From 02a80de4724dbc971f1b85534b249c69b69815d1 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 3 Jan 2013 14:54:02 +0100 Subject: [PATCH] allow empty passphrase in PBKDF2 needed for cryptsetup (=891266) --- libgcrypt-1.5.0-empty-passphrase.patch | 54 ++++++++++++++++++++++++++ libgcrypt.spec | 8 +++- 2 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 libgcrypt-1.5.0-empty-passphrase.patch diff --git a/libgcrypt-1.5.0-empty-passphrase.patch b/libgcrypt-1.5.0-empty-passphrase.patch new file mode 100644 index 0000000..c989420 --- /dev/null +++ b/libgcrypt-1.5.0-empty-passphrase.patch @@ -0,0 +1,54 @@ +commit 8528f1ba40e587dc17e02822e529fbd7ac69a189 +Author: Milan Broz +Date: Mon Oct 29 17:18:09 2012 +0100 + + PBKDF2: Allow empty passphrase. + + * cipher/kdf.c (gcry_kdf_derive): Allow empty passphrase for PBKDF2. + * tests/t-kdf.c (check_pbkdf2): Add test case for above. + -- + + While it is insecure, the PBKDF2 implementations usually + allows to derive key only from salt. + + This particular case is used e.g. in cryptsetup when + you use empty file as keyfile for LUKS keyslot. + + Test vector is compared with two independent implementations. + + Signed-off-by: Milan Broz + +diff --git a/cipher/kdf.c b/cipher/kdf.c +index d981022..46e8550 100644 +--- a/cipher/kdf.c ++++ b/cipher/kdf.c +@@ -238,7 +238,7 @@ gcry_kdf_derive (const void *passphrase, size_t passphraselen, + { + gpg_err_code_t ec; + +- if (!passphrase || !passphraselen) ++ if (!passphrase || (!passphraselen && algo != GCRY_KDF_PBKDF2)) + { + ec = GPG_ERR_INV_DATA; + goto leave; +diff --git a/tests/t-kdf.c b/tests/t-kdf.c +index 7209525..06c0026 100644 +--- a/tests/t-kdf.c ++++ b/tests/t-kdf.c +@@ -917,7 +917,15 @@ check_pbkdf2 (void) + 16, + "\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37" + "\xd7\xf0\x34\x25\xe0\xc3" +- } ++ }, ++ { /* empty password test, not in RFC-6070 */ ++ "", 0, ++ "salt", 4, ++ 2, ++ 20, ++ "\x13\x3a\x4c\xe8\x37\xb4\xd2\x52\x1e\xe2" ++ "\xbf\x03\xe1\x1c\x71\xca\x79\x4e\x07\x97" ++ }, + }; + int tvidx; + gpg_error_t err; diff --git a/libgcrypt.spec b/libgcrypt.spec index 3a9ffb9..cc91552 100644 --- a/libgcrypt.spec +++ b/libgcrypt.spec @@ -1,6 +1,6 @@ Name: libgcrypt Version: 1.5.0 -Release: 8%{?dist} +Release: 9%{?dist} URL: http://www.gnupg.org/ Source0: libgcrypt-%{version}-hobbled.tar.bz2 # The original libgcrypt sources now contain potentially patented ECC @@ -25,6 +25,8 @@ Patch7: libgcrypt-1.5.0-fips-cavs.patch Patch8: libgcrypt-1.5.0-set-enforced-mode.patch # fix for memory leaks an other errors found by Coverity scan Patch9: libgcrypt-1.5.0-leak.patch +# allow empty passphrase (upstreamed) +Patch10: libgcrypt-1.5.0-empty-passphrase.patch # Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction. # Documentation and some utilities are GPLv2+ licensed. These files @@ -66,6 +68,7 @@ applications using libgcrypt. %patch7 -p1 -b .cavs %patch8 -p1 -b .enforce %patch9 -p1 -b .leak +%patch10 -p1 -b .emptypass mv AUTHORS AUTHORS.iso88591 iconv -f ISO-8859-1 -t UTF-8 AUTHORS.iso88591 >AUTHORS @@ -179,6 +182,9 @@ exit 0 %doc COPYING %changelog +* Thu Jan 3 2013 Tomas Mraz 1.5.0-9 +- allow empty passphrase in PBKDF2 needed for cryptsetup (=891266) + * Mon Dec 3 2012 Tomas Mraz 1.5.0-8 - fix multilib conflict in libgcrypt-config - fix minor memory leaks and other bugs found by Coverity scan