forked from pool/libgcrypt
9a7cde5372
- FIPS: libgcrypt: Double free in test_keys() on failed signature verification [bsc#1169944] * Use safer gcry_mpi_release() instead of mpi_free() - Update patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569) * add libgcrypt-fips_selftest_trigger_file.patch * refresh libgcrypt-global_init-constructor.patch - Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted by libgcrypt-global_init-constructor.patch - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC: [bsc#1165539] - Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates. - Refreshed patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch - FIPS: Switch the PCT to use the new signature operation [bsc#1165539] * Patches for DSA, RSA and ECDSA test_keys functions: - libgcrypt-PCT-DSA.patch - libgcrypt-PCT-RSA.patch - libgcrypt-PCT-ECC.patch - Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch OBS-URL: https://build.opensuse.org/request/show/805624 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134
16 lines
634 B
Diff
16 lines
634 B
Diff
Index: libgcrypt-1.8.2/random/random-drbg.c
|
|
===================================================================
|
|
--- libgcrypt-1.8.2.orig/random/random-drbg.c
|
|
+++ libgcrypt-1.8.2/random/random-drbg.c
|
|
@@ -2428,6 +2428,10 @@ drbg_healthcheck_sanity (struct gcry_drb
|
|
|
|
/* if the following tests fail, it is likely that there is a buffer
|
|
* overflow and we get a SIGSEV */
|
|
+ test_data.testentropy = &testentropy;
|
|
+ test_data.fail_seed_source = 0;
|
|
+ drbg_string_fill (&testentropy, test->entropy, test->entropylen);
|
|
+ drbg->test_data = &test_data;
|
|
ret = drbg_instantiate (drbg, NULL, coreref, 1);
|
|
if (ret)
|
|
goto outbuf;
|