rpms/gnutls
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version

Browse Source 
Resolves: #2168143
Signed-off-by: Daiki Ueno <dueno@redhat.com>
This commit is contained in:
Daiki Ueno 2023-02-28 11:12:55 +09:00
parent f764d48554
commit b7884a9359
2 changed files with 43 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
gnutls-3.7.8-fips-pct-dh.patch
View File

@ -1,54 +1,58 @@
From 8879cd62b327874cdcc9b960ff34d320025f07c2 Mon Sep 17 00:00:00 2001 From 51b721b69fd08ef1c4c4989f5e12b643e170ff56 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org> From: Pedro Monreal <pmgdeb@gmail.com>
Date: Fri, 10 Feb 2023 12:35:22 +0900 Date: Thu, 16 Feb 2023 17:02:38 +0100
Subject: [PATCH] pk: extend pair-wise consistency to cover DH key generation Subject: [PATCH] pk: extend pair-wise consistency to cover DH key generation
Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance of Pair-wise Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance of Pair-wise
Consistency check, even if we only support ephemeral DH, as it is Consistency check, even if we only support ephemeral DH, as it is
required by FIPS 140-3 IG 10.3.A. required by FIPS 140-3 IG 10.3.A.
Signed-off-by: Daiki Ueno <ueno@gnu.org> Signed-off-by: Pedro Monreal <pmgdeb@gmail.com>
Co-authored-by: Pedro Monreal <pmonreal@suse.com> Co-authored-by: Daiki Ueno <ueno@gnu.org>
--- ---
lib/nettle/pk.c | 25 ++++++++++++++++++++++++- lib/nettle/pk.c | 29 +++++++++++++++++++++++++++++
1 file changed, 24 insertions(+), 1 deletion(-) 1 file changed, 29 insertions(+)
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index f38016b19a..607a39ccd8 100644 index d30bca594f..bd9c1b4c74 100644
--- a/lib/nettle/pk.c --- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c +++ b/lib/nettle/pk.c
@@ -2497,7 +2497,30 @@ static int pct_test(gnutls_pk_algorithm_t algo, const gnutls_pk_params_st* param @@ -2642,6 +2642,35 @@ static int pct_test(gnutls_pk_algorithm_t algo,
goto cleanup;
} }
break; break;
- case GNUTLS_PK_DH: case GNUTLS_PK_DH:
+ case GNUTLS_PK_DH: { + {
+ mpz_t y; + mpz_t y;
+ +
+ /* Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance + /* Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance
+ * of Pair-wise Consistency check, even if we only + * of Pair-wise Consistency check, even if we only
+ * support ephemeral DH, as it is required by FIPS + * support ephemeral DH, as it is required by FIPS
+ * 140-3 IG 10.3.A. + * 140-3 IG 10.3.A.
+ * + *
+ * Use the private key, x, along with the generator g + * Use the private key, x, along with the generator g
+ * and prime modulus p included in the domain + * and prime modulus p included in the domain
+ * parameters associated with the key pair to compute + * parameters associated with the key pair to compute
+ * g^x mod p. Compare the result to the public key, y. + * g^x mod p. Compare the result to the public key, y.
+ */ + */
+ mpz_init(y); + mpz_init(y);
+ mpz_powm(y, + mpz_powm(y,
+ TOMPZ(params->params[DSA_G]), + TOMPZ(params->params[DSA_G]),
+ TOMPZ(params->params[DSA_X]), + TOMPZ(params->params[DSA_X]),
+ TOMPZ(params->params[DSA_P])); + TOMPZ(params->params[DSA_P]));
+ if (unlikely(mpz_cmp(y, TOMPZ(params->params[DSA_Y])) != 0)) { + if (unlikely
+ ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR); + (mpz_cmp(y, TOMPZ(params->params[DSA_Y])) != 0)) {
+ ret =
+ gnutls_assert_val
+ (GNUTLS_E_PK_GENERATION_ERROR);
+ mpz_clear(y);
+ goto cleanup;
+ }
+ mpz_clear(y);
+ break;
+ } + }
+ mpz_clear(y);
+ break;
+ }
case GNUTLS_PK_ECDH_X25519: case GNUTLS_PK_ECDH_X25519:
case GNUTLS_PK_ECDH_X448: case GNUTLS_PK_ECDH_X448:
ret = 0; ret = 0;
-- --
2.39.1 2.39.2

7
gnutls.spec
View File

@ -13,7 +13,7 @@ print(string.sub(hash, 0, 16))
} }
Version: 3.7.6 Version: 3.7.6
Release: 17%{?dist} Release: 18%{?dist}
# not upstreamed # not upstreamed
Patch: gnutls-3.6.7-no-now-guile.patch Patch: gnutls-3.6.7-no-now-guile.patch
Patch: gnutls-3.2.7-rpath.patch Patch: gnutls-3.2.7-rpath.patch
@ -39,6 +39,7 @@ Patch: gnutls-3.7.6-fips-ccm-taglen.patch
Patch: gnutls-3.7.6-fips-rsa-pss-saltlen.patch Patch: gnutls-3.7.6-fips-rsa-pss-saltlen.patch
Patch: gnutls-3.7.8-revert-hmac-name.patch Patch: gnutls-3.7.8-revert-hmac-name.patch
Patch: gnutls-3.7.8-rsa-kx-timing.patch Patch: gnutls-3.7.8-rsa-kx-timing.patch
Patch: gnutls-3.7.8-fips-pct-dh.patch
# not upstreamed # not upstreamed
Patch: gnutls-3.7.3-disable-config-reload.patch Patch: gnutls-3.7.3-disable-config-reload.patch
@ -46,7 +47,6 @@ Patch: gnutls-3.7.3-fips-dsa-post.patch
Patch: gnutls-3.7.6-drbg-reseed.patch Patch: gnutls-3.7.6-drbg-reseed.patch
Patch: gnutls-3.7.6-cpuid-fixes.patch Patch: gnutls-3.7.6-cpuid-fixes.patch
Patch: gnutls-3.7.6-gmp-static.patch Patch: gnutls-3.7.6-gmp-static.patch
Patch: gnutls-3.7.8-fips-pct-dh.patch
%bcond_without bootstrap %bcond_without bootstrap
%bcond_without dane %bcond_without dane
@ -406,6 +406,9 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
%endif %endif
%changelog %changelog
* Tue Feb 28 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-18
- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168143)
* Fri Feb 10 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-17 * Fri Feb 10 2023 Daiki Ueno <dueno@redhat.com> - 3.7.6-17
- Fix timing side-channel in TLS RSA key exchange (#2162601) - Fix timing side-channel in TLS RSA key exchange (#2162601)