rpms
/
libgcrypt
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import libgcrypt-1.10.0-9.el9_1

Browse Source
c9-beta imports/c9-beta/libgcrypt-1.10.0-9.el9_1
CentOS Sources 2 years ago committed by MSVSphere Packaging Team
commit 714edb762b
19 changed files with 6684 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -0,0 +1 @@
SOURCES/libgcrypt-1.10.0.tar.bz2

1
.libgcrypt.metadata
Unescape View File

@ -0,0 +1 @@
363feb8187f6c59b6b10721af6a94558db8ec3af SOURCES/libgcrypt-1.10.0.tar.bz2

77
SOURCES/libgcrypt-1.10.0-allow-short-salt.patch
Unescape View File

@ -0,0 +1,77 @@
From 58c92098d053aae7c78cc42bdd7c80c13efc89bb Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 24 Jun 2022 08:59:31 +0900
Subject: [PATCH] hmac,hkdf: Allow use of shorter salt for HKDF.
* cipher/md.c (prepare_macpads): Move the check to...
* src/visibility.c (gcry_mac_setkey): ... here.
* tests/t-kdf.c (check_hkdf): No failure is expected.
--
GnuPG-bug-id: 6039
Fixes-commit: 76aad97dd312e83f2f9b8d086553f2b72ab6546f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/md.c | 3 ---
src/visibility.c | 3 +++
tests/t-kdf.c | 12 +-----------
3 files changed, 4 insertions(+), 14 deletions(-)
diff --git a/cipher/md.c b/cipher/md.c
index 4f4fc9bf..34336b5c 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -903,9 +903,6 @@ prepare_macpads (gcry_md_hd_t a, const unsigned char *key, size_t keylen)
{
GcryDigestEntry *r;
- if (fips_mode () && keylen < 14)
- return GPG_ERR_INV_VALUE;
-
if (!a->ctx->list)
return GPG_ERR_DIGEST_ALGO; /* Might happen if no algo is enabled. */
diff --git a/src/visibility.c b/src/visibility.c
index c98247d8..aee5bffb 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -946,6 +946,9 @@ gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen)
if (!fips_is_operational ())
return gpg_error (fips_not_operational ());
+ if (fips_mode () && keylen < 14)
+ return GPG_ERR_INV_VALUE;
+
return gpg_error (_gcry_mac_setkey (hd, key, keylen));
}
--
2.37.1
commit 02718ade6ab5eee38169c2102097166770a2456d
Author: Jakub Jelen <jjelen@redhat.com>
Date: Thu Oct 20 16:33:11 2022 +0200
visiblity: Check the HMAC key length in FIPS mode
---
* src/visibility.c (gcry_md_setkey): Check the HMAC key length in FIPS
mode also in the md_ API.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
diff --git a/src/visibility.c b/src/visibility.c
index 150b197d..73db3dea 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -1357,6 +1357,10 @@ gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
{
if (!fips_is_operational ())
return gpg_error (fips_not_operational ());
+
+ if (fips_mode () && keylen < 14)
+ return GPG_ERR_INV_VALUE;
+
return gpg_error (_gcry_md_setkey (hd, key, keylen));
}

70
SOURCES/libgcrypt-1.10.0-allow-small-RSA-verify.patch
Unescape View File

@ -0,0 +1,70 @@
From ca2afc9fb64d9a9b2f8930ba505d9ab6c8a57667 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 12 May 2022 10:56:47 +0200
Subject: [PATCH] cipher: Allow verification of small RSA signatures in FIPS
mode
* cipher/rsa.c (rsa_check_keysize): Formatting.
(rsa_check_verify_keysize): New function.
(rsa_verify): Allow using smaller keys for verification.
--
GnuPG-bug-id: 5975
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
cipher/rsa.c | 26 ++++++++++++++++++++++++--
1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/cipher/rsa.c b/cipher/rsa.c
index c6319b67..9f2b36e8 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -352,13 +352,35 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
static gpg_err_code_t
rsa_check_keysize (unsigned int nbits)
{
- if (fips_mode() && nbits < 2048)
+ if (fips_mode () && nbits < 2048)
return GPG_ERR_INV_VALUE;
return GPG_ERR_NO_ERROR;
}
+/* Check the RSA key length is acceptable for signature verification
+ *
+ * FIPS allows signature verification with RSA keys of size
+ * 1024, 1280, 1536 and 1792 in legacy mode, but this is up to the
+ * calling application to decide if the signature is legacy and
+ * should be accepted.
+ */
+static gpg_err_code_t
+rsa_check_verify_keysize (unsigned int nbits)
+{
+ if (fips_mode ())
+ {
+ if ((nbits >= 1024 && (nbits % 256) == 0) || nbits >= 2048)
+ return GPG_ERR_NO_ERROR;
+
+ return GPG_ERR_INV_VALUE;
+ }
+
+ return GPG_ERR_NO_ERROR;
+}
+
+
/****************
* Generate a key pair with a key of size NBITS.
* USE_E = 0 let Libcgrypt decide what exponent to use.
@@ -1602,7 +1624,7 @@ rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
gcry_mpi_t result = NULL;
unsigned int nbits = rsa_get_nbits (keyparms);
- rc = rsa_check_keysize (nbits);
+ rc = rsa_check_verify_keysize (nbits);
if (rc)
return rc;
--
2.37.1

239
SOURCES/libgcrypt-1.10.0-disable-brainpool.patch
Unescape View File

@ -0,0 +1,239 @@
From d651e25be0bc0c11f4d3d7c72be8cfbbe82b3874 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 10 Sep 2021 18:39:00 +0200
Subject: [PATCH] Allow building libgcrypt without Brainpool curves
* README: Document possibility to build without brainpool curves
* cipher/ecc-curves.c: Conditionalize brainpool curves definitions
* configure.ac: Implement possibility to build without brainpool curves
* tests/curves.c: Skip brainpool curves if they are not built-in
* tests/keygrip.c: Skip brainpool curves if they are not built-in
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
README | 3 +++
cipher/ecc-curves.c | 4 ++++
configure.ac | 13 +++++++++++++
tests/curves.c | 46 ++++++++++++++++++++++++++++++---------------
tests/keygrip.c | 2 ++
5 files changed, 53 insertions(+), 15 deletions(-)
diff --git a/README b/README
index 436b6cd4..1044109c 100644
--- a/README
+++ b/README
@@ -127,6 +127,9 @@
the list used with the current build the program
tests/version may be used.
+ --disable-brainpool
+ Do not build in support for Brainpool curves.
+
--disable-endian-check
Don't let configure test for the endianness but
try to use the OS provided macros at compile
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index 7c86e12c..8fd95a9c 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -77,6 +77,7 @@ static const struct
{ "NIST P-521", "1.3.132.0.35" },
{ "NIST P-521", "nistp521" }, /* rfc5656. */
+#ifdef ENABLE_BRAINPOOL
{ "brainpoolP160r1", "1.3.36.3.3.2.8.1.1.1" },
{ "brainpoolP192r1", "1.3.36.3.3.2.8.1.1.3" },
{ "brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5" },
@@ -84,6 +85,7 @@ static const struct
{ "brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9" },
{ "brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11"},
{ "brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13"},
+#endif /* ENABLE_BRAINPOOL */
{ "GOST2001-test", "1.2.643.2.2.35.0" },
{ "GOST2001-CryptoPro-A", "1.2.643.2.2.35.1" },
@@ -297,6 +299,7 @@ static const ecc_domain_parms_t domain_parms[] =
1
},
+#ifdef ENABLE_BRAINPOOL
{ "brainpoolP160r1", 160, 0,
MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
"0xe95e4a5f737059dc60dfc7ad95b3d8139515620f",
@@ -391,6 +394,7 @@ static const ecc_domain_parms_t domain_parms[] =
"b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892",
1
},
+#endif /* ENABLE_BRAINPOOL */
{
"GOST2001-test", 256, 0,
MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
diff --git a/configure.ac b/configure.ac
index 6efbf139..f4ac1887 100644
--- a/configure.ac
+++ b/configure.ac
@@ -614,6 +614,14 @@ AC_ARG_WITH(fips-module-version,
AC_DEFINE_UNQUOTED(FIPS_MODULE_VERSION, "$fips_module_version",
[Define FIPS module version for certification])
+# Implementation of the --disable-brainpool switch.
+AC_MSG_CHECKING([whether we want to disable the use of brainpool curves])
+AC_ARG_ENABLE(brainpool,
+ AS_HELP_STRING([--disable-brainpool],
+ [Disable the brainpool curves]),
+ use_brainpool="$enableval",use_brainpool=yes)
+AC_MSG_RESULT($use_brainpool)
+
# Implementation of the --disable-jent-support switch.
AC_MSG_CHECKING([whether jitter entropy support is requested])
AC_ARG_ENABLE(jent-support,
@@ -2466,6 +2474,10 @@ if test x"$ppccryptosupport" = xyes ; then
AC_DEFINE(ENABLE_PPC_CRYPTO_SUPPORT,1,
[Enable support for POWER 8 (PowerISA 2.07) crypto extension.])
fi
+if test x"$use_brainpool" = xyes ; then
+ AC_DEFINE(ENABLE_BRAINPOOL, 1,
+ [Enable support for the brainpool curves.])
+fi
if test x"$jentsupport" = xyes ; then
AC_DEFINE(ENABLE_JENT_SUPPORT, 1,
[Enable support for the jitter entropy collector.])
@@ -3296,6 +3308,7 @@ GCRY_MSG_WRAP([Enabled digest algorithms:],[$enabled_digests])
GCRY_MSG_WRAP([Enabled kdf algorithms: ],[$enabled_kdfs])
GCRY_MSG_WRAP([Enabled pubkey algorithms:],[$enabled_pubkey_ciphers])
GCRY_MSG_SHOW([Random number generator: ],[$random])
+GCRY_MSG_SHOW([Enabled Brainpool curves: ],[$use_brainpool])
GCRY_MSG_SHOW([Try using jitter entropy: ],[$jentsupport])
GCRY_MSG_SHOW([Using linux capabilities: ],[$use_capabilities])
GCRY_MSG_SHOW([FIPS module version: ],[$fips_module_version])
diff --git a/tests/curves.c b/tests/curves.c
index 3c738171..8eb79565 100644
--- a/tests/curves.c
+++ b/tests/curves.c
@@ -33,7 +33,11 @@
#include "t-common.h"
/* Number of curves defined in ../cipher/ecc-curves.c */
-#define N_CURVES 27
+#ifdef ENABLE_BRAINPOOL
+# define N_CURVES 27
+#else
+# define N_CURVES 20
+#endif
/* A real world sample public key. */
static char const sample_key_1[] =
@@ -52,6 +56,7 @@ static char const sample_key_1[] =
static char const sample_key_1_curve[] = "NIST P-256";
static unsigned int sample_key_1_nbits = 256;
+#ifdef ENABLE_BRAINPOOL
/* A made up sample public key. */
static char const sample_key_2[] =
"(public-key\n"
@@ -68,6 +73,7 @@ static char const sample_key_2[] =
" ))";
static char const sample_key_2_curve[] = "brainpoolP160r1";
static unsigned int sample_key_2_nbits = 160;
+#endif /* ENABLE_BRAINPOOL */
static int in_fips_mode;
@@ -113,6 +119,7 @@ check_matching (void)
gcry_sexp_release (key);
+#ifdef ENABLE_BRAINPOOL
if (!in_fips_mode)
{
err = gcry_sexp_new (&key, sample_key_2, 0, 1);
@@ -130,6 +137,7 @@ check_matching (void)
gcry_sexp_release (key);
}
+#endif /* ENABLE_BRAINPOOL */
}
#define TEST_ERROR_EXPECTED (1 << 0)
@@ -185,20 +193,26 @@ check_get_params (void)
{ GCRY_PK_ECC, "1.3.132.0.35" },
{ GCRY_PK_ECC, "nistp521" },
- { GCRY_PK_ECC, "brainpoolP160r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.1", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP192r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.3", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP224r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.5", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP256r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.7", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP320r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.9", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP384r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.11", TEST_NOFIPS },
- { GCRY_PK_ECC, "brainpoolP512r1", TEST_NOFIPS },
- { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.13", TEST_NOFIPS },
+#ifdef ENABLE_BRAINPOOL
+# define BRAINPOOL_FLAGS TEST_NOFIPS
+#else
+# define BRAINPOOL_FLAGS TEST_ERROR_EXPECTED
+#endif /* ENABLE_BRAINPOOL */
+ { GCRY_PK_ECC, "brainpoolP160r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP192r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.3", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP224r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.5", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP256r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.7", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP320r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.9", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP384r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.11", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "brainpoolP512r1", BRAINPOOL_FLAGS },
+ { GCRY_PK_ECC, "1.3.36.3.3.2.8.1.1.13", BRAINPOOL_FLAGS },
+#undef BRAINPOOL_ERROR_EXPECTED
{ GCRY_PK_ECC, "GOST2001-test", TEST_NOFIPS },
{ GCRY_PK_ECC, "1.2.643.2.2.35.0", TEST_NOFIPS },
@@ -282,6 +296,7 @@ check_get_params (void)
gcry_sexp_release (param);
+#ifdef ENABLE_BRAINPOOL
if (!in_fips_mode)
{
param = gcry_pk_get_param (GCRY_PK_ECDSA, sample_key_2_curve);
@@ -297,6 +312,7 @@ check_get_params (void)
gcry_sexp_release (param);
}
+#endif /* ENABLE_BRAINPOOL */
/* Some simple tests */
for (idx=0; idx < DIM (tv); idx++)
diff --git a/tests/keygrip.c b/tests/keygrip.c
index 49bd71bc..fc4c17be 100644
--- a/tests/keygrip.c
+++ b/tests/keygrip.c
@@ -149,6 +149,7 @@ static struct
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
+#ifdef ENABLE_BRAINPOOL
{
GCRY_PK_ECC,
"(public-key"
@@ -197,6 +198,7 @@ static struct
"\xD6\xE1\xBF\x43\xAC\x9B\x9A\x12\xE7\x3F",
1
},
+#endif /*ENABLE_BRAINPOOL */
{ /* Ed25519 standard */
GCRY_PK_ECC,
"(public-key"
--
2.34.1

50
SOURCES/libgcrypt-1.10.0-fips-getrandom.patch
Unescape View File

@ -0,0 +1,50 @@
From 0a5e608b8b18d4f41e4d7434c6262bf11507f859 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 16 Aug 2022 15:30:43 +0200
Subject: [PATCH] random: Use getrandom (GRND_RANDOM) in FIPS mode
The SP800-90C (clarified in IG D.K.) requires the following when
different DRBGs are chained:
* the parent needs to be reseeded before generate operation
* the reseed & generate needs to be atomic
In RHEL, this is addressed by change in the kernel, that will do this
automatically, when the getentropy () is called with GRND_RANDOM flag.
* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Use
GRND_RANDOM in FIPS Mode
---
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
random/rndgetentropy.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/random/rndgetentropy.c b/random/rndgetentropy.c
index 7580873e..db4b09ed 100644
--- a/random/rndgetentropy.c
+++ b/random/rndgetentropy.c
@@ -82,9 +82,18 @@ _gcry_rndgetentropy_gather_random (void (*add)(const void*, size_t,
* never blocking once the kernel is seeded. */
do
{
- nbytes = length < sizeof (buffer)? length : sizeof (buffer);
_gcry_pre_syscall ();
- ret = getentropy (buffer, nbytes);
+ if (fips_mode ())
+ {
+ /* The getrandom API returns maximum 32 B of strong entropy */
+ nbytes = length < 32 ? length : 32;
+ ret = getrandom (buffer, nbytes, GRND_RANDOM);
+ }
+ else
+ {
+ nbytes = length < sizeof (buffer) ? length : sizeof (buffer);
+ ret = getentropy (buffer, nbytes);
+ }
_gcry_post_syscall ();
}
while (ret == -1 && errno == EINTR);
--
2.37.1

55
SOURCES/libgcrypt-1.10.0-fips-indicator.patch
Unescape View File

@ -0,0 +1,55 @@
From c34c9e70055ee43e5ef257384fa15941f064e5a4 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 15 Nov 2022 10:47:18 +0100
Subject: [PATCH] fips: Mark AES key wrapping as approved.
* src/fips.c (_gcry_fips_indicator_cipher): Add key wrapping mode as
approved.
--
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
src/fips.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/fips.c b/src/fips.c
index 6599121c..272aabae 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -367,6 +367,7 @@ _gcry_fips_indicator_cipher (va_list arg_ptr)
case GCRY_CIPHER_MODE_CCM:
case GCRY_CIPHER_MODE_GCM:
case GCRY_CIPHER_MODE_XTS:
+ case GCRY_CIPHER_MODE_AESWRAP:
return GPG_ERR_NO_ERROR;
default:
return GPG_ERR_NOT_SUPPORTED;
--
commit d6117b04e0e4d5d68df8fb731f618b0d5126ee14
Author: Jakub Jelen <jjelen@redhat.com>
Date: Tue Jan 17 14:39:34 2023 +0100
fips: Remove GCM mode from the allowed FIPS indicators
* src/fips.c (_gcry_fips_indicator_cipher): Do not mark GCM mode as FIPS
approved.
---
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
diff --git a/src/fips.c b/src/fips.c
index 272aabae..774e7b4c 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -365,7 +365,6 @@ _gcry_fips_indicator_cipher (va_list arg_ptr)
case GCRY_CIPHER_MODE_OFB:
case GCRY_CIPHER_MODE_CTR:
case GCRY_CIPHER_MODE_CCM:
- case GCRY_CIPHER_MODE_GCM:
case GCRY_CIPHER_MODE_XTS:
case GCRY_CIPHER_MODE_AESWRAP:
return GPG_ERR_NO_ERROR;
--

1008
SOURCES/libgcrypt-1.10.0-fips-integrity.patch
View File

File diff suppressed because it is too large Load Diff

158
SOURCES/libgcrypt-1.10.0-fips-integrity2.patch
Unescape View File

@ -0,0 +1,158 @@
From 3c8b6c4a9cad59c5e1db5706f6774a3141b60210 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 17 Feb 2022 10:28:05 +0900
Subject: [PATCH] fips: Fix gen-note-integrity.sh script not to use cmp
utility.
* src/gen-note-integrity.sh: Simplify detecting 32-bit machine
or 64-bit machine.
--
GnuPG-bug-id: 5835
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
src/gen-note-integrity.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/gen-note-integrity.sh b/src/gen-note-integrity.sh
index 969fdca6..878d7095 100755
--- a/src/gen-note-integrity.sh
+++ b/src/gen-note-integrity.sh
@@ -73,9 +73,9 @@ FILE=.libs/libgcrypt.so
#
# Fixup the ELF header to clean up section information
#
-printf '%b' '\002' > 2.bin
-dd ibs=1 skip=4 count=1 if=$FILE status=none > class-byte.bin
-if cmp class-byte.bin 2.bin; then
+BYTE002=$(printf '%b' '\002')
+CLASS_BYTE=$(dd ibs=1 skip=4 count=1 if=$FILE status=none)
+if test "$CLASS_BYTE" = "$BYTE002"; then
CLASS=64
HEADER_SIZE=64
else
@@ -112,4 +112,4 @@ END { print offset}")
dd ibs=1 skip=$HEADER_SIZE count=$OFFSET if=$FILE status=none) \
| ./hmac256 --stdkey --binary
-rm -f 2.bin class-byte.bin header-fixed.bin
+rm -f header-fixed.bin
--
2.39.1
From 052c5ef4cea56772b7015e36f231fa0bcbf91410 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 17 Feb 2022 11:21:35 +0900
Subject: [PATCH] fips: Clarify what to be hashed for the integrity check.
* src/fips.c (get_file_offset): Compute the maximum offset
of segments.
* src/gen-note-integrity.sh: Likewise.
--
The result is same (in current format of ELF program).
Semantics is more clear. It hashes:
- From the start of shared library file,
- fixed up the ELF header to exclude link-time information,
- up to the last segment.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
src/fips.c | 20 +++++++++-----------
src/gen-note-integrity.sh | 20 ++++++++++++++------
2 files changed, 23 insertions(+), 17 deletions(-)
diff --git a/src/fips.c b/src/fips.c
index d798d577..89f8204b 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -595,7 +595,7 @@ run_random_selftests (void)
/*
* In the ELF file opened as FP, fill the ELF header to the pointer
- * EHDR_P, determine the offset of last loadable segment in R_OFFSET.
+ * EHDR_P, determine the maximum offset of segments in R_OFFSET.
* Also, find the section which contains the hmac value and return it
* in HMAC. Rewinds FP to the beginning on success.
*/
@@ -624,24 +624,22 @@ get_file_offset (FILE *fp, ElfW (Ehdr) *ehdr_p,
if (fseek (fp, ehdr_p->e_phoff, SEEK_SET) != 0)
return gpg_error_from_syserror ();
- /* Iterate over the program headers, determine the last loadable
- segment. */
+ /* Iterate over the program headers, determine the last offset of
+ segments. */
for (i = 0; i < ehdr_p->e_phnum; i++)
{
+ unsigned long off;
+
if (fread (&phdr, sizeof (phdr), 1, fp) != 1)
return gpg_error_from_syserror ();
- if (phdr.p_type == PT_PHDR)
- continue;
-
- if (phdr.p_type != PT_LOAD)
- break;
-
- off_segment = phdr.p_offset + phdr.p_filesz;
+ off = phdr.p_offset + phdr.p_filesz;
+ if (off_segment < off)
+ off_segment = off;
}
if (!off_segment)
- /* The segment not found in the file */
+ /* No segment found in the file */
return gpg_error (GPG_ERR_INV_OBJ);
/* The section header entry size should match the size of the shdr struct */
diff --git a/src/gen-note-integrity.sh b/src/gen-note-integrity.sh
index 878d7095..50071bf5 100755
--- a/src/gen-note-integrity.sh
+++ b/src/gen-note-integrity.sh
@@ -95,21 +95,29 @@ else
dd ibs=1 count=6 if=/dev/zero status=none
fi > header-fixed.bin
-# Compute the end of loadable segment.
+#
+# Compute the end of segments, and emit the COUNT to read
+# (For each segment in program headers, calculate the offset
+# and select the maximum)
#
# This require computation in hexadecimal, and GNU awk needs
# --non-decimal-data option
#
-OFFSET=$($READELF --wide --program-headers $FILE | \
- $AWK $AWK_OPTION "/^ LOAD/ { offset=\$2+\$5-$HEADER_SIZE }\
-END { print offset}")
+COUNT=$($READELF --wide --program-headers $FILE | \
+ $AWK $AWK_OPTION \
+"BEGIN { max_offset=0 }
+/^\$/ { if (program_headers_start) program_headers_end=1 }
+(program_headers_start && !program_headers_end) { offset = \$2 + \$5 }
+(max_offset < offset) { max_offset = offset }
+/^ Type/ { program_headers_start=1 }
+END { print max_offset- $HEADER_SIZE }")
#
-# Feed the header fixed and loadable segments to HMAC256
+# Feed the header fixed and all segments to HMAC256
# to generate hmac hash of the FILE
#
(cat header-fixed.bin; \
- dd ibs=1 skip=$HEADER_SIZE count=$OFFSET if=$FILE status=none) \
+ dd ibs=1 skip=$HEADER_SIZE count=$COUNT if=$FILE status=none) \
| ./hmac256 --stdkey --binary
rm -f header-fixed.bin
--
2.39.1

129
SOURCES/libgcrypt-1.10.0-fips-kdf.patch
Unescape View File

@ -0,0 +1,129 @@
From 3c04b692de1e7b45b764ff8d66bf84609b012e3a Mon Sep 17 00:00:00 2001
From: Tobias Heider <tobias.heider@canonical.com>
Date: Tue, 27 Sep 2022 13:31:05 +0900
Subject: [PATCH] kdf:pkdf2: Check minimum allowed key size when running in
FIPS mode.
* cipher/kdf.c (_gcry_kdf_pkdf2): Add output length check.
--
GnuPG-bug-id: 6219
---
cipher/kdf.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/cipher/kdf.c b/cipher/kdf.c
index 81523320..67c60df8 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -160,6 +160,10 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
return GPG_ERR_INV_VALUE;
#endif
+ /* Check minimum key size */
+ if (fips_mode () && dklen < 14)
+ return GPG_ERR_INV_VALUE;
+
/* Step 2 */
l = ((dklen - 1)/ hlen) + 1;
--
2.37.3
From e5a5e847b66eb6b80e60a2dffa347268f059aee3 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 4 Oct 2022 12:44:54 +0200
Subject: [PATCH] tests: Reproducer for short dklen in FIPS mode
* tests/t-kdf.c (check_pbkdf2): Add test vector with short dklen and
verify it fails in FIPS mode
--
GnuPG-bug-id: 6219
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
tests/t-kdf.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
index c0192d7b..716fb53e 100644
--- a/tests/t-kdf.c
+++ b/tests/t-kdf.c
@@ -909,6 +909,14 @@ check_pbkdf2 (void)
"\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9"
"\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6"
},
+ {
+ "password", 8,
+ "salt", 4,
+ GCRY_MD_SHA1,
+ 1,
+ 10, /* too short dklen for FIPS */
+ "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9"
+ },
{
"password", 8,
"salt", 4,
@@ -1109,7 +1117,7 @@ check_pbkdf2 (void)
GCRY_KDF_PBKDF2, tv[tvidx].hashalgo,
tv[tvidx].salt, tv[tvidx].saltlen,
tv[tvidx].c, tv[tvidx].dklen, outbuf);
- if (in_fips_mode && tvidx > 6)
+ if (in_fips_mode && tvidx > 7)
{
if (!err)
fail ("pbkdf2 test %d unexpectedly passed in FIPS mode: %s\n",
@@ -1118,7 +1126,7 @@ check_pbkdf2 (void)
}
if (err)
{
- if (in_fips_mode && tv[tvidx].plen < 14)
+ if (in_fips_mode && (tv[tvidx].plen < 14 || tv[tvidx].dklen < 14))
{
if (verbose)
fprintf (stderr,
--
2.37.3
From f4a861f3e5ae82f278284061e4829c03edf9c3a7 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 18 Nov 2022 09:49:50 +0900
Subject: [PATCH] pkdf2: Add checks for FIPS.
* cipher/kdf.c (_gcry_kdf_pkdf2): Require 8 chars passphrase for FIPS.
Set bounds for salt length and iteration count in FIPS mode.
--
GnuPG-bug-id: 6039
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
cipher/kdf.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/cipher/kdf.c b/cipher/kdf.c
index d22584da..823c744e 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -160,6 +160,18 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
return GPG_ERR_INV_VALUE;
#endif
+ /* FIPS requires minimum passphrase length, see FIPS 140-3 IG D.N */
+ if (fips_mode () && passphraselen < 8)
+ return GPG_ERR_INV_VALUE;
+
+ /* FIPS requires minimum salt length of 128 b (SP 800-132 sec. 5.1, p.6) */
+ if (fips_mode () && saltlen < 16)
+ return GPG_ERR_INV_VALUE;
+
+ /* FIPS requires minimum iterations bound (SP 800-132 sec 5.2, p.6) */
+ if (fips_mode () && iterations < 1000)
+ return GPG_ERR_INV_VALUE;
+
/* Check minimum key size */
if (fips_mode () && dklen < 14)
return GPG_ERR_INV_VALUE;
--
2.39.0

55
SOURCES/libgcrypt-1.10.0-fips-keygen.patch
Unescape View File

@ -0,0 +1,55 @@
From cd30ed3c0d715aa0c58a32a29cfb1476163a5b94 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 20 Apr 2022 15:09:41 +0900
Subject: [PATCH] cipher: Change the bounds for RSA key generation round.
* cipher/rsa.c (generate_fips): Use 10 for p, 20 for q.
--
Constants from FIPS 186-5-draft.
GnuPG-bug-id: 5919
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/rsa.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 486a34f0..771413b3 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -476,7 +476,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
retry:
/* generate p and q */
- for (i = 0; i < 5 * pbits; i++)
+ for (i = 0; i < 10 * pbits; i++)
{
ploop:
if (!testparms)
@@ -506,10 +506,10 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
else if (testparms)
goto err;
}
- if (i >= 5 * pbits)
+ if (i >= 10 * pbits)
goto err;
- for (i = 0; i < 5 * pbits; i++)
+ for (i = 0; i < 20 * pbits; i++)
{
qloop:
if (!testparms)
@@ -555,7 +555,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
else if (testparms)
goto err;
}
- if (i >= 5 * pbits)
+ if (i >= 20 * pbits)
goto err;
if (testparms)
--
2.37.3

109
SOURCES/libgcrypt-1.10.0-fips-rsa-pss.patch
Unescape View File

@ -0,0 +1,109 @@
From bf1e62e59200b2046680d1d3d1599facc88cfe63 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 29 Nov 2022 14:04:59 +0100
Subject: [PATCH] rsa: Prevent usage of long salt in FIPS mode
* cipher/rsa-common.c (_gcry_rsa_pss_encode): Prevent usage of large
salt lengths
(_gcry_rsa_pss_verify): Ditto.
* tests/basic.c (check_pubkey_sign): Check longer salt length fails in
FIPS mode
* tests/t-rsa-pss.c (one_test_sexp): Fix function name in error message
---
cipher/rsa-common.c | 14 ++++++++++++++
tests/basic.c | 19 ++++++++++++++++++-
tests/t-rsa-pss.c | 2 +-
3 files changed, 33 insertions(+), 2 deletions(-)
diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c
index 233ddb2d..61cd60a4 100644
--- a/cipher/rsa-common.c
+++ b/cipher/rsa-common.c
@@ -809,6 +809,13 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
hlen = _gcry_md_get_algo_dlen (algo);
gcry_assert (hlen); /* We expect a valid ALGO here. */
+ /* The FIPS 186-4 Section 5.5 allows only 0 <= sLen <= hLen */
+ if (fips_mode () && saltlen > hlen)
+ {
+ rc = GPG_ERR_INV_ARG;
+ goto leave;
+ }
+
/* Allocate a help buffer and setup some pointers. */
buflen = 8 + hlen + saltlen + (emlen - hlen - 1);
buf = xtrymalloc (buflen);
@@ -950,6 +957,13 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, int hashed_already,
hlen = _gcry_md_get_algo_dlen (algo);
gcry_assert (hlen); /* We expect a valid ALGO here. */
+ /* The FIPS 186-4 Section 5.5 allows only 0 <= sLen <= hLen */
+ if (fips_mode () && saltlen > hlen)
+ {
+ rc = GPG_ERR_INV_ARG;
+ goto leave;
+ }
+
/* Allocate a help buffer and setup some pointers.
This buffer is used for two purposes:
+------------------------------+-------+
diff --git a/tests/basic.c b/tests/basic.c
index 77e2fd93..429bd237 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -16602,6 +16602,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
const char *data;
int algo;
int expected_rc;
+ int flags;
} datas[] =
{
{ "(data\n (flags pkcs1)\n"
@@ -16672,6 +16673,22 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
" (random-override #4253647587980912233445566778899019283747#))\n",
GCRY_PK_RSA,
0 },
+ { "(data\n (flags pss)\n"
+ " (hash-algo sha256)\n"
+ " (value #11223344556677889900AABBCCDDEEFF#)\n"
+ " (salt-length 2:32)\n"
+ " (random-override #42536475879809122334455667788990192837465564738291"
+ "00122334455667#))\n",
+ GCRY_PK_RSA,
+ 0 },
+ { "(data\n (flags pss)\n"
+ " (hash-algo sha256)\n"
+ " (value #11223344556677889900AABBCCDDEEFF#)\n"
+ " (salt-length 2:33)\n"
+ " (random-override #42536475879809122334455667788990192837465564738291"
+ "0012233445566778#))\n",
+ GCRY_PK_RSA,
+ 0, FLAG_NOFIPS },
{ NULL }
};
@@ -16695,7 +16712,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
die ("converting data failed: %s\n", gpg_strerror (rc));
rc = gcry_pk_sign (&sig, hash, skey);
- if (in_fips_mode && (flags & FLAG_NOFIPS))
+ if (in_fips_mode && (flags & FLAG_NOFIPS || datas[dataidx].flags & FLAG_NOFIPS))
{
if (!rc)
fail ("gcry_pk_sign did not fail as expected in FIPS mode\n");
diff --git a/tests/t-rsa-pss.c b/tests/t-rsa-pss.c
index c5f90116..82dd54b3 100644
--- a/tests/t-rsa-pss.c
+++ b/tests/t-rsa-pss.c
@@ -340,7 +340,7 @@ one_test_sexp (const char *n, const char *e, const char *d,
snprintf (p, 3, "%02x", out[i]);
if (strcmp (sig_string, s))
{
- fail ("gcry_pkhash_sign failed: %s",
+ fail ("gcry_pk_hash_sign failed: %s",
"wrong value returned");
info (" expected: '%s'", s);
info (" got: '%s'", sig_string);
--
2.39.0

1199
SOURCES/libgcrypt-1.10.0-fips-selftest.patch
View File

File diff suppressed because it is too large Load Diff

139
SOURCES/libgcrypt-1.10.0-fips-x931.patch
Unescape View File

@ -0,0 +1,139 @@
From 06ea5b5332ffdb44a0a394d766be8989bcb6a95c Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 6 Dec 2022 10:03:47 +0900
Subject: [PATCH] fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.
* cipher/rsa.c (rsa_generate): Do not accept use-x931 or derive-parms
in FIPS mode.
* tests/pubkey.c (get_keys_x931_new): Expect failure in FIPS mode.
(check_run): Skip checking X9.31 keys in FIPS mode.
* doc/gcrypt.texi: Document "test-parms" and clarify some cases around
the X9.31 keygen.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
cipher/rsa.c | 5 +++++
doc/gcrypt.texi | 41 ++++++++++++++++++++++++++++++++++++-----
tests/pubkey.c | 15 +++++++++++++--
3 files changed, 54 insertions(+), 7 deletions(-)
diff --git a/cipher/rsa.c b/cipher/rsa.c
index df4af94b..45523e6b 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1256,6 +1256,11 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
if (deriveparms || (flags & PUBKEY_FLAG_USE_X931))
{
int swapped;
+ if (fips_mode ())
+ {
+ sexp_release (deriveparms);
+ return GPG_ERR_INV_SEXP;
+ }
ec = generate_x931 (&sk, nbits, evalue, deriveparms, &swapped);
sexp_release (deriveparms);
if (!ec && swapped)
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index d0372f3e..e845a4dd 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -2699,8 +2699,7 @@ achieve fastest ECC key generation.
Force the use of the ANSI X9.31 key generation algorithm instead of
the default algorithm. This flag is only meaningful for RSA key
generation and usually not required. Note that this algorithm is
-implicitly used if either @code{derive-parms} is given or Libgcrypt is
-in FIPS mode.
+implicitly used if either @code{derive-parms} is given.
@item use-fips186
@cindex FIPS 186
@@ -3310,9 +3309,9 @@ This is currently only implemented for RSA and DSA keys. It is not
allowed to use this together with a @code{domain} specification. If
given, it is used to derive the keys using the given parameters.
-If given for an RSA key the X9.31 key generation algorithm is used
-even if libgcrypt is not in FIPS mode. If given for a DSA key, the
-FIPS 186 algorithm is used even if libgcrypt is not in FIPS mode.
+If given for an RSA key, the X9.31 key generation algorithm is used.
+If given for a DSA key, the FIPS 186 algorithm is used even if
+libgcrypt is not in FIPS mode.
@example
(genkey
@@ -3342,6 +3341,38 @@ FIPS 186 algorithm is used even if libgcrypt is not in FIPS mode.
(seed @var{seed-mpi}))))
@end example
+@item test-parms @var{list}
+This is currently only implemented for RSA keys. If given, the
+libgcrypt will not generate parameter, but tests whether the p,q is
+probably prime. Returns key with zeroes.
+
+The FIPS key generation algorithm is used even if libgcrypt is not
+in FIPS mode.
+
+@example
+(genkey
+ (rsa
+ (nbits 4:1024)
+ (rsa-use-e 1:3)
+ (test-parms
+ (e "65537")
+ (p #00bbccabcee15d343944a47e492d4b1f4de79633e2
+ 0cbb46f7d2d6813392a807ad048cf77528edd19f77
+ e7453f25173b9dcb70423afa2037aae147b81a33d5
+ 41fc58f875eff1e852ab55e2e09a3debfbc151b3b0
+ d17fef6f74d81fca14fbae531418e211ef818592af
+ 70de5cec3b92795cc3578572bf456099cd8727150e
+ 523261#)
+ (q #00ca87ecf2883f4ed00a9ec65abdeba81d28edbfcc
+ 34ecc563d587f166b52d42bfbe22bbc095b0b8426a
+ 2f8bbc55baaa8859b42cbc376ed3067db3ef7b135b
+ 63481322911ebbd7014db83aa051e0ca2dbf302b75
+ cd37f2ae8df90e134226e92f6353a284b28bb30af0
+ bbf925b345b955328379866ebac11d55bc80fe84f1
+ 05d415#)
+
+@end example
+
@item flags @var{flaglist}
This is preferred way to define flags. @var{flaglist} may contain any
diff --git a/tests/pubkey.c b/tests/pubkey.c
index bc44f3a5..2669b41a 100644
--- a/tests/pubkey.c
+++ b/tests/pubkey.c
@@ -430,7 +430,17 @@ get_keys_x931_new (gcry_sexp_t *pkey, gcry_sexp_t *skey)
rc = gcry_pk_genkey (&key, key_spec);
gcry_sexp_release (key_spec);
if (rc)
- die ("error generating RSA key: %s\n", gcry_strerror (rc));
+ {
+ if (in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, "The X9.31 RSA keygen is not available in FIPS modee.\n");
+ return;
+ }
+ die ("error generating RSA key: %s\n", gcry_strerror (rc));
+ }
+ else if (in_fips_mode)
+ die ("generating X9.31 RSA key unexpected worked in FIPS mode\n");
if (verbose > 1)
show_sexp ("generated RSA (X9.31) key:\n", key);
@@ -777,7 +787,8 @@ check_run (void)
if (verbose)
fprintf (stderr, "Checking generated RSA key (X9.31).\n");
get_keys_x931_new (&pkey, &skey);
- check_keys (pkey, skey, 800, 0);
+ if (!in_fips_mode)
+ check_keys (pkey, skey, 800, 0);
gcry_sexp_release (pkey);
gcry_sexp_release (skey);
pkey = skey = NULL;
--
2.39.0

29
SOURCES/libgcrypt-1.10.0-ppc-hwf.patch
Unescape View File

@ -0,0 +1,29 @@
From 29bfb3ebbc63d7ed18b916c5c6946790fb3d15df Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Fri, 1 Apr 2022 09:49:20 +0300
Subject: [PATCH] hwf-ppc: fix missing HWF_PPC_ARCH_3_10 in HW feature
* src/hwf-ppc.c (ppc_features): Add HWF_PPC_ARCH_3_10.
--
GnuPG-bug-id: T5913
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
src/hwf-ppc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/hwf-ppc.c b/src/hwf-ppc.c
index 7801f8b0..11d14dc1 100644
--- a/src/hwf-ppc.c
+++ b/src/hwf-ppc.c
@@ -103,6 +103,7 @@ static const struct feature_map_s ppc_features[] =
{ 0, PPC_FEATURE2_VEC_CRYPTO, HWF_PPC_VCRYPTO },
#endif
{ 0, PPC_FEATURE2_ARCH_3_00, HWF_PPC_ARCH_3_00 },
+ { 0, PPC_FEATURE2_ARCH_3_10, HWF_PPC_ARCH_3_10 },
};
#endif
--
2.34.1

621
SOURCES/libgcrypt-1.10.0-sha3-large.patch
Unescape View File

@ -0,0 +1,621 @@
From 2c1bb2f34f2812888f75c476037afae6d9e21798 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 23 Sep 2022 18:39:20 +0200
Subject: [PATCH] keccak: Use size_t to avoid integer overflow
Any input to the SHA3 functions > 4GB was giving wrong result when it
was invoked in one-shot, while working correctly when it was fed by
chunks. It turned out that the calculation in the `keccak_write`
overflows the `unsigned int` type (`nlanes * 8` does not fit 32b when
the `inlen` > 4GB).
* cipher/keccak-armv7-neon.S: Fix function name in comment and change
parameter type to size_t
* cipher/keccak.c (keccak_ops_t): Change absorb function signature to
use size_t
(keccak_absorb_lanes64_avx512): Change nlanes type to size_t
(_gcry_keccak_absorb_lanes64_armv7_neon): Ditto.
(keccak_absorb_lanes64_armv7_neon): Ditto.
(keccak_absorb_lanes32bi): Ditto.
(keccak_absorb_lanes32bi_bmi2): Ditto.
(keccak_write): Change nlanes variable to use size_t and avoid
overflow when calculating count.
* cipher/keccak_permute_64.h (KECCAK_F1600_ABSORB_FUNC_NAME): Change
nlanes argument to use size_t.
---
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
cipher/keccak-armv7-neon.S | 10 +++++-----
cipher/keccak.c | 20 ++++++++++----------
cipher/keccak_permute_64.h | 2 +-
3 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/cipher/keccak-armv7-neon.S b/cipher/keccak-armv7-neon.S
index 0bec8d50..28a284a1 100644
--- a/cipher/keccak-armv7-neon.S
+++ b/cipher/keccak-armv7-neon.S
@@ -467,11 +467,11 @@ _gcry_keccak_permute_armv7_neon:
.ltorg
.size _gcry_keccak_permute_armv7_neon,.-_gcry_keccak_permute_armv7_neon;
-@//unsigned _gcry_keccak_permute_armv7_neon(u64 *state, @r4
-@ int pos, @r1
-@ const byte *lanes, @r2
-@ unsigned int nlanes, @r3
-@ int blocklanes) @ r5 callable from C
+@//unsigned _gcry_keccak_absorb_lanes64_armv7_neon(u64 *state, @r4
+@ int pos, @r1
+@ const byte *lanes, @r2
+@ size_t nlanes, @r3
+@ int blocklanes) @ r5 callable from C
.p2align 3
.global _gcry_keccak_absorb_lanes64_armv7_neon
.type _gcry_keccak_absorb_lanes64_armv7_neon,%function;
diff --git a/cipher/keccak.c b/cipher/keccak.c
index e7e42473..6c385f71 100644
--- a/cipher/keccak.c
+++ b/cipher/keccak.c
@@ -131,7 +131,7 @@ typedef struct
{
unsigned int (*permute)(KECCAK_STATE *hd);
unsigned int (*absorb)(KECCAK_STATE *hd, int pos, const byte *lanes,
- unsigned int nlanes, int blocklanes);
+ size_t nlanes, int blocklanes);
unsigned int (*extract) (KECCAK_STATE *hd, unsigned int pos, byte *outbuf,
unsigned int outlen);
} keccak_ops_t;
@@ -513,7 +513,7 @@ static const keccak_ops_t keccak_avx512_64_ops =
unsigned int _gcry_keccak_permute_armv7_neon(u64 *state);
unsigned int _gcry_keccak_absorb_lanes64_armv7_neon(u64 *state, int pos,
const byte *lanes,
- unsigned int nlanes,
+ size_t nlanes,
int blocklanes);
static unsigned int keccak_permute64_armv7_neon(KECCAK_STATE *hd)
@@ -523,7 +523,7 @@ static unsigned int keccak_permute64_armv7_neon(KECCAK_STATE *hd)
static unsigned int
keccak_absorb_lanes64_armv7_neon(KECCAK_STATE *hd, int pos, const byte *lanes,
- unsigned int nlanes, int blocklanes)
+ size_t nlanes, int blocklanes)
{
if (blocklanes < 0)
{
@@ -571,7 +571,7 @@ static const keccak_ops_t keccak_armv7_neon_64_ops =
static unsigned int
keccak_absorb_lanes32bi(KECCAK_STATE *hd, int pos, const byte *lanes,
- unsigned int nlanes, int blocklanes)
+ size_t nlanes, int blocklanes)
{
unsigned int burn = 0;
@@ -653,7 +653,7 @@ keccak_absorb_lane32bi_bmi2(u32 *lane, u32 x0, u32 x1)
static unsigned int
keccak_absorb_lanes32bi_bmi2(KECCAK_STATE *hd, int pos, const byte *lanes,
- unsigned int nlanes, int blocklanes)
+ size_t nlanes, int blocklanes)
{
unsigned int burn = 0;
@@ -873,7 +873,8 @@ keccak_write (void *context, const void *inbuf_arg, size_t inlen)
const byte *inbuf = inbuf_arg;
unsigned int nburn, burn = 0;
unsigned int count, i;
- unsigned int pos, nlanes;
+ unsigned int pos;
+ size_t nlanes;
#ifdef USE_S390X_CRYPTO
if (ctx->kimd_func)
@@ -918,8 +919,7 @@ keccak_write (void *context, const void *inbuf_arg, size_t inlen)
burn = nburn > burn ? nburn : burn;
inlen -= nlanes * 8;
inbuf += nlanes * 8;
- count += nlanes * 8;
- count = count % bsize;
+ count = ((size_t) count + nlanes * 8) % bsize;
}
if (inlen)
diff --git a/cipher/keccak_permute_64.h b/cipher/keccak_permute_64.h
index b28c871e..45ef462f 100644
--- a/cipher/keccak_permute_64.h
+++ b/cipher/keccak_permute_64.h
@@ -292,7 +292,7 @@ KECCAK_F1600_PERMUTE_FUNC_NAME(KECCAK_STATE *hd)
static unsigned int
KECCAK_F1600_ABSORB_FUNC_NAME(KECCAK_STATE *hd, int pos, const byte *lanes,
- unsigned int nlanes, int blocklanes)
+ size_t nlanes, int blocklanes)
{
unsigned int burn = 0;
--
GitLab
From 910dcbcef36e1cd3de3dde192d829a1513273e14 Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Sun, 25 Sep 2022 22:23:22 +0300
Subject: [PATCH] tests/hashtest: add hugeblock & disable-hwf options and 6 gig
test vectors
* .gitignore: Add 'tests/hashtest-6g'.
* configure.ac: Add 'tests/hashtest-6g'.
* tests/Makefile: Add 'hashtest-6g'.
* tests/hashtest-6g.in: New.
* tests/hashtest-256g.in: Add SHA3-512 to algos.
* tests/hashtest.c (use_hugeblock): New.
(testvectors): Add 256 GiB test vectors for BLAKE2S, BLAKE2B and
whirlpool; Add 6 GiB test vectors for SHA1, SHA256, SHA512, SHA3, SM3,
BLAKE2S, BLAKE2B, WHIRLPOOL, CRC32 and CRC24.
(run_longtest); Use huge 5 GiB pattern block when requested.
(main): Add '--hugeblock' and '--disable-hwf' options.
* tests/testdrv.c: Add 'hashtest-6g'; Add SHA3 to 'hashtest-256g'.
---
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
.gitignore | 1 +
configure.ac | 1 +
tests/Makefile.am | 9 +-
tests/hashtest-256g.in | 2 +-
tests/hashtest-6g.in | 7 ++
tests/hashtest.c | 249 +++++++++++++++++++++++++++++++++++++++--
tests/testdrv.c | 7 +-
7 files changed, 261 insertions(+), 15 deletions(-)
create mode 100644 tests/hashtest-6g.in
diff --git a/configure.ac b/configure.ac
index c8f24dcc..c39257b5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3511,6 +3511,7 @@ src/libgcrypt.pc
src/versioninfo.rc
tests/Makefile
])
+AC_CONFIG_FILES([tests/hashtest-6g], [chmod +x tests/hashtest-6g])
AC_CONFIG_FILES([tests/hashtest-256g], [chmod +x tests/hashtest-256g])
AC_CONFIG_FILES([tests/basic-disable-all-hwf], [chmod +x tests/basic-disable-all-hwf])
AC_OUTPUT
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 302d923b..75aa5cf7 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -44,13 +44,14 @@ tests_bin_last = benchmark bench-slope
tests_sh = basic-disable-all-hwf
-tests_sh_last = hashtest-256g
+tests_sh_last = hashtest-6g hashtest-256g
TESTS = $(tests_bin) $(tests_sh) $(tests_bin_last) $(tests_sh_last)
# Force sequential run of some tests.
bench-slope.log: benchmark.log
-hashtest-256g.log: bench-slope.log
+hashtest-6g.log: bench-slope.log
+hashtest-256g.log: hashtest-6g.log
TESTS_ENVIRONMENT = GCRYPT_IN_REGRESSION_TEST=1
@@ -76,8 +77,8 @@ CLEANFILES = testdrv-build
EXTRA_DIST = README rsa-16k.key \
pkcs1v2-oaep.h pkcs1v2-pss.h pkcs1v2-v15c.h pkcs1v2-v15s.h \
t-ed25519.inp t-ed448.inp t-dsa.inp t-ecdsa.inp t-rsa-15.inp \
- t-rsa-pss.inp stopwatch.h hashtest-256g.in sha3-224.h \
- sha3-256.h sha3-384.h sha3-512.h blake2b.h blake2s.h \
+ t-rsa-pss.inp stopwatch.h hashtest-6g.in hashtest-256g.in \
+ sha3-224.h sha3-256.h sha3-384.h sha3-512.h blake2b.h blake2s.h \
basic-disable-all-hwf.in basic_all_hwfeature_combinations.sh
LDADD = $(standard_ldadd) $(GPG_ERROR_LIBS) @LDADD_FOR_TESTS_KLUDGE@
diff --git a/tests/hashtest-256g.in b/tests/hashtest-256g.in
index a52b8692..44b69897 100755
--- a/tests/hashtest-256g.in
+++ b/tests/hashtest-256g.in
@@ -1,6 +1,6 @@
#!/bin/sh
-algos="SHA1 SHA256 SHA512 SM3"
+algos="SHA1 SHA256 SHA512 SHA3-512 SM3"
test "@RUN_LARGE_DATA_TESTS@" = yes || exit 77
echo " now running 256 GiB tests for $algos - this takes looong"
diff --git a/tests/hashtest-6g.in b/tests/hashtest-6g.in
new file mode 100644
index 00000000..b3f3e2ff
--- /dev/null
+++ b/tests/hashtest-6g.in
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+algos="SHA1 SHA256 SHA512 SHA3-512 SM3 BLAKE2S_256 BLAKE2B_512 CRC32 CRC24RFC2440"
+
+test "@RUN_LARGE_DATA_TESTS@" = yes || exit 77
+echo " now running 6 GiB tests for $algos - this can take long"
+exec ./hashtest@EXEEXT@ --hugeblock --gigs 6 $algos
diff --git a/tests/hashtest.c b/tests/hashtest.c
index 4c9704f3..9389e50c 100644
--- a/tests/hashtest.c
+++ b/tests/hashtest.c
@@ -34,6 +34,7 @@
#define PGM "hashtest"
#include "t-common.h"
+static int use_hugeblock;
static int missing_test_vectors;
static struct {
@@ -113,6 +114,169 @@ static struct {
{ GCRY_MD_SM3, 256, +64,
"ed34869dbadd62e3bec1f511004d7bbfc9cafa965477cc48843b248293bbe867" },
+ { GCRY_MD_BLAKE2S_256, 256, -64,
+ "8a3d4f712275e8e8da70c76501cce364c75f8dd09748be58cf63c9ce38d62627" },
+ { GCRY_MD_BLAKE2S_256, 256, -1,
+ "0c01c9ad1e60e27dc889f2c9034a949ca8b9a9dc90dd99be64963af306d47b92" },
+ { GCRY_MD_BLAKE2S_256, 256, +0,
+ "f8c43d5c4bad93aca702c8c466987c5ac5e640a29b37dd9904252ff27b2348a0" },
+ { GCRY_MD_BLAKE2S_256, 256, +1,
+ "24c34b167b4eea1a7eb7d572ff3cf669a9856ea91bb112e9ef2ccd4b1aceccb4" },
+ { GCRY_MD_BLAKE2S_256, 256, +64,
+ "2f8d754f98e2d4ed7744389f89d0bdb9b770c9fa215b8badd3129ea1364af867" },
+
+ { GCRY_MD_BLAKE2B_512, 256, -64,
+ "36d32ae4deeacab4119401c52e2aec5545675bd2dce4f67871ddc73671a05f94"
+ "e8332c2a31f32f5601878606a571aa7b43029dac3ae71cf9ef141d05651dc4bf" },
+ { GCRY_MD_BLAKE2B_512, 256, -1,
+ "b5dc439f51664a6c9cbc87e2de98ce608ac4064a779e5140909d75d2120c9b2a"
+ "a1d4ae7be9c1ba97025be91ddcfbe42c791c3231cffbfa4b5368ba18f9590e1b" },
+ { GCRY_MD_BLAKE2B_512, 256, +0,
+ "c413d011ba9abbf118dd96bfc827f5fd94493d8350df9f7aff834faace5adba2"
+ "0c3037069dfb2c81718ffc7b418ce1c1320d334b6fe8cddfb5d2dd19eb530853" },
+ { GCRY_MD_BLAKE2B_512, 256, +1,
+ "b6dfb821f1c8167fb33995c29485010da56abd539c3d04ab9c222844301b8bba"
+ "6f57a48e45a748e40847084b93f26706aae82212550671c736becffcc6fb1496" },
+ { GCRY_MD_BLAKE2B_512, 256, +64,
+ "8c21316a4a02044e302d503d0fe669d905c40d9d80ecd5aafc8e30f1df06736f"
+ "51fdaf6002160bb8fe4e868eaad9623fc5ecdd728bcbfee4a19b386503710f48" },
+
+ { GCRY_MD_WHIRLPOOL, 256, -64,
+ "aabf62344c1aa82d2dc7605f339b3571d540f1f320f97e6a8c0229645ee61f1f"
+ "da796acde2f96caa1c56eb2c2f9a6029a6242ad690479def66feac44334cc3af" },
+ { GCRY_MD_WHIRLPOOL, 256, -1,
+ "9a35ec14aa9cefd40e04295d45d39f3111a98c2d76d90c54a7d2b8f2f5b9302b"
+ "79663eab6b6674625c3ae3e4b5dbb3b0a2f5b2f49a7a59cd1723e2b16a3efea2" },
+ { GCRY_MD_WHIRLPOOL, 256, +0,
+ "818ad31a5110b6217cc6ffa099d554aaadc9566bf5291e104a5d58b21d51ae4d"
+ "c216c6de888d1359066c584e24e6606f530a3fce80ef78aed8564de4a28801c8" },
+ { GCRY_MD_WHIRLPOOL, 256, +1,
+ "298805f5fc68488712427c1bcb27581d91aa04337c1c6b4657489ed3d239bb8b"
+ "c70ef654065d380ac1f5596aca5cb59e6da8044b5a067e32ea4cd94ca606f9f3" },
+ { GCRY_MD_WHIRLPOOL, 256, +64,
+ "7bd35c3bee621bc0fb8907904b3b84d6cf4fae4c22cc64fbc744c8c5c8de806d"
+ "0f11a27892d531dc907426597737762c83e3ddcdc62f50d16d130aaefaeec436" },
+
+ { GCRY_MD_SHA1, 6, -64,
+ "eeee82d952403313bd63d6d7c8e342df0a1eea77" },
+ { GCRY_MD_SHA1, 6, -1,
+ "8217b9f987d67db5880bcfff1d6763a6514d629f" },
+ { GCRY_MD_SHA1, 6, +0,
+ "2b38aa63c05668217e5331320a4aee0adad7fc3b" },
+ { GCRY_MD_SHA1, 6, +1,
+ "f3222de4d0704554cff0a537bc95b30f15daa94f" },
+ { GCRY_MD_SHA1, 6, +64,
+ "b3bdd8065bb92d8208d55d28fad2281c6fbf2601" },
+
+ { GCRY_MD_SHA256, 6, -64,
+ "a2d5add5be904b70d6ef9bcd5feb9c6cfc2be0799732a122d9eccb576ff5a922" },
+ { GCRY_MD_SHA256, 6, -1,
+ "88293b7e0e5a47fdef1148c6e510f95272770db6b5296958380209ba57db7a5d" },
+ { GCRY_MD_SHA256, 6, +0,
+ "ccee8e8dfc366eba67471e49c45057b0041be0d2206c6de1aa765ce07ecfc434" },
+ { GCRY_MD_SHA256, 6, +1,
+ "f4a89e92b38e0e61ee17079dc31411de06cfe1f77c83095ae1a2e7aa0205d94b" },
+ { GCRY_MD_SHA256, 6, +64,
+ "338708608c2356ed2927a85b08fe745223c6140243fb3a87f309e12b31b946a8" },
+
+ { GCRY_MD_SHA512, 6, -64,
+ "658f52850932633c00b2f1d65b874c540ab84e2c0fe84a8a6c35f8e90e6f6a9c"
+ "2f7e0ccca5064783562a42ad8f47eab48687aaf6998b04ee94441e82c14e834d" },
+ { GCRY_MD_SHA512, 6, -1,
+ "9ead6d66b46a3a72d77c7990874cfebc1575e5bfda6026430d76b3db6cc62d52"
+ "4ca0dd2674b9c24208b2e780d75542572eee8df6724acadcc23a03eed8f82f0a" },
+ { GCRY_MD_SHA512, 6, +0,
+ "03e4549eb28bd0fb1606c321f1498503b5e889bec8d799cf0688567c7f8ac0d9"
+ "a7ec4e84d1d729d6a359797656e286617c3ef82abb51991bb576aaf05f7b6573" },
+ { GCRY_MD_SHA512, 6, +1,
+ "ffe52f6385ccde6fa7d45845787d8f9993fdcb5833fb58b13c424a84e39ea50f"
+ "52d40e254fe667cb0104ffe3837dc8d0eee3c81721cb8eac10d5851dfb1f91db" },
+ { GCRY_MD_SHA512, 6, +64,
+ "4a19da3d5eaaa79ac1eaff5e4062f23ee56573411f8d302f7bf3c6da8779bd00"
+ "a936e9ad7f535597a49162ed308b0cced7724667f97a1bb24540152fcfe3ec95" },
+
+ { GCRY_MD_SHA3_512, 6, -64,
+ "a99f2913d3beb9b45273402e30daa4d25c7a5e9eb8cf6039996eb2292a45c04c"
+ "b9e3a1a187f71920626f465ed6cf7dc34047ec5578e05516374bb9c56683903a" },
+ { GCRY_MD_SHA3_512, 6, -1,
+ "fca50bde79c55e5fc4c9d97e66eb5cfacef7032395848731e645ca42f07f8d38"
+ "be1d593727c2a82b9a9bc058ebc9744971f867fa920cfa902023448243ac017b" },
+ { GCRY_MD_SHA3_512, 6, +0,
+ "c61bb345c0a553edaa89fd38114ac9799b6d307ba8e3cde53552ad4c77cfe4b7"
+ "2671d82c1519c8e7b23153a9268e2939239564fc7c2060608aa42955e938840d" },
+ { GCRY_MD_SHA3_512, 6, +1,
+ "502a83d8d1b977312806382a45c1cc9c0e7db437ca962e37eb181754d59db686"
+ "14d91df286d510411adf69f7c9befc1027bdc0c33a48a5dd6ae0957b9061e7ca" },
+ { GCRY_MD_SHA3_512, 6, +64,
+ "207bfb83ae788ddd4531188567f0892bbddbbc88d69bc196b2357bee3e668706"
+ "c27f832ecb50e9ae5b63e9f384bdc37373958d4a14f3825146d2f6b1a65d8e51" },
+
+ { GCRY_MD_SM3, 6, -64,
+ "41d96d19cef4c942b0f5f4cdc3e1afe440dc62c0bc103a2c0e9eee9e1733a74a" },
+ { GCRY_MD_SM3, 6, -1,
+ "b7689cc4ef6c7dc795b9e5e6998e5cc3dc1daec02bc1181cdbef8d6812b4957a" },
+ { GCRY_MD_SM3, 6, +0,
+ "c6eae4a82052423cf98017bde4dee8769947c66120a1a2ff79f0f0dc945a3272" },
+ { GCRY_MD_SM3, 6, +1,
+ "f6590f161fee11529585c7a9dfc725f8b81951e49b616844097a3dbdc9ffdbec" },
+ { GCRY_MD_SM3, 6, +64,
+ "f3277fa90c47afe5e4fc52374aadf8e96bc29c2b5a7a4ebf5d704245ada837ea" },
+
+ { GCRY_MD_BLAKE2S_256, 6, -64,
+ "0f3c17610777c34d40a0d11a93d5e5ed444ce16edefebabd0bc8e30392d5c2db" },
+ { GCRY_MD_BLAKE2S_256, 6, -1,
+ "92cbcf142c45de9d64da9791c51dce4e32b58f74d9f3d201b1ea74deac765f51" },
+ { GCRY_MD_BLAKE2S_256, 6, +0,
+ "b20702cb5a0bee2ab104f38eb513429589310a7edde81dd1f40043be7d16d0de" },
+ { GCRY_MD_BLAKE2S_256, 6, +1,
+ "bfc17dc74930989841da05aac08402bf0dcb4a597b17c52402a516ea7e541cdf" },
+ { GCRY_MD_BLAKE2S_256, 6, +64,
+ "d85588cdf5a00bec1327da02f22f1a10b68dd9d6b730f30a3aa65af3a51c1722" },
+
+ { GCRY_MD_BLAKE2B_512, 6, -64,
+ "30b6015f94524861b04b83f0455be10a993460e0f8f0fd755fc3d0270b0c7d00"
+ "039a6e01684ce0689ce4ef70932bd19a676acf4b4ea521c30337d2f445fc2055" },
+ { GCRY_MD_BLAKE2B_512, 6, -1,
+ "49abef820ad7fc5e6ed9b63acddce639a69dcd749b0798b140216649bc3b927c"
+ "637dbe1cb39a41bbafe7f8b675401ccdcf69a7fba227ae4cda5cd28b9ff36776" },
+ { GCRY_MD_BLAKE2B_512, 6, +0,
+ "4182a7307a89391b78af9dbc3ba1e8d643708abbed5919086aa6e2bc65ae9597"
+ "e40229450c86ac5d3117b006427dd0131f5ae4c1a1d64c81420d2731536c81d8" },
+ { GCRY_MD_BLAKE2B_512, 6, +1,
+ "33c0d9e65b1b18e9556134a08c1e725c19155bbf6ed4349d7d6d678f1827fef3"
+ "74b6e3381471f3d3fff7ffbcb9474ce9038143b99e25cd5f8afbb336313d4648" },
+ { GCRY_MD_BLAKE2B_512, 6, +64,
+ "d2d7f388611af78a2ea40b06f99993cff156afd25cbc47695bdb567d4d35b992"
+ "0ff8c325c359a2bdeddf54ececc671ac7b981031e90a7d63d6e0415ec4484282" },
+
+ { GCRY_MD_WHIRLPOOL, 6, -64,
+ "247707d1f9cf31b90ee68527144b1c20ad5ce96293bdccd1a81c8f40bc9df10c"
+ "e7441ac3b3097162d6fbf4d4b67b8fa09de451e2d920f16aad78c47ab00cb833" },
+ { GCRY_MD_WHIRLPOOL, 6, -1,
+ "af49e4a553bdbec1fdafc41713029e0fb1666894753c0ab3ecb280fc5af6eff8"
+ "253120745a229d7a8b5831711e4fd16ed0741258504d8a47e2b42aa2f1886968" },
+ { GCRY_MD_WHIRLPOOL, 6, +0,
+ "f269ffa424bc2aad2da654f01783fc9b2b431219f2b05784d718da0935e78792"
+ "9207b000ebbfb63dfdcc8adf8e5bd321d9616c1b8357430b9be6cb4640df8609" },
+ { GCRY_MD_WHIRLPOOL, 6, +1,
+ "52b77eb13129151b69b63c09abb655dc9cb046cafd4cbf7d4a82ae04b61ef9e6"
+ "531dde04cae7c5ab400ed8ee8da2e3f490d177289b2b3aa29b12b292954b902c" },
+ { GCRY_MD_WHIRLPOOL, 6, +64,
+ "60a950c92f3f08abbc81c41c86ce0463679ffd5ab420e988e15b210615b454ae"
+ "69607d14a1806fa44aacf8c926fbdcee998af46f56e0c642d3fb4ee54c8fb917" },
+
+ { GCRY_MD_CRC32, 6, -64, "20739052" },
+ { GCRY_MD_CRC32, 6, -1, "971a5a74" },
+ { GCRY_MD_CRC32, 6, +0, "bf48113c" },
+ { GCRY_MD_CRC32, 6, +1, "c7678ad5" },
+ { GCRY_MD_CRC32, 6, +64, "1efa7255" },
+
+ { GCRY_MD_CRC24_RFC2440, 6, -64, "747e81" },
+ { GCRY_MD_CRC24_RFC2440, 6, -1, "deb97d" },
+ { GCRY_MD_CRC24_RFC2440, 6, +0, "7d5bea" },
+ { GCRY_MD_CRC24_RFC2440, 6, +1, "acc351" },
+ { GCRY_MD_CRC24_RFC2440, 6, +64, "9d9032" },
+
{ 0 }
};
@@ -251,12 +415,38 @@ run_longtest (int algo, int gigs)
gcry_md_hd_t hd_post = NULL;
gcry_md_hd_t hd_post2 = NULL;
char pattern[1024];
- int i, g;
+ char *hugepattern = NULL;
+ size_t hugesize;
+ size_t hugegigs;
+ int i, g, gppos, gptot;
const unsigned char *digest;
unsigned int digestlen;
memset (pattern, 'a', sizeof pattern);
+ if (use_hugeblock)
+ {
+ hugegigs = 5;
+ if (sizeof(size_t) >= 8)
+ {
+ hugesize = hugegigs*1024*1024*1024;
+ hugepattern = malloc(hugesize);
+ if (hugepattern != NULL)
+ memset(hugepattern, 'a', hugesize);
+ else
+ show_note ("failed to allocate %d GiB huge pattern block: %s",
+ hugegigs, strerror(errno));
+ }
+ else
+ show_note ("cannot allocate %d GiB huge pattern block on 32-bit system",
+ hugegigs);
+ }
+ if (hugepattern == NULL)
+ {
+ hugegigs = 0;
+ hugesize = 0;
+ }
+
err = gcry_md_open (&hd, algo, 0);
if (err)
{
@@ -267,9 +457,17 @@ run_longtest (int algo, int gigs)
digestlen = gcry_md_get_algo_dlen (algo);
-
- for (g=0; g < gigs; g++)
+ gppos = 0;
+ gptot = 0;
+ for (g=0; g < gigs; )
{
+ if (gppos >= 16)
+ {
+ gptot += 16;
+ gppos -= 16;
+ show_note ("%d GiB so far hashed with %s", gptot,
+ gcry_md_algo_name (algo));
+ }
if (g == gigs - 1)
{
for (i = 0; i < 1024*1023; i++)
@@ -283,16 +481,24 @@ run_longtest (int algo, int gigs)
die ("gcry_md_copy failed for %s (%d): %s",
gcry_md_algo_name (algo), algo, gpg_strerror (err));
gcry_md_write (hd, pattern, sizeof pattern);
+ g++;
+ gppos++;
+ }
+ else if (hugepattern != NULL && gigs - g > hugegigs)
+ {
+ gcry_md_write (hd, hugepattern, hugesize);
+ g += hugegigs;
+ gppos += hugegigs;
}
else
{
for (i = 0; i < 1024*1024; i++)
gcry_md_write (hd, pattern, sizeof pattern);
+ g++;
+ gppos++;
}
- if (g && !(g % 16))
- show_note ("%d GiB so far hashed with %s", g, gcry_md_algo_name (algo));
}
- if (g >= 16)
+ if (g >= 16 && gppos)
show_note ("%d GiB hashed with %s", g, gcry_md_algo_name (algo));
err = gcry_md_copy (&hd_post, hd);
@@ -335,6 +541,8 @@ run_longtest (int algo, int gigs)
gcry_md_close (hd_pre2);
gcry_md_close (hd_post);
gcry_md_close (hd_post2);
+
+ free(hugepattern);
}
@@ -361,9 +569,12 @@ main (int argc, char **argv)
{
fputs ("usage: " PGM " [options] [algos]\n"
"Options:\n"
- " --verbose print timings etc.\n"
- " --debug flyswatter\n"
- " --gigs N Run a test on N GiB\n",
+ " --verbose print timings etc.\n"
+ " --debug flyswatter\n"
+ " --hugeblock Use 5 GiB pattern block\n"
+ " --gigs N Run a test on N GiB\n"
+ " --disable-hwf <features> Disable hardware acceleration feature(s)\n"
+ " for benchmarking.\n",
stdout);
exit (0);
}
@@ -378,6 +589,11 @@ main (int argc, char **argv)
debug++;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--hugeblock"))
+ {
+ use_hugeblock = 1;
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--gigs"))
{
argc--; argv++;
@@ -387,6 +603,21 @@ main (int argc, char **argv)
argc--; argv++;
}
}
+ else if (!strcmp (*argv, "--disable-hwf"))
+ {
+ argc--;
+ argv++;
+ if (argc)
+ {
+ if (gcry_control (GCRYCTL_DISABLE_HWF, *argv, NULL))
+ fprintf (stderr,
+ PGM
+ ": unknown hardware feature `%s' - option ignored\n",
+ *argv);
+ argc--;
+ argv++;
+ }
+ }
else if (!strncmp (*argv, "--", 2))
die ("unknown option '%s'", *argv);
}
diff --git a/tests/testdrv.c b/tests/testdrv.c
index 0ccde326..bfca4c23 100644
--- a/tests/testdrv.c
+++ b/tests/testdrv.c
@@ -78,7 +78,12 @@ static struct {
{ "t-ed448" },
{ "benchmark" },
{ "bench-slope" },
- { "hashtest-256g", "hashtest", "--gigs 256 SHA1 SHA256 SHA512 SM3",
+ { "hashtest-6g", "hashtest", "--hugeblock --gigs 6 SHA1 SHA256 SHA512 "
+ "SHA3-512 SM3 BLAKE2S_256 "
+ "BLAKE2B_512 CRC32 "
+ "CRC24RFC2440",
+ LONG_RUNNING },
+ { "hashtest-256g", "hashtest", "--gigs 256 SHA1 SHA256 SHA512 SHA3-512 SM3",
LONG_RUNNING },
{ NULL }
};
--
2.34.1
From 567bc62e1c3046594088de7209fee7c545ece1e3 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 30 Sep 2022 14:54:14 +0200
Subject: [PATCH] tests: Avoid memory leak
* tests/hashtest.c (run_longtest): Avoid memory leak on error
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
tests/hashtest.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/hashtest.c b/tests/hashtest.c
index 9389e50c..379f7c40 100644
--- a/tests/hashtest.c
+++ b/tests/hashtest.c
@@ -452,6 +452,7 @@ run_longtest (int algo, int gigs)
{
fail ("gcry_md_open failed for %s (%d): %s",
gcry_md_algo_name (algo), algo, gpg_strerror (err));
+ free(hugepattern);
return;
}
--
2.37.3

BIN
SOURCES/libgcrypt-1.10.0.tar.bz2.sig
View File

Binary file not shown.

2007
SOURCES/wk@g10code.com
View File

File diff suppressed because it is too large Load Diff

737
SPECS/libgcrypt.spec
Unescape View File

@ -0,0 +1,737 @@
# This is taken from gnutls.spec
%define srpmhash() %{lua:
local files = rpm.expand("%_specdir/libgcrypt.spec")
for i, p in ipairs(patches) do
files = files.." "..p
end
for i, p in ipairs(sources) do
files = files.." "..p
end
local sha256sum = assert(io.popen("cat "..files.."| sha256sum"))
local hash = sha256sum:read("*a")
sha256sum:close()
print(string.sub(hash, 0, 16))
}
Name: libgcrypt
Version: 1.10.0
Release: 9%{?dist}
URL: https://www.gnupg.org/
Source0: https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
Source1: https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2.sig
Source2: wk@g10code.com
Patch1: libgcrypt-1.10.0-disable-brainpool.patch
Patch3: libgcrypt-1.10.0-ppc-hwf.patch
Patch4: libgcrypt-1.10.0-allow-small-RSA-verify.patch
Patch5: libgcrypt-1.10.0-allow-short-salt.patch
Patch6: libgcrypt-1.10.0-fips-getrandom.patch
# https://dev.gnupg.org/T6127
# https://lists.gnupg.org/pipermail/gcrypt-devel/2022-September/005379.html
Patch7: libgcrypt-1.10.0-fips-selftest.patch
# https://dev.gnupg.org/T6217
Patch9: libgcrypt-1.10.0-sha3-large.patch
# https://dev.gnupg.org/T5919
Patch10: libgcrypt-1.10.0-fips-keygen.patch
# https://dev.gnupg.org/T6219
# f4a861f3e5ae82f278284061e4829c03edf9c3a7
Patch11: libgcrypt-1.10.0-fips-kdf.patch
# c34c9e70055ee43e5ef257384fa15941f064e5a4
# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/13
Patch12: libgcrypt-1.10.0-fips-indicator.patch
# beb5d6df5c5785db7c32a24a5d2a351cb964bfbc
# 521500624b4b11538d206137205e2a511dad7072
# 9dcf9305962b90febdf2d7cc73b49feadbf6a01f
# a340e980388243ceae6df57d101036f3f2a955be
Patch13: libgcrypt-1.10.0-fips-integrity.patch
# 3c8b6c4a9cad59c5e1db5706f6774a3141b60210
# 052c5ef4cea56772b7015e36f231fa0bcbf91410
Patch14: libgcrypt-1.10.0-fips-integrity2.patch
# 06ea5b5332ffdb44a0a394d766be8989bcb6a95c
Patch15: libgcrypt-1.10.0-fips-x931.patch
# bf1e62e59200b2046680d1d3d1599facc88cfe63
Patch16: libgcrypt-1.10.0-fips-rsa-pss.patch
%global gcrylibdir %{_libdir}
%global gcrysoname libgcrypt.so.20
%global hmackey orboDeJITITejsirpADONivirpUkvarP
# Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction.
# Documentation and some utilities are GPLv2+ licensed. These files
# are in the devel subpackage.
License: LGPLv2+
Summary: A general-purpose cryptography library
BuildRequires: gcc
BuildRequires: gawk, libgpg-error-devel >= 1.11, pkgconfig
# This is needed only when patching the .texi doc.
BuildRequires: texinfo
BuildRequires: autoconf, automake, libtool
BuildRequires: make
%package devel
Summary: Development files for the %{name} package
License: LGPLv2+ and GPLv2+
Requires: libgpg-error-devel
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig
%description
Libgcrypt is a general purpose crypto library based on the code used
in GNU Privacy Guard. This is a development version.
%description devel
Libgcrypt is a general purpose crypto library based on the code used
in GNU Privacy Guard. This package contains files needed to develop
applications using libgcrypt.
%prep
%setup -q
%patch1 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%build
# This package has a configure test which uses ASMs, but does not link the
# resultant .o files. As such the ASM test is always successful, even on
# architectures were the ASM is not valid when compiling with LTO.
#
# -ffat-lto-objects is sufficient to address this issue. It is the default
# for F33, but is expected to only be enabled for packages that need it in
# F34, so we use it here explicitly
%define _lto_cflags -flto=auto -ffat-lto-objects
# should be all algorithms except SM3 and SM4
export DIGESTS='crc gostr3411-94 md4 md5 rmd160 sha1 sha256 sha512 sha3 tiger whirlpool stribog blake2'
export CIPHERS='arcfour blowfish cast5 des aes twofish serpent rfc2268 seed camellia idea salsa20 gost28147 chacha20'
eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
export FIPS_MODULE_NAME="$OS_NAME ${OS_VERSION_ID%%.*} %name"
autoreconf -f
%configure --disable-static \
%ifarch sparc64
--disable-asm \
%endif
--enable-noexecstack \
--enable-hmac-binary-check=%{hmackey} \
--disable-brainpool \
--disable-jent-support \
--enable-digests="$DIGESTS" \
--enable-ciphers="$CIPHERS" \
--with-fips-module-version="$FIPS_MODULE_NAME %{version}-%{srpmhash}"
sed -i -e '/^sys_lib_dlsearch_path_spec/s,/lib /usr/lib,/usr/lib /lib64 /usr/lib64 /lib,g' libtool
%make_build
%check
make check
# try in faked FIPS mode too
LIBGCRYPT_FORCE_FIPS_MODE=1 make check
# Add generation of HMAC checksums of the final stripped binaries
%define libpath $RPM_BUILD_ROOT%{gcrylibdir}/%{gcrysoname}.?.?
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
cd src \
sed -i -e 's|FILE=.*|FILE=\\\$1|' gen-note-integrity.sh \
READELF=readelf AWK=awk ECHO_N="-n" bash gen-note-integrity.sh %{libpath} > %{libpath}.hmac \
objcopy --update-section .note.fdo.integrity=%{libpath}.hmac %{libpath} %{libpath}.new \
mv -f %{libpath}.new %{libpath} \
rm -f %{libpath}.hmac
%{nil}
%install
%make_install
# Change /usr/lib64 back to /usr/lib. This saves us from having to patch the
# script to "know" that -L/usr/lib64 should be suppressed, and also removes
# a file conflict between 32- and 64-bit versions of this package.
# Also replace my_host with none.
sed -i -e 's,^libdir="/usr/lib.*"$,libdir="/usr/lib",g' $RPM_BUILD_ROOT/%{_bindir}/libgcrypt-config
sed -i -e 's,^my_host=".*"$,my_host="none",g' $RPM_BUILD_ROOT/%{_bindir}/libgcrypt-config
rm -f ${RPM_BUILD_ROOT}/%{_infodir}/dir ${RPM_BUILD_ROOT}/%{_libdir}/*.la
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_libdir}
%if "%{gcrylibdir}" != "%{_libdir}"
# Relocate the shared libraries to %{gcrylibdir}.
mkdir -p $RPM_BUILD_ROOT%{gcrylibdir}
for shlib in $RPM_BUILD_ROOT%{_libdir}/*.so* ; do
if test -L "$shlib" ; then
rm "$shlib"
else
mv "$shlib" $RPM_BUILD_ROOT%{gcrylibdir}/
fi
done
# Add soname symlink.
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}/
%endif
# Overwrite development symlinks.
pushd $RPM_BUILD_ROOT/%{gcrylibdir}
for shlib in lib*.so.?? ; do
target=$RPM_BUILD_ROOT/%{_libdir}/`echo "$shlib" | sed -e 's,\.so.*,,g'`.so
%if "%{gcrylibdir}" != "%{_libdir}"
shlib=%{gcrylibdir}/$shlib
%endif
ln -sf $shlib $target
done
popd
# Create /etc/gcrypt (hardwired, not dependent on the configure invocation) so
# that _someone_ owns it.
mkdir -p -m 755 $RPM_BUILD_ROOT/etc/gcrypt
%ldconfig_scriptlets
%files
%dir /etc/gcrypt
%{gcrylibdir}/libgcrypt.so.*.*
%{gcrylibdir}/%{gcrysoname}
%license COPYING.LIB
%doc AUTHORS NEWS THANKS
%files devel
%{_bindir}/%{name}-config
%{_bindir}/dumpsexp
%{_bindir}/hmac256
%{_bindir}/mpicalc
%{_includedir}/*
%{_libdir}/*.so
%{_libdir}/pkgconfig/libgcrypt.pc
%{_datadir}/aclocal/*
%{_mandir}/man1/*
%{_infodir}/gcrypt.info*
%license COPYING
%changelog
* Tue Jan 24 2023 Jakub Jelen <jjelen@redhat.com> - 1.10.0-9
- Avoid usage of invalid arguments sizes for PBKDF2 in FIPS mode
- Do not allow large salt lengths with RSA-PSS padding
- Disable X9.31 key generation in FIPS mode
- Update the FIPS integrity checking code to upstream version
- Update cipher modes FIPS indicators for AES WRAP and GCM
- Disable jitter entropy generator
* Thu Oct 20 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-8
- Fix unneeded PBKDF2 passphrase length limitation in FIPS mode
- Enforce HMAC key lengths in MD API in FIPS mode
* Thu Oct 06 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-7
- Properly enforce KDF limits in FIPS mode (#2130275)
- Fix memory leak in large digest test (#2129150)
- Fix function name FIPS service indicator by disabling PK encryption and decryption (#2130275)
- Skip RSA encryption/decryption selftest in FIPS mode (#2130275)
* Tue Sep 27 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-6
- Fix SHA3 digests with large inputs (#2129150)
- Fix FIPS RSA PCT (#2128455)
- Fix RSA FIPS Keygen that non-deterministically fails (#2130275)
- Get max 32B from getrandom in FIPS mode (#2130275)
* Wed Aug 17 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-5
- Allow signature verification with smaller RSA keys (#2083846)
- Allow short salt for KDF (#2114870)
- Reseed the kernel DRBG by using GRND_RANDOM (#2118695)
- Address FIPS review comments around selftests (#2118695)
- Disable RSA-OAEP in FIPS mode (#2118695)
* Fri May 06 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-4
- Backport ppc hardware flags detection (#2051307)
- Disable PKCS#1.5 encryption in FIPS mode (#2061328)
* Thu Mar 31 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-3
- Use correct FIPS module name (#2067123)
* Thu Feb 17 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-2
- Systematic FIPS module name with other FIPS modules
* Wed Feb 02 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-1
- Final release (#2026636)
* Thu Jan 27 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-0.3
- Fix broken soname in the previous beta
* Thu Jan 27 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-0.2
- Provide compat soname symlink as the new release is backward compatible
* Wed Jan 26 2022 Jakub Jelen <jjelen@redhat.com> - 1.10.0-0.1
- New upstream pre-release (#2026636)
- Upstream all patches
- Implement FIPS 140-3 support
* Tue Oct 12 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.3-5
- Allow HW optimizations in FIPS mode (#1990059)
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.9.3-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jun 15 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.3-3
- Fix for CVE-2021-33560 (#1970098)
* Wed Apr 28 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.3-2
- Restore the CET protection (#1954049)
* Tue Apr 20 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.3-1
- New upstream release (#1951325)
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.9.2-4
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Thu Apr 15 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.2-3
- Fix issues reported by coverity
* Mon Mar 29 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.2-2
- Fix OCB tag creation on s390x (failing gnupg2 tests)
* Wed Feb 17 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.2-1
- New upstream release (#1929630)
* Fri Jan 29 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.1-1
- New upstream release (#1922156, #1922097)
* Wed Jan 20 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.0-1
- New upstream release (#1917878)
* Tue Nov 24 2020 Jakub Jelen <jjelen@redhat.com> - 1.8.7-1
- new upstream release (#1891123)
* Fri Aug 21 2020 Jeff Law <law@redhat.com> - 1.8.6-4
- Re-enable LTO
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 21 2020 Tom Stellard <tstellar@redhat.com> - 1.8.6-2
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Mon Jul 20 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.6-1
- new upstream version 1.8.6
* Wed Jul 1 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-7
- use the hmac256 tool to calculate the library hmac
* Tue Jun 30 2020 Jeff Law <law@redhat.com>
- Disable LTO
* Thu Apr 23 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-6
- Fix regression - missing -ldl linkage
* Wed Apr 22 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-5
- AES performance improvements backported from master branch
* Mon Apr 20 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-4
- FIPS selftest is run directly from the constructor
- FIPS module is implicit with kernel FIPS flag
* Thu Jan 30 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-3
- fix the build on ARMv7
* Thu Jan 23 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-2
- Intel CET support by H. J. Lu
* Tue Sep 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.8.5-1
- new upstream version 1.8.5
- add CMAC selftest for FIPS POST
- add continuous FIPS entropy test
- disable non-approved FIPS hashes in the enforced FIPS mode
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Feb 12 2019 Tomáš Mráz <tmraz@redhat.com> 1.8.4-3
- fix the build tests to pass in the FIPS mode
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Nov 20 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.4-1
- new upstream version 1.8.4
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jul 12 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.3-2
- make only_urandom a default in non-presence of configuration file
- run the full FIPS selftests only when the library is called from
application
* Thu Jun 14 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.3-1
- new upstream version 1.8.3
* Tue Feb 6 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.2-2
- fix behavior when getrandom syscall is not present (#1542453)
* Thu Dec 21 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.2-1
- new upstream version 1.8.2
* Tue Dec 5 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-3
- do not try to access() /dev/urandom either if getrandom() works
* Mon Dec 4 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-2
- do not try to open /dev/urandom if getrandom() works (#1380866)
* Tue Sep 5 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-1
- new upstream version 1.8.1
* Wed Aug 16 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.0-1
- new upstream version 1.8.0
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Jun 29 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.8-1
- new upstream version 1.7.8
* Fri Jun 2 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.7-1
- new upstream version 1.7.7
- GOST is now enabled
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Jan 30 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.6-1
- new upstream version 1.7.6
* Fri Dec 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.7.5-1
- new upstream version 1.7.5
* Wed Nov 23 2016 Tomáš Mráz <tmraz@redhat.com> 1.7.3-1
- new upstream version 1.7.3
* Wed Aug 17 2016 Tomáš Mráz <tmraz@redhat.com> 1.6.6-1
- new upstream version with important security fix (CVE-2016-6316)
* Thu Jul 21 2016 Tomáš Mráz <tmraz@redhat.com> 1.6.5-1
- new upstream version fixing low impact issue CVE-2015-7511
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Sep 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.4-1
- new upstream version
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Apr 3 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-4
- deinitialize the RNG after the selftest is run
* Tue Mar 24 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-3
- touch only urandom in the selftest and when /dev/random is
unavailable for example by SELinux confinement
- fix the RSA selftest key (p q swap) (#1204517)
* Fri Mar 13 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-2
- do not use strict aliasing for bufhelp functions (#1201219)
* Fri Mar 6 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-1
- new upstream version
* Wed Feb 25 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.2-4
- do not initialize secure memory during the selftest (#1195850)
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 1.6.2-3
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Wed Jan 14 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.2-2
- fix buildability of programs using gcrypt.h with -ansi (#1182200)
* Mon Dec 8 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.2-1
- new upstream version
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 17 2014 Tom Callaway <spot@fedoraproject.org> - 1.6.1-6
- fix license handling
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 20 2014 Kyle McMartin <kyle@fedoraproject.org> 1.6.1-4
- Re-enable below algos, apply patch from upstream list to make
that code -fPIC friendly. (rhbz#1069792)
* Mon May 19 2014 Kyle McMartin <kyle@fedoraproject.org> 1.6.1-3
- Disable rijndael, cast5, camellia ARM assembly, as it's non-PIC as
presently written, which results in .text relocations in the shared
library. (rhbz#1069792)
* Thu Apr 24 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.1-2
- drop the temporary compat shared library version
- fix the soname version in -use-fipscheck.patch
* Fri Feb 28 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.1-1
- new upstream version breaking ABI compatibility
- this release temporarily includes old compatibility .so
* Tue Jan 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.5.3-3
- add back the nistp521r1 EC curve
- fix a bug in the Whirlpool hash implementation
- speed up the PBKDF2 computation
* Sun Oct 20 2013 Tom Callaway <spot@fedoraproject.org> - 1.5.3-2
- add cleared ECC support
* Fri Jul 26 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.3-1
- new upstream version fixing cache side-channel attack on RSA private keys
* Thu Jun 20 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-3
- silence false error detected by valgrind (#968288)
* Thu Apr 25 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-2
- silence strict aliasing warning in Rijndael
- apply UsrMove
- spec file cleanups
* Fri Apr 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-1
- new upstream version
* Wed Mar 20 2013 Tomas Mraz <tmraz@redhat.com> 1.5.1-1
- new upstream version
* Tue Mar 5 2013 Tomas Mraz <tmraz@redhat.com> 1.5.0-11
- use poll() instead of select() when gathering randomness (#913773)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jan 3 2013 Tomas Mraz <tmraz@redhat.com> 1.5.0-9
- allow empty passphrase in PBKDF2 needed for cryptsetup (=891266)
* Mon Dec 3 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-8
- fix multilib conflict in libgcrypt-config
- fix minor memory leaks and other bugs found by Coverity scan
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Apr 5 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-5
- Correctly rebuild the info documentation
* Wed Apr 4 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-4
- Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Aug 15 2011 Kalev Lember <kalevlember@gmail.com> 1.5.0-2
- Rebuilt for rpm bug #728707
* Thu Jul 21 2011 Tomas Mraz <tmraz@redhat.com> 1.5.0-1
- new upstream version
* Mon Jun 20 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-4
- Always xor seed from /dev/urandom over /etc/gcrypt/rngseed
* Mon May 30 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-3
- Make the FIPS-186-3 DSA implementation CAVS testable
- add configurable source of RNG seed /etc/gcrypt/rngseed
in the FIPS mode (#700388)
* Fri Feb 11 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-1
- new upstream version with minor changes
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.5-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Feb 4 2011 Tomas Mraz <tmraz@redhat.com> 1.4.5-6
- fix a bug in the fips-186-3 dsa parameter generation code
* Tue Feb 1 2011 Tomas Mraz <tmraz@redhat.com> 1.4.5-5
- use /dev/urandom for seeding in the FIPS mode
- make the tests to pass in the FIPS mode also fixing
the FIPS-186-3 DSA keygen
* Sun Feb 14 2010 Rex Dieter <rdieter@fedoraproject.org> 1.4.5-4
- FTBFS libgcrypt-1.4.5-3.fc13: ImplicitDSOLinking (#564973)
* Wed Feb 3 2010 Tomas Mraz <tmraz@redhat.com> 1.4.5-3
- drop the S390 build workaround as it is no longer needed
- additional spec file cleanups for merge review (#226008)
* Mon Dec 21 2009 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
- workaround for build on S390 (#548825)
- spec file cleanups
- upgrade to new minor upstream release
* Tue Aug 11 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-8
- fix warning when installed with --excludedocs (#515961)
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Jun 18 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-6
- and now really apply the padlock patch
* Wed Jun 17 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-5
- fix VIA padlock RNG inline assembly call (#505724)
* Thu Mar 5 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-4
- with the integrity verification check the library needs to link to libdl
(#488702)
* Tue Mar 3 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-3
- add hmac FIPS integrity verification check
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Fri Jan 30 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-1
- update to 1.4.4
- do not abort when the fips mode kernel flag is inaccessible
due to permissions (#470219)
- hobble the library to drop the ECC support
* Mon Oct 20 2008 Dennis Gilmore <dennis@ausil.us> 1.4.3-2
- disable asm on sparc64
* Thu Sep 18 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.3-1
- update to 1.4.3
- own /etc/gcrypt
* Mon Sep 15 2008 Nalin Dahyabhai <nalin@redhat.com>
- invoke make with %%{?_smp_mflags} to build faster on multi-processor
systems (Steve Grubb)
* Mon Sep 8 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.2-1
- update to 1.4.2
* Tue Apr 29 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.1-1
- update to 1.4.1
- bump libgpgerror-devel requirement to 1.4, matching the requirement enforced
by the configure script
* Thu Apr 3 2008 Joe Orton <jorton@redhat.com> 1.4.0-3
- add patch from upstream to fix severe performance regression
in entropy gathering
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.4.0-2
- Autorebuild for GCC 4.3
* Mon Dec 10 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.4.0-1
- update to 1.4.0
* Tue Oct 16 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-6
- use ldconfig to build the soname symlink for packaging along with the
shared library (#334731)
* Wed Aug 22 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-5
- add missing gawk buildrequirement
- switch from explicitly specifying the /dev/random RNG to just verifying
that the non-LGPL ones were disabled by the configure script
* Thu Aug 16 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-4
- clarify license
- force use of the linux /dev/random RNG, to avoid accidentally falling back
to others which would affect the license of the resulting library
* Mon Jul 30 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-3
- disable static libraries (part of #249815)
* Fri Jul 27 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-2
- move libgcrypt shared library to /%%{_lib} (#249815)
* Tue Feb 6 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-1
- update to 1.2.4
* Mon Jan 22 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.3-2
- make use of install-info more failsafe (Ville Skyttä, #223705)
* Fri Sep 1 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.2.3-1
- update to 1.2.3
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-3.1
- rebuild
* Mon Jun 05 2006 Jesse Keating <jkeating@redhat.com> 1.2.2-3
- Added missing buildreq pkgconfig
* Tue May 16 2006 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-2
- remove file conflicts in libgcrypt-config by making the 64-bit version
think the libraries are in /usr/lib (which is wrong, but which it also
prunes from the suggest --libs output, so no harm done, hopefully)
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-1.2.1
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-1.2
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Wed Oct 5 2005 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-1
- update to 1.2.2
* Wed Mar 16 2005 Nalin Dahyabhai <nalin@redhat.com> 1.2.1-1
- update to 1.2.1
* Fri Jul 30 2004 Florian La Roche <Florian.LaRoche@redhat.de>
- another try to package the symlink
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Sun May 2 2004 Bill Nottingham <notting@redhat.com> - 1.2.0-1
- update to official 1.2.0
* Fri Apr 16 2004 Bill Nottingham <notting@redhat.com> - 1.1.94-1
- update to 1.1.94
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Sat Feb 21 2004 Florian La Roche <Florian.LaRoche@redhat.de>
- add symlinks to shared libs at compile time
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu Mar 20 2003 Jeff Johnson <jbj@redhat.com> 1.1.12-1
- upgrade to 1.1.12 (beta).
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Tue May 21 2002 Jeff Johnson <jbj@redhat.com>
- update to 1.1.7
- change license to LGPL.
- include splint annotations patch.
- install info pages.
* Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 1.1.6-1
- update to 1.1.6
* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 1.1.5-1
- fix the Source tag so that it's a real URL
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
- initial package
Write Preview
Loading…
Cancel
Save