3
0
forked from pool/libgcrypt
libgcrypt/libgcrypt-FIPS-rndjent_poll.patch
Pedro Monreal Gonzalez 725ec59b57 Accepting request 1038172 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.10.1:
  * Bug fixes:
    - Fix minor memory leaks in FIPS mode.
    - Build fixes for MUSL libc.
  * Other:
    - More portable integrity check in FIPS mode.
    - Add X9.62 OIDs to sha256 and sha512 modules.
  * Add the hardware optimizations config file hwf.deny to
    the /etc/gcrypt/ directory. This file can be used to globally
    disable the use of hardware based optimizations.
  * Remove not needed separate_hmac256_binary hmac256 package

- Update to 1.10.0:
  * New and extended interfaces:
    - New control codes to check for FIPS 140-3 approved algorithms.
    - New control code to switch into non-FIPS mode.
    - New cipher modes SIV and GCM-SIV as specified by RFC-5297.
    - Extended cipher mode AESWRAP with padding as specified by
      RFC-5649.
    - New set of KDF functions.
    - New KDF modes Argon2 and Balloon.
    - New functions for combining hashing and signing/verification.
  * Performance:
    - Improved support for PowerPC architectures.
    - Improved ECC performance on zSeries/s390x by using accelerated
      scalar multiplication.
    - Many more assembler performance improvements for several
      architectures.
  * Bug fixes:
    - Fix Elgamal encryption for other implementations.

OBS-URL: https://build.opensuse.org/request/show/1038172
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=160
2022-11-25 14:23:58 +00:00

115 lines
3.9 KiB
Diff

Index: libgcrypt-1.10.0/random/rndoldlinux.c
===================================================================
--- libgcrypt-1.10.0.orig/random/rndoldlinux.c
+++ libgcrypt-1.10.0/random/rndoldlinux.c
@@ -132,7 +132,7 @@ _gcry_rndoldlinux_gather_random (void (*
volatile pid_t apid;
int fd;
int n;
- byte buffer[768];
+ byte buffer[256];
size_t n_hw;
size_t want = length;
size_t last_so_far = 0;
@@ -187,26 +187,43 @@ _gcry_rndoldlinux_gather_random (void (*
my_pid = apid;
}
+ if (fips_mode())
+ {
+ if (level >= GCRY_VERY_STRONG_RANDOM)
+ {
+ size_t n;
- /* First read from a hardware source. Note that _gcry_rndhw_poll_slow lets
- it account only for up to 50% (or 25% for RDRAND) of the requested
- bytes. */
- n_hw = _gcry_rndhw_poll_slow (add, origin, length);
- if (length > 1)
- length -= n_hw;
-
- /* When using a blocking random generator try to get some entropy
- * from the jitter based RNG. In this case we take up to 50% of the
- * remaining requested bytes. */
- if (level >= GCRY_VERY_STRONG_RANDOM)
- {
- n_hw = _gcry_rndjent_poll (add, origin, length/2);
- if (n_hw > length/2)
- n_hw = length/2;
+ n = _gcry_rndjent_poll (add, origin, length);
+ if (n == 0)
+ log_fatal ("unexpected error from rndjent: %s\n",
+ strerror (errno));
+ if (n > length)
+ n = length;
+ if (length > 1)
+ length -= n;
+ }
+ }
+ else
+ {
+ /* First read from a hardware source. Note that _gcry_rndhw_poll_slow lets
+ it account only for up to 50% (or 25% for RDRAND) of the requested
+ bytes. */
+ n_hw = _gcry_rndhw_poll_slow (add, origin, length);
if (length > 1)
length -= n_hw;
- }
+ /* When using a blocking random generator try to get some entropy
+ * from the jitter based RNG. In this case we take up to 50% of the
+ * remaining requested bytes. */
+ if (level >= GCRY_VERY_STRONG_RANDOM)
+ {
+ n_hw = _gcry_rndjent_poll (add, origin, length/2);
+ if (n_hw > length/2)
+ n_hw = length/2;
+ if (length > 1)
+ length -= n_hw;
+ }
+ }
/* Open the requested device. The first time a device is to be
opened we fail with a fatal error if the device does not exists.
@@ -262,8 +279,6 @@ _gcry_rndoldlinux_gather_random (void (*
do
{
nbytes = length < sizeof(buffer)? length : sizeof(buffer);
- if (nbytes > 256)
- nbytes = 256;
_gcry_pre_syscall ();
ret = getentropy (buffer, nbytes);
_gcry_post_syscall ();
Index: libgcrypt-1.10.0/random/rndjent.c
===================================================================
--- libgcrypt-1.10.0.orig/random/rndjent.c
+++ libgcrypt-1.10.0/random/rndjent.c
@@ -279,13 +279,24 @@ _gcry_rndjent_poll (void (*add)(const vo
if (!jent_rng_is_initialized)
{
/* Auto-initialize. */
- jent_rng_is_initialized = 1;
jent_entropy_collector_free (jent_rng_collector);
jent_rng_collector = NULL;
if ( !(_gcry_random_read_conf () & RANDOM_CONF_DISABLE_JENT))
{
- if (!jent_entropy_init ())
- jent_rng_collector = jent_entropy_collector_alloc (1, 0);
+ if (!jent_entropy_init_ex (1, 0))
+ {
+ jent_rng_collector = jent_entropy_collector_alloc (1, 0);
+ jent_rng_is_initialized = 1;
+ }
+ }
+ }
+
+ if (!jent_rng_collector)
+ {
+ if (!jent_entropy_init_ex (1, 0))
+ {
+ jent_rng_collector = jent_entropy_collector_alloc (1, 0);
+ jent_rng_is_initialized = 1;
}
}