import gnutls-3.7.3-9.el9

This commit is contained in:
CentOS Sources 2022-05-17 06:25:34 -04:00 committed by Stepan Oksanichenko
commit 935ae73d90
17 changed files with 8098 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
SOURCES/gnutls-3.7.3.tar.xz
SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg

2
.gnutls.metadata Normal file
View File

@ -0,0 +1,2 @@
552c337be97d2379ae7233ebf55e949010ef7837 SOURCES/gnutls-3.7.3.tar.xz
648ec46f9539fe756fb90131b85ae4759ed2ed21 SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg

View File

@ -0,0 +1,12 @@
diff -ur gnutls-3.2.7.orig/configure gnutls-3.2.7/configure
--- gnutls-3.2.7.orig/configure 2013-11-23 11:09:49.000000000 +0100
+++ gnutls-3.2.7/configure 2013-11-25 16:53:05.559440656 +0100
@@ -39652,7 +39652,7 @@
shlibpath_overrides_runpath=unknown
version_type=none
dynamic_linker="$host_os ld.so"
-sys_lib_dlsearch_path_spec="/lib /usr/lib"
+sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64"
need_lib_prefix=unknown
hardcode_into_libs=no

View File

@ -0,0 +1,11 @@
--- a/guile/src/Makefile.in 2019-03-27 11:51:55.984398001 +0100
+++ b/guile/src/Makefile.in 2019-03-27 11:52:27.259626076 +0100
@@ -1472,7 +1472,7 @@
# Use '-module' to build a "dlopenable module", in Libtool terms.
# Use '-undefined' to placate Libtool on Windows; see
# <https://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
-guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined
+guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined -Wl,-z,lazy
# Linking against GnuTLS.
GNUTLS_CORE_LIBS = $(top_builddir)/lib/libgnutls.la

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,32 @@
From 36a92d984020df16296784a7ad613c9693469d23 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 21 Dec 2021 16:28:09 +0100
Subject: [PATCH 1/2] Remove GNUTLS_NO_EXPLICIT_INIT compatibility
Signed-off-by: rpm-build <rpm-build>
---
lib/global.c | 8 --------
1 file changed, 8 deletions(-)
diff --git a/lib/global.c b/lib/global.c
index 3731418..1384045 100644
--- a/lib/global.c
+++ b/lib/global.c
@@ -500,14 +500,6 @@ static void _CONSTRUCTOR lib_init(void)
return;
}
- e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
- if (e != NULL) {
- _gnutls_debug_log("GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
- ret = atoi(e);
- if (ret == 1)
- return;
- }
-
ret = _gnutls_global_init(1);
if (ret < 0) {
fprintf(stderr, "Error in GnuTLS initialization: %s\n", gnutls_strerror(ret));
--
2.31.1

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,26 @@
diff --git a/lib/priority.c b/lib/priority.c
index 9feec47fe2..40511710fd 100644
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -2001,13 +2001,14 @@ char *_gnutls_resolve_priorities(const char* priorities)
additional++;
}
- /* Always try to refresh the cached data, to allow it to be
- * updated without restarting all applications.
- */
- ret = _gnutls_update_system_priorities(false /* defer_system_wide */);
- if (ret < 0) {
- _gnutls_debug_log("failed to update system priorities: %s\n",
- gnutls_strerror(ret));
+ /* If priority string is not constructed yet, construct and finalize */
+ if (!system_wide_config.priority_string) {
+ ret = _gnutls_update_system_priorities(false
+ /* defer_system_wide */);
+ if (ret < 0) {
+ _gnutls_debug_log("failed to update system priorities: "
+ " %s\n", gnutls_strerror(ret));
+ }
}
do {

View File

@ -0,0 +1,471 @@
From 7d8d8feb502ddb20a0d115fa3f63403c849a7168 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 10 Feb 2022 16:43:08 +0100
Subject: [PATCH 1/2] pkcs12: mark MAC generation and verification as FIPS
non-approved
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/x509/pkcs12.c | 39 +++++++++++++++++++++++++---
tests/pkcs12_encode.c | 59 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 94 insertions(+), 4 deletions(-)
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index a8f7d8f956..11b9da3ac9 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -286,13 +286,26 @@ gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
gnutls_x509_crt_fmt_t format, void *output_data,
size_t * output_data_size)
{
+ int ret;
+
if (pkcs12 == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
- output_data, output_data_size);
+ ret = _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
+ output_data, output_data_size);
+
+ if (ret < 0) {
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+ } else {
+ /* PKCS#12 export is always non-approved, because the MAC
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
+ * without MAC the protection is insufficient.
+ */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+ }
+ return ret;
}
/**
@@ -317,13 +330,25 @@ int
gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
{
+ int ret;
+
if (pkcs12 == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
- out);
+ ret = _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
+ out);
+ if (ret < 0) {
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+ } else {
+ /* PKCS#12 export is always non-approved, because the MAC
+ * calculation involves non-approved KDF (PKCS#12 KDF) and
+ * without MAC the protection is insufficient.
+ */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+ }
+ return ret;
}
static int oid2bag(const char *oid)
@@ -1025,9 +1050,12 @@ int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, gnutls_mac_algorithm_t m
goto cleanup;
}
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
return 0;
cleanup:
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
_gnutls_free_datum(&tmp);
return result;
}
@@ -1203,8 +1231,11 @@ pkcs12_try_gost:
goto cleanup;
}
+ /* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
result = 0;
cleanup:
+ _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
_gnutls_free_datum(&tmp);
_gnutls_free_datum(&salt);
return result;
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index 3b0e84ef13..b8f7d17267 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -70,6 +70,29 @@ static void tls_log_func(int level, const char *str)
fprintf(stderr, "|<%d>| %s", level, str);
}
+#define FIPS_PUSH_CONTEXT() do { \
+ if (gnutls_fips140_mode_enabled()) { \
+ ret = gnutls_fips140_push_context(fips_context); \
+ if (ret < 0) { \
+ fail("gnutls_fips140_push_context failed\n"); \
+ } \
+ } \
+} while (0)
+
+#define FIPS_POP_CONTEXT(state) do { \
+ if (gnutls_fips140_mode_enabled()) { \
+ ret = gnutls_fips140_pop_context(); \
+ if (ret < 0) { \
+ fail("gnutls_fips140_context_pop failed\n"); \
+ } \
+ fips_state = gnutls_fips140_get_operation_state(fips_context); \
+ if (fips_state != GNUTLS_FIPS140_OP_ ## state) { \
+ fail("operation state is not " # state " (%d)\n", \
+ fips_state); \
+ } \
+ } \
+} while (0)
+
void doit(void)
{
gnutls_pkcs12_t pkcs12;
@@ -82,6 +105,8 @@ void doit(void)
char outbuf[10240];
size_t size;
unsigned tests, i;
+ gnutls_fips140_context_t fips_context;
+ gnutls_fips140_operation_state_t fips_state;
ret = global_init();
if (ret < 0) {
@@ -93,6 +118,11 @@ void doit(void)
if (debug)
gnutls_global_set_log_level(4711);
+ ret = gnutls_fips140_context_init(&fips_context);
+ if (ret < 0) {
+ fail("Cannot initialize FIPS context\n");
+ }
+
/* Read certs. */
ret = gnutls_x509_crt_init(&client);
if (ret < 0) {
@@ -196,6 +226,8 @@ void doit(void)
gnutls_pkcs12_bag_deinit(bag);
}
+ FIPS_PUSH_CONTEXT();
+
/* MAC the structure, export and print. */
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA1, "pass");
if (ret < 0) {
@@ -203,36 +235,60 @@ void doit(void)
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "pass");
if (ret < 0) {
fprintf(stderr, "verify_mac: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA256, "passwd");
if (ret < 0) {
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd");
if (ret < 0) {
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA512, "passwd1");
if (ret < 0) {
fprintf(stderr, "generate_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
ret = gnutls_pkcs12_verify_mac(pkcs12, "passwd1");
if (ret < 0) {
fprintf(stderr, "verify_mac2: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
+ FIPS_PUSH_CONTEXT();
+
size = sizeof(outbuf);
ret =
gnutls_pkcs12_export(pkcs12, GNUTLS_X509_FMT_PEM, outbuf,
@@ -242,10 +298,13 @@ void doit(void)
exit(1);
}
+ FIPS_POP_CONTEXT(NOT_APPROVED);
+
if (debug)
fwrite(outbuf, size, 1, stdout);
/* Cleanup. */
+ gnutls_fips140_context_deinit(fips_context);
gnutls_pkcs12_deinit(pkcs12);
gnutls_x509_crt_deinit(client);
gnutls_x509_crt_deinit(ca);
--
2.34.1
From e7f9267342bc2231149a640163c82b63c86f1dfd Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 10 Feb 2022 17:35:13 +0100
Subject: [PATCH 2/2] _gnutls_pkcs_raw_{decrypt,encrypt}_data: use public
crypto API
These functions previously used the internal crypto
API (_gnutls_cipher_*) which does not have algorithm checks for FIPS.
This change switches the code to use the public crypto
API (gnutls_cipher_*) to trigger proper state transitions under FIPS
mode.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/x509/pkcs7-crypt.c | 36 +++++++++++-----------------
tests/pkcs12_encode.c | 54 +++++++++++++++++++++++++++---------------
2 files changed, 49 insertions(+), 41 deletions(-)
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index 4cce52ecf0..2dc5bc4df0 100644
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1130,8 +1130,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
gnutls_datum_t enc = { NULL, 0 };
uint8_t *key = NULL;
gnutls_datum_t dkey, d_iv;
- cipher_hd_st ch;
- int ch_init = 0;
+ gnutls_cipher_hd_t ch = NULL;
int key_size, ret;
unsigned int pass_len = 0;
const struct pkcs_cipher_schema_st *p;
@@ -1237,8 +1236,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
d_iv.data = (uint8_t *) enc_params->iv;
d_iv.size = enc_params->iv_size;
- ret =
- _gnutls_cipher_init(&ch, ce, &dkey, &d_iv, 0);
+ ret = gnutls_cipher_init(&ch, ce->id, &dkey, &d_iv);
gnutls_free(key);
@@ -1247,9 +1245,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
goto error;
}
- ch_init = 1;
-
- ret = _gnutls_cipher_decrypt(&ch, enc.data, enc.size);
+ ret = gnutls_cipher_decrypt(ch, enc.data, enc.size);
if (ret < 0) {
gnutls_assert();
ret = GNUTLS_E_DECRYPTION_FAILED;
@@ -1281,7 +1277,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
decrypted_data->size = enc.size;
}
- _gnutls_cipher_deinit(&ch);
+ gnutls_cipher_deinit(ch);
ret = 0;
@@ -1294,8 +1290,9 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
gnutls_free(password);
gnutls_free(enc.data);
gnutls_free(key);
- if (ch_init != 0)
- _gnutls_cipher_deinit(&ch);
+ if (ch) {
+ gnutls_cipher_deinit(ch);
+ }
return ret;
}
@@ -1725,8 +1722,7 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
int data_size;
uint8_t *data = NULL;
gnutls_datum_t d_iv;
- cipher_hd_st ch;
- int ch_init = 0;
+ gnutls_cipher_hd_t ch = NULL;
uint8_t pad, pad_size;
const cipher_entry_st *ce;
@@ -1756,18 +1752,13 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
d_iv.data = (uint8_t *) enc_params->iv;
d_iv.size = enc_params->iv_size;
- result =
- _gnutls_cipher_init(&ch, cipher_to_entry(enc_params->cipher),
- key, &d_iv, 1);
-
+ result = gnutls_cipher_init(&ch, enc_params->cipher, key, &d_iv);
if (result < 0) {
gnutls_assert();
goto error;
}
- ch_init = 1;
-
- result = _gnutls_cipher_encrypt(&ch, data, data_size);
+ result = gnutls_cipher_encrypt(ch, data, data_size);
if (result < 0) {
gnutls_assert();
goto error;
@@ -1776,13 +1767,14 @@ _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
encrypted->data = data;
encrypted->size = data_size;
- _gnutls_cipher_deinit(&ch);
+ gnutls_cipher_deinit(ch);
return 0;
error:
gnutls_free(data);
- if (ch_init != 0)
- _gnutls_cipher_deinit(&ch);
+ if (ch) {
+ gnutls_cipher_deinit(ch);
+ }
return result;
}
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index b8f7d17267..78f6f41b48 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -104,9 +104,17 @@ void doit(void)
int ret, indx;
char outbuf[10240];
size_t size;
- unsigned tests, i;
+ unsigned i;
gnutls_fips140_context_t fips_context;
gnutls_fips140_operation_state_t fips_state;
+ size_t n_tests = 0;
+ struct tests {
+ const char *name;
+ gnutls_x509_crt_t crt;
+ const char *friendly_name;
+ unsigned bag_encrypt_flags;
+ int bag_encrypt_expected;
+ } tests[2];
ret = global_init();
if (ret < 0) {
@@ -157,21 +165,34 @@ void doit(void)
exit(1);
}
- /* Generate and add PKCS#12 cert bags. */
- if (!gnutls_fips140_mode_enabled()) {
- tests = 2; /* include RC2 */
+ tests[n_tests].name = "3DES";
+ tests[n_tests].crt = client;
+ tests[n_tests].friendly_name = "client";
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS8_USE_PKCS12_3DES;
+ tests[n_tests].bag_encrypt_expected = 0;
+ n_tests++;
+
+ tests[n_tests].name = "RC2-40";
+ tests[n_tests].crt = ca;
+ tests[n_tests].friendly_name = "ca";
+ tests[n_tests].bag_encrypt_flags = GNUTLS_PKCS_USE_PKCS12_RC2_40;
+ if (gnutls_fips140_mode_enabled()) {
+ tests[n_tests].bag_encrypt_expected =
+ GNUTLS_E_UNWANTED_ALGORITHM;
} else {
- tests = 1;
+ tests[n_tests].bag_encrypt_expected = 0;
}
+ n_tests++;
- for (i = 0; i < tests; i++) {
+ /* Generate and add PKCS#12 cert bags. */
+ for (i = 0; i < n_tests; i++) {
ret = gnutls_pkcs12_bag_init(&bag);
if (ret < 0) {
fprintf(stderr, "bag_init: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
- ret = gnutls_pkcs12_bag_set_crt(bag, i == 0 ? client : ca);
+ ret = gnutls_pkcs12_bag_set_crt(bag, tests[i].crt);
if (ret < 0) {
fprintf(stderr, "set_crt: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
@@ -180,16 +201,14 @@ void doit(void)
indx = ret;
ret = gnutls_pkcs12_bag_set_friendly_name(bag, indx,
- i ==
- 0 ? "client" :
- "ca");
+ tests[i].friendly_name);
if (ret < 0) {
fprintf(stderr, "set_friendly_name: %s (%d)\n", gnutls_strerror(ret), ret);
exit(1);
}
size = sizeof(key_id_buf);
- ret = gnutls_x509_crt_get_key_id(i == 0 ? client : ca, 0,
+ ret = gnutls_x509_crt_get_key_id(tests[i].crt, 0,
key_id_buf, &size);
if (ret < 0) {
fprintf(stderr, "get_key_id: %s (%d)\n", gnutls_strerror(ret), ret);
@@ -206,14 +225,11 @@ void doit(void)
}
ret = gnutls_pkcs12_bag_encrypt(bag, "pass",
- i ==
- 0 ?
- GNUTLS_PKCS8_USE_PKCS12_3DES
- :
- GNUTLS_PKCS_USE_PKCS12_RC2_40);
- if (ret < 0) {
- fprintf(stderr, "bag_encrypt: %d: %s", ret,
- i == 0 ? "3DES" : "RC2-40");
+ tests[i].bag_encrypt_flags);
+ if (ret != tests[i].bag_encrypt_expected) {
+ fprintf(stderr, "bag_encrypt: returned %d, expected %d: %s", ret,
+ tests[i].bag_encrypt_expected,
+ tests[i].name);
exit(1);
}
--
2.34.1

View File

@ -0,0 +1,182 @@
From 9f5a60c1fe576f82bcd5c7998b2ca2b0d60e8e4f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 27 Jan 2022 18:17:43 +0100
Subject: [PATCH 1/2] rsa_generate_fips186_4_keypair: accept a few more modulus
sizes
While _rsa_generate_fips186_4_keypair was modified to accept modulus
sizes other than 2048 and 3076, rsa_generate_fips186_4_keypair, which
calls that function, was not updated to accept such modulus sizes.
Spotted by Alexander Sosedkin.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/nettle/int/rsa-keygen-fips186.c | 67 ++++++++++++++++-------------
1 file changed, 36 insertions(+), 31 deletions(-)
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
index 5b221a030a..c6f7e675af 100644
--- a/lib/nettle/int/rsa-keygen-fips186.c
+++ b/lib/nettle/int/rsa-keygen-fips186.c
@@ -27,6 +27,7 @@
#include "config.h"
#endif
+#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -248,6 +249,33 @@ cleanup:
return ret;
}
+/* Return the pre-defined seed length for modulus size, or 0 when the
+ * modulus size is unsupported.
+ */
+static inline unsigned
+seed_length_for_modulus_size(unsigned modulus_size)
+{
+ switch (modulus_size) {
+ case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+ return 14 * 2;
+ case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+ return 16 * 2;
+ case 4096: /* SP 800-56B rev 2 Appendix D */
+ return 19 * 2;
+ case 6144: /* SP 800-56B rev 2 Appendix D */
+ return 22 * 2;
+ case 7680: /* FIPS 140-2 IG 7.5 */
+ return 24 * 2;
+ case 8192: /* SP 800-56B rev 2 Appendix D */
+ return 25 * 2;
+ case 15360: /* FIPS 140-2 IG 7.5 */
+ return 32 * 2;
+ default:
+ return 0;
+ }
+
+}
+
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
*
* The hash function used is SHA384.
@@ -266,33 +294,15 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
int ret;
struct dss_params_validation_seeds cert;
unsigned l = n_size / 2;
+ unsigned s = seed_length_for_modulus_size(n_size);
- switch (n_size) {
- case 2048: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 14 * 2, 0, "seed length other than 28 bytes\n");
- break;
- case 3072: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 16 * 2, 0, "seed length other than 32 bytes\n");
- break;
- case 4096: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 19 * 2, 0, "seed length other than 38 bytes\n");
- break;
- case 6144: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 22 * 2, 0, "seed length other than 44 bytes\n");
- break;
- case 7680: /* FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 24 * 2, 0, "seed length other than 48 bytes\n");
- break;
- case 8192: /* SP 800-56B rev 2 Appendix D */
- FIPS_RULE(seed_length != 25 * 2, 0, "seed length other than 50 bytes\n");
- break;
- case 15360: /* FIPS 140-2 IG 7.5 */
- FIPS_RULE(seed_length != 32 * 2, 0, "seed length other than 64 bytes\n");
- break;
- default:
+ if (!s) {
FIPS_RULE(false, 0, "unsupported modulus size\n");
}
+ FIPS_RULE(seed_length != s, 0,
+ "seed length other than %u bytes\n", s);
+
if (!mpz_tstbit(pub->e, 0)) {
_gnutls_debug_log("Unacceptable e (it is even)\n");
return 0;
@@ -405,10 +415,6 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
return ret;
}
-/* Not entirely accurate but a good precision
- */
-#define SEED_LENGTH(bits) (_gnutls_pk_bits_to_subgroup_bits(bits)/8)
-
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
*
* The hash function used is SHA384.
@@ -429,11 +435,10 @@ rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
unsigned seed_length;
int ret;
- FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "size of prime of other than 2048 or 3072\n");
+ seed_length = seed_length_for_modulus_size(n_size);
+ FIPS_RULE(!seed_length, 0, "unsupported modulus size\n");
- seed_length = SEED_LENGTH(n_size);
- if (seed_length > sizeof(seed))
- return 0;
+ assert(seed_length <= sizeof(seed));
random(random_ctx, seed_length, seed);
--
2.34.1
From 46ae6160489151034bca19aa6c40ba0df6b53bcc Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 1 Feb 2022 15:19:52 +0100
Subject: [PATCH 2/2] certtool --generate-privkey: update warnings on RSA key
sizes
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
src/certtool.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/certtool.c b/src/certtool.c
index c128500614..71d4aff13e 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -206,8 +206,12 @@ generate_private_key_int(common_info_st * cinfo)
"Note that DSA keys with size over 1024 may cause incompatibility problems when used with earlier than TLS 1.2 versions.\n\n");
if ((HAVE_OPT(SEED) || provable) && GNUTLS_PK_IS_RSA(key_type)) {
- if (bits != 2048 && bits != 3072) {
- fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to 2048 and 3072 bits\n");
+ /* Keep in sync with seed_length_for_modulus_size in
+ * lib/nettle/int/rsa-keygen-fips186.c. */
+ if (bits != 2048 && bits != 3072 && bits != 4096 &&
+ bits != 6144 && bits != 7680 && bits != 8192 &&
+ bits != 15360) {
+ fprintf(stderr, "Note that the FIPS 186-4 key generation restricts keys to be of known lengths (2048, 3072, etc)\n");
}
}
@@ -225,7 +229,15 @@ generate_private_key_int(common_info_st * cinfo)
kdata[kdata_size++].size = cinfo->seed_size;
if (GNUTLS_PK_IS_RSA(key_type)) {
- if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
+ /* Keep in sync with seed_length_for_modulus_size in
+ * lib/nettle/int/rsa-keygen-fips186.c. */
+ if ((bits == 2048 && cinfo->seed_size != 28) ||
+ (bits == 3072 && cinfo->seed_size != 32) ||
+ (bits == 4096 && cinfo->seed_size != 38) ||
+ (bits == 6144 && cinfo->seed_size != 44) ||
+ (bits == 7680 && cinfo->seed_size != 48) ||
+ (bits == 8192 && cinfo->seed_size != 50) ||
+ (bits == 15360 && cinfo->seed_size != 64)) {
fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
}
} else if (key_type == GNUTLS_PK_DSA) {
--
2.34.1

View File

@ -0,0 +1,70 @@
From 2c33761787f6530cf3984310a5f3b7dd05a7b375 Mon Sep 17 00:00:00 2001
From: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu, 17 Feb 2022 11:46:29 +0100
Subject: [PATCH] Disable some tests in fips mode
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
---
tests/pkcs11/pkcs11-eddsa-privkey-test.c | 5 +++++
tests/pkcs11/tls-neg-pkcs11-key.c | 8 +++++++-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/tests/pkcs11/pkcs11-eddsa-privkey-test.c b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
index 44515da3f..ebbfe5278 100644
--- a/tests/pkcs11/pkcs11-eddsa-privkey-test.c
+++ b/tests/pkcs11/pkcs11-eddsa-privkey-test.c
@@ -107,6 +107,11 @@ void doit(void)
fail("%d: %s\n", ret, gnutls_strerror(ret));
}
+ if (gnutls_fips140_mode_enabled()) {
+ gnutls_global_deinit();
+ return;
+ }
+
gnutls_pkcs11_set_pin_function(pin_func, NULL);
gnutls_global_set_log_function(tls_log_func);
if (debug)
diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c
index fc7c3dc4e..5cc1ae6e2 100644
--- a/tests/pkcs11/tls-neg-pkcs11-key.c
+++ b/tests/pkcs11/tls-neg-pkcs11-key.c
@@ -268,6 +268,7 @@ typedef struct test_st {
int exp_serv_err;
int needs_eddsa;
int needs_decryption;
+ int nofips;
unsigned requires_pkcs11_pss;
} test_st;
@@ -340,6 +341,7 @@ static const test_st tests[] = {
.cert = &server_ca3_eddsa_cert,
.key = &server_ca3_eddsa_key,
.exp_kx = GNUTLS_KX_ECDHE_RSA,
+ .nofips = 1
},
{.name = "tls1.3: ecc key",
.pk = GNUTLS_PK_ECDSA,
@@ -392,7 +394,8 @@ static const test_st tests[] = {
.prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA",
.cert = &server_ca3_eddsa_cert,
.key = &server_ca3_eddsa_key,
- .exp_kx = GNUTLS_KX_ECDHE_RSA
+ .exp_kx = GNUTLS_KX_ECDHE_RSA,
+ .nofips = 1
}
};
@@ -448,6 +451,9 @@ void doit(void)
have_eddsa = verify_eddsa_presence();
for (i=0;i<sizeof(tests)/sizeof(tests[0]);i++) {
+ if (tests[i].nofips && gnutls_fips140_mode_enabled())
+ continue;
+
if (tests[i].needs_eddsa && !have_eddsa)
continue;
--
2.35.1

View File

@ -0,0 +1,259 @@
From 85a881cbca6f8e8578af7a026163ac3075ea267c Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Mon, 21 Feb 2022 16:28:49 +0100
Subject: [PATCH] priority: compile out GOST algorithms IDs if they are
disabled
When compiled with --disable-gost, gnutls-cli --priority NORMAL --list
still prints GOST algorithms for ciphers, MACs, and signatures. This
change adds compile time checks to suppress them.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/priority.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/lib/priority.c b/lib/priority.c
index 54d7b1bb45..0c7ac65d7b 100644
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -309,7 +309,9 @@ static const int _kx_priority_secure[] = {
static const int* kx_priority_secure = _kx_priority_secure;
static const int _kx_priority_gost[] = {
+#ifdef ENABLE_GOST
GNUTLS_KX_VKO_GOST_12,
+#endif
0,
};
static const int* kx_priority_gost = _kx_priority_gost;
@@ -507,9 +509,10 @@ static const int _sign_priority_secure192[] = {
static const int* sign_priority_secure192 = _sign_priority_secure192;
static const int _sign_priority_gost[] = {
+#ifdef ENABLE_GOST
GNUTLS_SIGN_GOST_256,
GNUTLS_SIGN_GOST_512,
-
+#endif
0
};
static const int* sign_priority_gost = _sign_priority_gost;
@@ -531,13 +534,17 @@ static const int *cipher_priority_normal = _cipher_priority_normal_default;
static const int *mac_priority_normal = mac_priority_normal_default;
static const int _cipher_priority_gost[] = {
+#ifdef ENABLE_GOST
GNUTLS_CIPHER_GOST28147_TC26Z_CNT,
+#endif
0
};
static const int *cipher_priority_gost = _cipher_priority_gost;
static const int _mac_priority_gost[] = {
+#ifdef ENABLE_GOST
GNUTLS_MAC_GOST28147_TC26Z_IMIT,
+#endif
0
};
static const int *mac_priority_gost = _mac_priority_gost;
--
2.34.1
From f2bb30f68922d72f8bed29cc8b2a065087a0969f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 22 Feb 2022 17:09:46 +0100
Subject: [PATCH] algorithms: ensure _list() exclude non-existing algorithms
This aligns the behavior of _list() function for sign/pk to the one
for cipher/mac: the former previously returned all the algorithms
defined, while the latter returns only algorithms compiled in.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/algorithms/publickey.c | 8 +++-
lib/algorithms/sign.c | 4 +-
lib/crypto-backend.h | 2 +
lib/nettle/pk.c | 86 ++++++++++++++++++++++++++++++++++++++
lib/pk.h | 2 +
5 files changed, 99 insertions(+), 3 deletions(-)
diff --git a/lib/algorithms/publickey.c b/lib/algorithms/publickey.c
index b4cd6b1df0..caf53972ab 100644
--- a/lib/algorithms/publickey.c
+++ b/lib/algorithms/publickey.c
@@ -24,6 +24,7 @@
#include <algorithms.h>
#include "errors.h"
#include <x509/common.h>
+#include "pk.h"
/* KX mappings to PK algorithms */
@@ -203,8 +204,11 @@ const gnutls_pk_algorithm_t *gnutls_pk_list(void)
int i = 0;
GNUTLS_PK_LOOP(
- if (p->id != GNUTLS_PK_UNKNOWN && supported_pks[i > 0 ? (i - 1) : 0] != p->id)
- supported_pks[i++] = p->id
+ if (p->id != GNUTLS_PK_UNKNOWN &&
+ supported_pks[i > 0 ? (i - 1) : 0] != p->id &&
+ _gnutls_pk_exists(p->id)) {
+ supported_pks[i++] = p->id;
+ }
);
supported_pks[i++] = 0;
}
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
index 06abdb4cf8..4a5aaa75e1 100644
--- a/lib/algorithms/sign.c
+++ b/lib/algorithms/sign.c
@@ -27,6 +27,7 @@
#include <x509/common.h>
#include <assert.h>
#include "c-strcase.h"
+#include "pk.h"
/* signature algorithms;
*/
@@ -631,7 +632,8 @@ const gnutls_sign_algorithm_t *gnutls_sign_list(void)
GNUTLS_SIGN_LOOP(
/* list all algorithms, but not duplicates */
- if (supported_sign[i] != p->id) {
+ if (supported_sign[i] != p->id &&
+ _gnutls_pk_sign_exists(p->id)) {
assert(i+1 < MAX_ALGOS);
supported_sign[i++] = p->id;
supported_sign[i+1] = 0;
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index 9874033221..f0f68c337e 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -418,6 +418,8 @@ typedef struct gnutls_crypto_pk {
unsigned int flags);
int (*curve_exists) (gnutls_ecc_curve_t); /* true/false */
+ int (*pk_exists) (gnutls_pk_algorithm_t); /* true/false */
+ int (*sign_exists) (gnutls_sign_algorithm_t); /* true/false */
} gnutls_crypto_pk_st;
/* priority: infinity for backend algorithms, 90 for kernel
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index a146568266..eba246f0b3 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -1883,6 +1883,90 @@ static int _wrap_nettle_pk_curve_exists(gnutls_ecc_curve_t curve)
}
}
+static int _wrap_nettle_pk_exists(gnutls_pk_algorithm_t pk)
+{
+ switch (pk) {
+ case GNUTLS_PK_RSA:
+ case GNUTLS_PK_DSA:
+ case GNUTLS_PK_DH:
+ case GNUTLS_PK_ECDSA:
+ case GNUTLS_PK_ECDH_X25519:
+ case GNUTLS_PK_RSA_PSS:
+ case GNUTLS_PK_EDDSA_ED25519:
+#if ENABLE_GOST
+ case GNUTLS_PK_GOST_01:
+ case GNUTLS_PK_GOST_12_256:
+ case GNUTLS_PK_GOST_12_512:
+#endif
+ case GNUTLS_PK_ECDH_X448:
+ case GNUTLS_PK_EDDSA_ED448:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
+static int _wrap_nettle_pk_sign_exists(gnutls_sign_algorithm_t sign)
+{
+ switch (sign) {
+ case GNUTLS_SIGN_RSA_SHA1:
+ case GNUTLS_SIGN_DSA_SHA1:
+ case GNUTLS_SIGN_RSA_MD5:
+ case GNUTLS_SIGN_RSA_MD2:
+ case GNUTLS_SIGN_RSA_RMD160:
+ case GNUTLS_SIGN_RSA_SHA256:
+ case GNUTLS_SIGN_RSA_SHA384:
+ case GNUTLS_SIGN_RSA_SHA512:
+ case GNUTLS_SIGN_RSA_SHA224:
+ case GNUTLS_SIGN_DSA_SHA224:
+ case GNUTLS_SIGN_DSA_SHA256:
+ case GNUTLS_SIGN_ECDSA_SHA1:
+ case GNUTLS_SIGN_ECDSA_SHA224:
+ case GNUTLS_SIGN_ECDSA_SHA256:
+ case GNUTLS_SIGN_ECDSA_SHA384:
+ case GNUTLS_SIGN_ECDSA_SHA512:
+ case GNUTLS_SIGN_DSA_SHA384:
+ case GNUTLS_SIGN_DSA_SHA512:
+ case GNUTLS_SIGN_ECDSA_SHA3_224:
+ case GNUTLS_SIGN_ECDSA_SHA3_256:
+ case GNUTLS_SIGN_ECDSA_SHA3_384:
+ case GNUTLS_SIGN_ECDSA_SHA3_512:
+
+ case GNUTLS_SIGN_DSA_SHA3_224:
+ case GNUTLS_SIGN_DSA_SHA3_256:
+ case GNUTLS_SIGN_DSA_SHA3_384:
+ case GNUTLS_SIGN_DSA_SHA3_512:
+ case GNUTLS_SIGN_RSA_SHA3_224:
+ case GNUTLS_SIGN_RSA_SHA3_256:
+ case GNUTLS_SIGN_RSA_SHA3_384:
+ case GNUTLS_SIGN_RSA_SHA3_512:
+
+ case GNUTLS_SIGN_RSA_PSS_SHA256:
+ case GNUTLS_SIGN_RSA_PSS_SHA384:
+ case GNUTLS_SIGN_RSA_PSS_SHA512:
+ case GNUTLS_SIGN_EDDSA_ED25519:
+ case GNUTLS_SIGN_RSA_RAW:
+
+ case GNUTLS_SIGN_ECDSA_SECP256R1_SHA256:
+ case GNUTLS_SIGN_ECDSA_SECP384R1_SHA384:
+ case GNUTLS_SIGN_ECDSA_SECP521R1_SHA512:
+
+ case GNUTLS_SIGN_RSA_PSS_RSAE_SHA256:
+ case GNUTLS_SIGN_RSA_PSS_RSAE_SHA384:
+ case GNUTLS_SIGN_RSA_PSS_RSAE_SHA512:
+
+#if ENABLE_GOST
+ case GNUTLS_SIGN_GOST_94:
+ case GNUTLS_SIGN_GOST_256:
+ case GNUTLS_SIGN_GOST_512:
+#endif
+ case GNUTLS_SIGN_EDDSA_ED448:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
/* Generates algorithm's parameters. That is:
* For DSA: p, q, and g are generated.
* For RSA: nothing
@@ -3872,4 +3956,6 @@ gnutls_crypto_pk_st _gnutls_pk_ops = {
.pk_fixup_private_params = wrap_nettle_pk_fixup,
.derive = _wrap_nettle_pk_derive,
.curve_exists = _wrap_nettle_pk_curve_exists,
+ .pk_exists = _wrap_nettle_pk_exists,
+ .sign_exists = _wrap_nettle_pk_sign_exists
};
diff --git a/lib/pk.h b/lib/pk.h
index cc61e08cef..7f3c9995da 100644
--- a/lib/pk.h
+++ b/lib/pk.h
@@ -40,6 +40,8 @@ extern gnutls_crypto_pk_st _gnutls_pk_ops;
#define _gnutls_pk_generate_params( algo, bits, priv) _gnutls_pk_ops.generate_params( algo, bits, priv)
#define _gnutls_pk_hash_algorithm( pk, sig, params, hash) _gnutls_pk_ops.hash_algorithm(pk, sig, params, hash)
#define _gnutls_pk_curve_exists( curve) _gnutls_pk_ops.curve_exists(curve)
+#define _gnutls_pk_exists(algo) _gnutls_pk_ops.pk_exists(algo)
+#define _gnutls_pk_sign_exists(algo) _gnutls_pk_ops.sign_exists(algo)
inline static int
_gnutls_pk_fixup(gnutls_pk_algorithm_t algo, gnutls_direction_t direction,
--
2.34.1

View File

@ -0,0 +1,33 @@
From a97a93e23483aafc3508adee8e6399a2302e0fbc Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 15 Feb 2022 17:38:20 +0100
Subject: [PATCH] gnutls_transport_is_ktls_enabled: fix return value of stub
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/system/ktls.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/lib/system/ktls.c b/lib/system/ktls.c
index 7e3cb875ed..f156f08ab2 100644
--- a/lib/system/ktls.c
+++ b/lib/system/ktls.c
@@ -422,12 +422,11 @@ int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
#else //ENABLE_KTLS
gnutls_transport_ktls_enable_flags_t
-gnutls_transport_is_ktls_enabled(gnutls_session_t session){
- return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+gnutls_transport_is_ktls_enabled(gnutls_session_t session) {
+ return 0;
}
-void _gnutls_ktls_enable(gnutls_session_t session){
- return;
+void _gnutls_ktls_enable(gnutls_session_t session) {
}
int _gnutls_ktls_set_keys(gnutls_session_t session) {
--
2.34.1

View File

@ -0,0 +1,719 @@
From f5e5ab910b8b1d69f962ca033d1295c3e1e1e131 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Wed, 23 Feb 2022 19:48:52 +0100
Subject: [PATCH] tpm2: dynamically load tss2 libraries as needed
libtss2-esys links to OpenSSL or mbed TLS for cryptography, which may
cause packaging issues. This instead dlopen's tss2 libraries as
needed so non-TPM applications continue working without loading
multiple crypto libraries.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
configure.ac | 11 +-
lib/Makefile.am | 6 +-
lib/tpm2.c | 2 +-
lib/tpm2.h | 2 +-
lib/tpm2_esys.c | 273 ++++++++++++++++++++++++++++++++++++--------
tests/Makefile.am | 3 +-
tests/sanity-lib.sh | 40 +++++++
tests/tpm2.sh | 14 ++-
8 files changed, 296 insertions(+), 55 deletions(-)
create mode 100644 tests/sanity-lib.sh
diff --git a/configure.ac b/configure.ac
index 53c3aefca1..721ff208f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -882,6 +882,8 @@ AM_CONDITIONAL(P11KIT_0_23_11_API, $PKG_CONFIG --atleast-version=0.23.11 p11-kit
AM_CONDITIONAL(ENABLE_PKCS11, test "$with_p11_kit" != "no")
+need_ltlibdl=no
+
AC_ARG_WITH(tpm2,
AS_HELP_STRING([--without-tpm2],
[Disable TPM2 support.]),
@@ -892,6 +894,7 @@ if test "$with_tpm2" != "no"; then
if test "$have_tpm2" = "yes"; then
tss2lib="tss2-esys tss2-mu tss2-tctildr"
AC_DEFINE([HAVE_TSS2], 1, [Have TSS2])
+ need_ltlibdl=yes
elif test "$with_tpm2" = "yes"; then
AC_MSG_ERROR([[
***
@@ -920,7 +923,8 @@ if test "$with_tpm" != "no"; then
AC_SUBST([TSS_LIBS], [-ltspi])
AC_SUBST([TSS_CFLAGS], [])
AC_DEFINE([HAVE_TROUSERS], 1, [Enable TPM])
- with_tpm=yes],
+ with_tpm=yes,
+ need_ltlibdl=yes],
[AC_MSG_RESULT(no)
AC_MSG_WARN([[
***
@@ -957,6 +961,9 @@ fi
AC_DEFINE_UNQUOTED([TROUSERS_LIB], ["$ac_trousers_lib"], [the location of the trousers library])
AC_SUBST(TROUSERS_LIB)
+
+AM_CONDITIONAL(NEED_LTLIBDL, test "$need_ltlibdl" = yes)
+
# For minitasn1.
AC_CHECK_SIZEOF(unsigned long int, 4)
AC_CHECK_SIZEOF(unsigned int, 4)
@@ -1312,7 +1319,7 @@ AC_MSG_NOTICE([External hardware support:
Random gen. variant: $rnd_variant
PKCS#11 support: $with_p11_kit
TPM support: $with_tpm
- TPM2 support: $have_tpm2
+ TPM2 support: $with_tpm2
KTLS support: $enable_ktls
])
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 35df35ee8d..e61ee1b6ae 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -44,7 +44,7 @@ AM_CPPFLAGS = \
-I$(srcdir)/x509 \
$(LIBTASN1_CFLAGS) \
$(P11_KIT_CFLAGS) \
- $(TPM2_CFLAGS)
+ $(TSS2_CFLAGS)
if !HAVE_LIBUNISTRING
SUBDIRS += unistring
@@ -156,7 +156,7 @@ libgnutls_la_LIBADD = ../gl/libgnu.la x509/libgnutls_x509.la \
auth/libgnutls_auth.la algorithms/libgnutls_alg.la \
extras/libgnutls_extras.la
thirdparty_libadd = $(LTLIBZ) $(LTLIBINTL) $(LIBSOCKET) $(LTLIBNSL) \
- $(P11_KIT_LIBS) $(LIB_SELECT) $(TSS2_LIBS) $(GNUTLS_LIBS_PRIVATE)
+ $(P11_KIT_LIBS) $(LIB_SELECT) $(GNUTLS_LIBS_PRIVATE)
if HAVE_LIBIDN2
thirdparty_libadd += $(LIBIDN2_LIBS)
@@ -203,7 +203,7 @@ all-local: $(hmac_files)
CLEANFILES = $(hmac_files)
endif
-if ENABLE_TROUSERS
+if NEED_LTLIBDL
thirdparty_libadd += $(LTLIBDL)
endif
diff --git a/lib/tpm2.c b/lib/tpm2.c
index 076cc7f407..750eadc777 100644
--- a/lib/tpm2.c
+++ b/lib/tpm2.c
@@ -297,5 +297,5 @@ int _gnutls_load_tpm2_key(gnutls_privkey_t pkey, const gnutls_datum_t *fdata)
void _gnutls_tpm2_deinit(void)
{
- tpm2_tcti_deinit();
+ tpm2_esys_deinit();
}
diff --git a/lib/tpm2.h b/lib/tpm2.h
index e40dc01df7..7966e2d811 100644
--- a/lib/tpm2.h
+++ b/lib/tpm2.h
@@ -37,7 +37,7 @@ struct tpm2_info_st;
struct tpm2_info_st *tpm2_info_init(struct pin_info_st *pin);
-void tpm2_tcti_deinit(void);
+void tpm2_esys_deinit(void);
void release_tpm2_ctx(struct tpm2_info_st *info);
diff --git a/lib/tpm2_esys.c b/lib/tpm2_esys.c
index 93e54413ba..4000c1b76e 100644
--- a/lib/tpm2_esys.c
+++ b/lib/tpm2_esys.c
@@ -72,6 +72,170 @@
#include <tss2/tss2_esys.h>
#include <tss2/tss2_tctildr.h>
+#include <dlfcn.h>
+
+/* We don't want to link to libtss2-esys, as it brings in other
+ * crypto libraries. Instead, only dlopen it as needed.
+ */
+
+static void *_gnutls_tss2_esys_dlhandle;
+static void *_gnutls_tss2_mu_dlhandle;
+static void *_gnutls_tss2_tctildr_dlhandle;
+
+static TSS2_RC
+(*_gnutls_tss2_Esys_GetCapability)(ESYS_CONTEXT *esysContext,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ TPM2_CAP capability,
+ UINT32 property,
+ UINT32 propertyCount,
+ TPMI_YES_NO *moreData,
+ TPMS_CAPABILITY_DATA **capabilityData);
+static void (*_gnutls_tss2_Esys_Free)(void *__ptr);
+static TSS2_RC (*_gnutls_tss2_Esys_TR_SetAuth)(ESYS_CONTEXT *esysContext,
+ ESYS_TR handle,
+ TPM2B_AUTH const *authValue);
+static TSS2_RC
+(*_gnutls_tss2_Esys_CreatePrimary)(ESYS_CONTEXT *esysContext,
+ ESYS_TR primaryHandle,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ const TPM2B_SENSITIVE_CREATE *inSensitive,
+ const TPM2B_PUBLIC *inPublic,
+ const TPM2B_DATA *outsideInfo,
+ const TPML_PCR_SELECTION *creationPCR,
+ ESYS_TR *objectHandle,
+ TPM2B_PUBLIC **outPublic,
+ TPM2B_CREATION_DATA **creationData,
+ TPM2B_DIGEST **creationHash,
+ TPMT_TK_CREATION **creationTicket);
+static TSS2_RC (*_gnutls_tss2_Esys_Initialize)(ESYS_CONTEXT **esys_context,
+ TSS2_TCTI_CONTEXT *tcti,
+ TSS2_ABI_VERSION *abiVersion);
+static TSS2_RC (*_gnutls_tss2_Esys_Startup)(ESYS_CONTEXT *esysContext,
+ TPM2_SU startupType);
+static TSS2_RC (*_gnutls_tss2_Esys_TR_FromTPMPublic)(ESYS_CONTEXT *esysContext,
+ TPM2_HANDLE tpm_handle,
+ ESYS_TR optionalSession1,
+ ESYS_TR optionalSession2,
+ ESYS_TR optionalSession3,
+ ESYS_TR *object);
+static TSS2_RC (*_gnutls_tss2_Esys_ReadPublic)(ESYS_CONTEXT *esysContext,
+ ESYS_TR objectHandle,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ TPM2B_PUBLIC **outPublic,
+ TPM2B_NAME **name,
+ TPM2B_NAME **qualifiedName);
+static TSS2_RC (*_gnutls_tss2_Esys_Load)(ESYS_CONTEXT *esysContext,
+ ESYS_TR parentHandle,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ const TPM2B_PRIVATE *inPrivate,
+ const TPM2B_PUBLIC *inPublic,
+ ESYS_TR *objectHandle);
+static TSS2_RC (*_gnutls_tss2_Esys_FlushContext)(ESYS_CONTEXT *esysContext,
+ ESYS_TR flushHandle);
+static void (*_gnutls_tss2_Esys_Finalize)(ESYS_CONTEXT **context);
+static TSS2_RC
+(*_gnutls_tss2_Esys_RSA_Decrypt)(ESYS_CONTEXT *esysContext,
+ ESYS_TR keyHandle,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ const TPM2B_PUBLIC_KEY_RSA *cipherText,
+ const TPMT_RSA_DECRYPT *inScheme,
+ const TPM2B_DATA *label,
+ TPM2B_PUBLIC_KEY_RSA **message);
+static TSS2_RC (*_gnutls_tss2_Esys_Sign)(ESYS_CONTEXT *esysContext,
+ ESYS_TR keyHandle,
+ ESYS_TR shandle1,
+ ESYS_TR shandle2,
+ ESYS_TR shandle3,
+ const TPM2B_DIGEST *digest,
+ const TPMT_SIG_SCHEME *inScheme,
+ const TPMT_TK_HASHCHECK *validation,
+ TPMT_SIGNATURE **signature);
+
+static TSS2_RC
+(*_gnutls_tss2_Tss2_MU_TPM2B_PRIVATE_Unmarshal)(uint8_t const buffer[],
+ size_t buffer_size,
+ size_t *offset,
+ TPM2B_PRIVATE *dest);
+static TSS2_RC
+(*_gnutls_tss2_Tss2_MU_TPM2B_PUBLIC_Unmarshal)(uint8_t const buffer[],
+ size_t buffer_size,
+ size_t *offset,
+ TPM2B_PUBLIC *dest);
+
+static TSS2_RC
+(*_gnutls_tss2_Tss2_TctiLdr_Initialize)(const char *nameConf,
+ TSS2_TCTI_CONTEXT **context);
+static void (*_gnutls_tss2_Tss2_TctiLdr_Finalize)(TSS2_TCTI_CONTEXT **context);
+
+#define DLSYM_TSS2(sys, sym) \
+ _gnutls_tss2_##sym = dlsym(_gnutls_tss2_##sys##_dlhandle, #sym); \
+ if (!_gnutls_tss2_##sym) { \
+ return -1; \
+ }
+
+static int
+init_tss2_funcs(void)
+{
+ if (!_gnutls_tss2_esys_dlhandle) {
+ _gnutls_tss2_esys_dlhandle =
+ dlopen("libtss2-esys.so.0", RTLD_NOW | RTLD_GLOBAL);
+ if (!_gnutls_tss2_esys_dlhandle) {
+ _gnutls_debug_log("tpm2: unable to dlopen libtss2-esys\n");
+ return -1;
+ }
+ }
+
+ DLSYM_TSS2(esys, Esys_GetCapability)
+ DLSYM_TSS2(esys, Esys_Free)
+ DLSYM_TSS2(esys, Esys_TR_SetAuth)
+ DLSYM_TSS2(esys, Esys_CreatePrimary)
+ DLSYM_TSS2(esys, Esys_Initialize)
+ DLSYM_TSS2(esys, Esys_Startup)
+ DLSYM_TSS2(esys, Esys_TR_FromTPMPublic)
+ DLSYM_TSS2(esys, Esys_ReadPublic)
+ DLSYM_TSS2(esys, Esys_Load)
+ DLSYM_TSS2(esys, Esys_FlushContext)
+ DLSYM_TSS2(esys, Esys_Finalize)
+ DLSYM_TSS2(esys, Esys_RSA_Decrypt)
+ DLSYM_TSS2(esys, Esys_Sign)
+
+ if (!_gnutls_tss2_mu_dlhandle) {
+ _gnutls_tss2_mu_dlhandle =
+ dlopen("libtss2-mu.so.0", RTLD_NOW | RTLD_GLOBAL);
+ if (!_gnutls_tss2_mu_dlhandle) {
+ _gnutls_debug_log("tpm2: unable to dlopen libtss2-mu\n");
+ return -1;
+ }
+ }
+
+ DLSYM_TSS2(mu, Tss2_MU_TPM2B_PRIVATE_Unmarshal)
+ DLSYM_TSS2(mu, Tss2_MU_TPM2B_PUBLIC_Unmarshal)
+
+ if (!_gnutls_tss2_tctildr_dlhandle) {
+ _gnutls_tss2_tctildr_dlhandle =
+ dlopen("libtss2-tctildr.so.0", RTLD_NOW | RTLD_GLOBAL);
+ if (!_gnutls_tss2_tctildr_dlhandle) {
+ _gnutls_debug_log("tpm2: unable to dlopen libtss2-tctildr\n");
+ return -1;
+ }
+ }
+
+ DLSYM_TSS2(tctildr, Tss2_TctiLdr_Initialize)
+ DLSYM_TSS2(tctildr, Tss2_TctiLdr_Finalize)
+
+ return 0;
+}
+
struct tpm2_info_st {
TPM2B_PUBLIC pub;
TPM2B_PRIVATE priv;
@@ -227,10 +391,10 @@ get_primary_template(ESYS_CONTEXT *ctx)
UINT32 i;
TSS2_RC rc;
- rc = Esys_GetCapability (ctx,
- ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
- TPM2_CAP_ALGS, 0, TPM2_MAX_CAP_ALGS,
- NULL, &capability_data);
+ rc = _gnutls_tss2_Esys_GetCapability(ctx,
+ ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
+ TPM2_CAP_ALGS, 0, TPM2_MAX_CAP_ALGS,
+ NULL, &capability_data);
if (rc) {
_gnutls_debug_log("tpm2: Esys_GetCapability failed: 0x%x\n", rc);
return NULL;
@@ -239,7 +403,7 @@ get_primary_template(ESYS_CONTEXT *ctx)
for (i = 0; i < capability_data->data.algorithms.count; i++) {
if (capability_data->data.algorithms.algProperties[i].alg ==
TPM2_ALG_ECC) {
- Esys_Free(capability_data);
+ _gnutls_tss2_Esys_Free(capability_data);
return &primary_template_ecc;
}
}
@@ -247,12 +411,12 @@ get_primary_template(ESYS_CONTEXT *ctx)
for (i = 0; i < capability_data->data.algorithms.count; i++) {
if (capability_data->data.algorithms.algProperties[i].alg ==
TPM2_ALG_RSA) {
- Esys_Free(capability_data);
+ _gnutls_tss2_Esys_Free(capability_data);
return &primary_template_rsa;
}
}
- Esys_Free(capability_data);
+ _gnutls_tss2_Esys_Free(capability_data);
_gnutls_debug_log("tpm2: unable to find primary template\n");
return NULL;
}
@@ -320,7 +484,7 @@ static int init_tpm2_primary(struct tpm2_info_st *info,
install_tpm_passphrase(&info->ownerauth, pass);
info->need_ownerauth = false;
}
- rc = Esys_TR_SetAuth(ctx, hierarchy, &info->ownerauth);
+ rc = _gnutls_tss2_Esys_TR_SetAuth(ctx, hierarchy, &info->ownerauth);
if (rc) {
_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n", rc);
return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
@@ -329,7 +493,7 @@ static int init_tpm2_primary(struct tpm2_info_st *info,
if (!primary_template) {
return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
}
- rc = Esys_CreatePrimary(ctx, hierarchy,
+ rc = _gnutls_tss2_Esys_CreatePrimary(ctx, hierarchy,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
&primary_sensitive,
primary_template,
@@ -359,14 +523,14 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
_gnutls_debug_log("tpm2: establishing connection with TPM\n");
- rc = Esys_Initialize(ctx, tcti_ctx, NULL);
+ rc = _gnutls_tss2_Esys_Initialize(ctx, tcti_ctx, NULL);
if (rc) {
gnutls_assert();
_gnutls_debug_log("tpm2: Esys_Initialize failed: 0x%x\n", rc);
goto error;
}
- rc = Esys_Startup(*ctx, TPM2_SU_CLEAR);
+ rc = _gnutls_tss2_Esys_Startup(*ctx, TPM2_SU_CLEAR);
if (rc == TPM2_RC_INITIALIZE) {
_gnutls_debug_log("tpm2: was already started up thus false positive failing in tpm2tss log\n");
} else if (rc) {
@@ -381,7 +545,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
goto error;
}
} else {
- rc = Esys_TR_FromTPMPublic(*ctx, info->parent,
+ rc = _gnutls_tss2_Esys_TR_FromTPMPublic(*ctx, info->parent,
ESYS_TR_NONE,
ESYS_TR_NONE,
ESYS_TR_NONE,
@@ -399,7 +563,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
if (!info->did_ownerauth && !info->ownerauth.size) {
TPM2B_PUBLIC *pub = NULL;
- rc = Esys_ReadPublic(*ctx, parent_handle,
+ rc = _gnutls_tss2_Esys_ReadPublic(*ctx, parent_handle,
ESYS_TR_NONE,
ESYS_TR_NONE,
ESYS_TR_NONE,
@@ -408,7 +572,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
!(pub->publicArea.objectAttributes & TPMA_OBJECT_NODA)) {
info->need_ownerauth = true;
}
- Esys_Free(pub);
+ _gnutls_tss2_Esys_Free(pub);
}
reauth:
if (info->need_ownerauth) {
@@ -420,7 +584,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
install_tpm_passphrase(&info->ownerauth, pass);
info->need_ownerauth = false;
}
- rc = Esys_TR_SetAuth(*ctx, parent_handle, &info->ownerauth);
+ rc = _gnutls_tss2_Esys_TR_SetAuth(*ctx, parent_handle, &info->ownerauth);
if (rc) {
gnutls_assert();
_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n",
@@ -432,7 +596,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
_gnutls_debug_log("tpm2: loading TPM2 key blob, parent handle 0x%x\n",
parent_handle);
- rc = Esys_Load(*ctx, parent_handle,
+ rc = _gnutls_tss2_Esys_Load(*ctx, parent_handle,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
&info->priv, &info->pub,
key_handle);
@@ -450,7 +614,7 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
info->did_ownerauth = true;
if (parent_is_generated(info->parent)) {
- rc = Esys_FlushContext(*ctx, parent_handle);
+ rc = _gnutls_tss2_Esys_FlushContext(*ctx, parent_handle);
if (rc) {
_gnutls_debug_log("tpm2: Esys_FlushContext for generated primary failed: 0x%x\n",
rc);
@@ -461,14 +625,14 @@ static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
return 0;
error:
if (parent_is_generated(info->parent) && parent_handle != ESYS_TR_NONE) {
- Esys_FlushContext(*ctx, parent_handle);
+ _gnutls_tss2_Esys_FlushContext(*ctx, parent_handle);
}
if (*key_handle != ESYS_TR_NONE) {
- Esys_FlushContext(*ctx, *key_handle);
+ _gnutls_tss2_Esys_FlushContext(*ctx, *key_handle);
}
*key_handle = ESYS_TR_NONE;
- Esys_Finalize(ctx);
+ _gnutls_tss2_Esys_Finalize(ctx);
return GNUTLS_E_TPM_ERROR;
}
@@ -488,7 +652,7 @@ auth_tpm2_key(struct tpm2_info_st *info, ESYS_CONTEXT *ctx, ESYS_TR key_handle)
info->need_userauth = false;
}
- rc = Esys_TR_SetAuth(ctx, key_handle, &info->userauth);
+ rc = _gnutls_tss2_Esys_TR_SetAuth(ctx, key_handle, &info->userauth);
if (rc) {
_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n", rc);
return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
@@ -574,7 +738,7 @@ int tpm2_rsa_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
goto out;
}
- rc = Esys_RSA_Decrypt(ectx, key_handle,
+ rc = _gnutls_tss2_Esys_RSA_Decrypt(ectx, key_handle,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
&digest, &in_scheme, &label, &tsig);
if (rc_is_key_auth_failed(rc)) {
@@ -591,14 +755,14 @@ int tpm2_rsa_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
ret = _gnutls_set_datum(sig, tsig->buffer, tsig->size);
out:
- Esys_Free(tsig);
+ _gnutls_tss2_Esys_Free(tsig);
if (key_handle != ESYS_TR_NONE) {
- Esys_FlushContext(ectx, key_handle);
+ _gnutls_tss2_Esys_FlushContext(ectx, key_handle);
}
if (ectx) {
- Esys_Finalize(&ectx);
+ _gnutls_tss2_Esys_Finalize(&ectx);
}
return ret;
@@ -661,7 +825,7 @@ int tpm2_ec_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
goto out;
}
- rc = Esys_Sign(ectx, key_handle,
+ rc = _gnutls_tss2_Esys_Sign(ectx, key_handle,
ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
&digest, &in_scheme, &validation,
&tsig);
@@ -682,31 +846,23 @@ int tpm2_ec_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
ret = gnutls_encode_rs_value(sig, &sig_r, &sig_s);
out:
- Esys_Free(tsig);
+ _gnutls_tss2_Esys_Free(tsig);
if (key_handle != ESYS_TR_NONE) {
- Esys_FlushContext(ectx, key_handle);
+ _gnutls_tss2_Esys_FlushContext(ectx, key_handle);
}
if (ectx) {
- Esys_Finalize(&ectx);
+ _gnutls_tss2_Esys_Finalize(&ectx);
}
return ret;
}
-GNUTLS_ONCE(tcti_once);
-
-void
-tpm2_tcti_deinit(void)
-{
- if (tcti_ctx) {
- Tss2_TctiLdr_Finalize(&tcti_ctx);
- }
-}
+GNUTLS_ONCE(tpm2_esys_once);
static void
-tcti_once_init(void)
+tpm2_esys_once_init(void)
{
const char *tcti;
const char * const tcti_vars[] = {
@@ -718,6 +874,11 @@ tcti_once_init(void)
size_t i;
TSS2_RC rc;
+ if (init_tss2_funcs() < 0) {
+ _gnutls_debug_log("tpm2: unable to initialize TSS2 functions\n");
+ return;
+ }
+
for (i = 0; i < sizeof(tcti_vars) / sizeof(tcti_vars[0]); i++) {
tcti = secure_getenv(tcti_vars[i]);
if (tcti && *tcti != '\0') {
@@ -727,7 +888,7 @@ tcti_once_init(void)
}
}
if (tcti && *tcti != '\0') {
- rc = Tss2_TctiLdr_Initialize(tcti, &tcti_ctx);
+ rc = _gnutls_tss2_Tss2_TctiLdr_Initialize(tcti, &tcti_ctx);
if (rc) {
_gnutls_debug_log("tpm2: TSS2_TctiLdr_Initialize failed: 0x%x\n",
rc);
@@ -735,13 +896,35 @@ tcti_once_init(void)
}
}
+/* called by the global destructor through _gnutls_tpm2_deinit */
+void
+tpm2_esys_deinit(void)
+{
+ if (tcti_ctx) {
+ _gnutls_tss2_Tss2_TctiLdr_Finalize(&tcti_ctx);
+ tcti_ctx = NULL;
+ }
+ if (_gnutls_tss2_esys_dlhandle) {
+ dlclose(_gnutls_tss2_esys_dlhandle);
+ _gnutls_tss2_esys_dlhandle = NULL;
+ }
+ if (_gnutls_tss2_mu_dlhandle) {
+ dlclose(_gnutls_tss2_mu_dlhandle);
+ _gnutls_tss2_mu_dlhandle = NULL;
+ }
+ if (_gnutls_tss2_tctildr_dlhandle) {
+ dlclose(_gnutls_tss2_tctildr_dlhandle);
+ _gnutls_tss2_tctildr_dlhandle = NULL;
+ }
+}
+
int install_tpm2_key(struct tpm2_info_st *info, gnutls_privkey_t pkey,
unsigned int parent, bool emptyauth,
gnutls_datum_t *privdata, gnutls_datum_t *pubdata)
{
TSS2_RC rc;
- (void)gnutls_once(&tcti_once, tcti_once_init);
+ (void)gnutls_once(&tpm2_esys_once, tpm2_esys_once_init);
if (!tcti_ctx) {
return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
@@ -757,16 +940,16 @@ int install_tpm2_key(struct tpm2_info_st *info, gnutls_privkey_t pkey,
info->parent = parent;
- rc = Tss2_MU_TPM2B_PRIVATE_Unmarshal(privdata->data, privdata->size, NULL,
- &info->priv);
+ rc = _gnutls_tss2_Tss2_MU_TPM2B_PRIVATE_Unmarshal(privdata->data, privdata->size, NULL,
+ &info->priv);
if (rc) {
_gnutls_debug_log("tpm2: failed to import private key data: 0x%x\n",
rc);
return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
}
- rc = Tss2_MU_TPM2B_PUBLIC_Unmarshal(pubdata->data, pubdata->size, NULL,
- &info->pub);
+ rc = _gnutls_tss2_Tss2_MU_TPM2B_PUBLIC_Unmarshal(pubdata->data, pubdata->size, NULL,
+ &info->pub);
if (rc) {
_gnutls_debug_log("tpm2: failed to import public key data: 0x%x\n",
rc);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 529f1cc077..64ce470a02 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -515,7 +515,8 @@ dist_check_SCRIPTS += fastopen.sh pkgconfig.sh starttls.sh starttls-ftp.sh start
psktool.sh ocsp-tests/ocsp-load-chain.sh gnutls-cli-save-data.sh gnutls-cli-debug.sh \
sni-resume.sh ocsp-tests/ocsptool.sh cert-reencoding.sh pkcs7-cat.sh long-crl.sh \
serv-udp.sh logfile-option.sh gnutls-cli-resume.sh profile-tests.sh \
- server-weak-keys.sh ocsp-tests/ocsp-signer-verify.sh cfg-test.sh
+ server-weak-keys.sh ocsp-tests/ocsp-signer-verify.sh cfg-test.sh \
+ sanity-lib.sh
if !DISABLE_SYSTEM_CONFIG
dist_check_SCRIPTS += system-override-sig.sh system-override-hash.sh \
diff --git a/tests/sanity-lib.sh b/tests/sanity-lib.sh
new file mode 100644
index 0000000000..1e3612781b
--- /dev/null
+++ b/tests/sanity-lib.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+# Copyright (C) 2022 Red Hat, Inc.
+#
+# Author: Daiki Ueno
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>
+
+: ${top_builddir=..}
+: ${CLI_DEBUG=../src/gnutls-cli-debug${EXEEXT}}
+: ${LDD=ldd}
+: ${LIBTOOL=libtool}
+
+if ! test -x "${CLI_DEBUG}"; then
+ exit 77
+fi
+
+# ldd.sh doesn't check recursive dependencies
+${LDD} --version >/dev/null || exit 77
+
+# We use gnutls-cli-debug, as it has the fewest dependencies among our
+# commands (e.g., gnutls-cli pulls in OpenSSL through libunbound).
+if ${LIBTOOL} --mode=execute ${LDD} ${CLI_DEBUG} | \
+ grep '^[[:space:]]*\(libcrypto\.\|libssl\.\|libgcrypt\.\)'; then
+ echo "gnutls-cli-debug links to other crypto library"
+ exit 1
+fi
diff --git a/tests/tpm2.sh b/tests/tpm2.sh
index 854986c552..6f8e44c64b 100755
--- a/tests/tpm2.sh
+++ b/tests/tpm2.sh
@@ -21,8 +21,6 @@
# along with GnuTLS; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-set +e
-
: ${srcdir=.}
: ${CERTTOOL=../src/certtool${EXEEXT}}
KEYPEMFILE=tpmkey.$$.key.pem
@@ -192,6 +190,10 @@ run_tests()
echo " - Generating ${KEYPEMFILE}"
tpm2tss-genkey -a ${kalg} -o ${OPASS} ${KEYPEMFILE}
+ if [ $? -ne 0 ]; then
+ echo "unable to generate key"
+ return 1
+ fi
cat ${KEYPEMFILE}
echo " - Generating certificate based on key"
@@ -200,6 +202,10 @@ run_tests()
"${CERTTOOL}" --generate-self-signed -d 3 \
--load-privkey "${KEYPEMFILE}" \
--template "${srcdir}/cert-tests/templates/template-test.tmpl"
+ if [ $? -ne 0 ]; then
+ echo "unable to generate certificate"
+ return 1
+ fi
if test "${kalg}" = "rsa";then
echo " - Generating RSA-PSS certificate based on key"
@@ -207,6 +213,10 @@ run_tests()
--load-privkey "${KEYPEMFILE}" \
--sign-params rsa-pss \
--template "${srcdir}/cert-tests/templates/template-test.tmpl"
+ if [ $? -ne 0 ]; then
+ echo "unable to generate certificate"
+ return 1
+ fi
fi
stop_swtpm
--
2.34.1

View File

@ -0,0 +1,44 @@
From b5a2cbce49d94a04a68acbbc31caaa0c5d7b3321 Mon Sep 17 00:00:00 2001
From: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri, 18 Feb 2022 11:05:15 +0100
Subject: [PATCH] bump GNUTLS_MAX_ALGORITHM_NUM / MAX_ALGOS
Fedora 36 LEGACY crypto-policy uses allowlisting format
and is long enough to blow past the 64 priority string
elements mark, causing, effectively, priority string truncation.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
---
lib/includes/gnutls/gnutls.h.in | 2 +-
lib/priority.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 6359a0edb6..16140c8787 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -408,7 +408,7 @@ typedef enum {
/* exported for other gnutls headers. This is the maximum number of
* algorithms (ciphers, kx or macs).
*/
-#define GNUTLS_MAX_ALGORITHM_NUM 64
+#define GNUTLS_MAX_ALGORITHM_NUM 128
#define GNUTLS_MAX_SESSION_ID_SIZE 32
diff --git a/lib/priority.c b/lib/priority.c
index 54d7b1bb45..e7698ba7eb 100644
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -43,7 +43,7 @@
#include "profiles.h"
#include "name_val_array.h"
-#define MAX_ELEMENTS 64
+#define MAX_ELEMENTS GNUTLS_MAX_ALGORITHM_NUM
#define ENABLE_PROFILE(c, profile) do { \
c->additional_verify_flags &= 0x00ffffff; \
--
2.34.1

Binary file not shown.

1230
SPECS/gnutls.spec Normal file

File diff suppressed because it is too large Load Diff