SHA256
1
0
forked from pool/libgcrypt
Commit Graph

95 Commits

Author SHA256 Message Date
a15018a4a1 Accepting request 843758 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.7

OBS-URL: https://build.opensuse.org/request/show/843758
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=140
2020-10-24 20:30:16 +00:00
211bd2f53b Accepting request 819163 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.8.6
  * mpi: Consider +0 and -0 the same in mpi_cmp
  * mpi: Fix flags in mpi_copy for opaque MPI
  * mpi: Fix the return value of mpi_invm_generic
  * mpi: DSA,ECDSA: Fix use of mpi_invm
    - Call mpi_invm before _gcry_dsa_modify_k
    - Call mpi_invm before _gcry_ecc_ecdsa_sign
  * mpi: Constant time mpi_inv with some conditions
    - mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond)
    - New: mpih_abs_cond, mpi_invm_odd
    - Rename from _gcry_mpi_invm: mpi_invm_generic
    - Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm
  * mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr
  * Fix wrong code execution in Poly1305 ARM/NEON implementation
    - Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext)
  * Set vZZ.16b register to zero before use in armv8 gcm implementation
  * random: Fix include of config.h
  * Fix declaration of internal function _gcry_mpi_get_ui: Don't use ulong
  * ecc: Fix wrong handling of shorten PK bytes
    - Zeros are already recovered: (_gcry_ecc_mont_decodepoint)
- Update libgcrypt-ecc-ecdsa-no-blinding.patch

OBS-URL: https://build.opensuse.org/request/show/819163
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=138
2020-07-07 09:36:56 +00:00
Vítězslav Čížek
b626ac7062 Accepting request 807298 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872]
  * Print the debug messages in test_keys() only in debug mode.
- Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch
  libgcrypt-PCT-ECC.patch

OBS-URL: https://build.opensuse.org/request/show/807298
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=135
2020-05-19 12:29:20 +00:00
Vítězslav Čížek
9a7cde5372 Accepting request 805624 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- FIPS: libgcrypt: Double free in test_keys() on failed signature
  verification [bsc#1169944]
  * Use safer gcry_mpi_release() instead of mpi_free()
- Update patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- Ship the FIPS checksum file in the shared library package and
  create a separate trigger file for the FIPS selftests (bsc#1169569)
  * add libgcrypt-fips_selftest_trigger_file.patch
  * refresh libgcrypt-global_init-constructor.patch
- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted
  by libgcrypt-global_init-constructor.patch

- FIPS: Verify that the generated signature and the original input
  differ in test_keys function for RSA, DSA and ECC: [bsc#1165539]
- Add zero-padding when qx and qy have different lengths when
  assembling the Q point from affine coordinates.
- Refreshed patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- FIPS: Switch the PCT to use the new signature operation [bsc#1165539]
  * Patches for DSA, RSA and ECDSA test_keys functions:
    - libgcrypt-PCT-DSA.patch
    - libgcrypt-PCT-RSA.patch
    - libgcrypt-PCT-ECC.patch
- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch

OBS-URL: https://build.opensuse.org/request/show/805624
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134
2020-05-14 15:39:34 +00:00
Tomáš Chvátal
e37716ed54 Accepting request 766877 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219]
- FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215]
- FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220]
  * Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch

- FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337]
  * Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch

- Fix tests in FIPS mode:
  * Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem
  * Add patch libgcrypt-fix-tests-fipsmode.patch

- Fix test dsa-rfc6979 in FIPS mode:
  * Disable tests in elliptic curves with 192 bits which are not
    recommended in FIPS mode
  * Add patch libgcrypt-dsa-rfc6979-test-fix.patch

- CMAC AES and TDES FIPS self-tests:
  * CMAC AES self test missing [bsc#1155339]
  * CMAC TDES self test missing [bsc#1155338]
- Add libgcrypt-CMAC-AES-TDES-selftest.patch

OBS-URL: https://build.opensuse.org/request/show/766877
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=132
2020-01-24 12:13:28 +00:00
74a1d44e1d Accepting request 727257 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.5 CVE-2019-13627 boo#1148987

OBS-URL: https://build.opensuse.org/request/show/727257
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=130
2019-08-30 20:13:27 +00:00
d57c784f09 Accepting request 712076 from home:jsikes:branches:devel:libraries:c_c++
This fixes bsc#1133808. Hope it doesn't break anything else. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/712076
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=128
2019-06-27 15:31:10 +00:00
02d04cf4ae Accepting request 711377 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Fixed env-script-interpreter in cavs_driver.pl

- Security fix: [bsc#1138939, CVE-2019-12904]
  * The C implementation of AES is vulnerable to a flush-and-reload
    side-channel attack because physical addresses are available to
    other processes. (The C implementation is used on platforms where
    an assembly-language implementation is unavailable.)
  * Added patches:
    - libgcrypt-CVE-2019-12904-GCM-Prefetch.patch
    - libgcrypt-CVE-2019-12904-GCM.patch
    - libgcrypt-CVE-2019-12904-AES.patch

OBS-URL: https://build.opensuse.org/request/show/711377
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=127
2019-06-25 12:49:02 +00:00
Tomáš Chvátal
61eeda1b5c Accepting request 698242 from home:jsikes:branches:devel:libraries:c_c++
Hopefully this fixes bsc#1131369. Hopefully.

OBS-URL: https://build.opensuse.org/request/show/698242
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=125
2019-04-27 08:19:28 +00:00
Tomáš Chvátal
44e7a5642f Accepting request 697283 from home:jsikes:branches:devel:libraries:c_c++
Fixed a few bugs. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/697283
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=124
2019-04-24 08:43:31 +00:00
Tomáš Chvátal
9521655df0 Accepting request 692407 from home:jsikes:branches:devel:libraries:c_c++
Fixed a little oops. Enjoy.

OBS-URL: https://build.opensuse.org/request/show/692407
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=123
2019-04-09 06:12:53 +00:00
9563eb9685 Accepting request 689095 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests
  are invoked as well as the state transition, adjust the code so
  a missing checksum file is not an issue in non-FIPS mode (bsc#1097073)
  * update libgcrypt-binary_integrity_in_non-FIPS.patch

- Enforce the minimal RSA keygen size in fips mode (bsc#1125740)
  * add libgcrypt-fips_rsa_no_enforced_mode.patch

OBS-URL: https://build.opensuse.org/request/show/689095
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=122
2019-03-27 14:36:50 +00:00
Tomáš Chvátal
655523d262 Accepting request 688356 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- Don't run full self-tests from constructor (bsc#1097073)
  * Don't call global_init() from the constructor, _gcry_global_constructor()
    from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary
    integrity check instead.
  * Only the binary checksum will be verified, the remaining
    self-tests will be run upon the library initialization
- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch
- Drop libgcrypt-init-at-elf-load-fips.patch and
  libgcrypt-fips_run_selftest_at_constructor.patch obsoleted
  by libgcrypt-1.8.3-fips-ctor.patch

- Skip all the self-tests except for binary integrity when called
  from the constructor (bsc#1097073)
  * Added libgcrypt-1.8.3-fips-ctor.patch from Fedora

OBS-URL: https://build.opensuse.org/request/show/688356
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=121
2019-03-25 18:52:00 +00:00
Tomáš Chvátal
b13fa86e81 Accepting request 652048 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- Fail selftests when checksum file is missing in FIPS mode only
  (bsc#1117355)
  * add libgcrypt-binary_integrity_in_non-FIPS.patch

OBS-URL: https://build.opensuse.org/request/show/652048
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=119
2018-11-26 17:27:31 +00:00
Ismail Dönmez
5a5bf04851 Accepting request 645112 from security:privacy
libgcrypt 1.8.4

OBS-URL: https://build.opensuse.org/request/show/645112
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=117
2018-10-28 21:21:59 +00:00
Tomáš Chvátal
fb3d3cb514 Accepting request 620215 from home:Andreas_Schwab:Factory
- libgcrypt-1.6.3-aliasing.patch, libgcrypt-ppc64.patch,
  libgcrypt-strict-aliasing.patch: Remove obsolete patches
- libgcrypt-1.4.1-rijndael_no_strict_aliasing.patch: Rediff
- Reenable testsuite

OBS-URL: https://build.opensuse.org/request/show/620215
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=115
2018-07-02 10:45:19 +00:00
Vítězslav Čížek
f9c1c6b499 Accepting request 616502 from home:kbabioch:branches:devel:libraries:c_c++
- Update to version 1.8.3:
  - Use blinding for ECDSA signing to mitigate a novel side-channel
    attack. (CVE-2018-0495 bsc#1097410)
  - Fix incorrect counter overflow handling for GCM when using an IV
    size other than 96 bit.
  - Fix incorrect output of AES-keywrap mode for in-place encryption
    on some platforms.
  - Fix the gcry_mpi_ec_curve_point point validation function.
  - Fix rare assertion failure in gcry_prime_check. 
- Applied spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/616502
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=113
2018-06-13 11:32:30 +00:00
Tomáš Chvátal
3e049117f8 Accepting request 603156 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they
  are installed in the right order. [bsc#1090766]

OBS-URL: https://build.opensuse.org/request/show/603156
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=110
2018-05-02 15:02:36 +00:00
Tomáš Chvátal
7da0c092f1 Accepting request 592205 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Extended the fipsdrv dsa-sign and dsa-verify commands with the
  --algo parameter for the FIPS testing of DSA SigVer and SigGen
  (bsc#1064455).
  * Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch
  * Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch

OBS-URL: https://build.opensuse.org/request/show/592205
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=108
2018-03-29 09:57:58 +00:00
Tomáš Chvátal
4de74bf3f1 Accepting request 580096 from home:favogt:licensetag
Use %license (boo#1082318). Please forward to SLE, if possible

OBS-URL: https://build.opensuse.org/request/show/580096
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=106
2018-02-26 09:33:50 +00:00
Tomáš Chvátal
e505d65dd8 Accepting request 556783 from security:privacy
libgcrypt 1.8.2

OBS-URL: https://build.opensuse.org/request/show/556783
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=104
2017-12-13 20:15:54 +00:00
Tomáš Chvátal
8ea7d3a2d4 Accepting request 519788 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.1 libgcrypt 1.8.1 CVE-2017-0379 bsc#1055837

OBS-URL: https://build.opensuse.org/request/show/519788
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=102
2017-08-31 08:01:22 +00:00
Tomáš Chvátal
8af5760958 Accepting request 512392 from home:jengelh:branches:devel:libraries:c_c++
- RPM group fixes.
remove with-pic, that's for static only

OBS-URL: https://build.opensuse.org/request/show/512392
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=100
2017-07-25 06:30:55 +00:00
Tomáš Chvátal
2658824b7f - Refresh patch libgcrypt-1.6.3-aliasing.patch
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=99
2017-07-24 08:34:50 +00:00
Tomáš Chvátal
17c1484584 Accepting request 512084 from security:privacy
libgcrypt 1.8.0

OBS-URL: https://build.opensuse.org/request/show/512084
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=97
2017-07-24 08:15:56 +00:00
Vítězslav Čížek
27c67e3671 Accepting request 507220 from security:privacy
libgcrypt 1.7.8 CVE-2017-7526 bsc#1046607

OBS-URL: https://build.opensuse.org/request/show/507220
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=95
2017-06-30 06:36:55 +00:00
Tomáš Chvátal
c785cdbe16 Accepting request 501007 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.7.7

OBS-URL: https://build.opensuse.org/request/show/501007
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=93
2017-06-05 07:34:40 +00:00
Tomáš Chvátal
ef71f17567 Accepting request 500599 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326]
  * Store the session key in secure memory to ensure that constant
    time point operations are used in the MPI library.

OBS-URL: https://build.opensuse.org/request/show/500599
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=92
2017-06-03 18:51:04 +00:00
Tomáš Chvátal
fc34d37147 Accepting request 451572 from home:rmaliska:branches:devel:libraries:c_c++
- libgcrypt 1.7.6:
  * Fix counter operand from read-only to read/write 
  * Fix too large jump alignment in mpih-rshift

OBS-URL: https://build.opensuse.org/request/show/451572
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=90
2017-01-20 09:50:05 +00:00
Tomáš Chvátal
611eb05395 Accepting request 446365 from security:privacy
libgcrypt 1.7.5

OBS-URL: https://build.opensuse.org/request/show/446365
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=89
2016-12-15 11:55:13 +00:00
P. Janouch
b75d794f38 Accepting request 420659 from security:privacy
libgcrypt 1.7.3

OBS-URL: https://build.opensuse.org/request/show/420659
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=87
2016-08-22 09:21:16 +00:00
Ismail Dönmez
3cd014e39c Accepting request 419802 from security:privacy
libgcrypt 1.6.6 CVE-2016-6313 (bsc#994157)

OBS-URL: https://build.opensuse.org/request/show/419802
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=85
2016-08-18 07:41:25 +00:00
P. Janouch
b7923a28bd - remove conditionals for unsupported distributions (before 13.2),
it would not build anyway because of new dependencies

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=82
2016-05-16 14:41:28 +00:00
P. Janouch
5f4c72ab48 - make the -hmac package depend on the same version of the library,
fixing bsc#979629 FIPS: system fails to reboot after installing
  fips pattern

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=81
2016-05-16 14:30:25 +00:00
Michal Vyskocil
1e84b1513d Accepting request 358619 from security:privacy
update to 1.6.5: CVE-2015-7511: Mitigate side-channel attack on ECDH with Weierstrass curves (boo#965902)

OBS-URL: https://build.opensuse.org/request/show/358619
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=79
2016-02-09 21:32:46 +00:00
Ismail Dönmez
ab89552259 Accepting request 337609 from security:privacy
- follow-up to libgcrypt 1.6.4 update: sosuffix is 20.0.4

OBS-URL: https://build.opensuse.org/request/show/337609
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=77
2015-10-10 17:29:21 +00:00
Ismail Dönmez
cce4763633 Accepting request 329637 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- update to 1.6.4
- fixes libgcrypt equivalent of CVE-2015-5738 (bsc#944456)
 * Speed up the random number generator by requiring less extra
   seeding.
 * New flag "no-keytest" for ECC key generation.  Due to a bug in the
   parser that flag will also be accepted but ignored by older version
   of Libgcrypt.
 * Always verify a created RSA signature to avoid private key leaks
   due to hardware failures.
 * Other minor bug fixes.

OBS-URL: https://build.opensuse.org/request/show/329637
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=75
2015-09-08 17:55:16 +00:00
Ismail Dönmez
c32332f370 Accepting request 313303 from home:k0da:branches:devel:libraries:c_c++
- Fix gpg2 tests on BigEndian architectures: s390x ppc64 
  libgcrypt-1.6.3-aliasing.patch

OBS-URL: https://build.opensuse.org/request/show/313303
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=73
2015-06-24 07:39:00 +00:00
Ismail Dönmez
d508407bd5 Accepting request 288391 from security:privacy
- fix sosuffix for 1.6.3 (20.0.3)

OBS-URL: https://build.opensuse.org/request/show/288391
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=71
2015-03-02 09:31:21 +00:00
Ismail Dönmez
1025b98553 Accepting request 288249 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.6.3 [bnc#920057]

OBS-URL: https://build.opensuse.org/request/show/288249
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=70
2015-03-01 07:57:34 +00:00
Stephan Kulow
f5c7e834a5 Accepting request 284554 from home:dimstar:Factory
- Move %install_info_delete calls from postun to preun: the files
  must still be present to be parsed.
- Fix the names passed to install_info for gcrypt.info-[12].gz
  instead of gcrypt-[12].info.gz.

  via xtrymalloc macro

OBS-URL: https://build.opensuse.org/request/show/284554
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=68
2015-02-06 18:56:29 +00:00
Stephan Kulow
f3deb426aa Accepting request 284553 from home:coolo:branches:openSUSE:Factory
- making the build reproducible - see 
  http://lists.gnupg.org/pipermail/gnupg-commits/2014-September/010683.html
  for a very similiar problem

- fix filename for info pages in %post scripts

OBS-URL: https://build.opensuse.org/request/show/284553
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=67
2015-02-06 18:56:02 +00:00
Ismail Dönmez
7377b22af6 Accepting request 259951 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.6.2

OBS-URL: https://build.opensuse.org/request/show/259951
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=65
2014-11-05 20:53:18 +00:00
Ismail Dönmez
c1ef8148bf Accepting request 250747 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- disabled curve P-192 in FIPS mode (bnc#896202)
  * added libgcrypt-fips_ecdsa.patch
- don't use SHA-1 for ECDSA in FIPS mode
- also run the fips self tests only in FIPS mode

- run the fips self tests at the constructor code
  * added libgcrypt-fips_run_selftest_at_constructor.patch

- rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216)
  * added libgcrypt-fips-dsa.patch
  * install fips186_dsa
- use 2048 bit keys in selftests_dsa

OBS-URL: https://build.opensuse.org/request/show/250747
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=63
2014-09-22 20:11:21 +00:00
Ismail Dönmez
1521b4e1a9 Accepting request 247239 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- fix an issue in DRBG patchset
  * size_t type is 32-bit on 32-bit systems
- fix a potential NULL pointer deference in DRBG patchset
  * patches from https://bugs.g10code.com/gnupg/issue1701
- added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- added v9-0007-User-interface-to-DRBG.patch
- removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- removed v7-0007-User-interface-to-DRBG.patch
- add a subpackage for CAVS testing
  * add cavs_driver.pl and cavs-test.sh from the kernel cavs package
  * added drbg_test.patch

OBS-URL: https://build.opensuse.org/request/show/247239
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=61
2014-09-02 17:36:56 +00:00
2cd1fab710 Accepting request 244328 from home:msmeissn:branches:devel:libraries:c_c++
- split off the -hmac package that contains the checksums

OBS-URL: https://build.opensuse.org/request/show/244328
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=59
2014-08-13 13:20:08 +00:00
Ismail Dönmez
31afb2af23 Accepting request 235418 from home:msmeissn:branches:devel:libraries:c_c++
- libgcrypt-fix-rng.patch: make drbg work again in FIPS mode.
- libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20
  and not libgcrypt.so.11
- libgcrypt-init-at-elf-load-fips.patch: initialize globally on ELF 
  DSO loading to meet FIPS requirements.

OBS-URL: https://build.opensuse.org/request/show/235418
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=57
2014-05-27 18:06:59 +00:00
Ismail Dönmez
df3dfc3e0f Accepting request 233696 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- add new 0007-User-interface-to-DRBG.patch from upstream
  * fixes bnc#877233
  * supersedes the patch from previous entry

OBS-URL: https://build.opensuse.org/request/show/233696
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=55
2014-05-14 20:01:57 +00:00
Stephan Kulow
9b151fdc3f Accepting request 233464 from home:tittiatcoke:branches:devel:libraries:c_c++
As reported via email, libgcrypt has an inconsistency in the 0007-*patch that was added last.  

This correction fixes the build failures we are currently seeing in Factory, etc. At least when build against libgcrypt with this patch, the error no longer occurs. However I can not see if this change has any other effect at the moment.

OBS-URL: https://build.opensuse.org/request/show/233464
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=53
2014-05-11 13:59:51 +00:00
0ee4a0f87b Accepting request 232937 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- add support for SP800-90A DRBG (fate#316929, bnc#856312)
  * patches by Stephan Mueller (http://www.chronox.de/drbg.html):
    0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2
    0002-Compile-DRBG.patch
    0003-Function-definitions-of-interfaces-for-random.c.patch
    0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch
    0005-Function-definitions-for-gcry_control-callbacks.patch
    0006-DRBG-specific-gcry_control-requests.patch
    0007-User-interface-to-DRBG.patch
  * only after 13.1 (the patches need libgpg-error 1.13)
- drop libgcrypt-fips-allow-legacy.patch (not needed and wasn't
  applied anyway)

OBS-URL: https://build.opensuse.org/request/show/232937
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=51
2014-05-07 15:00:08 +00:00