libgcrypt/libgcrypt-FIPS-SLI-kdf-leylength.patch

Index: libgcrypt-1.10.2/src/fips.c
===================================================================
--- libgcrypt-1.10.2.orig/src/fips.c
+++ libgcrypt-1.10.2/src/fips.c
@@ -520,10 +520,15 @@ int
 _gcry_fips_indicator_kdf (va_list arg_ptr)
 {
   enum gcry_kdf_algos alg = va_arg (arg_ptr, enum gcry_kdf_algos);
+  unsigned int keylen = 0;
 
   switch (alg)
     {
     case GCRY_KDF_PBKDF2:
+      keylen = va_arg (arg_ptr, unsigned int);
+      if (keylen < 112) {
+        return GPG_ERR_NOT_SUPPORTED;
+      }
       return GPG_ERR_NO_ERROR;
     default:
       return GPG_ERR_NOT_SUPPORTED;
Index: libgcrypt-1.10.2/doc/gcrypt.texi
===================================================================
--- libgcrypt-1.10.2.orig/doc/gcrypt.texi
+++ libgcrypt-1.10.2/doc/gcrypt.texi
@@ -970,12 +970,13 @@ is approved under the current FIPS 140-3
 combination is approved, this function returns @code{GPG_ERR_NO_ERROR}.
 Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.
 
-@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos
+@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos [, unsigned int]
 
 Check if the given KDF is approved under the current FIPS 140-3
-certification. If the KDF is approved, this function returns
-@code{GPG_ERR_NO_ERROR}. Otherwise @code{GPG_ERR_NOT_SUPPORTED}
-is returned.
+certification. The second parameter provides the keylength in bits.
+Keylength values of less that 112 bits are considered non-approved.
+If the KDF is approved, this function returns @code{GPG_ERR_NO_ERROR}.
+Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.
 
 @item GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION; Arguments: const char *
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`Index: libgcrypt-1.10.2/src/fips.c`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00			`===================================================================`
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`--- libgcrypt-1.10.2.orig/src/fips.c`
			`+++ libgcrypt-1.10.2/src/fips.c`
			`@@ -520,10 +520,15 @@ int`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00			`_gcry_fips_indicator_kdf (va_list arg_ptr)`
			`{`
			`enum gcry_kdf_algos alg = va_arg (arg_ptr, enum gcry_kdf_algos);`
			`+ unsigned int keylen = 0;`

			`switch (alg)`
			`{`
			`case GCRY_KDF_PBKDF2:`
			`+ keylen = va_arg (arg_ptr, unsigned int);`
			`+ if (keylen < 112) {`
			`+ return GPG_ERR_NOT_SUPPORTED;`
			`+ }`
			`return GPG_ERR_NO_ERROR;`
			`default:`
			`return GPG_ERR_NOT_SUPPORTED;`
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`Index: libgcrypt-1.10.2/doc/gcrypt.texi`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00			`===================================================================`
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`--- libgcrypt-1.10.2.orig/doc/gcrypt.texi`
			`+++ libgcrypt-1.10.2/doc/gcrypt.texi`
			`@@ -970,12 +970,13 @@ is approved under the current FIPS 140-3`
			`combination is approved, this function returns @code{GPG_ERR_NO_ERROR}.`
			`Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00
			`-@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos`
			`+@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos [, unsigned int]`

			`Check if the given KDF is approved under the current FIPS 140-3`
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`-certification. If the KDF is approved, this function returns`
			`-@code{GPG_ERR_NO_ERROR}. Otherwise @code{GPG_ERR_NOT_SUPPORTED}`
			`-is returned.`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00			`+certification. The second parameter provides the keylength in bits.`
			`+Keylength values of less that 112 bits are considered non-approved.`
			`+If the KDF is approved, this function returns @code{GPG_ERR_NO_ERROR}.`
Accepting request 1078466 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 1.10.2: * Bug fixes: - Fix Argon2 for the case output > 64. [rC13b5454d26] - Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44] - Fix RSA key generation failure in forced FIPS mode. [T5919] - Fix gcry_pk_hash_verify for explicit hash. [T6066] - Fix a wrong result of gcry_mpi_invm. [T5970] - Allow building with --disable-asm for HPPA. [T5976] - Allow building with -Oz. [T6432] - Enable the fast path to ChaCha20 only when supported. [T6384] - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217] * Other: - Do not use secure memory for a DRBG instance. [T5933] - Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918] - Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990] - Allow verification of small RSA signatures in FIPS mode. [T5975] - Allow the use of a shorter salt for KDFs in FIPS mode. [T6039] - Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165] - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07] - Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397] - Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9] - Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a] - Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219] - Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba] - Prefer gpgrt-config when available. [T5034] - Mark AESWRAP as approved FIPS algorithm. [T5512] OBS-URL: https://build.opensuse.org/request/show/1078466 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=165 2023-04-11 16:55:16 +02:00			`+Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.`

			`@item GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION; Arguments: const char *`
Accepting request 1004104 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] OBS-URL: https://build.opensuse.org/request/show/1004104 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158 2022-09-16 23:00:13 +02:00