forked from pool/libgcrypt
Pedro Monreal Gonzalez
c1414c55a9
- Update to 1.11.0: * New and extended interfaces: - Add an API for Key Encapsulation Mechanism (KEM). [T6755] - Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5] - Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268] - Add Classic McEliece algorithm. [rC003367b912] - Add One-Step KDF with hash and MAC. [T5964] - Add KDF algorithm HKDF of RFC-5869. [T5964] - Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3] - Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4] - Add ARIA block cipher algorithm. [rC316c6d7715] - Add explicit FIPS indicators for MD and MAC algorithms. [T6376] - Add support for SHAKE as MGF in RSA. [T6557] - Add gcry_md_read support for SHAKE algorithms. [T6539] - Add gcry_md_hash_buffers_ext function. [T7035] - Add cSHAKE hash algorithm. [rC065b3f4e02] - Support internal generation of IV for AEAD cipher mode. [T4873] * Performance: - Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3] - Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1] - Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16] - Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006] - Add PowerPC vector implementation of SM4. [rC0b2da804ee] - Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006] - Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5] - Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4 and Camellia. [rCcf956793af] - Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f] - Add AVX2 and AVX512 accelerated implementations for GHASH (GCM) and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193] OBS-URL: https://build.opensuse.org/request/show/1183811 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=180
42 lines
1.3 KiB
Diff
42 lines
1.3 KiB
Diff
Index: libgcrypt-1.10.3/random/rndgetentropy.c
|
|
===================================================================
|
|
--- libgcrypt-1.10.3.orig/random/rndgetentropy.c
|
|
+++ libgcrypt-1.10.3/random/rndgetentropy.c
|
|
@@ -53,16 +53,30 @@ _gcry_rndgetentropy_gather_random (void
|
|
|
|
/* When using a blocking random generator try to get some entropy
|
|
* from the jitter based RNG. In this case we take up to 50% of the
|
|
- * remaining requested bytes. */
|
|
+ * remaining requested bytes. In FIPS mode, we get all the entropy
|
|
+ * from the jitter RNG. */
|
|
if (level >= GCRY_VERY_STRONG_RANDOM)
|
|
{
|
|
size_t n;
|
|
|
|
- n = _gcry_rndjent_poll (add, origin, length/2);
|
|
- if (n > length/2)
|
|
- n = length/2;
|
|
- if (length > 1)
|
|
- length -= n;
|
|
+ /* In FIPS mode, use the whole length of the entropy buffer from
|
|
+ * Jitter RNG */
|
|
+ if (fips_mode ())
|
|
+ {
|
|
+ n = _gcry_rndjent_poll (add, origin, length);
|
|
+ if (n != length)
|
|
+ fips_signal_error ("jitter entropy failed");
|
|
+ else
|
|
+ length = 0;
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ n = _gcry_rndjent_poll (add, origin, length/2);
|
|
+ if (n > length/2)
|
|
+ n = length/2;
|
|
+ if (length > 1)
|
|
+ length -= n;
|
|
+ }
|
|
}
|
|
|
|
/* Enter the loop. */
|