3
0
forked from pool/libgcrypt
libgcrypt/libgcrypt-fix-tests-fipsmode.patch
Pedro Monreal Gonzalez dea0435690 Accepting request 868925 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.9.1
   * *Fix exploitable bug* in hash functions introduced with
     1.9.0. [bsc#1181632, CVE-2021-3345]
   * Return an error if a negative MPI is used with sexp scan
     functions.
   * Check for operational FIPS in the random and KDF functions.
   * Fix compile error on ARMv7 with NEON disabled.
   * Fix self-test in KDF module.
   * Improve assembler checks for better LTO support.
   * Fix 32-bit cross build on x86.
   * Fix non-NEON ARM assembly implementation for SHA512.
   * Fix build problems with the cipher_bulk_ops_t typedef.
   * Fix Ed25519 private key handling for preceding ZEROs.
   * Fix overflow in modular inverse implementation.
   * Fix register access for AVX/AVX2 implementations of Blake2.
   * Add optimized cipher and hash functions for s390x/zSeries.
   * Use hardware bit counting functionx when available.
   * Update DSA functions to match FIPS 186-3.
   * New self-tests for CMACs and KDFs.
   * Add bulk cipher functions for OFB and GCM modes.
- Update libgpg-error required version

- Use the suffix variable correctly in get_hmac_path()
- Rebase libgcrypt-fips_selftest_trigger_file.patch

- Add the global config file /etc/gcrypt/random.conf
  * This file can be used to globally change parameters of the random
    generator with the options: only-urandom and disable-jent.

- Update to 1.9.0:

OBS-URL: https://build.opensuse.org/request/show/868925
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=142
2021-02-03 12:44:42 +00:00

178 lines
7.7 KiB
Diff

Index: libgcrypt-1.9.1/tests/basic.c
===================================================================
--- libgcrypt-1.9.1.orig/tests/basic.c
+++ libgcrypt-1.9.1/tests/basic.c
@@ -9978,7 +9978,7 @@ check_ciphers (void)
check_one_cipher (algos[i], GCRY_CIPHER_MODE_EAX, 0);
if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_CCM_BLOCK_LEN)
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CCM, 0);
- if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_GCM_BLOCK_LEN)
+ if (!in_fips_mode && gcry_cipher_get_algo_blklen (algos[i]) == GCRY_GCM_BLOCK_LEN)
check_one_cipher (algos[i], GCRY_CIPHER_MODE_GCM, 0);
if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_OCB_BLOCK_LEN)
check_one_cipher (algos[i], GCRY_CIPHER_MODE_OCB, 0);
@@ -10025,12 +10025,18 @@ check_cipher_modes(void)
check_cfb_cipher ();
check_ofb_cipher ();
check_ccm_cipher ();
- check_gcm_cipher ();
- check_poly1305_cipher ();
- check_ocb_cipher ();
+ if (!in_fips_mode)
+ {
+ check_gcm_cipher ();
+ check_poly1305_cipher ();
+ check_ocb_cipher ();
+ }
check_xts_cipher ();
check_eax_cipher ();
- check_gost28147_cipher ();
+ if (!in_fips_mode)
+ {
+ check_gost28147_cipher ();
+ }
check_stream_cipher ();
check_stream_cipher_large_block ();
@@ -13383,7 +13389,7 @@ check_mac (void)
show_mac_not_available (algos[i].algo);
continue;
}
- if (gcry_mac_test_algo (algos[i].algo) && in_fips_mode)
+ if ((algos[i].algo == GCRY_MAC_GMAC_AES || gcry_mac_test_algo (algos[i].algo)) && in_fips_mode)
{
if (verbose)
fprintf (stderr, " algorithm %d not available in fips mode\n",
@@ -14508,8 +14514,6 @@ main (int argc, char **argv)
/* If we are in fips mode do some more tests. */
gcry_md_hd_t md;
- /* First trigger a self-test. */
- xgcry_control ((GCRYCTL_FORCE_FIPS_MODE, 0));
if (!gcry_control (GCRYCTL_OPERATIONAL_P, 0))
fail ("not in operational state after self-test\n");
@@ -14534,15 +14538,6 @@ main (int argc, char **argv)
gcry_md_close (md);
if (gcry_control (GCRYCTL_OPERATIONAL_P, 0))
fail ("expected error state but still in operational state\n");
- else
- {
- /* Now run a self-test and to get back into
- operational state. */
- xgcry_control ((GCRYCTL_FORCE_FIPS_MODE, 0));
- if (!gcry_control (GCRYCTL_OPERATIONAL_P, 0))
- fail ("did not reach operational after error "
- "and self-test\n");
- }
}
}
Index: libgcrypt-1.9.1/tests/benchmark.c
===================================================================
--- libgcrypt-1.9.1.orig/tests/benchmark.c
+++ libgcrypt-1.9.1/tests/benchmark.c
@@ -943,8 +943,10 @@ cipher_bench ( const char *algoname )
&& algo != GCRY_CIPHER_CHACHA20)
continue;
- if (modes[modeidx].req_blocksize > 0
- && blklen != modes[modeidx].req_blocksize)
+ if ((modes[modeidx].req_blocksize > 0
+ && blklen != modes[modeidx].req_blocksize)
+ || (in_fips_mode
+ && modes[modeidx].mode == GCRY_CIPHER_MODE_GCM))
{
printf (" %7s %7s", "-", "-" );
continue;
Index: libgcrypt-1.9.1/tests/bench-slope.c
===================================================================
--- libgcrypt-1.9.1.orig/tests/bench-slope.c
+++ libgcrypt-1.9.1/tests/bench-slope.c
@@ -1573,7 +1573,7 @@ cipher_bench_one (int algo, struct bench
return;
/* GCM has restrictions for block-size */
- if (mode.mode == GCRY_CIPHER_MODE_GCM && blklen != GCRY_GCM_BLOCK_LEN)
+ if (mode.mode == GCRY_CIPHER_MODE_GCM && (gcry_fips_mode_active () || blklen != GCRY_GCM_BLOCK_LEN))
return;
/* XTS has restrictions for block-size */
Index: libgcrypt-1.9.1/tests/pubkey.c
===================================================================
--- libgcrypt-1.9.1.orig/tests/pubkey.c
+++ libgcrypt-1.9.1/tests/pubkey.c
@@ -504,15 +504,30 @@ get_dsa_key_with_domain_new (gcry_sexp_t
rc = gcry_sexp_new
(&key_spec,
"(genkey (dsa (transient-key)(domain"
- "(p #d3aed1876054db831d0c1348fbb1ada72507e5fbf9a62cbd47a63aeb7859d6921"
- "4adeb9146a6ec3f43520f0fd8e3125dd8bbc5d87405d1ac5f82073cd762a3f8d7"
- "74322657c9da88a7d2f0e1a9ceb84a39cb40876179e6a76e400498de4bb9379b0"
- "5f5feb7b91eb8fea97ee17a955a0a8a37587a272c4719d6feb6b54ba4ab69#)"
- "(q #9c916d121de9a03f71fb21bc2e1c0d116f065a4f#)"
- "(g #8157c5f68ca40b3ded11c353327ab9b8af3e186dd2e8dade98761a0996dda99ab"
- "0250d3409063ad99efae48b10c6ab2bba3ea9a67b12b911a372a2bba260176fad"
- "b4b93247d9712aad13aa70216c55da9858f7a298deb670a403eb1e7c91b847f1e"
- "ccfbd14bd806fd42cf45dbb69cd6d6b43add2a78f7d16928eaa04458dea44#)"
+ " (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
+ " 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
+ " 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
+ " 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
+ " 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
+ " eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
+ " 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
+ " 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
+ " 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
+ " 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
+ " 2c8d7469db02e24d592394a7dba069e9#)"
+ " (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
+ " 7441a0a5#)"
+ " (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
+ " 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
+ " ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
+ " 0df242b75b414df372121e53a553f222f836b000f016485b"
+ " 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
+ " 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
+ " 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
+ " ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
+ " 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
+ " 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
+ " 45f322f82e4e85ca3ab85591b3c2a966#)"
")))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gcry_strerror (rc));
@@ -596,7 +611,7 @@ get_dsa_key_fips186_with_seed_new (gcry_
" (use-fips186)"
" (transient-key)"
" (derive-parms"
- " (seed #f770a4598ff756931fc529764513b103ce57d85f4ad8c5cf297c9b4d48241c5b#))))",
+ " (seed #8b4c4d671fff82e8ed932260206d0571e3a1c2cee8cd94cb73fe58f9b67488fa#))))",
0, 1);
if (rc)
die ("error creating S-expression: %s\n", gcry_strerror (rc));
Index: libgcrypt-1.9.1/tests/t-secmem.c
===================================================================
--- libgcrypt-1.9.1.orig/tests/t-secmem.c
+++ libgcrypt-1.9.1/tests/t-secmem.c
@@ -174,7 +174,8 @@ main (int argc, char **argv)
xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0));
xgcry_control ((GCRYCTL_INIT_SECMEM, pool_size, 0));
- gcry_set_outofcore_handler (outofcore_handler, NULL);
+ if (!gcry_fips_mode_active ())
+ gcry_set_outofcore_handler (outofcore_handler, NULL);
xgcry_control ((GCRYCTL_INITIALIZATION_FINISHED, 0));
/* Libgcrypt prints a warning when the first overflow is allocated;
@@ -184,7 +185,8 @@ main (int argc, char **argv)
test_secmem ();
- test_secmem_overflow ();
+ if (!gcry_fips_mode_active ())
+ test_secmem_overflow ();
/* FIXME: We need to improve the tests, for example by registering
* our own log handler and comparing the output of
* PRIV_CTL_DUMP_SECMEM_STATS to expected pattern. */