forked from pool/libgcrypt
9a7cde5372
- FIPS: libgcrypt: Double free in test_keys() on failed signature verification [bsc#1169944] * Use safer gcry_mpi_release() instead of mpi_free() - Update patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569) * add libgcrypt-fips_selftest_trigger_file.patch * refresh libgcrypt-global_init-constructor.patch - Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted by libgcrypt-global_init-constructor.patch - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC: [bsc#1165539] - Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates. - Refreshed patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - FIPS: Switch the PCT to use the new signature operation [bsc#1165539] * Patches for DSA, RSA and ECDSA test_keys functions: - libgcrypt-PCT-DSA.patch - libgcrypt-PCT-RSA.patch - libgcrypt-PCT-ECC.patch - Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch OBS-URL: https://build.opensuse.org/request/show/805624 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134
14 lines
575 B
Diff
14 lines
575 B
Diff
Index: libgcrypt-1.8.2/tests/benchmark.c
|
|
===================================================================
|
|
--- libgcrypt-1.8.2.orig/tests/benchmark.c
|
|
+++ libgcrypt-1.8.2/tests/benchmark.c
|
|
@@ -598,7 +598,7 @@ mac_bench ( const char *algoname )
|
|
if (!algoname)
|
|
{
|
|
for (i=1; i < 600; i++)
|
|
- if (in_fips_mode && i == GCRY_MAC_HMAC_MD5)
|
|
+ if (in_fips_mode && (i == GCRY_MAC_HMAC_MD5 || i == GCRY_MAC_GMAC_AES))
|
|
; /* Don't use MD5 in fips mode. */
|
|
else if ( !gcry_mac_test_algo (i) )
|
|
mac_bench (gcry_mac_algo_name (i));
|