diff --git a/gnutls-3.7.6-fips-pkcs12-des-cbc.patch b/gnutls-3.7.6-fips-pkcs12-des-cbc.patch new file mode 100644 index 0000000..0061ea6 --- /dev/null +++ b/gnutls-3.7.6-fips-pkcs12-des-cbc.patch @@ -0,0 +1,58 @@ +From de09280b2a8314eb98ec9a2b84eebe3eec2f49bd Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Thu, 4 Aug 2022 16:37:51 +0900 +Subject: [PATCH] _gnutls_decrypt_pbes1_des_md5_data: use public crypto API + +This is a follow-up of e7f9267342bc2231149a640163c82b63c86f1dfd. In +the decryption code path with PBES1, algorithm checks for FIPS was not +applied, because it used internal functions that bypass those checks. + +Signed-off-by: Daiki Ueno +--- + lib/x509/privkey_pkcs8_pbes1.c | 10 ++++------ + 1 file changed, 4 insertions(+), 6 deletions(-) + +diff --git a/lib/x509/privkey_pkcs8_pbes1.c b/lib/x509/privkey_pkcs8_pbes1.c +index c296807974..983530e46a 100644 +--- a/lib/x509/privkey_pkcs8_pbes1.c ++++ b/lib/x509/privkey_pkcs8_pbes1.c +@@ -140,7 +140,7 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, + { + int result; + gnutls_datum_t dkey, d_iv; +- cipher_hd_st ch; ++ gnutls_cipher_hd_t ch; + uint8_t key[16]; + const unsigned block_size = 8; + +@@ -158,16 +158,14 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, + dkey.size = 8; + d_iv.data = &key[8]; + d_iv.size = 8; +- result = +- _gnutls_cipher_init(&ch, cipher_to_entry(GNUTLS_CIPHER_DES_CBC), +- &dkey, &d_iv, 0); ++ result = gnutls_cipher_init(&ch, GNUTLS_CIPHER_DES_CBC, &dkey, &d_iv); + if (result < 0) { + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); + return gnutls_assert_val(result); + } + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED); + +- result = _gnutls_cipher_decrypt(&ch, encrypted_data->data, encrypted_data->size); ++ result = gnutls_cipher_decrypt(ch, encrypted_data->data, encrypted_data->size); + if (result < 0) { + gnutls_assert(); + goto error; +@@ -184,7 +182,7 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, + + result = 0; + error: +- _gnutls_cipher_deinit(&ch); ++ gnutls_cipher_deinit(ch); + + return result; + } +-- +2.37.1 + diff --git a/gnutls.spec b/gnutls.spec index cbfc3b4..2f3a6ca 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -13,7 +13,7 @@ print(string.sub(hash, 0, 16)) } Version: 3.7.6 -Release: 4%{?dist} +Release: 5%{?dist} # not upstreamed Patch: gnutls-3.6.7-no-now-guile.patch Patch: gnutls-3.2.7-rpath.patch @@ -26,6 +26,7 @@ Patch: gnutls-3.7.6-ktls-disable-by-default.patch Patch: gnutls-3.7.6-ktls-fixes.patch Patch: gnutls-3.7.6-aes-gcm-pt-limit.patch Patch: gnutls-3.7.6-pkcs7-verify.patch +Patch: gnutls-3.7.6-fips-pkcs12-des-cbc.patch # not upstreamed Patch: gnutls-3.7.3-disable-config-reload.patch @@ -360,6 +361,9 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null %endif %changelog +* Thu Aug 4 2022 Daiki Ueno - 3.7.6-5 +- Block DES-CBC usage in decrypting PKCS#12 bag under FIPS (#2115244) + * Fri Jul 29 2022 Daiki Ueno - 3.7.6-4 - Make gnutls-cli work with KTLS for testing - Fix double-free in gnutls_pkcs7_verify (#2109790)