips.c * @flags: should be zero or %GNUTLS_FIPS140_SET_MODE_THREAD * * That function is not thread-safe when changing the mode with no flags -@@ -702,13 +702,13 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -718,13 +718,13 @@ unsigned gnutls_fips140_mode_enabled(voi * behavior with no flags after threads are created is undefined. * * When the flag %GNUTLS_FIPS140_SET_MODE_THREAD is specified @@ -658,7 +658,7 @@ Index: gnutls-3.8.3/lib/fips.c * values for @mode or to %GNUTLS_FIPS140_SELFTESTS mode, the library * switches to %GNUTLS_FIPS140_STRICT mode. * -@@ -720,10 +720,10 @@ void gnutls_fips140_set_mode(gnutls_fips +@@ -736,10 +736,10 @@ void gnutls_fips140_set_mode(gnutls_fips gnutls_fips_mode_t prev = _gnutls_fips_mode_enabled(); if (prev == GNUTLS_FIPS140_DISABLED || prev == GNUTLS_FIPS140_SELFTESTS) { @@ -671,7 +671,7 @@ Index: gnutls-3.8.3/lib/fips.c return; } -@@ -736,7 +736,7 @@ void gnutls_fips140_set_mode(gnutls_fips +@@ -752,7 +752,7 @@ void gnutls_fips140_set_mode(gnutls_fips case GNUTLS_FIPS140_SELFTESTS: _gnutls_audit_log( NULL, @@ -680,7 +680,7 @@ Index: gnutls-3.8.3/lib/fips.c mode = GNUTLS_FIPS140_STRICT; break; default: -@@ -912,7 +912,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -928,7 +928,7 @@ void _gnutls_switch_fips_state(gnutls_fi } if (!_tfips_context) { @@ -689,7 +689,7 @@ Index: gnutls-3.8.3/lib/fips.c return; } -@@ -926,7 +926,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -942,7 +942,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -698,7 +698,7 @@ Index: gnutls-3.8.3/lib/fips.c operation_state_to_string(state)); } _tfips_context->state = state; -@@ -937,7 +937,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -953,7 +953,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -707,7 +707,7 @@ Index: gnutls-3.8.3/lib/fips.c operation_state_to_string(state)); } _tfips_context->state = state; -@@ -949,7 +949,7 @@ void _gnutls_switch_fips_state(gnutls_fi +@@ -965,7 +965,7 @@ void _gnutls_switch_fips_state(gnutls_fi if (mode != GNUTLS_FIPS140_LAX) { _gnutls_audit_log( NULL, @@ -716,7 +716,7 @@ Index: gnutls-3.8.3/lib/fips.c operation_state_to_string( _tfips_context->state), operation_state_to_string(state)); -@@ -1011,7 +1011,7 @@ int gnutls_fips140_run_self_tests(void) +@@ -1027,7 +1027,7 @@ int gnutls_fips140_run_self_tests(void) ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log(NULL, @@ -725,7 +725,7 @@ Index: gnutls-3.8.3/lib/fips.c } else { /* Restore the previous library state */ _gnutls_switch_lib_state(prev_lib_state); -@@ -1023,7 +1023,7 @@ int gnutls_fips140_run_self_tests(void) +@@ -1039,7 +1039,7 @@ int gnutls_fips140_run_self_tests(void) if (gnutls_fips140_pop_context() < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log( @@ -734,10 +734,10 @@ Index: gnutls-3.8.3/lib/fips.c } gnutls_fips140_context_deinit(fips_context); } -Index: gnutls-3.8.3/lib/fips.h +Index: gnutls-3.8.4/lib/fips.h =================================================================== ---- gnutls-3.8.3.orig/lib/fips.h -+++ gnutls-3.8.3/lib/fips.h +--- gnutls-3.8.4.orig/lib/fips.h ++++ gnutls-3.8.4/lib/fips.h @@ -160,7 +160,7 @@ is_cipher_algo_allowed_in_fips(gnutls_ci } @@ -778,11 +778,11 @@ Index: gnutls-3.8.3/lib/fips.h gnutls_cipher_get_name(algo)); FALLTHROUGH; case GNUTLS_FIPS140_DISABLED: -Index: gnutls-3.8.3/lib/global.c +Index: gnutls-3.8.4/lib/global.c =================================================================== ---- gnutls-3.8.3.orig/lib/global.c -+++ gnutls-3.8.3/lib/global.c -@@ -337,12 +337,12 @@ static int _gnutls_global_init(unsigned +--- gnutls-3.8.4.orig/lib/global.c ++++ gnutls-3.8.4/lib/global.c +@@ -338,12 +338,12 @@ static int _gnutls_global_init(unsigned #ifdef ENABLE_FIPS140 res = _gnutls_fips_mode_enabled(); @@ -797,7 +797,7 @@ Index: gnutls-3.8.3/lib/global.c _gnutls_priority_update_fips(); /* first round of self checks, these are done on the -@@ -352,7 +352,7 @@ static int _gnutls_global_init(unsigned +@@ -353,7 +353,7 @@ static int _gnutls_global_init(unsigned if (ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log( @@ -806,7 +806,7 @@ Index: gnutls-3.8.3/lib/global.c if (res != 2) { gnutls_assert(); goto out; -@@ -375,7 +375,7 @@ static int _gnutls_global_init(unsigned +@@ -376,7 +376,7 @@ static int _gnutls_global_init(unsigned if (ret < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); _gnutls_audit_log( @@ -815,11 +815,11 @@ Index: gnutls-3.8.3/lib/global.c if (res != 2) { gnutls_assert(); goto out; -Index: gnutls-3.8.3/lib/includes/gnutls/gnutls.h.in +Index: gnutls-3.8.4/lib/includes/gnutls/gnutls.h.in =================================================================== ---- gnutls-3.8.3.orig/lib/includes/gnutls/gnutls.h.in -+++ gnutls-3.8.3/lib/includes/gnutls/gnutls.h.in -@@ -3199,16 +3199,16 @@ typedef int (*gnutls_alert_read_func)(gn +--- gnutls-3.8.4.orig/lib/includes/gnutls/gnutls.h.in ++++ gnutls-3.8.4/lib/includes/gnutls/gnutls.h.in +@@ -3201,16 +3201,16 @@ typedef int (*gnutls_alert_read_func)(gn void gnutls_alert_set_read_function(gnutls_session_t session, gnutls_alert_read_func func); @@ -840,7 +840,7 @@ Index: gnutls-3.8.3/lib/includes/gnutls/gnutls.h.in * application is aware of the followed security policy, and needs * to utilize disallowed operations for other reasons (e.g., compatibility). * @GNUTLS_FIPS140_LOG: Similarly to %GNUTLS_FIPS140_LAX, it allows forbidden operations; any use of them results -@@ -3216,7 +3216,7 @@ unsigned gnutls_fips140_mode_enabled(voi +@@ -3218,7 +3218,7 @@ unsigned gnutls_fips140_mode_enabled(voi * @GNUTLS_FIPS140_SELFTESTS: A transient state during library initialization. That state * cannot be set or seen by applications. * @@ -849,10 +849,10 @@ Index: gnutls-3.8.3/lib/includes/gnutls/gnutls.h.in */ typedef enum gnutls_fips_mode_t { GNUTLS_FIPS140_DISABLED = 0, -Index: gnutls-3.8.3/src/cli.c +Index: gnutls-3.8.4/src/cli.c =================================================================== ---- gnutls-3.8.3.orig/src/cli.c -+++ gnutls-3.8.3/src/cli.c +--- gnutls-3.8.4.orig/src/cli.c ++++ gnutls-3.8.4/src/cli.c @@ -1635,10 +1635,10 @@ static void cmd_parser(int argc, char ** if (HAVE_OPT(FIPS140_MODE)) { @@ -866,10 +866,10 @@ Index: gnutls-3.8.3/src/cli.c exit(1); } -Index: gnutls-3.8.3/src/gnutls-cli-options.c +Index: gnutls-3.8.4/src/gnutls-cli-options.c =================================================================== ---- gnutls-3.8.3.orig/src/gnutls-cli-options.c -+++ gnutls-3.8.3/src/gnutls-cli-options.c +--- gnutls-3.8.4.orig/src/gnutls-cli-options.c ++++ gnutls-3.8.4/src/gnutls-cli-options.c @@ -810,7 +810,7 @@ usage (FILE *out, int status) " --inline-commands-prefix=str Change the default delimiter for inline commands\n" " --provider=file Specify the PKCS #11 provider library\n" @@ -879,10 +879,10 @@ Index: gnutls-3.8.3/src/gnutls-cli-options.c " --list-config Reports the configuration of the library\n" " --logfile=str Redirect informational messages to a specific file\n" " --keymatexport=str Label used for exporting keying material\n" -Index: gnutls-3.8.3/tests/cert-tests/gost.sh +Index: gnutls-3.8.4/tests/cert-tests/gost.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/gost.sh -+++ gnutls-3.8.3/tests/cert-tests/gost.sh +--- gnutls-3.8.4.orig/tests/cert-tests/gost.sh ++++ gnutls-3.8.4/tests/cert-tests/gost.sh @@ -38,7 +38,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -892,10 +892,10 @@ Index: gnutls-3.8.3/tests/cert-tests/gost.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs12-corner-cases.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs12-corner-cases.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs12-corner-cases.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs12-corner-cases.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs12-corner-cases.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs12-corner-cases.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -905,10 +905,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs12-corner-cases.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs12-encode.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs12-encode.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs12-encode.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs12-encode.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs12-encode.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs12-encode.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -918,10 +918,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs12-encode.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs12-gost.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs12-gost.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs12-gost.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs12-gost.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs12-gost.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs12-gost.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -931,10 +931,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs12-gost.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs12.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs12.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs12.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs12.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs12.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs12.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -944,10 +944,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs12.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs8-decode.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs8-decode.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs8-decode.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs8-decode.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs8-decode.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs8-decode.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -957,10 +957,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs8-decode.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs8-eddsa.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs8-eddsa.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs8-eddsa.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs8-eddsa.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs8-eddsa.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs8-eddsa.sh @@ -29,7 +29,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -970,10 +970,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs8-eddsa.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs8-gost.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs8-gost.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs8-gost.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs8-gost.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs8-gost.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs8-gost.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -983,10 +983,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs8-gost.sh exit 77 fi -Index: gnutls-3.8.3/tests/cert-tests/pkcs8.sh +Index: gnutls-3.8.4/tests/cert-tests/pkcs8.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cert-tests/pkcs8.sh -+++ gnutls-3.8.3/tests/cert-tests/pkcs8.sh +--- gnutls-3.8.4.orig/tests/cert-tests/pkcs8.sh ++++ gnutls-3.8.4/tests/cert-tests/pkcs8.sh @@ -28,7 +28,7 @@ if ! test -x "${CERTTOOL}"; then fi @@ -996,10 +996,10 @@ Index: gnutls-3.8.3/tests/cert-tests/pkcs8.sh exit 77 fi -Index: gnutls-3.8.3/tests/cipher-listings.sh +Index: gnutls-3.8.4/tests/cipher-listings.sh =================================================================== ---- gnutls-3.8.3.orig/tests/cipher-listings.sh -+++ gnutls-3.8.3/tests/cipher-listings.sh +--- gnutls-3.8.4.orig/tests/cipher-listings.sh ++++ gnutls-3.8.4/tests/cipher-listings.sh @@ -63,7 +63,7 @@ check() ${CLI} --fips140-mode @@ -1009,10 +1009,10 @@ Index: gnutls-3.8.3/tests/cipher-listings.sh exit 77 fi -Index: gnutls-3.8.3/tests/testpkcs11.sh +Index: gnutls-3.8.4/tests/testpkcs11.sh =================================================================== ---- gnutls-3.8.3.orig/tests/testpkcs11.sh -+++ gnutls-3.8.3/tests/testpkcs11.sh +--- gnutls-3.8.4.orig/tests/testpkcs11.sh ++++ gnutls-3.8.4/tests/testpkcs11.sh @@ -26,7 +26,7 @@ RETCODE=0 @@ -1022,10 +1022,10 @@ Index: gnutls-3.8.3/tests/testpkcs11.sh exit 77 fi -Index: gnutls-3.8.3/doc/enums/gnutls_fips_mode_t +Index: gnutls-3.8.4/doc/enums/gnutls_fips_mode_t =================================================================== ---- gnutls-3.8.3.orig/doc/enums/gnutls_fips_mode_t -+++ gnutls-3.8.3/doc/enums/gnutls_fips_mode_t +--- gnutls-3.8.4.orig/doc/enums/gnutls_fips_mode_t ++++ gnutls-3.8.4/doc/enums/gnutls_fips_mode_t @@ -3,7 +3,7 @@ @c gnutls_fips_mode_t @table @code @@ -1046,10 +1046,10 @@ Index: gnutls-3.8.3/doc/enums/gnutls_fips_mode_t application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility). @item GNUTLS_@-FIPS140_@-LOG -Index: gnutls-3.8.3/doc/gnutls-api.texi +Index: gnutls-3.8.4/doc/gnutls-api.texi =================================================================== ---- gnutls-3.8.3.orig/doc/gnutls-api.texi -+++ gnutls-3.8.3/doc/gnutls-api.texi +--- gnutls-3.8.4.orig/doc/gnutls-api.texi ++++ gnutls-3.8.4/doc/gnutls-api.texi @@ -3275,7 +3275,7 @@ unusable. This function is not thread-s @subheading gnutls_fips140_set_mode @anchor{gnutls_fips140_set_mode} @@ -1075,10 +1075,10 @@ Index: gnutls-3.8.3/doc/gnutls-api.texi values for @code{mode} or to @code{GNUTLS_FIPS140_SELFTESTS} mode, the library switches to @code{GNUTLS_FIPS140_STRICT} mode. -Index: gnutls-3.8.3/lib/ext/session_ticket.c +Index: gnutls-3.8.4/lib/ext/session_ticket.c =================================================================== ---- gnutls-3.8.3.orig/lib/ext/session_ticket.c -+++ gnutls-3.8.3/lib/ext/session_ticket.c +--- gnutls-3.8.4.orig/lib/ext/session_ticket.c ++++ gnutls-3.8.4/lib/ext/session_ticket.c @@ -517,7 +517,7 @@ int gnutls_session_ticket_key_generate(g { if (_gnutls_fips_mode_enabled()) { @@ -1088,11 +1088,11 @@ Index: gnutls-3.8.3/lib/ext/session_ticket.c * some limits on allowed key size, thus it is not * used. These limits do not affect this function as * it does not generate a "key" but rather key material -Index: gnutls-3.8.3/lib/libgnutls.map +Index: gnutls-3.8.4/lib/libgnutls.map =================================================================== ---- gnutls-3.8.3.orig/lib/libgnutls.map -+++ gnutls-3.8.3/lib/libgnutls.map -@@ -1441,7 +1441,7 @@ GNUTLS_FIPS140_3_4 { +--- gnutls-3.8.4.orig/lib/libgnutls.map ++++ gnutls-3.8.4/lib/libgnutls.map +@@ -1450,7 +1450,7 @@ GNUTLS_FIPS140_3_4 { gnutls_hkdf_self_test; gnutls_pbkdf2_self_test; gnutls_tlsprf_self_test; @@ -1101,10 +1101,10 @@ Index: gnutls-3.8.3/lib/libgnutls.map drbg_aes_reseed; drbg_aes_init; drbg_aes_generate; -Index: gnutls-3.8.3/lib/nettle/mac.c +Index: gnutls-3.8.4/lib/nettle/mac.c =================================================================== ---- gnutls-3.8.3.orig/lib/nettle/mac.c -+++ gnutls-3.8.3/lib/nettle/mac.c +--- gnutls-3.8.4.orig/lib/nettle/mac.c ++++ gnutls-3.8.4/lib/nettle/mac.c @@ -262,7 +262,7 @@ static void _wrap_gmac_digest(void *_ctx static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx) @@ -1123,10 +1123,10 @@ Index: gnutls-3.8.3/lib/nettle/mac.c * gnutls_hash_init() and gnutls_hmac_init() */ switch (algo) { case GNUTLS_DIG_MD5: -Index: gnutls-3.8.3/config.h.in +Index: gnutls-3.8.4/config.h.in =================================================================== ---- gnutls-3.8.3.orig/config.h.in -+++ gnutls-3.8.3/config.h.in +--- gnutls-3.8.4.orig/config.h.in ++++ gnutls-3.8.4/config.h.in @@ -82,7 +82,7 @@ /* enable DHE */ #undef ENABLE_ECDHE @@ -1145,11 +1145,11 @@ Index: gnutls-3.8.3/config.h.in #undef FIPS_KEY /* The FIPS140 module name */ -Index: gnutls-3.8.3/configure +Index: gnutls-3.8.4/configure =================================================================== ---- gnutls-3.8.3.orig/configure -+++ gnutls-3.8.3/configure -@@ -3830,7 +3830,7 @@ Optional Features: +--- gnutls-3.8.4.orig/configure ++++ gnutls-3.8.4/configure +@@ -3832,7 +3832,7 @@ Optional Features: --enable-fast-install[=PKGS] optimize for fast installation [default=yes] --disable-libtool-lock avoid locking (might break parallel builds) @@ -1158,10 +1158,10 @@ Index: gnutls-3.8.3/configure --enable-strict-x509 enable stricter sanity checks for x509 certificates --disable-non-suiteb-curves disable curves not in SuiteB -Index: gnutls-3.8.3/doc/cha-support.texi +Index: gnutls-3.8.4/doc/cha-support.texi =================================================================== ---- gnutls-3.8.3.orig/doc/cha-support.texi -+++ gnutls-3.8.3/doc/cha-support.texi +--- gnutls-3.8.4.orig/doc/cha-support.texi ++++ gnutls-3.8.4/doc/cha-support.texi @@ -134,5 +134,5 @@ There are certifications from national o to an auditor that the crypto component follows some best practices, such as unit testing and reliance on well known crypto primitives. @@ -1170,23 +1170,23 @@ Index: gnutls-3.8.3/doc/cha-support.texi -See @ref{FIPS140-2 mode} for more information. +GnuTLS has support for the FIPS 140-3 certification under Red Hat Enterprise Linux. +See @ref{FIPS140-3 mode} for more information. -Index: gnutls-3.8.3/doc/gnutls.info +Index: gnutls-3.8.4/doc/gnutls.info =================================================================== ---- gnutls-3.8.3.orig/doc/gnutls.info -+++ gnutls-3.8.3/doc/gnutls.info -@@ -618,7 +618,7 @@ Ref: fig-crypto-layers744471 - Ref: Cryptographic Backend-Footnote-1747783 - Ref: Cryptographic Backend-Footnote-2747868 - Node: Random Number Generators-internals747980 --Node: FIPS140-2 mode755450 -+Node: FIPS140-3 mode755450 - Ref: gnutls_fips_mode_t758148 - Node: Upgrading from previous versions761817 - Node: Support776059 -Index: gnutls-3.8.3/src/gnutls-cli-options.json +--- gnutls-3.8.4.orig/doc/gnutls.info ++++ gnutls-3.8.4/doc/gnutls.info +@@ -619,7 +619,7 @@ Ref: fig-crypto-layers744797 + Ref: Cryptographic Backend-Footnote-1748109 + Ref: Cryptographic Backend-Footnote-2748194 + Node: Random Number Generators-internals748306 +-Node: FIPS140-2 mode755776 ++Node: FIPS140-3 mode755776 + Ref: gnutls_fips_mode_t758474 + Node: Upgrading from previous versions762143 + Node: Support776385 +Index: gnutls-3.8.4/src/gnutls-cli-options.json =================================================================== ---- gnutls-3.8.3.orig/src/gnutls-cli-options.json -+++ gnutls-3.8.3/src/gnutls-cli-options.json +--- gnutls-3.8.4.orig/src/gnutls-cli-options.json ++++ gnutls-3.8.4/src/gnutls-cli-options.json @@ -384,7 +384,7 @@ }, { @@ -1196,3 +1196,16 @@ Index: gnutls-3.8.3/src/gnutls-cli-options.json }, { "long-option": "list-config", +Index: gnutls-3.8.4/tests/pkcs11-tool.sh +=================================================================== +--- gnutls-3.8.4.orig/tests/pkcs11-tool.sh ++++ gnutls-3.8.4/tests/pkcs11-tool.sh +@@ -30,7 +30,7 @@ set -x + : ${DIFF=diff} + + if test "${GNUTLS_FORCE_FIPS_MODE}" = 1;then +- echo "Cannot run in FIPS140-2 mode" ++ echo "Cannot run in FIPS140-3 mode" + exit 77 + fi + diff --git a/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch b/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch index fca7603..14fad43 100644 --- a/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch +++ b/gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch @@ -1,112 +1,117 @@ -Index: gnutls-3.8.0/lib/fips.c +Index: gnutls-3.8.4/lib/fips.c =================================================================== ---- gnutls-3.8.0.orig/lib/fips.c -+++ gnutls-3.8.0/lib/fips.c -@@ -171,16 +171,28 @@ struct hmac_entry { +--- gnutls-3.8.4.orig/lib/fips.c ++++ gnutls-3.8.4/lib/fips.c +@@ -175,20 +175,32 @@ struct hmac_entry { struct hmac_file { int version; struct hmac_entry gnutls; +#if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ ++ /* Disable nettle, hogweed and gmp HMAC verification as ++ * they are calculated during build of the respective ++ * packages and can differ from the ones listed here. ++ */ struct hmac_entry nettle; struct hmac_entry hogweed; + #ifdef GMP_LIBRARY_SONAME struct hmac_entry gmp; + #endif +#endif }; struct lib_paths { char gnutls[GNUTLS_PATH_MAX]; +#if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ ++ /* Disable nettle, hogweed and gmp HMAC verification as ++ * they are calculated during build of the respective ++ * packages and can differ from the ones listed here. ++ */ char nettle[GNUTLS_PATH_MAX]; char hogweed[GNUTLS_PATH_MAX]; + #ifdef GMP_LIBRARY_SONAME char gmp[GNUTLS_PATH_MAX]; + #endif +#endif }; /* -@@ -241,12 +253,18 @@ static int handler(void *user, const cha +@@ -248,6 +252,11 @@ static int handler(void *user, const cha } } else if (!strcmp(section, GNUTLS_LIBRARY_NAME)) { return lib_handler(&p->gnutls, section, name, value); +#if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ ++ /* Disable nettle, hogweed and gmp HMAC verification as ++ * they are calculated during build of the respective ++ * packages and can differ from the ones listed here. ++ */ } else if (!strcmp(section, NETTLE_LIBRARY_NAME)) { return lib_handler(&p->nettle, section, name, value); } else if (!strcmp(section, HOGWEED_LIBRARY_NAME)) { - return lib_handler(&p->hogweed, section, name, value); +@@ -256,6 +265,7 @@ static int handler(void *user, const cha } else if (!strcmp(section, GMP_LIBRARY_NAME)) { return lib_handler(&p->gmp, section, name, value); + #endif +#endif } else { return 0; } -@@ -391,12 +409,18 @@ static int callback(struct dl_phdr_info +@@ -401,6 +411,11 @@ static int callback(struct dl_phdr_info if (!strcmp(soname, GNUTLS_LIBRARY_SONAME)) _gnutls_str_cpy(paths->gnutls, GNUTLS_PATH_MAX, path); +#if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as -+ * they are calculated during build of the respective -+ * packages and can differ from the ones listed here. -+ */ ++ /* Disable nettle, hogweed and gmp HMAC verification as ++ * they are calculated during build of the respective ++ * packages and can differ from the ones listed here. ++ */ else if (!strcmp(soname, NETTLE_LIBRARY_SONAME)) _gnutls_str_cpy(paths->nettle, GNUTLS_PATH_MAX, path); else if (!strcmp(soname, HOGWEED_LIBRARY_SONAME)) - _gnutls_str_cpy(paths->hogweed, GNUTLS_PATH_MAX, path); +@@ -409,6 +424,7 @@ static int callback(struct dl_phdr_info else if (!strcmp(soname, GMP_LIBRARY_SONAME)) _gnutls_str_cpy(paths->gmp, GNUTLS_PATH_MAX, path); + #endif +#endif return 0; } -@@ -409,6 +433,11 @@ static int load_lib_paths(struct lib_pat +@@ -421,6 +437,11 @@ static int load_lib_paths(struct lib_pat _gnutls_debug_log("Gnutls library path was not found\n"); return gnutls_assert_val(GNUTLS_E_FILE_ERROR); } +#if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as ++ /* Disable nettle, hogweed and gmp HMAC verification as + * they are calculated during build of the respective + * packages and can differ from the ones listed here. + */ if (paths->nettle[0] == '\0') { _gnutls_debug_log("Nettle library path was not found\n"); return gnutls_assert_val(GNUTLS_E_FILE_ERROR); -@@ -421,7 +450,7 @@ static int load_lib_paths(struct lib_pat - _gnutls_debug_log("Gmp library path was not found\n"); +@@ -435,6 +456,7 @@ static int load_lib_paths(struct lib_pat return gnutls_assert_val(GNUTLS_E_FILE_ERROR); } -- + #endif +#endif + return GNUTLS_E_SUCCESS; } - -@@ -467,6 +496,11 @@ static int check_binary_integrity(void) +@@ -481,6 +503,11 @@ static int check_binary_integrity(void) ret = check_lib_hmac(&hmac.gnutls, paths.gnutls); if (ret < 0) return ret; +# if 0 -+ /* Disable nettle, hogweed and gpm HMAC verification as ++ /* Disable nettle, hogweed and gmp HMAC verification as + * they are calculated during build of the respective + * packages and can differ from the ones listed here. + */ ret = check_lib_hmac(&hmac.nettle, paths.nettle); if (ret < 0) return ret; -@@ -476,6 +510,7 @@ static int check_binary_integrity(void) - ret = check_lib_hmac(&hmac.gmp, paths.gmp); +@@ -492,6 +519,7 @@ static int check_binary_integrity(void) if (ret < 0) return ret; -+# endif + #endif ++#endif return 0; } diff --git a/gnutls-FIPS-jitterentropy-deinit-threads.patch b/gnutls-FIPS-jitterentropy-deinit-threads.patch new file mode 100644 index 0000000..bc193e9 --- /dev/null +++ b/gnutls-FIPS-jitterentropy-deinit-threads.patch @@ -0,0 +1,34 @@ +Index: gnutls-3.8.4/lib/state.c +=================================================================== +--- gnutls-3.8.4.orig/lib/state.c ++++ gnutls-3.8.4/lib/state.c +@@ -830,6 +830,12 @@ void gnutls_deinit(gnutls_session_t sess + gnutls_mutex_deinit(&session->internals.post_negotiation_lock); + gnutls_mutex_deinit(&session->internals.epoch_lock); + ++#if defined(__linux__) ++# if defined(ENABLE_FIPS140) ++ _rnd_system_entropy_deinit(); ++# endif ++#endif ++ + gnutls_free(session); + } + +Index: gnutls-3.8.4/lib/nettle/rnd.c +=================================================================== +--- gnutls-3.8.4.orig/lib/nettle/rnd.c ++++ gnutls-3.8.4/lib/nettle/rnd.c +@@ -79,6 +79,12 @@ struct generators_ctx_st { + + static void wrap_nettle_rnd_deinit(void *_ctx) + { ++#if defined(__linux__) ++# if defined(ENABLE_FIPS140) ++ _rnd_system_entropy_deinit(); ++# endif ++#endif ++ + gnutls_free(_ctx); + } + diff --git a/gnutls.changes b/gnutls.changes index 9ac238c..e48fae2 100644 --- a/gnutls.changes +++ b/gnutls.changes @@ -1,3 +1,44 @@ +------------------------------------------------------------------- +Wed Mar 20 12:08:50 UTC 2024 - Pedro Monreal + +- jitterentropy: Release the memory of the entropy collector when + using jitterentropy with phtreads as there is also a + pre-intitization done in the main thread. [bsc#1221242] + * Add gnutls-FIPS-jitterentropy-deinit-threads.patch + +------------------------------------------------------------------- +Wed Mar 20 09:26:32 UTC 2024 - Pedro Monreal + +- Update to 3.8.4: + * libgnutls: RSA-OAEP encryption scheme is now supported + To use it with an unrestricted RSA private key, one would need to + initialize a gnutls_x509_spki_t object with necessary parameters + for RSA-OAEP and attach it to the private key. It is also possible + to import restricted private keys if they are stored in PKCS#8 + format. + * libgnutls: Fix side-channel in the deterministic ECDSA. + Reported by George Pantelakis (#1516). + [GNUTLS-SA-2023-12-04, CVSS: medium] [bsc#1221746, CVE-2024-28834] + * libgnutls: Fixed a bug where certtool crashed when verifying a + certificate chain with more than 16 certificates. Reported by + William Woodruff (#1525) and yixiangzhike (#1527). + [GNUTLS-SA-2024-01-23, CVSS: medium] [bsc#1221747, CVE-2024-28835] + * libgnutls: Compression libraries are now loaded dynamically as needed + instead of all being loaded during gnutls library initialization. + As a result, the library initialization should be faster. + * build: The gnutls library can now be linked with the static library + of GMP. Note that in order for this to work libgmp.a needs to be + compiled with -fPIC and libhogweed in Nettle also has to be linked + to the static library of GMP. This can be used to prevent custom + memory allocators from being overriden by other applications. + * API and ABI modifications: + - gnutls_x509_spki_get_rsa_oaep_params: New function. + - gnutls_x509_spki_set_rsa_oaep_params: New function. + - GNUTLS_PK_RSA_OAEP: New enum member of gnutls_pk_algorithm_t. + * Rebase patches: + - gnutls-FIPS-140-3-references.patch + - gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch + ------------------------------------------------------------------- Wed Feb 21 18:04:48 UTC 2024 - Jan Engelhardt diff --git a/gnutls.spec b/gnutls.spec index a9a8385..1f5c910 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -40,7 +40,7 @@ %endif %bcond_with tpm Name: gnutls -Version: 3.8.3 +Version: 3.8.4 Release: 0 Summary: The GNU Transport Layer Security Library License: GPL-3.0-or-later AND LGPL-2.1-or-later @@ -66,6 +66,8 @@ Patch101: gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch %if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 #PATCH-FIX-SUSE bsc#1202146 FIPS: Port gnutls to use jitterentropy Patch102: gnutls-FIPS-jitterentropy.patch +#PATCH-FIX-SUSE bsc#1221242 Fix memleak in gnutls' jitterentropy collector +Patch103: gnutls-FIPS-jitterentropy-deinit-threads.patch %endif BuildRequires: autogen BuildRequires: automake

    GNUTLS_FIPS140_DISABLED

    		 @@ -593,7 +593,7 @@ Index: gnutls-3.8.3/doc/reference/html/gnutls-gnutls.html  

    GNUTLS_FIPS140_LAX

    		 @@ -604,17 +604,17 @@ Index: gnutls-3.8.3/doc/reference/html/gnutls-gnutls.html application is aware of the followed security policy, and needs to utilize disallowed operations for other reasons (e.g., compatibility).