diff --git a/libgcrypt-1.8.3-fips-ctor.patch b/libgcrypt-1.8.3-fips-ctor.patch new file mode 100644 index 0000000..34a5e95 --- /dev/null +++ b/libgcrypt-1.8.3-fips-ctor.patch @@ -0,0 +1,260 @@ +Index: libgcrypt-1.8.4/cipher/md.c +=================================================================== +--- libgcrypt-1.8.4.orig/cipher/md.c 2019-03-25 16:58:52.844354398 +0100 ++++ libgcrypt-1.8.4/cipher/md.c 2019-03-25 16:58:53.512358321 +0100 +@@ -411,11 +411,8 @@ md_enable (gcry_md_hd_t hd, int algorith + + if (!err && algorithm == GCRY_MD_MD5 && fips_mode ()) + { +- _gcry_inactivate_fips_mode ("MD5 used"); + if (_gcry_enforced_fips_mode () ) + { +- /* We should never get to here because we do not register +- MD5 in enforced fips mode. But better throw an error. */ + err = GPG_ERR_DIGEST_ALGO; + } + } +Index: libgcrypt-1.8.4/src/fips.c +=================================================================== +--- libgcrypt-1.8.4.orig/src/fips.c 2019-03-25 16:58:52.844354398 +0100 ++++ libgcrypt-1.8.4/src/fips.c 2019-03-25 16:58:53.516358344 +0100 +@@ -91,6 +91,31 @@ static void fips_new_state (enum module_ + + + ++/* Initialize the FSM lock - this function may only ++ be called once and is intended to be run from the library ++ constructor */ ++void ++_gcry_initialize_fsm_lock (void) ++{ ++ gpg_error_t err; ++ /* Intitialize the lock to protect the FSM. */ ++ err = gpgrt_lock_init (&fsm_lock); ++ if (err) ++ { ++ /* If that fails we can't do anything but abort the ++ process. We need to use log_info so that the FSM won't ++ get involved. */ ++ log_info ("FATAL: failed to create the FSM lock in libgcrypt: %s\n", ++ gpg_strerror (err)); ++#ifdef HAVE_SYSLOG ++ syslog (LOG_USER|LOG_ERR, "Libgcrypt error: " ++ "creating FSM lock failed: %s - abort", ++ gpg_strerror (err)); ++#endif /*HAVE_SYSLOG*/ ++ abort (); ++ } ++} ++ + /* Check whether the OS is in FIPS mode and record that in a module + local variable. If FORCE is passed as true, fips mode will be + enabled anyway. Note: This function is not thread-safe and should +@@ -100,7 +125,6 @@ void + _gcry_initialize_fips_mode (int force) + { + static int done; +- gpg_error_t err; + + /* Make sure we are not accidentally called twice. */ + if (done) +@@ -190,24 +214,6 @@ _gcry_initialize_fips_mode (int force) + /* Yes, we are in FIPS mode. */ + FILE *fp; + +- /* Intitialize the lock to protect the FSM. */ +- err = gpgrt_lock_init (&fsm_lock); +- if (err) +- { +- /* If that fails we can't do anything but abort the +- process. We need to use log_info so that the FSM won't +- get involved. */ +- log_info ("FATAL: failed to create the FSM lock in libgcrypt: %s\n", +- gpg_strerror (err)); +-#ifdef HAVE_SYSLOG +- syslog (LOG_USER|LOG_ERR, "Libgcrypt error: " +- "creating FSM lock failed: %s - abort", +- gpg_strerror (err)); +-#endif /*HAVE_SYSLOG*/ +- abort (); +- } +- +- + /* If the FIPS force files exists, is readable and has a number + != 0 on its first line, we enable the enforced fips mode. */ + fp = fopen (FIPS_FORCE_FILE, "r"); +@@ -370,16 +376,20 @@ _gcry_fips_is_operational (void) + { + int result; + +- if (!fips_mode ()) ++ lock_fsm (); ++ if (current_state == STATE_POWERON && !fips_mode ()) ++ /* If we are at this point in POWERON state it means the FIPS ++ module installation was not completed. (/etc/system-fips ++ is not present.) */ + result = 1; + else + { +- lock_fsm (); +- if (current_state == STATE_INIT) ++ if (current_state == STATE_INIT || current_state == STATE_SELFTEST) + { +- /* If we are still in the INIT state, we need to run the +- selftests so that the FSM can eventually get into +- operational state. Given that we would need a 2-phase ++ /* If we are still in the INIT (or SELFTEST) state, ++ we need to run (or finish) the selftests so ++ that the FSM can eventually get into operational ++ state. Given that we would need a 2-phase + initialization of libgcrypt, but that has traditionally + not been enforced, we use this on demand self-test + checking. Note that Proper applications would do the +@@ -395,9 +405,11 @@ _gcry_fips_is_operational (void) + lock_fsm (); + } + +- result = (current_state == STATE_OPERATIONAL); +- unlock_fsm (); ++ result = (current_state == STATE_OPERATIONAL) || !fips_mode (); ++ /* We always run the selftests but ignore the result ++ in non-FIPS mode. */ + } ++ unlock_fsm (); + return result; + } + +@@ -722,9 +734,25 @@ _gcry_fips_run_selftests (int extended) + { + enum module_states result = STATE_ERROR; + gcry_err_code_t ec = GPG_ERR_SELFTEST_FAILED; ++ int in_poweron; + +- if (fips_mode ()) +- fips_new_state (STATE_SELFTEST); ++ lock_fsm (); ++ in_poweron = (current_state == STATE_POWERON); ++ unlock_fsm (); ++ ++ fips_new_state (STATE_SELFTEST); ++ ++ /* We first check the integrity of the binary. ++ If run from the constructor we are in POWERON state, ++ we return and finish the remaining selftests before ++ real use of the library. It will be in the POWERON ++ state meanwhile. */ ++ if (in_poweron) ++ if (check_binary_integrity ()) ++ goto leave; ++ ++ if (in_poweron) ++ return 0; + + if (run_cipher_selftests (extended)) + goto leave; +@@ -743,18 +771,12 @@ _gcry_fips_run_selftests (int extended) + if (run_pubkey_selftests (extended)) + goto leave; + +- /* Now check the integrity of the binary. We do this this after +- having checked the HMAC code. */ +- if (check_binary_integrity ()) +- goto leave; +- + /* All selftests passed. */ + result = STATE_OPERATIONAL; + ec = 0; + + leave: +- if (fips_mode ()) +- fips_new_state (result); ++ fips_new_state (result); + + return ec; + } +@@ -810,6 +832,7 @@ fips_new_state (enum module_states new_s + { + case STATE_POWERON: + if (new_state == STATE_INIT ++ || new_state == STATE_SELFTEST + || new_state == STATE_ERROR + || new_state == STATE_FATALERROR) + ok = 1; +@@ -824,6 +847,8 @@ fips_new_state (enum module_states new_s + + case STATE_SELFTEST: + if (new_state == STATE_OPERATIONAL ++ || new_state == STATE_INIT ++ || new_state == STATE_SELFTEST + || new_state == STATE_ERROR + || new_state == STATE_FATALERROR) + ok = 1; +Index: libgcrypt-1.8.4/src/global.c +=================================================================== +--- libgcrypt-1.8.4.orig/src/global.c 2019-03-25 16:58:52.844354398 +0100 ++++ libgcrypt-1.8.4/src/global.c 2019-03-25 16:58:53.516358344 +0100 +@@ -145,6 +145,29 @@ global_init (void) + } + + ++#ifndef FIPS_MODULE_PATH ++#define FIPS_MODULE_PATH "/etc/system-fips" ++#endif ++ ++void __attribute__ ((constructor)) _gcry_global_constructor (void) ++{ ++ int rv; ++ ++ /* We always need the FSM lock to be functional. */ ++ _gcry_initialize_fsm_lock (); ++ ++ rv = access (FIPS_MODULE_PATH, F_OK); ++ if (rv < 0 && errno != ENOENT) ++ rv = 0; ++ ++ if (!rv) ++ { ++ /* We run the integrity check at this point. The remaining ++ selftests are run before use of the library by application. */ ++ _gcry_fips_run_selftests (0); ++ } ++} ++ + /* This function is called by the macro fips_is_operational and makes + sure that the minimal initialization has been done. This is far + from a perfect solution and hides problems with an improper +@@ -675,8 +698,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, + + case GCRYCTL_FIPS_MODE_P: + if (fips_mode () +- && !_gcry_is_fips_mode_inactive () +- && !no_secure_memory) ++ && !_gcry_is_fips_mode_inactive ()) + rc = GPG_ERR_GENERAL; /* Used as TRUE value */ + break; + +@@ -753,9 +775,9 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, + break; + + case GCRYCTL_SET_ENFORCED_FIPS_FLAG: +- if (!any_init_done) ++ if (fips_mode ()) + { +- /* Not yet initialized at all. Set the enforced fips mode flag */ ++ /* We are in FIPS mode, we can set the enforced fips mode flag. */ + _gcry_set_preferred_rng_type (0); + _gcry_set_enforced_fips_mode (); + } +Index: libgcrypt-1.8.4/src/g10lib.h +=================================================================== +--- libgcrypt-1.8.4.orig/src/g10lib.h 2019-03-25 16:58:52.844354398 +0100 ++++ libgcrypt-1.8.4/src/g10lib.h 2019-03-25 16:58:53.516358344 +0100 +@@ -422,6 +422,8 @@ gpg_err_code_t _gcry_sexp_vextract_param + + /*-- fips.c --*/ + ++void _gcry_initialize_fsm_lock (void); ++ + void _gcry_initialize_fips_mode (int force); + + int _gcry_fips_mode (void); diff --git a/libgcrypt-1.8.4-allow_FSM_same_state.patch b/libgcrypt-1.8.4-allow_FSM_same_state.patch new file mode 100644 index 0000000..2ec4129 --- /dev/null +++ b/libgcrypt-1.8.4-allow_FSM_same_state.patch @@ -0,0 +1,15 @@ +Index: libgcrypt-1.8.4/src/fips.c +=================================================================== +--- libgcrypt-1.8.4.orig/src/fips.c ++++ libgcrypt-1.8.4/src/fips.c +@@ -930,6 +930,10 @@ fips_new_state (enum module_states new_s + + } + ++ /* Allow a transition to the current state */ ++ if (current_state == new_state) ++ ok = 1; ++ + if (ok) + { + current_state = new_state; diff --git a/libgcrypt-1.8.4-getrandom.patch b/libgcrypt-1.8.4-getrandom.patch new file mode 100644 index 0000000..4810974 --- /dev/null +++ b/libgcrypt-1.8.4-getrandom.patch @@ -0,0 +1,103 @@ +Index: libgcrypt-1.8.4/random/random-csprng.c +=================================================================== +--- libgcrypt-1.8.4.orig/random/random-csprng.c ++++ libgcrypt-1.8.4/random/random-csprng.c +@@ -55,6 +55,10 @@ + #ifdef __MINGW32__ + #include + #endif ++#if defined(__linux__) && defined(HAVE_SYSCALL) ++# include ++# include ++#endif + #include "g10lib.h" + #include "random.h" + #include "rand-internal.h" +@@ -1116,6 +1120,22 @@ getfnc_gather_random (void))(void (*)(co + enum random_origins, size_t, int); + + #if USE_RNDLINUX ++#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) ++ long ret; ++ char buffer[1]; ++ ++ _gcry_pre_syscall (); ++ ret = syscall (__NR_getrandom, ++ (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK); ++ _gcry_post_syscall (); ++ if (ret != -1 || errno != ENOSYS) ++ { ++ fnc = _gcry_rndlinux_gather_random; ++ return fnc; ++ } ++ else ++ /* The syscall is not supported - fallback to /dev/urandom. */ ++#endif + if ( !access (NAME_OF_DEV_RANDOM, R_OK) + && !access (NAME_OF_DEV_URANDOM, R_OK)) + { +Index: libgcrypt-1.8.4/random/random.c +=================================================================== +--- libgcrypt-1.8.4.orig/random/random.c ++++ libgcrypt-1.8.4/random/random.c +@@ -110,8 +110,8 @@ _gcry_random_read_conf (void) + unsigned int result = 0; + + fp = fopen (fname, "r"); +- if (!fp) +- return result; ++ if (!fp) /* We make only_urandom the default. */ ++ return RANDOM_CONF_ONLY_URANDOM; + + for (;;) + { +Index: libgcrypt-1.8.4/random/rndlinux.c +=================================================================== +--- libgcrypt-1.8.4.orig/random/rndlinux.c ++++ libgcrypt-1.8.4/random/rndlinux.c +@@ -34,6 +34,7 @@ + #include + #if defined(__linux__) && defined(HAVE_SYSCALL) + # include ++# include + #endif + + #include "types.h" +@@ -248,6 +249,18 @@ _gcry_rndlinux_gather_random (void (*add + { + if (fd_urandom == -1) + { ++#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) ++ long ret; ++ ++ _gcry_pre_syscall (); ++ ret = syscall (__NR_getrandom, ++ (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK); ++ _gcry_post_syscall (); ++ if (ret > -1 || errno == EAGAIN || errno == EINTR) ++ fd_urandom = -2; ++ else ++ /* The syscall is not supported - fallback to /dev/urandom. */ ++#endif + fd_urandom = open_device (NAME_OF_DEV_URANDOM, (ever_opened & 2), 1); + ever_opened |= 2; + } +@@ -275,6 +288,7 @@ _gcry_rndlinux_gather_random (void (*add + * syscall and not a new device and thus we are not able to use + * select(2) to have a timeout. */ + #if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) ++ if (fd == -2) + { + long ret; + size_t nbytes; +@@ -290,9 +304,7 @@ _gcry_rndlinux_gather_random (void (*add + _gcry_post_syscall (); + } + while (ret == -1 && errno == EINTR); +- if (ret == -1 && errno == ENOSYS) +- ; /* The syscall is not supported - fallback to pulling from fd. */ +- else ++ if (1) + { /* The syscall is supported. Some sanity checks. */ + if (ret == -1) + log_fatal ("unexpected error from getrandom: %s\n", diff --git a/libgcrypt-1.8.4-use_xfree.patch b/libgcrypt-1.8.4-use_xfree.patch new file mode 100644 index 0000000..b104472 --- /dev/null +++ b/libgcrypt-1.8.4-use_xfree.patch @@ -0,0 +1,39 @@ +Index: libgcrypt-1.8.4/src/hmac256.c +=================================================================== +--- libgcrypt-1.8.4.orig/src/hmac256.c ++++ libgcrypt-1.8.4/src/hmac256.c +@@ -69,6 +69,7 @@ typedef uint32_t u32; + + #ifdef STANDALONE + #define xtrymalloc(a) malloc((a)) ++#define xfree(a) free((a)) + #define gpg_err_set_errno(a) (errno = (a)) + #else + #include "g10lib.h" +@@ -341,7 +342,7 @@ _gcry_hmac256_new (const void *key, size + tmphd = _gcry_hmac256_new (NULL, 0); + if (!tmphd) + { +- free (hd); ++ xfree (hd); + return NULL; + } + _gcry_hmac256_update (tmphd, key, keylen); +@@ -373,7 +374,7 @@ _gcry_hmac256_release (hmac256_context_t + /* Note: We need to take care not to modify errno. */ + if (ctx->use_hmac) + my_wipememory (ctx->opad, 64); +- free (ctx); ++ xfree (ctx); + } + } + +@@ -489,7 +490,7 @@ _gcry_hmac256_file (void *result, size_t + while ( (nread = fread (buffer, 1, buffer_size, fp))) + _gcry_hmac256_update (hd, buffer, nread); + +- free (buffer); ++ xfree (buffer); + + if (ferror (fp)) + { diff --git a/libgcrypt-binary_integrity_in_non-FIPS.patch b/libgcrypt-binary_integrity_in_non-FIPS.patch index 2daaa0a..78fbba2 100644 --- a/libgcrypt-binary_integrity_in_non-FIPS.patch +++ b/libgcrypt-binary_integrity_in_non-FIPS.patch @@ -1,15 +1,82 @@ -Index: libgcrypt-1.8.4/src/fips.c +Index: libgcrypt-1.8.2/src/fips.c =================================================================== ---- libgcrypt-1.8.4.orig/src/fips.c 2018-11-26 17:30:28.040692529 +0100 -+++ libgcrypt-1.8.4/src/fips.c 2018-11-26 17:59:04.130934181 +0100 -@@ -663,7 +663,11 @@ check_binary_integrity (void) +--- libgcrypt-1.8.2.orig/src/fips.c 2019-03-27 13:15:14.190987624 +0100 ++++ libgcrypt-1.8.2/src/fips.c 2019-03-27 13:18:07.047986428 +0100 +@@ -115,6 +115,50 @@ _gcry_initialize_fsm_lock (void) + abort (); + } + } ++ ++/* Checks whether the library will enter the FIPS mode. ++ Uses the same logic as _gcry_initialize_fips_mode */ ++static int ++will_enter_fips (void) ++{ ++ /* for convenience, so that a process can run fips-enabled, but ++ not necessarily all of them, enable FIPS mode via environment ++ variable LIBGCRYPT_FORCE_FIPS_MODE. */ ++ if (getenv("LIBGCRYPT_FORCE_FIPS_MODE") != NULL) ++ return 1; ++ ++ /* For testing the system it is useful to override the system ++ provided detection of the FIPS mode and force FIPS mode using a ++ file. The filename is hardwired so that there won't be any ++ confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is ++ actually used. The file itself may be empty. */ ++ if ( !access (FIPS_FORCE_FILE, F_OK) ) ++ return 1; ++ ++ /* Checking based on /proc file properties. */ ++ { ++ static const char procfname[] = "/proc/sys/crypto/fips_enabled"; ++ FILE *fp; ++ ++ fp = fopen (procfname, "r"); ++ if (fp) ++ { ++ char line[256]; ++ ++ if (fgets (line, sizeof line, fp) && atoi (line)) ++ { ++ /* System is in fips mode. */ ++ fclose (fp); ++ return 1; ++ } ++ fclose (fp); ++ } ++ } ++ ++ return 0; ++} ++ ++ + + /* Check whether the OS is in FIPS mode and record that in a module + local variable. If FORCE is passed as true, fips mode will be +@@ -631,10 +675,10 @@ get_library_path(const char *libname, co + + /* Run an integrity check on the binary. Returns 0 on success. */ + static int +-check_binary_integrity (void) ++check_binary_integrity () + { + #ifdef ENABLE_HMAC_BINARY_CHECK +- gpg_error_t err; ++ gpg_error_t err = 0; + char libpath[4096]; + unsigned char digest[32]; + int dlen; +@@ -675,7 +719,14 @@ check_binary_integrity (void) /* Open the file. */ fp = fopen (fname, "r"); if (!fp) - err = gpg_error_from_syserror (); + { -+ /* Missing checksum is a problem only in FIPS mode */ -+ if (fips_mode() || errno != ENOENT) ++ /* Missing checksum is a problem only in FIPS mode. ++ As the integrity check was moved to the POWERON state, ++ we no longer can rely on fips_mode(). Because at the point, ++ the library is not yet initialized. */ ++ if (will_enter_fips() || errno != ENOENT) + err = gpg_error_from_syserror (); + } else diff --git a/libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch b/libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch new file mode 100644 index 0000000..62bd6b5 --- /dev/null +++ b/libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch @@ -0,0 +1,28 @@ +Index: libgcrypt-1.8.4/src/global.c +=================================================================== +--- libgcrypt-1.8.4.orig/src/global.c 2019-03-25 16:58:45.880313488 +0100 ++++ libgcrypt-1.8.4/src/global.c 2019-03-25 16:58:45.896313582 +0100 +@@ -144,11 +144,6 @@ global_init (void) + BUG (); + } + +- +-#ifndef FIPS_MODULE_PATH +-#define FIPS_MODULE_PATH "/etc/system-fips" +-#endif +- + void __attribute__ ((constructor)) _gcry_global_constructor (void) + { + int rv; +@@ -156,11 +151,6 @@ void __attribute__ ((constructor)) _gcry + /* We always need the FSM lock to be functional. */ + _gcry_initialize_fsm_lock (); + +- rv = access (FIPS_MODULE_PATH, F_OK); +- if (rv < 0 && errno != ENOENT) +- rv = 0; +- +- if (!rv) + { + /* We run the integrity check at this point. The remaining + selftests are run before use of the library by application. */ diff --git a/libgcrypt-fips_rsa_no_enforced_mode.patch b/libgcrypt-fips_rsa_no_enforced_mode.patch new file mode 100644 index 0000000..55f1003 --- /dev/null +++ b/libgcrypt-fips_rsa_no_enforced_mode.patch @@ -0,0 +1,13 @@ +Index: libgcrypt-1.8.2/cipher/rsa.c +=================================================================== +--- libgcrypt-1.8.2.orig/cipher/rsa.c 2017-11-23 19:16:58.000000000 +0100 ++++ libgcrypt-1.8.2/cipher/rsa.c 2019-03-26 11:14:33.737388126 +0100 +@@ -389,7 +389,7 @@ generate_fips (RSA_secret_key *sk, unsig + + if (nbits < 1024 || (nbits & 0x1FF)) + return GPG_ERR_INV_VALUE; +- if (_gcry_enforced_fips_mode() && nbits != 2048 && nbits != 3072) ++ if (fips_mode() && nbits != 2048 && nbits != 3072) + return GPG_ERR_INV_VALUE; + + /* The random quality depends on the transient_key flag. */ diff --git a/libgcrypt-init-at-elf-load-fips.patch b/libgcrypt-init-at-elf-load-fips.patch deleted file mode 100644 index bda8c42..0000000 --- a/libgcrypt-init-at-elf-load-fips.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: libgcrypt-1.6.1/src/global.c -=================================================================== ---- libgcrypt-1.6.1.orig/src/global.c -+++ libgcrypt-1.6.1/src/global.c -@@ -76,7 +76,7 @@ static gpg_err_code_t external_lock_test - likely to be called at startup. The suggested way for an - application to make sure that this has been called is by using - gcry_check_version. */ --static void -+static void __attribute__((constructor)) - global_init (void) - { - gcry_error_t err = 0; diff --git a/libgcrypt.changes b/libgcrypt.changes index 2cd2107..6767de4 100644 --- a/libgcrypt.changes +++ b/libgcrypt.changes @@ -1,3 +1,64 @@ +------------------------------------------------------------------- +Fri Apr 26 06:47:45 UTC 2019 - Jason Sikes + +- do not try to open /dev/urandom if getrandom() works + * Added libgcrypt-1.8.4-getrandom.patch +- Drop libgcrypt-init-at-elf-load-fips.patch obsoleted + by libgcrypt-1.8.3-fips-ctor.patch + +------------------------------------------------------------------- +Tue Apr 23 12:38:40 UTC 2019 - Jason Sikes + +- Restored libgcrypt-binary_integrity_in_non-FIPS.patch sans section that + was partially causing bsc#1131183. +- Fixed race condition in multi-threaded applications by allowing a FSM state + transition to the current state. This means some tests are run twice. + * Added libgcrypt-1.8.4-allow_FSM_same_state.patch +- Fixed an issue in malloc/free wrappers so that memory created by the malloc() + wrappers will be destroyed using the free() wrappers. + * Added libgcrypt-1.8.4-use_xfree.patch + +------------------------------------------------------------------- +Fri Apr 5 21:56:00 UTC 2019 - Jason Sikes + +- removed libgcrypt-binary_integrity_in_non-FIPS.patch since it was breaking + libotr. bsc#1131183 + +------------------------------------------------------------------- +Tue Mar 26 16:30:23 UTC 2019 - Vítězslav Čížek + +- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests + are invoked as well as the state transition, adjust the code so + a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) + * update libgcrypt-binary_integrity_in_non-FIPS.patch + +------------------------------------------------------------------- +Tue Mar 26 16:25:18 UTC 2019 - Vítězslav Čížek + +- Enforce the minimal RSA keygen size in fips mode (bsc#1125740) + * add libgcrypt-fips_rsa_no_enforced_mode.patch + +------------------------------------------------------------------- +Fri Mar 22 14:13:05 UTC 2019 - Vítězslav Čížek + +- Don't run full self-tests from constructor (bsc#1097073) + * Don't call global_init() from the constructor, _gcry_global_constructor() + from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary + integrity check instead. + * Only the binary checksum will be verified, the remaining + self-tests will be run upon the library initialization +- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch +- Drop libgcrypt-init-at-elf-load-fips.patch and + libgcrypt-fips_run_selftest_at_constructor.patch obsoleted + by libgcrypt-1.8.3-fips-ctor.patch + +------------------------------------------------------------------- +Thu Mar 7 10:53:40 UTC 2019 - Pedro Monreal Gonzalez + +- Skip all the self-tests except for binary integrity when called + from the constructor (bsc#1097073) + * Added libgcrypt-1.8.3-fips-ctor.patch from Fedora + ------------------------------------------------------------------- Mon Nov 26 17:09:47 UTC 2018 - Vítězslav Čížek diff --git a/libgcrypt.spec b/libgcrypt.spec index e69ef7d..7306197 100644 --- a/libgcrypt.spec +++ b/libgcrypt.spec @@ -1,7 +1,7 @@ # # spec file for package libgcrypt # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -48,7 +48,6 @@ Patch13: libgcrypt-1.6.1-fips-cavs.patch #PATCH-FIX-SUSE: bnc#724841, fix a random device opening routine Patch14: libgcrypt-1.6.1-fips-cfgrandom.patch Patch28: libgcrypt-fix-rng.patch -Patch29: libgcrypt-init-at-elf-load-fips.patch #PATCH-FIX-SUSE add FIPS CAVS test app for DRBG Patch30: drbg_test.patch #PATCH-FIX-SUSE run FIPS self-test from constructor @@ -57,7 +56,13 @@ Patch32: libgcrypt-fips_run_selftest_at_constructor.patch Patch35: libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch #PATCH-FIX-UPSTREAM bsc#1064455 fipsdrv patch to enable --algo for dsa-verify Patch36: libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch -Patch37: libgcrypt-binary_integrity_in_non-FIPS.patch +Patch39: libgcrypt-1.8.3-fips-ctor.patch +Patch40: libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch +Patch41: libgcrypt-binary_integrity_in_non-FIPS.patch +Patch42: libgcrypt-fips_rsa_no_enforced_mode.patch +Patch43: libgcrypt-1.8.4-use_xfree.patch +Patch44: libgcrypt-1.8.4-allow_FSM_same_state.patch +Patch45: libgcrypt-1.8.4-getrandom.patch BuildRequires: automake >= 1.14 BuildRequires: fipscheck BuildRequires: libgpg-error-devel >= 1.25 @@ -137,20 +142,7 @@ understanding of applied cryptography is required to use Libgcrypt. %prep %setup -q -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch7 -p1 -%patch12 -p1 -%patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch32 -p1 -%patch13 -p1 -%patch14 -p1 -%patch35 -p1 -%patch36 -p1 -%patch37 -p1 +%autopatch -p1 %build echo building with build_hmac256 set to %{build_hmac256}