import gnutls-3.7.3-5.el9
This commit is contained in:
parent
420cce95cb
commit
69169ae197
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
|||||||
SOURCES/gnutls-3.7.2.tar.xz
|
SOURCES/gnutls-3.7.3.tar.xz
|
||||||
SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
02e12259680b6ad3ec973e0df6bf2cf0c5ef1100 SOURCES/gnutls-3.7.2.tar.xz
|
552c337be97d2379ae7233ebf55e949010ef7837 SOURCES/gnutls-3.7.3.tar.xz
|
||||||
648ec46f9539fe756fb90131b85ae4759ed2ed21 SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
648ec46f9539fe756fb90131b85ae4759ed2ed21 SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -1,92 +0,0 @@
|
|||||||
From c9e072236c4e1c290f38aee819ecaff8398e2a16 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daiki Ueno <ueno@gnu.org>
|
|
||||||
Date: Fri, 25 Jun 2021 08:39:12 +0200
|
|
||||||
Subject: [PATCH] key_share: treat X25519 and X448 as same PK type when
|
|
||||||
advertising
|
|
||||||
|
|
||||||
Previously, if both X25519 and X448 groups were enabled in the
|
|
||||||
priority string, the client sent both algorithms in a key_share
|
|
||||||
extension, while it was only capable of handling one algorithm from
|
|
||||||
the same (Edwards curve) category. This adds an extra check so the
|
|
||||||
client should send either X25519 or X448.
|
|
||||||
|
|
||||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
||||||
---
|
|
||||||
lib/ext/key_share.c | 24 +++++++++++++++++++++---
|
|
||||||
tests/tls13/key_share.c | 3 +++
|
|
||||||
2 files changed, 24 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
|
|
||||||
index a8c4bb5cf..a4db3af95 100644
|
|
||||||
--- a/lib/ext/key_share.c
|
|
||||||
+++ b/lib/ext/key_share.c
|
|
||||||
@@ -656,6 +656,18 @@ key_share_recv_params(gnutls_session_t session,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static inline bool
|
|
||||||
+pk_type_is_ecdhx(gnutls_pk_algorithm_t pk)
|
|
||||||
+{
|
|
||||||
+ return pk == GNUTLS_PK_ECDH_X25519 || pk == GNUTLS_PK_ECDH_X448;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static inline bool
|
|
||||||
+pk_type_equal(gnutls_pk_algorithm_t a, gnutls_pk_algorithm_t b)
|
|
||||||
+{
|
|
||||||
+ return a == b || (pk_type_is_ecdhx(a) && pk_type_is_ecdhx(b));
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* returns data_size or a negative number on failure
|
|
||||||
*/
|
|
||||||
static int
|
|
||||||
@@ -710,12 +722,18 @@ key_share_send_params(gnutls_session_t session,
|
|
||||||
/* generate key shares for out top-(max_groups) groups
|
|
||||||
* if they are of different PK type. */
|
|
||||||
for (i = 0; i < session->internals.priorities->groups.size; i++) {
|
|
||||||
+ unsigned int j;
|
|
||||||
+
|
|
||||||
group = session->internals.priorities->groups.entry[i];
|
|
||||||
|
|
||||||
- if (generated == 1 && group->pk == selected_groups[0])
|
|
||||||
- continue;
|
|
||||||
- else if (generated == 2 && (group->pk == selected_groups[1] || group->pk == selected_groups[0]))
|
|
||||||
+ for (j = 0; j < generated; j++) {
|
|
||||||
+ if (pk_type_equal(group->pk, selected_groups[j])) {
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ if (j < generated) {
|
|
||||||
continue;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
selected_groups[generated] = group->pk;
|
|
||||||
|
|
||||||
diff --git a/tests/tls13/key_share.c b/tests/tls13/key_share.c
|
|
||||||
index 7f8f6295c..816a7d9b5 100644
|
|
||||||
--- a/tests/tls13/key_share.c
|
|
||||||
+++ b/tests/tls13/key_share.c
|
|
||||||
@@ -124,6 +124,7 @@ unsigned int tls_id_to_group[] = {
|
|
||||||
[23] = GNUTLS_GROUP_SECP256R1,
|
|
||||||
[24] = GNUTLS_GROUP_SECP384R1,
|
|
||||||
[29] = GNUTLS_GROUP_X25519,
|
|
||||||
+ [30] = GNUTLS_GROUP_X448,
|
|
||||||
[0x100] = GNUTLS_GROUP_FFDHE2048,
|
|
||||||
[0x101] = GNUTLS_GROUP_FFDHE3072
|
|
||||||
};
|
|
||||||
@@ -315,11 +316,13 @@ void doit(void)
|
|
||||||
start("two groups: default secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_SECP256R1, 2);
|
|
||||||
start("two groups: secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_SECP256R1, 2);
|
|
||||||
start("two groups: x25519", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_X25519, 2);
|
|
||||||
+ start("two groups: x448", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_X448, 2);
|
|
||||||
start("two groups: ffdhe2048", "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE3072", GNUTLS_KEY_SHARE_TOP2, GNUTLS_GROUP_FFDHE2048, 2);
|
|
||||||
|
|
||||||
start("three groups: default secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_SECP256R1, 3);
|
|
||||||
start("three groups: secp256r1", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_SECP256R1, 3);
|
|
||||||
start("three groups: x25519", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_X25519, 3);
|
|
||||||
+ start("three groups: x448", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448:+GROUP-X25519:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-FFDHE2048", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_X448, 3);
|
|
||||||
start("three groups: ffdhe2048", "NORMAL:-KX-ALL:+DHE-RSA:+ECDHE-RSA:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-X25519:+GROUP-FFDHE3072", GNUTLS_KEY_SHARE_TOP3, GNUTLS_GROUP_FFDHE2048, 3);
|
|
||||||
|
|
||||||
/* test default behavior */
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,72 +0,0 @@
|
|||||||
From de11338de900f5c8840268264bceccbf76cca34f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daiki Ueno <dueno@redhat.com>
|
|
||||||
Date: Thu, 21 Oct 2021 12:19:30 +0200
|
|
||||||
Subject: [PATCH 1/2] autoopts: makeshell: use ferror before fclose
|
|
||||||
|
|
||||||
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
||||||
---
|
|
||||||
src/libopts/makeshell.c | 3 +--
|
|
||||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libopts/makeshell.c b/src/libopts/makeshell.c
|
|
||||||
index b6cb441a..7eb17a1f 100644
|
|
||||||
--- a/src/libopts/makeshell.c
|
|
||||||
+++ b/src/libopts/makeshell.c
|
|
||||||
@@ -164,9 +164,8 @@ optionParseShell(tOptions * opts)
|
|
||||||
#ifdef HAVE_FCHMOD
|
|
||||||
fchmod(STDOUT_FILENO, 0755);
|
|
||||||
#endif
|
|
||||||
- fclose(stdout);
|
|
||||||
|
|
||||||
- if (ferror(stdout))
|
|
||||||
+ if (ferror(stdout) || fclose(stdout))
|
|
||||||
fserr_exit(opts->pzProgName, zwriting, zstdout_name);
|
|
||||||
|
|
||||||
AGFREE(script_text);
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
||||||
|
|
||||||
From 161097d36b608b615482e42e56a465c9fd740c26 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daiki Ueno <dueno@redhat.com>
|
|
||||||
Date: Thu, 21 Oct 2021 12:43:07 +0200
|
|
||||||
Subject: [PATCH 2/2] autoopts: load: fix resource leak in error path
|
|
||||||
|
|
||||||
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
||||||
---
|
|
||||||
src/libopts/load.c | 10 ++++++++--
|
|
||||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libopts/load.c b/src/libopts/load.c
|
|
||||||
index 3f1ce2e6..ad1c4584 100644
|
|
||||||
--- a/src/libopts/load.c
|
|
||||||
+++ b/src/libopts/load.c
|
|
||||||
@@ -219,8 +219,11 @@ add_prog_path(char * buf, int b_sz, char const * fname, char const * prg_path)
|
|
||||||
* IF we cannot find a directory name separator,
|
|
||||||
* THEN we do not have a path name to our executable file.
|
|
||||||
*/
|
|
||||||
- if (pz == NULL)
|
|
||||||
+ if (pz == NULL) {
|
|
||||||
+ if (path != prg_path)
|
|
||||||
+ AGFREE(path);
|
|
||||||
return false;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
fname += skip;
|
|
||||||
fname_len = strlen(fname) + 1; // + NUL byte
|
|
||||||
@@ -230,8 +233,11 @@ add_prog_path(char * buf, int b_sz, char const * fname, char const * prg_path)
|
|
||||||
* Concatenate the file name to the end of the executable path.
|
|
||||||
* The result may be either a file or a directory.
|
|
||||||
*/
|
|
||||||
- if (dir_len + fname_len > (unsigned)b_sz)
|
|
||||||
+ if (dir_len + fname_len > (unsigned)b_sz) {
|
|
||||||
+ if (path != prg_path)
|
|
||||||
+ AGFREE(path);
|
|
||||||
return false;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
memcpy(buf, path, dir_len);
|
|
||||||
memcpy(buf + dir_len, fname, fname_len);
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
32
SOURCES/gnutls-3.7.2-no-explicit-init.patch
Normal file
32
SOURCES/gnutls-3.7.2-no-explicit-init.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
From 36a92d984020df16296784a7ad613c9693469d23 Mon Sep 17 00:00:00 2001
|
||||||
|
From: rpm-build <rpm-build>
|
||||||
|
Date: Tue, 21 Dec 2021 16:28:09 +0100
|
||||||
|
Subject: [PATCH 1/2] Remove GNUTLS_NO_EXPLICIT_INIT compatibility
|
||||||
|
|
||||||
|
Signed-off-by: rpm-build <rpm-build>
|
||||||
|
---
|
||||||
|
lib/global.c | 8 --------
|
||||||
|
1 file changed, 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/global.c b/lib/global.c
|
||||||
|
index 3731418..1384045 100644
|
||||||
|
--- a/lib/global.c
|
||||||
|
+++ b/lib/global.c
|
||||||
|
@@ -500,14 +500,6 @@ static void _CONSTRUCTOR lib_init(void)
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
- e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
|
||||||
|
- if (e != NULL) {
|
||||||
|
- _gnutls_debug_log("GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
|
||||||
|
- ret = atoi(e);
|
||||||
|
- if (ret == 1)
|
||||||
|
- return;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
ret = _gnutls_global_init(1);
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "Error in GnuTLS initialization: %s\n", gnutls_strerror(ret));
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
Binary file not shown.
19
SOURCES/gnutls-3.7.3-disable-config-reload.patch
Normal file
19
SOURCES/gnutls-3.7.3-disable-config-reload.patch
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
diff --color -ru a/lib/priority.c b/lib/priority.c
|
||||||
|
--- a/lib/priority.c 2022-01-14 07:53:21.000000000 +0100
|
||||||
|
+++ b/lib/priority.c 2022-02-15 09:31:36.388485784 +0100
|
||||||
|
@@ -2030,15 +2030,6 @@
|
||||||
|
additional++;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* Always try to refresh the cached data, to allow it to be
|
||||||
|
- * updated without restarting all applications.
|
||||||
|
- */
|
||||||
|
- ret = _gnutls_update_system_priorities();
|
||||||
|
- if (ret < 0) {
|
||||||
|
- _gnutls_debug_log("failed to update system priorities: %s\n",
|
||||||
|
- gnutls_strerror(ret));
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
do {
|
||||||
|
ss_next = strchr(ss, ',');
|
||||||
|
if (ss_next) {
|
471
SOURCES/gnutls-3.7.3-fips-pkcs12.patch
Normal file
471
SOURCES/gnutls-3.7.3-fips-pkcs12.patch
Normal file
@ -0,0 +1,471 @@
|
|||||||
|
From 7d8d8feb502ddb20a0d115fa3f63403c849a7168 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daiki Ueno <ueno@gnu.org>
|
||||||
|
Date: Thu, 10 Feb 2022 16:43:08 +0100
|
||||||
|
Subject: [PATCH 1/2] pkcs12: mark MAC generation and verification as FIPS
|
||||||
|
non-approved
|
||||||
|
|
||||||
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||||
|
---
|
||||||
|
lib/x509/pkcs12.c | 39 +++++++++++++++++++++++++---
|
||||||
|
tests/pkcs12_encode.c | 59 +++++++++++++++++++++++++++++++++++++++++++
|
||||||
|
2 files changed, 94 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
|
||||||
|
index a8f7d8f956..11b9da3ac9 100644
|
||||||
|
--- a/lib/x509/pkcs12.c
|
||||||
|
+++ b/lib/x509/pkcs12.c
|
||||||
|
@@ -286,13 +286,26 @@ gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
|
||||||
|
gnutls_x509_crt_fmt_t format, void *output_data,
|
||||||
|
size_t * output_data_size)
|
||||||
|
{
|
||||||
|
+ int ret;
|
||||||
|
+
|
||||||
|
if (pkcs12 == NULL) {
|
||||||
|
gnutls_assert();
|
||||||
|
return GNUTLS_E_INVALID_REQUEST;
|
||||||
|
}
|
||||||
|
|
||||||
|
- return _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
|
||||||
|
- output_data, output_data_size);
|
||||||
|
+ ret = _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
|
||||||
|
+ output_data, output_data_size);
|
||||||
|
+
|
||||||
|
+ if (ret < 0) {
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
|
||||||
|
+ } else {
|
||||||
|
+ /* PKCS#12 export is always non-approved, because the MAC
|
||||||
|
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
|
||||||
|
+ * without MAC the protection is insufficient.
|
||||||
|
+ */
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
|
||||||
|
+ }
|
||||||
|
+ return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -317,13 +330,25 @@ int
|
||||||
|
gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
|
||||||
|
gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
|
||||||
|
{
|
||||||
|
+ int ret;
|
||||||
|
+
|
||||||
|
if (pkcs12 == NULL) {
|
||||||
|
gnutls_assert();
|
||||||
|
return GNUTLS_E_INVALID_REQUEST;
|
||||||
|
}
|
||||||
|
|
||||||
|
- return _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
|
||||||
|
- out);
|
||||||
|
+ ret = _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
|
||||||
|
+ out);
|
||||||
|
+ if (ret < 0) {
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
|
||||||
|
+ } else {
|
||||||
|
+ /* PKCS#12 export is always non-approved, because the MAC
|
||||||
|
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
|
||||||
|
+ * without MAC the protection is insufficient.
|
||||||
|
+ */
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
|
||||||
|
+ }
|
||||||
|
+ return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int oid2bag(const char *oid)
|
||||||
|
@@ -1025,9 +1050,12 @@ int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, gnutls_mac_algorithm_t m
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
|
||||||
|
_gnutls_free_datum(&tmp);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
@@ -1203,8 +1231,11 @@ pkcs12_try_gost:
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
|
||||||
|
result = 0;
|
||||||
|
cleanup:
|
||||||
|
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
|
||||||
|
_gnutls_free_datum(&tmp);
|
||||||
|
_gnutls_free_datum(&salt);
|
||||||
|
return result;
|
||||||
|
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
|
||||||
|
index 3b0e84ef13..b8f7d17267 100644
|
||||||
|
--- a/tests/pkcs12_encode.c
|
||||||
|
+++ b/tests/pkcs12_encode.c
|
||||||
|
@@ -70,6 +70,29 @@ static void tls_log_func(int level, const char *str)
|
||||||
|
fprintf(stderr, "|<%d>| %s", level, str);
|
||||||
|
}
|
||||||
|
|
||||||
|
+#define FIPS_PUSH_CONTEXT() do { \
|
||||||
|
+ if (gnutls_fips140_mode_enabled()) { \
|
||||||
|
+ ret = gnutls_fips140_push_context(fips_context); \
|
||||||
|
+ if (ret < 0) { \
|
||||||
|
+ fail("gnutls_fips140_push_context failed\n"); \
|
||||||
|
+ } \
|
||||||
|
+ } \
|
||||||
|
+} while (0)
|
||||||
|
+
|
||||||
|
+#define FIPS_POP_CONTEXT(state) do { \
|
||||||
|
+ if (gnutls_fips140_mode_enabled()) { \
|
||||||
|
+ ret = gnutls_fips140_pop_context(); \
|
||||||
|
+ if (ret < 0) { \
|
||||||
|
+ fail("gnutls_fips140_context_pop failed\n"); \
|
||||||
|
+ } \
|
||||||
|
+ fips_state = gnutls_fips140_get_operation_state(fips_context); \
|
||||||
|
+ if (fips_state != GNUTLS_FIPS140_OP_ ## state) { \
|
||||||
|
+ fail("operation state is not " # state " (%d)\n", \
|
||||||
|
+ fips_state); \
|
||||||
|
+ } \
|
||||||
|
+ } \
|
||||||
|
+} while (0)
|
||||||
|
+
|
||||||
|
void doit(void)
|
||||||
|
{
|
||||||
|
gnutls_pkcs12_t pkcs12;
|
||||||
|
@@ -82,6 +105,8 @@ void doit(void)
|
||||||
|
char outbuf[10240];
|
||||||
|
size_t size;
|
||||||
|
unsigned tests, i;
|
||||||
|
+ gnutls_fips140_context_t fips_context;
|
||||||
|
+ gnutls_fips140_operation_state_t fips_state;
|
||||||
|
|
||||||
|
ret = global_init();
|
||||||
|
if (ret < 0) {
|
||||||
|
@@ -93,6 +118,11 @@ void doit(void)
|
||||||
|
if (debug)
|
||||||
|
gnutls_global_set_log_level(4711);
|
||||||
|
|
||||||
|
+ ret = gnutls_fips140_context_init(&fips_context);
|
||||||
|
+ if (ret < 0) {
|
||||||
|
+ fail("Cannot initialize FIPS context\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* Read certs. */
|
||||||
|
ret = gnutls_x509_crt_init(&client);
|
||||||
|
if (ret < 0) {
|
||||||
|
@@ -196,6 +226,8 @@ void doit(void)
|
||||||
|
gnutls_pkcs12_bag_deinit(bag);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
/* MAC the structure, export and print. */
|
||||||
|
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA1, "pass");
|
||||||
|
if (ret < 0) {
|
||||||
|
@@ -203,36 +235,60 @@ void doit(void)
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
ret = gnutls_pkcs12_verify_mac(pkcs12, "pass");
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "verify_mac: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA256, "passwd");
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd");
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA512, "passwd1");
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd1");
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
+ FIPS_PUSH_CONTEXT();
|
||||||
|
+
|
||||||
|
size = sizeof(outbuf);
|
||||||
|
ret =
|
||||||
|
gnutls_pkcs12_export(pkcs12, GNUTLS_X509_FMT_PEM, outbuf,
|
||||||
|
@@ -242,10 +298,13 @@ void doit(void)
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_POP_CONTEXT(NOT_APPROVED);
|
||||||
|
+
|
||||||
|
if (debug)
|
||||||
|
fwrite(outbuf, size, 1, stdout);
|
||||||
|
|
||||||
|
/* Cleanup. */
|
||||||
|
+ gnutls_fips140_context_deinit(fips_context);
|
||||||
|
gnutls_pkcs12_deinit(pkcs12);
|
||||||
|
gnutls_x509_crt_deinit(client);
|
||||||
|
gnutls_x509_crt_deinit(ca);
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
||||||
|
|
||||||
|
From e7f9267342bc2231149a640163c82b63c86f1dfd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daiki Ueno <ueno@gnu.org>
|
||||||
|
Date: Thu, 10 Feb 2022 17:35:13 +0100
|
||||||
|
Subject: [PATCH 2/2] _gnutls_pkcs_raw_{decrypt,encrypt}_data: use public
|
||||||
|
crypto API
|
||||||
|
|
||||||
|
These functions previously used the internal crypto
|
||||||
|
API (_gnutls_cipher_*) which does not have algorithm checks for FIPS.
|
||||||
|
|
||||||
|
This change switches the code to use the public crypto
|
||||||
|
API (gnutls_cipher_*) to trigger proper state transitions under FIPS
|
||||||
|
mode.
|
||||||
|
|
||||||
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||||
|
---
|
||||||
|
lib/x509/pkcs7-crypt.c | 36 +++++++++++-----------------
|
||||||
|
tests/pkcs12_encode.c | 54 +++++++++++++++++++++++++++---------------
|
||||||
|
2 files changed, 49 insertions(+), 41 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
|
||||||
|
index 4cce52ecf0..2dc5bc4df0 100644
|
||||||
|
--- a/lib/x509/pkcs7-crypt.c
|
||||||
|
+++ b/lib/x509/pkcs7-crypt.c
|
||||||
|
@@ -1130,8 +1130,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
|
||||||
|
gnutls_datum_t enc = { NULL, 0 };
|
||||||
|
uint8_t *key = NULL;
|
||||||
|
gnutls_datum_t dkey, d_iv;
|
||||||
|
- cipher_hd_st ch;
|
||||||
|
- int ch_init = 0;
|
||||||
|
+ gnutls_cipher_hd_t ch = NULL;
|
||||||
|
int key_size, ret;
|
||||||
|
unsigned int pass_len = 0;
|
||||||
|
const struct pkcs_cipher_schema_st *p;
|
||||||
|
@@ -1237,8 +1236,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
|
||||||
|
d_iv.data = (uint8_t *) enc_params->iv;
|
||||||
|
d_iv.size = enc_params->iv_size;
|
||||||
|
|
||||||
|
- ret =
|
||||||
|
- _gnutls_cipher_init(&ch, ce, &dkey, &d_iv, 0);
|
||||||
|
+ ret = gnutls_cipher_init(&ch, ce->id, &dkey, &d_iv);
|
||||||
|
|
||||||
|
gnutls_free(key);
|
||||||
|
|
||||||
|
@@ -1247,9 +1245,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- ch_init = 1;
|
||||||
|
-
|
||||||
|
- ret = _gnutls_cipher_decrypt(&ch, enc.data, enc.size);
|
||||||
|
+ ret = gnutls_cipher_decrypt(ch, enc.data, enc.size);
|
||||||
|
if (ret < 0) {
|
||||||
|
gnutls_assert();
|
||||||
|
ret = GNUTLS_E_DECRYPTION_FAILED;
|
||||||
|
@@ -1281,7 +1277,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
|
||||||
|
decrypted_data->size = enc.size;
|
||||||
|
}
|
||||||
|
|
||||||
|
- _gnutls_cipher_deinit(&ch);
|
||||||
|
+ gnutls_cipher_deinit(ch);
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
@@ -1294,8 +1290,9 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
|
||||||
|
gnutls_free(password);
|
||||||
|
gnutls_free(enc.data);
|
||||||
|
gnutls_free(key);
|
||||||
|
- if (ch_init != 0)
|
||||||
|
- _gnutls_cipher_deinit(&ch);
|
||||||
|
+ if (ch) {
|
||||||
|
+ gnutls_cipher_deinit(ch);
|
||||||
|
+ }
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1725,8 +1722,7 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
|
||||||
|
int data_size;
|
||||||
|
uint8_t *data = NULL;
|
||||||
|
gnutls_datum_t d_iv;
|
||||||
|
- cipher_hd_st ch;
|
||||||
|
- int ch_init = 0;
|
||||||
|
+ gnutls_cipher_hd_t ch = NULL;
|
||||||
|
uint8_t pad, pad_size;
|
||||||
|
const cipher_entry_st *ce;
|
||||||
|
|
||||||
|
@@ -1756,18 +1752,13 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
|
||||||
|
|
||||||
|
d_iv.data = (uint8_t *) enc_params->iv;
|
||||||
|
d_iv.size = enc_params->iv_size;
|
||||||
|
- result =
|
||||||
|
- _gnutls_cipher_init(&ch, cipher_to_entry(enc_params->cipher),
|
||||||
|
- key, &d_iv, 1);
|
||||||
|
-
|
||||||
|
+ result = gnutls_cipher_init(&ch, enc_params->cipher, key, &d_iv);
|
||||||
|
if (result < 0) {
|
||||||
|
gnutls_assert();
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- ch_init = 1;
|
||||||
|
-
|
||||||
|
- result = _gnutls_cipher_encrypt(&ch, data, data_size);
|
||||||
|
+ result = gnutls_cipher_encrypt(ch, data, data_size);
|
||||||
|
if (result < 0) {
|
||||||
|
gnutls_assert();
|
||||||
|
goto error;
|
||||||
|
@@ -1776,13 +1767,14 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
|
||||||
|
encrypted->data = data;
|
||||||
|
encrypted->size = data_size;
|
||||||
|
|
||||||
|
- _gnutls_cipher_deinit(&ch);
|
||||||
|
+ gnutls_cipher_deinit(ch);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
error:
|
||||||
|
gnutls_free(data);
|
||||||
|
- if (ch_init != 0)
|
||||||
|
- _gnutls_cipher_deinit(&ch);
|
||||||
|
+ if (ch) {
|
||||||
|
+ gnutls_cipher_deinit(ch);
|
||||||
|
+ }
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
|
||||||
|
index b8f7d17267..78f6f41b48 100644
|
||||||
|
--- a/tests/pkcs12_encode.c
|
||||||
|
+++ b/tests/pkcs12_encode.c
|
||||||
|
@@ -104,9 +104,17 @@ void doit(void)
|
||||||
|
int ret, indx;
|
||||||
|
char outbuf[10240];
|
||||||
|
size_t size;
|
||||||
|
- unsigned tests, i;
|
||||||
|
+ unsigned i;
|
||||||
|
gnutls_fips140_context_t fips_context;
|
||||||
|
gnutls_fips140_operation_state_t fips_state;
|
||||||
|
+ size_t n_tests = 0;
|
||||||
|
+ struct tests {
|
||||||
|
+ const char *name;
|
||||||
|
+ gnutls_x509_crt_t crt;
|
||||||
|
+ const char *friendly_name;
|
||||||
|
+ unsigned bag_encrypt_flags;
|
||||||
|
+ int bag_encrypt_expected;
|
||||||
|
+ } tests[2];
|
||||||
|
|
||||||
|
ret = global_init();
|
||||||
|
if (ret < 0) {
|
||||||
|
@@ -157,21 +165,34 @@ void doit(void)
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* Generate and add PKCS#12 cert bags. */
|
||||||
|
- if (!gnutls_fips140_mode_enabled()) {
|
||||||
|
- tests = 2; /* include RC2 */
|
||||||
|
+ tests[n_tests].name = "3DES";
|
||||||
|
+ tests[n_tests].crt = client;
|
||||||
|
+ tests[n_tests].friendly_name = "client";
|
||||||
|
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS8_USE_PKCS12_3DES;
|
||||||
|
+ tests[n_tests].bag_encrypt_expected = 0;
|
||||||
|
+ n_tests++;
|
||||||
|
+
|
||||||
|
+ tests[n_tests].name = "RC2-40";
|
||||||
|
+ tests[n_tests].crt = ca;
|
||||||
|
+ tests[n_tests].friendly_name = "ca";
|
||||||
|
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS_USE_PKCS12_RC2_40;
|
||||||
|
+ if (gnutls_fips140_mode_enabled()) {
|
||||||
|
+ tests[n_tests].bag_encrypt_expected =
|
||||||
|
+ GNUTLS_E_UNWANTED_ALGORITHM;
|
||||||
|
} else {
|
||||||
|
- tests = 1;
|
||||||
|
+ tests[n_tests].bag_encrypt_expected = 0;
|
||||||
|
}
|
||||||
|
+ n_tests++;
|
||||||
|
|
||||||
|
- for (i = 0; i < tests; i++) {
|
||||||
|
+ /* Generate and add PKCS#12 cert bags. */
|
||||||
|
+ for (i = 0; i < n_tests; i++) {
|
||||||
|
ret = gnutls_pkcs12_bag_init(&bag);
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "bag_init: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
- ret = gnutls_pkcs12_bag_set_crt(bag, i == 0 ? client : ca);
|
||||||
|
+ ret = gnutls_pkcs12_bag_set_crt(bag, tests[i].crt);
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "set_crt: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
@@ -180,16 +201,14 @@ void doit(void)
|
||||||
|
indx = ret;
|
||||||
|
|
||||||
|
ret = gnutls_pkcs12_bag_set_friendly_name(bag, indx,
|
||||||
|
- i ==
|
||||||
|
- 0 ? "client" :
|
||||||
|
- "ca");
|
||||||
|
+ tests[i].friendly_name);
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "set_friendly_name: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
size = sizeof(key_id_buf);
|
||||||
|
- ret = gnutls_x509_crt_get_key_id(i == 0 ? client : ca, 0,
|
||||||
|
+ ret = gnutls_x509_crt_get_key_id(tests[i].crt, 0,
|
||||||
|
key_id_buf, &size);
|
||||||
|
if (ret < 0) {
|
||||||
|
fprintf(stderr, "get_key_id: %s (%d)\n", gnutls_strerror(ret), ret);
|
||||||
|
@@ -206,14 +225,11 @@ void doit(void)
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = gnutls_pkcs12_bag_encrypt(bag, "pass",
|
||||||
|
- i ==
|
||||||
|
- 0 ?
|
||||||
|
- GNUTLS_PKCS8_USE_PKCS12_3DES
|
||||||
|
- :
|
||||||
|
- GNUTLS_PKCS_USE_PKCS12_RC2_40);
|
||||||
|
- if (ret < 0) {
|
||||||
|
- fprintf(stderr, "bag_encrypt: %d: %s", ret,
|
||||||
|
- i == 0 ? "3DES" : "RC2-40");
|
||||||
|
+ tests[i].bag_encrypt_flags);
|
||||||
|
+ if (ret != tests[i].bag_encrypt_expected) {
|
||||||
|
+ fprintf(stderr, "bag_encrypt: returned %d, expected %d: %s", ret,
|
||||||
|
+ tests[i].bag_encrypt_expected,
|
||||||
|
+ tests[i].name);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
182
SOURCES/gnutls-3.7.3-fips-rsa-keygen.patch
Normal file
182
SOURCES/gnutls-3.7.3-fips-rsa-keygen.patch
Normal file
@ -0,0 +1,182 @@
|
|||||||
|
From 9f5a60c1fe576f82bcd5c7998b2ca2b0d60e8e4f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daiki Ueno <ueno@gnu.org>
|
||||||
|
Date: Thu, 27 Jan 2022 18:17:43 +0100
|
||||||
|
Subject: [PATCH 1/2] rsa_generate_fips186_4_keypair: accept a few more modulus
|
||||||
|
sizes
|
||||||
|
|
||||||
|
While _rsa_generate_fips186_4_keypair was modified to accept modulus
|
||||||
|
sizes other than 2048 and 3076, rsa_generate_fips186_4_keypair, which
|
||||||
|
calls that function, was not updated to accept such modulus sizes.
|
||||||
|
|
||||||
|
Spotted by Alexander Sosedkin.
|
||||||
|
|
||||||
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||||
|
---
|
||||||
|
lib/nettle/int/rsa-keygen-fips186.c | 67 ++++++++++++++++-------------
|
||||||
|
1 file changed, 36 insertions(+), 31 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
|
||||||
|
index 5b221a030a..c6f7e675af 100644
|
||||||
|
--- a/lib/nettle/int/rsa-keygen-fips186.c
|
||||||
|
+++ b/lib/nettle/int/rsa-keygen-fips186.c
|
||||||
|
@@ -27,6 +27,7 @@
|
||||||
|
#include "config.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#include <assert.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
@@ -248,6 +249,33 @@ cleanup:
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/* Return the pre-defined seed length for modulus size, or 0 when the
|
||||||
|
+ * modulus size is unsupported.
|
||||||
|
+ */
|
||||||
|
+static inline unsigned
|
||||||
|
+seed_length_for_modulus_size(unsigned modulus_size)
|
||||||
|
+{
|
||||||
|
+ switch (modulus_size) {
|
||||||
|
+ case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
|
||||||
|
+ return 14 * 2;
|
||||||
|
+ case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
|
||||||
|
+ return 16 * 2;
|
||||||
|
+ case 4096: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
+ return 19 * 2;
|
||||||
|
+ case 6144: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
+ return 22 * 2;
|
||||||
|
+ case 7680: /* FIPS 140-2 IG 7.5 */
|
||||||
|
+ return 24 * 2;
|
||||||
|
+ case 8192: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
+ return 25 * 2;
|
||||||
|
+ case 15360: /* FIPS 140-2 IG 7.5 */
|
||||||
|
+ return 32 * 2;
|
||||||
|
+ default:
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
|
||||||
|
*
|
||||||
|
* The hash function used is SHA384.
|
||||||
|
@@ -266,33 +294,15 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
||||||
|
int ret;
|
||||||
|
struct dss_params_validation_seeds cert;
|
||||||
|
unsigned l = n_size / 2;
|
||||||
|
+ unsigned s = seed_length_for_modulus_size(n_size);
|
||||||
|
|
||||||
|
- switch (n_size) {
|
||||||
|
- case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
|
||||||
|
- FIPS_RULE(seed_length != 14 * 2, 0, "seed length other than 28 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
|
||||||
|
- FIPS_RULE(seed_length != 16 * 2, 0, "seed length other than 32 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 4096: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
- FIPS_RULE(seed_length != 19 * 2, 0, "seed length other than 38 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 6144: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
- FIPS_RULE(seed_length != 22 * 2, 0, "seed length other than 44 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 7680: /* FIPS 140-2 IG 7.5 */
|
||||||
|
- FIPS_RULE(seed_length != 24 * 2, 0, "seed length other than 48 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 8192: /* SP 800-56B rev 2 Appendix D */
|
||||||
|
- FIPS_RULE(seed_length != 25 * 2, 0, "seed length other than 50 bytes\n");
|
||||||
|
- break;
|
||||||
|
- case 15360: /* FIPS 140-2 IG 7.5 */
|
||||||
|
- FIPS_RULE(seed_length != 32 * 2, 0, "seed length other than 64 bytes\n");
|
||||||
|
- break;
|
||||||
|
- default:
|
||||||
|
+ if (!s) {
|
||||||
|
FIPS_RULE(false, 0, "unsupported modulus size\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
+ FIPS_RULE(seed_length != s, 0,
|
||||||
|
+ "seed length other than %u bytes\n", s);
|
||||||
|
+
|
||||||
|
if (!mpz_tstbit(pub->e, 0)) {
|
||||||
|
_gnutls_debug_log("Unacceptable e (it is even)\n");
|
||||||
|
return 0;
|
||||||
|
@@ -405,10 +415,6 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
-/* Not entirely accurate but a good precision
|
||||||
|
- */
|
||||||
|
-#define SEED_LENGTH(bits) (_gnutls_pk_bits_to_subgroup_bits(bits)/8)
|
||||||
|
-
|
||||||
|
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
|
||||||
|
*
|
||||||
|
* The hash function used is SHA384.
|
||||||
|
@@ -429,11 +435,10 @@ rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
|
||||||
|
unsigned seed_length;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
- FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "size of prime of other than 2048 or 3072\n");
|
||||||
|
+ seed_length = seed_length_for_modulus_size(n_size);
|
||||||
|
+ FIPS_RULE(!seed_length, 0, "unsupported modulus size\n");
|
||||||
|
|
||||||
|
- seed_length = SEED_LENGTH(n_size);
|
||||||
|
- if (seed_length > sizeof(seed))
|
||||||
|
- return 0;
|
||||||
|
+ assert(seed_length <= sizeof(seed));
|
||||||
|
|
||||||
|
random(random_ctx, seed_length, seed);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
||||||
|
|
||||||
|
From 46ae6160489151034bca19aa6c40ba0df6b53bcc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daiki Ueno <ueno@gnu.org>
|
||||||
|
Date: Tue, 1 Feb 2022 15:19:52 +0100
|
||||||
|
Subject: [PATCH 2/2] certtool --generate-privkey: update warnings on RSA key
|
||||||
|
sizes
|
||||||
|
|
||||||
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||||
|
---
|
||||||
|
src/certtool.c | 18 +++++++++++++++---
|
||||||
|
1 file changed, 15 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/certtool.c b/src/certtool.c
|
||||||
|
index c128500614..71d4aff13e 100644
|
||||||
|
--- a/src/certtool.c
|
||||||
|
+++ b/src/certtool.c
|
||||||
|
@@ -206,8 +206,12 @@ generate_private_key_int(common_info_st * cinfo)
|
||||||
|
"Note that DSA keys with size over 1024 may cause incompatibility problems when used with earlier than TLS 1.2 versions.\n\n");
|
||||||
|
|
||||||
|
if ((HAVE_OPT(SEED) || provable) && GNUTLS_PK_IS_RSA(key_type)) {
|
||||||
|
- if (bits != 2048 && bits != 3072) {
|
||||||
|
- fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to 2048 and 3072 bits\n");
|
||||||
|
+ /* Keep in sync with seed_length_for_modulus_size in
|
||||||
|
+ * lib/nettle/int/rsa-keygen-fips186.c. */
|
||||||
|
+ if (bits != 2048 && bits != 3072 && bits != 4096 &&
|
||||||
|
+ bits != 6144 && bits != 7680 && bits != 8192 &&
|
||||||
|
+ bits != 15360) {
|
||||||
|
+ fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to be of known lengths (2048, 3072, etc)\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -225,7 +229,15 @@ generate_private_key_int(common_info_st * cinfo)
|
||||||
|
kdata[kdata_size++].size = cinfo->seed_size;
|
||||||
|
|
||||||
|
if (GNUTLS_PK_IS_RSA(key_type)) {
|
||||||
|
- if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
|
||||||
|
+ /* Keep in sync with seed_length_for_modulus_size in
|
||||||
|
+ * lib/nettle/int/rsa-keygen-fips186.c. */
|
||||||
|
+ if ((bits == 2048 && cinfo->seed_size != 28) ||
|
||||||
|
+ (bits == 3072 && cinfo->seed_size != 32) ||
|
||||||
|
+ (bits == 4096 && cinfo->seed_size != 38) ||
|
||||||
|
+ (bits == 6144 && cinfo->seed_size != 44) ||
|
||||||
|
+ (bits == 7680 && cinfo->seed_size != 48) ||
|
||||||
|
+ (bits == 8192 && cinfo->seed_size != 50) ||
|
||||||
|
+ (bits == 15360 && cinfo->seed_size != 64)) {
|
||||||
|
fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
|
||||||
|
}
|
||||||
|
} else if (key_type == GNUTLS_PK_DSA) {
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
70
SOURCES/gnutls-3.7.3-fix-tests-in-fips.patch
Normal file
70
SOURCES/gnutls-3.7.3-fix-tests-in-fips.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
From 2c33761787f6530cf3984310a5f3b7dd05a7b375 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Zoltan Fridrich <zfridric@redhat.com>
|
||||||
|
Date: Thu, 17 Feb 2022 11:46:29 +0100
|
||||||
|
Subject: [PATCH] Disable some tests in fips mode
|
||||||
|
|
||||||
|
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
||||||
|
---
|
||||||
|
tests/pkcs11/pkcs11-eddsa-privkey-test.c | 5 +++++
|
||||||
|
tests/pkcs11/tls-neg-pkcs11-key.c | 8 +++++++-
|
||||||
|
2 files changed, 12 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/tests/pkcs11/pkcs11-eddsa-privkey-test.c b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
|
||||||
|
index 44515da3f..ebbfe5278 100644
|
||||||
|
--- a/tests/pkcs11/pkcs11-eddsa-privkey-test.c
|
||||||
|
+++ b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
|
||||||
|
@@ -107,6 +107,11 @@ void doit(void)
|
||||||
|
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (gnutls_fips140_mode_enabled()) {
|
||||||
|
+ gnutls_global_deinit();
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
gnutls_pkcs11_set_pin_function(pin_func, NULL);
|
||||||
|
gnutls_global_set_log_function(tls_log_func);
|
||||||
|
if (debug)
|
||||||
|
diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c
|
||||||
|
index fc7c3dc4e..5cc1ae6e2 100644
|
||||||
|
--- a/tests/pkcs11/tls-neg-pkcs11-key.c
|
||||||
|
+++ b/tests/pkcs11/tls-neg-pkcs11-key.c
|
||||||
|
@@ -268,6 +268,7 @@ typedef struct test_st {
|
||||||
|
int exp_serv_err;
|
||||||
|
int needs_eddsa;
|
||||||
|
int needs_decryption;
|
||||||
|
+ int nofips;
|
||||||
|
unsigned requires_pkcs11_pss;
|
||||||
|
} test_st;
|
||||||
|
|
||||||
|
@@ -340,6 +341,7 @@ static const test_st tests[] = {
|
||||||
|
.cert = &server_ca3_eddsa_cert,
|
||||||
|
.key = &server_ca3_eddsa_key,
|
||||||
|
.exp_kx = GNUTLS_KX_ECDHE_RSA,
|
||||||
|
+ .nofips = 1
|
||||||
|
},
|
||||||
|
{.name = "tls1.3: ecc key",
|
||||||
|
.pk = GNUTLS_PK_ECDSA,
|
||||||
|
@@ -392,7 +394,8 @@ static const test_st tests[] = {
|
||||||
|
.prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA",
|
||||||
|
.cert = &server_ca3_eddsa_cert,
|
||||||
|
.key = &server_ca3_eddsa_key,
|
||||||
|
- .exp_kx = GNUTLS_KX_ECDHE_RSA
|
||||||
|
+ .exp_kx = GNUTLS_KX_ECDHE_RSA,
|
||||||
|
+ .nofips = 1
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
@@ -448,6 +451,9 @@ void doit(void)
|
||||||
|
have_eddsa = verify_eddsa_presence();
|
||||||
|
|
||||||
|
for (i=0;i<sizeof(tests)/sizeof(tests[0]);i++) {
|
||||||
|
+ if (tests[i].nofips && gnutls_fips140_mode_enabled())
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
if (tests[i].needs_eddsa && !have_eddsa)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
33
SOURCES/gnutls-3.7.3-ktls-stub.patch
Normal file
33
SOURCES/gnutls-3.7.3-ktls-stub.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
From a97a93e23483aafc3508adee8e6399a2302e0fbc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daiki Ueno <ueno@gnu.org>
|
||||||
|
Date: Tue, 15 Feb 2022 17:38:20 +0100
|
||||||
|
Subject: [PATCH] gnutls_transport_is_ktls_enabled: fix return value of stub
|
||||||
|
|
||||||
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||||
|
---
|
||||||
|
lib/system/ktls.c | 7 +++----
|
||||||
|
1 file changed, 3 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/system/ktls.c b/lib/system/ktls.c
|
||||||
|
index 7e3cb875ed..f156f08ab2 100644
|
||||||
|
--- a/lib/system/ktls.c
|
||||||
|
+++ b/lib/system/ktls.c
|
||||||
|
@@ -422,12 +422,11 @@ int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
|
||||||
|
|
||||||
|
#else //ENABLE_KTLS
|
||||||
|
gnutls_transport_ktls_enable_flags_t
|
||||||
|
-gnutls_transport_is_ktls_enabled(gnutls_session_t session){
|
||||||
|
- return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
|
||||||
|
+gnutls_transport_is_ktls_enabled(gnutls_session_t session) {
|
||||||
|
+ return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
-void _gnutls_ktls_enable(gnutls_session_t session){
|
||||||
|
- return;
|
||||||
|
+void _gnutls_ktls_enable(gnutls_session_t session) {
|
||||||
|
}
|
||||||
|
|
||||||
|
int _gnutls_ktls_set_keys(gnutls_session_t session) {
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
BIN
SOURCES/gnutls-3.7.3.tar.xz.sig
Normal file
BIN
SOURCES/gnutls-3.7.3.tar.xz.sig
Normal file
Binary file not shown.
@ -1,12 +1,28 @@
|
|||||||
# This spec file has been automatically updated
|
%define srpmhash() %{lua:
|
||||||
Version: 3.7.2
|
local files = rpm.expand("%_specdir/gnutls.spec")
|
||||||
Release: 8%{?dist}
|
for i, p in ipairs(patches) do
|
||||||
|
files = files.." "..p
|
||||||
|
end
|
||||||
|
for i, p in ipairs(sources) do
|
||||||
|
files = files.." "..p
|
||||||
|
end
|
||||||
|
local sha256sum = assert(io.popen("cat "..files.."| sha256sum"))
|
||||||
|
local hash = sha256sum:read("*a")
|
||||||
|
sha256sum:close()
|
||||||
|
print(string.sub(hash, 0, 16))
|
||||||
|
}
|
||||||
|
|
||||||
|
Version: 3.7.3
|
||||||
|
Release: 5%{?dist}
|
||||||
Patch1: gnutls-3.6.7-no-now-guile.patch
|
Patch1: gnutls-3.6.7-no-now-guile.patch
|
||||||
Patch2: gnutls-3.2.7-rpath.patch
|
Patch2: gnutls-3.2.7-rpath.patch
|
||||||
Patch3: gnutls-3.7.2-config-allowlisting.patch
|
Patch3: gnutls-3.7.2-enable-intel-cet.patch
|
||||||
Patch4: gnutls-3.7.2-key-share-ecdhx.patch
|
Patch4: gnutls-3.7.2-no-explicit-init.patch
|
||||||
Patch5: gnutls-3.7.2-enable-intel-cet.patch
|
Patch5: gnutls-3.7.3-disable-config-reload.patch
|
||||||
Patch6: gnutls-3.7.2-libopts-covscan.patch
|
Patch6: gnutls-3.7.3-fips-rsa-keygen.patch
|
||||||
|
Patch7: gnutls-3.7.3-ktls-stub.patch
|
||||||
|
Patch8: gnutls-3.7.3-fips-pkcs12.patch
|
||||||
|
Patch9: gnutls-3.7.3-fix-tests-in-fips.patch
|
||||||
%bcond_with bootstrap
|
%bcond_with bootstrap
|
||||||
%bcond_without dane
|
%bcond_without dane
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
@ -17,6 +33,7 @@ Patch6: gnutls-3.7.2-libopts-covscan.patch
|
|||||||
%bcond_without fips
|
%bcond_without fips
|
||||||
%endif
|
%endif
|
||||||
%bcond_with tpm12
|
%bcond_with tpm12
|
||||||
|
%bcond_without tpm2
|
||||||
%bcond_with gost
|
%bcond_with gost
|
||||||
|
|
||||||
Summary: A TLS protocol implementation
|
Summary: A TLS protocol implementation
|
||||||
@ -27,12 +44,14 @@ BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel
|
|||||||
BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 4.3
|
BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 4.3
|
||||||
%if %{with bootstrap}
|
%if %{with bootstrap}
|
||||||
BuildRequires: automake, autoconf, gperf, libtool, texinfo
|
BuildRequires: automake, autoconf, gperf, libtool, texinfo
|
||||||
BuildRequires: autogen-libopts-devel >= 5.18, autogen
|
|
||||||
%endif
|
%endif
|
||||||
BuildRequires: nettle-devel >= 3.5.1
|
BuildRequires: nettle-devel >= 3.5.1
|
||||||
%if %{with tpm12}
|
%if %{with tpm12}
|
||||||
BuildRequires: trousers-devel >= 0.3.11.2
|
BuildRequires: trousers-devel >= 0.3.11.2
|
||||||
%endif
|
%endif
|
||||||
|
%if %{with tpm2}
|
||||||
|
BuildRequires: tpm2-tss-devel >= 3.0.3
|
||||||
|
%endif
|
||||||
BuildRequires: libidn2-devel
|
BuildRequires: libidn2-devel
|
||||||
BuildRequires: libunistring-devel
|
BuildRequires: libunistring-devel
|
||||||
BuildRequires: net-tools, datefudge, softhsm, gcc, gcc-c++
|
BuildRequires: net-tools, datefudge, softhsm, gcc, gcc-c++
|
||||||
@ -167,24 +186,6 @@ rm -f lib/minitasn1/*.c lib/minitasn1/*.h
|
|||||||
|
|
||||||
echo "SYSTEM=NORMAL" >> tests/system.prio
|
echo "SYSTEM=NORMAL" >> tests/system.prio
|
||||||
|
|
||||||
%if !%{with bootstrap}
|
|
||||||
# These are ordered by dependency:
|
|
||||||
touch doc/functions/* doc/enums/*
|
|
||||||
touch doc/enums.texi doc/gnutls-api.texi
|
|
||||||
touch doc/invoke-gnutls-cli.texi
|
|
||||||
touch doc/invoke-gnutls-cli-debug.texi
|
|
||||||
touch doc/invoke-gnutls-serv.texi
|
|
||||||
touch doc/invoke-certtool.texi
|
|
||||||
touch doc/invoke-ocsptool.texi
|
|
||||||
touch doc/invoke-danetool.texi
|
|
||||||
touch doc/invoke-srptool.texi
|
|
||||||
touch doc/invoke-psktool.texi
|
|
||||||
touch doc/invoke-p11tool.texi
|
|
||||||
touch doc/invoke-tpmtool.texi
|
|
||||||
touch doc/stamp_functions doc/stamp_enums
|
|
||||||
touch doc/gnutls.info doc/gnutls.html doc/manpages/stamp_mans
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# Note that we explicitly enable SHA1, as SHA1 deprecation is handled
|
# Note that we explicitly enable SHA1, as SHA1 deprecation is handled
|
||||||
# via the crypto policies
|
# via the crypto policies
|
||||||
|
|
||||||
@ -202,9 +203,16 @@ GUILD=%{_bindir}/guild2.2
|
|||||||
export GUILD
|
export GUILD
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with fips}
|
||||||
|
eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
|
||||||
|
export FIPS_MODULE_NAME="$OS_NAME $OS_VERSION_ID %name"
|
||||||
|
%endif
|
||||||
|
|
||||||
%configure \
|
%configure \
|
||||||
%if %{with fips}
|
%if %{with fips}
|
||||||
--enable-fips140-mode \
|
--enable-fips140-mode \
|
||||||
|
--with-fips140-module-name="$FIPS_MODULE_NAME" \
|
||||||
|
--with-fips140-module-version=%{version}-%{srpmhash} \
|
||||||
%endif
|
%endif
|
||||||
%if %{with gost}
|
%if %{with gost}
|
||||||
--enable-gost \
|
--enable-gost \
|
||||||
@ -221,6 +229,11 @@ export GUILD
|
|||||||
--with-trousers-lib=%{_libdir}/libtspi.so.1 \
|
--with-trousers-lib=%{_libdir}/libtspi.so.1 \
|
||||||
%else
|
%else
|
||||||
--without-tpm \
|
--without-tpm \
|
||||||
|
%endif
|
||||||
|
%if %{with tpm2}
|
||||||
|
--with-tpm2 \
|
||||||
|
%else
|
||||||
|
--without-tpm2 \
|
||||||
%endif
|
%endif
|
||||||
--htmldir=%{_docdir}/manual \
|
--htmldir=%{_docdir}/manual \
|
||||||
%if %{with guile}
|
%if %{with guile}
|
||||||
@ -322,6 +335,36 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Feb 17 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-5
|
||||||
|
- Fix upstream testsuite in fips mode (#2051637)
|
||||||
|
|
||||||
|
* Wed Feb 16 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-4
|
||||||
|
- Specify FIPS140-3 module name and version
|
||||||
|
- fips: allow a few more primes in RSA key generation
|
||||||
|
- fips: tighten PKCS#12 algorithm checks
|
||||||
|
- Correct return value of KTLS stub API
|
||||||
|
|
||||||
|
* Tue Feb 15 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-3
|
||||||
|
- Disable config reload in order to not break allowlisting (#2042532)
|
||||||
|
|
||||||
|
* Wed Feb 2 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-2
|
||||||
|
- Build with TPM2 support, patch from Alexander Sosedkin (#2033220)
|
||||||
|
|
||||||
|
* Tue Jan 18 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
|
||||||
|
- Update to gnutls 3.7.3 (#2033220)
|
||||||
|
|
||||||
|
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-10
|
||||||
|
- Update gnutls_{hash,hmac}_copy man-pages as well (#1999639)
|
||||||
|
|
||||||
|
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
|
||||||
|
- Drop support for GNUTLS_NO_EXPLICIT_INIT envvar in favor of
|
||||||
|
GNUTLS_NO_IMPLICIT_INIT (#1999639)
|
||||||
|
- Expand documentation of gnutls_{hash,hmac}_copy, mentioning that
|
||||||
|
those do not always work (#1999639)
|
||||||
|
|
||||||
|
* Tue Dec 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
|
||||||
|
- Fix race condition when resolving SYSTEM priority in allowlisting mode (#2012249)
|
||||||
|
|
||||||
* Thu Oct 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-8
|
* Thu Oct 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-8
|
||||||
- Fix issues in bundled libopts, spotted by covscan (#1938730)
|
- Fix issues in bundled libopts, spotted by covscan (#1938730)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user