rpms/libgcrypt
7
0
Fork 0
Code Issues Pull Requests Releases Activity

new upstream version

Browse Source
This commit is contained in:
Tomas Mraz 2014-12-08 17:29:08 +01:00
parent 7dc558c93f
commit 040c39b7c3
12 changed files with 4945 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -5,3 +5,4 @@ libgcrypt-1.4.5-hobbled.tar.bz2
/libgcrypt-1.5.2-hobbled.tar.xz
/libgcrypt-1.5.3-hobbled.tar.xz
/libgcrypt-1.6.1-hobbled.tar.xz
/libgcrypt-1.6.2-hobbled.tar.xz

2
ecc-curves.c
View File

@ -889,7 +889,7 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy)
unsigned char *encpk;
unsigned int encpklen;
if (!_gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL,
if (!_gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, 0,
&encpk, &encpklen))
return mpi_set_opaque (NULL, encpk, encpklen*8);
}

167
libgcrypt-1.6.1-make-arm-asm-fPIC-friendly.patch
View File

@ -1,167 +0,0 @@
Fix ARM assembly when building __PIC__
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* cipher/camellia-arm.S (GET_DATA_POINTER): New.
(_gcry_camellia_arm_encrypt_block): Use GET_DATA_POINTER.
(_gcry_camellia_arm_decrypt_block): Ditto.
* cipher/cast5-arm.S (GET_DATA_POINTER): New.
(_gcry_cast5_arm_encrypt_block, _gcry_cast5_arm_decrypt_block)
(_gcry_cast5_arm_enc_blk2, _gcry_cast5_arm_dec_blk2): Use
GET_DATA_POINTER.
* cipher/rijndael-arm.S (GET_DATA_POINTER): New.
(_gcry_aes_arm_encrypt_block, _gcry_aes_arm_decrypt_block): Use
GET_DATA_POINTER.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
cipher/camellia-arm.S | 17 +++++++++++++++--
cipher/cast5-arm.S | 21 +++++++++++++++++----
cipher/rijndael-arm.S | 17 +++++++++++++++--
3 files changed, 47 insertions(+), 8 deletions(-)
diff --git a/cipher/camellia-arm.S b/cipher/camellia-arm.S
index c30d194..cdeaf8b 100644
--- a/cipher/camellia-arm.S
+++ b/cipher/camellia-arm.S
@@ -28,6 +28,19 @@
.syntax unified
.arm
+#ifdef __PIC__
+# define GET_DATA_POINTER(reg, name, rtmp) \
+ ldr reg, 1f; \
+ ldr rtmp, 2f; \
+ b 3f; \
+ 1: .word _GLOBAL_OFFSET_TABLE_-(3f+8); \
+ 2: .word name(GOT); \
+ 3: add reg, pc, reg; \
+ ldr reg, [reg, rtmp];
+#else
+# define GET_DATA_POINTER(reg, name, rtmp) ldr reg, =name
+#endif
+
/* struct camellia_ctx: */
#define key_table 0
@@ -261,7 +274,7 @@ _gcry_camellia_arm_encrypt_block:
*/
push {%r1, %r4-%r11, %ip, %lr};
- ldr RTAB1, =.Lcamellia_sp1110;
+ GET_DATA_POINTER(RTAB1, .Lcamellia_sp1110, RTAB3);
mov RMASK, #0xff;
add RTAB3, RTAB1, #(2 * 4);
push {%r3};
@@ -309,7 +322,7 @@ _gcry_camellia_arm_decrypt_block:
*/
push {%r1, %r4-%r11, %ip, %lr};
- ldr RTAB1, =.Lcamellia_sp1110;
+ GET_DATA_POINTER(RTAB1, .Lcamellia_sp1110, RTAB3);
mov RMASK, #0xff;
add RTAB3, RTAB1, #(2 * 4);
mov RMASK, RMASK, lsl#4 /* byte mask */
diff --git a/cipher/cast5-arm.S b/cipher/cast5-arm.S
index ce7fa93..db96db4 100644
--- a/cipher/cast5-arm.S
+++ b/cipher/cast5-arm.S
@@ -30,6 +30,19 @@
.extern _gcry_cast5_s1to4;
+#ifdef __PIC__
+# define GET_DATA_POINTER(reg, name, rtmp) \
+ ldr reg, 1f; \
+ ldr rtmp, 2f; \
+ b 3f; \
+ 1: .word _GLOBAL_OFFSET_TABLE_-(3f+8); \
+ 2: .word name(GOT); \
+ 3: add reg, pc, reg; \
+ ldr reg, [reg, rtmp];
+#else
+# define GET_DATA_POINTER(reg, name, rtmp) ldr reg, =name
+#endif
+
/* structure of crypto context */
#define Km 0
#define Kr (Km + (16 * 4))
@@ -260,7 +273,7 @@ _gcry_cast5_arm_encrypt_block:
*/
push {%r1, %r4-%r11, %ip, %lr};
- ldr Rs1, =_gcry_cast5_s1to4;
+ GET_DATA_POINTER(Rs1, _gcry_cast5_s1to4, Rs2);
mov RMASK, #(0xff << 2);
add Rs2, Rs1, #(0x100*4);
add Rs3, Rs1, #(0x100*4*2);
@@ -306,7 +319,7 @@ _gcry_cast5_arm_decrypt_block:
*/
push {%r1, %r4-%r11, %ip, %lr};
- ldr Rs1, =_gcry_cast5_s1to4;
+ GET_DATA_POINTER(Rs1, _gcry_cast5_s1to4, Rs2);
mov RMASK, #(0xff << 2);
add Rs2, Rs1, #(0x100 * 4);
add Rs3, Rs1, #(0x100 * 4 * 2);
@@ -500,7 +513,7 @@ _gcry_cast5_arm_enc_blk2:
*/
push {%lr};
- ldr Rs1, =_gcry_cast5_s1to4;
+ GET_DATA_POINTER(Rs1, _gcry_cast5_s1to4, Rs2);
mov RMASK, #(0xff << 2);
add Rs2, Rs1, #(0x100 * 4);
@@ -631,7 +644,7 @@ _gcry_cast5_arm_dec_blk2:
* [RR0, RL0], [RR1, RL1]: dst
*/
- ldr Rs1, =_gcry_cast5_s1to4;
+ GET_DATA_POINTER(Rs1, _gcry_cast5_s1to4, Rs2);
mov RMASK, #(0xff << 2);
add Rs2, Rs1, #(0x100 * 4);
diff --git a/cipher/rijndael-arm.S b/cipher/rijndael-arm.S
index 22c350c..421c3b4 100644
--- a/cipher/rijndael-arm.S
+++ b/cipher/rijndael-arm.S
@@ -28,6 +28,19 @@
.syntax unified
.arm
+#ifdef __PIC__
+# define GET_DATA_POINTER(reg, name, rtmp) \
+ ldr reg, 1f; \
+ ldr rtmp, 2f; \
+ b 3f; \
+ 1: .word _GLOBAL_OFFSET_TABLE_-(3f+8); \
+ 2: .word name(GOT); \
+ 3: add reg, pc, reg; \
+ ldr reg, [reg, rtmp];
+#else
+# define GET_DATA_POINTER(reg, name, rtmp) ldr reg, =name
+#endif
+
/* register macros */
#define CTX %r0
#define RTAB %lr
@@ -249,7 +262,7 @@ _gcry_aes_arm_encrypt_block:
2:
sub %sp, #16;
- ldr RTAB, =.LtableE0;
+ GET_DATA_POINTER(RTAB, .LtableE0, RMASK);
str %r1, [%sp, #4]; /* dst */
mov RMASK, #0xff;
@@ -503,7 +516,7 @@ _gcry_aes_arm_decrypt_block:
2:
sub %sp, #16;
- ldr RTAB, =.LtableD0;
+ GET_DATA_POINTER(RTAB, .LtableD0, RMASK);
mov RMASK, #0xff;
str %r1, [%sp, #4]; /* dst */

2700
libgcrypt-1.6.2-drbg.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1400
libgcrypt-1.6.2-fips-cavs.patch Normal file
View File

File diff suppressed because it is too large Load Diff

56
libgcrypt-1.6.2-fips-ctor.patch Normal file
View File

@ -0,0 +1,56 @@
diff -up libgcrypt-1.6.2/cipher/md.c.fips-ctor libgcrypt-1.6.2/cipher/md.c
--- libgcrypt-1.6.2/cipher/md.c.fips-ctor 2014-08-21 14:50:39.000000000 +0200
+++ libgcrypt-1.6.2/cipher/md.c 2014-12-08 16:45:01.095256244 +0100
@@ -413,11 +413,8 @@ md_enable (gcry_md_hd_t hd, int algorith
if (!err && algorithm == GCRY_MD_MD5 && fips_mode ())
{
- _gcry_inactivate_fips_mode ("MD5 used");
if (_gcry_enforced_fips_mode () )
{
- /* We should never get to here because we do not register
- MD5 in enforced fips mode. But better throw an error. */
err = GPG_ERR_DIGEST_ALGO;
}
}
diff -up libgcrypt-1.6.2/src/global.c.fips-ctor libgcrypt-1.6.2/src/global.c
--- libgcrypt-1.6.2/src/global.c.fips-ctor 2014-12-08 16:45:01.094256222 +0100
+++ libgcrypt-1.6.2/src/global.c 2014-12-08 16:46:29.182248403 +0100
@@ -132,6 +132,28 @@ global_init (void)
}
+#ifndef FIPS_MODULE_PATH
+#define FIPS_MODULE_PATH "/etc/system-fips"
+#endif
+
+void __attribute__ ((constructor)) _gcry_global_constructor (void)
+{
+ int rv;
+
+ rv = access (FIPS_MODULE_PATH, F_OK);
+ if (rv < 0 && errno != ENOENT)
+ rv = 0;
+
+ if (!rv)
+ {
+ /* force selftests */
+ global_init ();
+ if (fips_mode ())
+ _gcry_random_initialize (1);
+ _gcry_fips_run_selftests (0);
+ }
+}
+
/* This function is called by the macro fips_is_operational and makes
sure that the minimal initialization has been done. This is far
from a perfect solution and hides problems with an improper
@@ -635,7 +657,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
break;
case GCRYCTL_SET_ENFORCED_FIPS_FLAG:
- if (!any_init_done)
+ if (fips_mode ())
{
/* Not yet initialized at all. Set the enforced fips mode flag */
_gcry_set_preferred_rng_type (0);

345
libgcrypt-1.6.2-fips-reqs.patch Normal file
View File

@ -0,0 +1,345 @@
diff -up libgcrypt-1.6.2/cipher/dsa.c.fips-reqs libgcrypt-1.6.2/cipher/dsa.c
--- libgcrypt-1.6.2/cipher/dsa.c.fips-reqs 2014-12-08 17:15:07.198102721 +0100
+++ libgcrypt-1.6.2/cipher/dsa.c 2014-12-08 17:16:59.636645610 +0100
@@ -66,42 +66,86 @@ static const char *dsa_names[] =
};
-/* A sample 1024 bit DSA key used for the selftests. */
+/* A sample 2048 bit DSA key used for the selftests. */
static const char sample_secret_key[] =
"(private-key"
" (dsa"
-" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
-" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
-" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
-" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)"
-" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)"
-" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
-" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
-" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
-" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)"
-" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
-" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
-" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
-" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)"
-" (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))";
-/* A sample 1024 bit DSA key used for the selftests (public only). */
+" (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
+" 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
+" 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
+" 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
+" 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
+" eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
+" 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
+" 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
+" 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
+" 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
+" 2c8d7469db02e24d592394a7dba069e9#)"
+" (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
+" 7441a0a5#)"
+" (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
+" 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
+" ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
+" 0df242b75b414df372121e53a553f222f836b000f016485b"
+" 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
+" 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
+" 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
+" ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
+" 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
+" 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
+" 45f322f82e4e85ca3ab85591b3c2a966#)"
+" (y #2452f3ccbe9ed5ca7dc74c602b99226e8f2fab38e7d7ddfb"
+" 75539b17155e9fcfd1aba564eb8535d812c9c2dcf9728444"
+" 1bc482243624c7f457580c1c38a57c46c457392470edb52c"
+" b5a6e03fe6287bb6f49a42a2065a054f030839df1fd3149c"
+" 4ca0531dd8ca8aaa9cc7337193387348336118224545e88c"
+" 80ffd8765d74360333ccab9972779b6525a65bdd0d10c675"
+" c109bbd3e5be4d72ef6eba6e438d5226237db888379c5fcc"
+" 47a3847ff63711baed6d03afe81e694a413b680bd38ab490"
+" 3f8370a707ef551d4941026d9579d691de8edaa16105eb9d"
+" ba3c2f4c1bec508275aa0207e251b5eccb286a4b01d449d3"
+" 0acb673717a0d2fb3b50c893f7dab14f#)"
+" (x #0c4b3089d1b862cb3c436491f0915470c52796e3acbee800"
+" ec55f6cc#)))";
+/* A sample 2048 bit DSA key used for the selftests (public only). */
static const char sample_public_key[] =
"(public-key"
" (dsa"
-" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
-" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
-" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
-" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)"
-" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)"
-" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
-" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
-" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
-" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)"
-" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
-" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
-" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
-" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)))";
-
+" (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
+" 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
+" 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
+" 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
+" 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
+" eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
+" 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
+" 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
+" 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
+" 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
+" 2c8d7469db02e24d592394a7dba069e9#)"
+" (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
+" 7441a0a5#)"
+" (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
+" 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
+" ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
+" 0df242b75b414df372121e53a553f222f836b000f016485b"
+" 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
+" 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
+" 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
+" ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
+" 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
+" 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
+" 45f322f82e4e85ca3ab85591b3c2a966#)"
+" (y #2452f3ccbe9ed5ca7dc74c602b99226e8f2fab38e7d7ddfb"
+" 75539b17155e9fcfd1aba564eb8535d812c9c2dcf9728444"
+" 1bc482243624c7f457580c1c38a57c46c457392470edb52c"
+" b5a6e03fe6287bb6f49a42a2065a054f030839df1fd3149c"
+" 4ca0531dd8ca8aaa9cc7337193387348336118224545e88c"
+" 80ffd8765d74360333ccab9972779b6525a65bdd0d10c675"
+" c109bbd3e5be4d72ef6eba6e438d5226237db888379c5fcc"
+" 47a3847ff63711baed6d03afe81e694a413b680bd38ab490"
+" 3f8370a707ef551d4941026d9579d691de8edaa16105eb9d"
+" ba3c2f4c1bec508275aa0207e251b5eccb286a4b01d449d3"
+" 0acb673717a0d2fb3b50c893f7dab14f#)))";
@@ -1164,14 +1208,14 @@ dsa_get_nbits (gcry_sexp_t parms)
*/
static const char *
-selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_sign (gcry_sexp_t pkey, gcry_sexp_t skey)
{
static const char sample_data[] =
"(data (flags raw)"
- " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4#))";
+ " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4f1e2d3c4b5a6978879605142#))";
static const char sample_data_bad[] =
"(data (flags raw)"
- " (value #a0b1c2d3e4f510102030405060708090a1b2c3d4#))";
+ " (value #a0b1c2d3e4f500102030405060708090a1b2c3d401e2d3c4b5a6978879605142#))";
const char *errtxt = NULL;
gcry_error_t err;
@@ -1247,7 +1291,7 @@ selftests_dsa (selftest_report_func_t re
}
what = "sign";
- errtxt = selftest_sign_1024 (pkey, skey);
+ errtxt = selftest_sign (pkey, skey);
if (errtxt)
goto failed;
diff -up libgcrypt-1.6.2/cipher/rsa.c.fips-reqs libgcrypt-1.6.2/cipher/rsa.c
--- libgcrypt-1.6.2/cipher/rsa.c.fips-reqs 2014-12-08 17:15:07.218103174 +0100
+++ libgcrypt-1.6.2/cipher/rsa.c 2014-12-08 17:20:24.666282521 +0100
@@ -62,33 +62,57 @@ static const char *rsa_names[] =
};
-/* A sample 1024 bit RSA key used for the selftests. */
+/* A sample 2048 bit RSA key used for the selftests. */
static const char sample_secret_key[] =
"(private-key"
" (rsa"
-" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
-" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
-" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
-" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)"
+" (n #00c9d56d9d90db43d602ed9688138ab2bf6ea10610b27837a714a8ffdd00"
+" ddb493a045cc9690edada9ddc4d6ca0cf0ed4f725e21499a1812158f905a"
+" dbb63399a3e6b4f0c4972126bbe3baf2ffa072da89638e8b3e089d922abe"
+" 16e14315fc57c71f0911671ca996d18b3e8093c159d06d39f2ac95cc1075"
+" e93124d143af68524be716d749656f26c086adc0070ac1e12f8785863bdc"
+" 5a99bee9f9b9e98227510415ab060e765a288d92bdc5b57ba8df4e47a2c1"
+" e752bf47f762e03a6f4d6a4d4ed4b95969fab214c1eee62f95cd9472aee4"
+" db189ac4cd70bdee3116b74965ac40190eb56d83f136bb082f2e4e9262a4"
+" ff50db2045a2eb167af2d528c1fd4e0371#)"
" (e #010001#)"
-" (d #046129f2489d71579be0a75fe029bd6cdb574ebf57ea8a5b0fda942cab943b11"
-" 7d7bb95e5d28875e0f9fc5fcc06a72f6d502464dabded78ef6b716177b83d5bd"
-" c543dc5d3fed932e59f5897e92e6f58a0f33424106a3b6fa2cbf877510e4ac21"
-" c3ee47851e97d12996222ac3566d4ccb0b83d164074abf7de655fc2446da1781#)"
-" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
-" fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)"
-" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9"
-" 35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)"
-" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
-" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))";
-/* A sample 1024 bit RSA key used for the selftests (public only). */
+" (d #36273db1f91bdba7a0417f1223ac232999d53a7b606741076353b4d2e758"
+" 950ac705f34eb2b412d470dc4f8506d3ddd863273e673121243904bc06a4"
+" ccce2b7afe7badde116ea3a5e604530ea34e2db48f31bfca7525520285de"
+" 3db27243b2898a9a3441263f9a67bea4967b0e75baa693d5b8d8b857f24b"
+" 0f1481d1574ef6454ca63bd070cad39d55de2205e78e284dee11cfb66776"
+" 09d3e33c13f99934107bec8138f0b6349c9b506f0b91814d8994047bf03c"
+" f4b1b200488d5a8f889ec5ab3a9e443f54e7d96e47aaa1bd404631f9f034"
+" b604e12b5b7386dd3a921b71c73f32e5c3c2aba17ebfa452a0b06890d120"
+" 1279e9d7c940baf219c7a50092860d01#)"
+" (p #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
+" 26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
+" 381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
+" 2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
+" 97da57e836da7a9cad#)"
+" (q #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
+" ef2ce74f4af74e268d850b3fecc31cd4ebec6ac8722a257dfda67796f01e"
+" cd2857f83730756bbdd47b0c87c56c8740a5bb272c78c9745a545b0b306f"
+" 444afa71e4216166f9ee65de7c04d7fda9155b7fe27aba698672a6068d9b"
+" 9055609e4c5da9b655#)"
+" (u #00afdecbdc5268ea7b1bff7284db7f6757dae3165fd80691ed2bbe8e54a1"
+" 6f7ff950aad059e9695903d93e59ff206ee1470bd2b099ca4e83426a7684"
+" 75a1ecafd3092fec0f008d78fe773174ec6fbff85384f3a91c2e4b1f59f1"
+" 1f2000fee86569f6cab5de338087bc615b90570de4aeb1a9125abbe3834d"
+" 5a69716c0a5fa20603#)))";
+/* A sample 2048 bit RSA key used for the selftests (public only). */
static const char sample_public_key[] =
"(public-key"
" (rsa"
-" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
-" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
-" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
-" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)"
+" (n #00c9d56d9d90db43d602ed9688138ab2bf6ea10610b27837a714a8ffdd00"
+" ddb493a045cc9690edada9ddc4d6ca0cf0ed4f725e21499a1812158f905a"
+" dbb63399a3e6b4f0c4972126bbe3baf2ffa072da89638e8b3e089d922abe"
+" 16e14315fc57c71f0911671ca996d18b3e8093c159d06d39f2ac95cc1075"
+" e93124d143af68524be716d749656f26c086adc0070ac1e12f8785863bdc"
+" 5a99bee9f9b9e98227510415ab060e765a288d92bdc5b57ba8df4e47a2c1"
+" e752bf47f762e03a6f4d6a4d4ed4b95969fab214c1eee62f95cd9472aee4"
+" db189ac4cd70bdee3116b74965ac40190eb56d83f136bb082f2e4e9262a4"
+" ff50db2045a2eb167af2d528c1fd4e0371#)"
" (e #010001#)))";
@@ -1610,20 +1634,35 @@ compute_keygrip (gcry_md_hd_t md, gcry_s
*/
static const char *
-selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_sign (gcry_sexp_t pkey, gcry_sexp_t skey)
{
static const char sample_data[] =
"(data (flags pkcs1)"
- " (hash sha1 #11223344556677889900aabbccddeeff10203040#))";
+ " (hash sha256 #11223344556677889900aabbccddeeffa0b0c0d0102030405060708090a1b1c1#))";
static const char sample_data_bad[] =
"(data (flags pkcs1)"
- " (hash sha1 #11223344556677889900aabbccddeeff80203040#))";
+ " (hash sha256 #11223344556677889900aabbccddeeffa0b0c0d0102030405060708091a1b1c1#))";
+ static const char signature_ka[] =
+ "(sig-val \n"
+ " (rsa \n"
+ " (s #0B12D55738B099D401C81BEEDA54E045B4B7D9CDA5A8769E9C484F696A58912A"
+ "1E5DE7E5A2D181DA15A5C254D802AB75F1056E27406850AC7BE310BC32D2CED8"
+ "6697FE84508F7EFFF4D147C52E955A0873EF2F52ED71F2FC9C3C12D4045CB643"
+ "70158378E1494D8FBAD2248B9B64233D2CC2C1932B0531E539DEB07434B76D3B"
+ "6959E8A37E33B234C0C8C2C8FB1D00939239C9C491B2EBEED77BF952B597E11B"
+ "D4ED0C103D2B88BC78B4E505CF9D8D08B585CE3688D4FBE83ED58D1E1341AC4D"
+ "7C5EFF3CBC565CC7AE61C2F568426763A5239D31C1FFFD366984901679A343C4"
+ "01BB778BBA5E533B7875BA658A19AA9E56170F4A28E4322BF1621175FB06463E#)\n"
+ " )\n"
+ " )\n";
const char *errtxt = NULL;
gcry_error_t err;
gcry_sexp_t data = NULL;
gcry_sexp_t data_bad = NULL;
gcry_sexp_t sig = NULL;
+ char buf[1024];
+ size_t len;
err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data));
if (!err)
@@ -1641,6 +1680,12 @@ selftest_sign_1024 (gcry_sexp_t pkey, gc
errtxt = "signing failed";
goto leave;
}
+ len = sexp_sprint (sig, GCRYSEXP_FMT_ADVANCED, buf, sizeof(buf));
+ if (len != sizeof (signature_ka) - 1 || memcmp (buf, signature_ka, len) != 0)
+ {
+ errtxt = "signature KAT failed";
+ goto leave;
+ }
err = _gcry_pk_verify (sig, data, pkey);
if (err)
{
@@ -1697,11 +1742,11 @@ extract_a_from_sexp (gcry_sexp_t encr_da
static const char *
-selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_encr (gcry_sexp_t pkey, gcry_sexp_t skey)
{
const char *errtxt = NULL;
gcry_error_t err;
- const unsigned int nbits = 1000; /* Encrypt 1000 random bits. */
+ const unsigned int nbits = 2000; /* Encrypt 2000 random bits. */
gcry_mpi_t plaintext = NULL;
gcry_sexp_t plain = NULL;
gcry_sexp_t encr = NULL;
@@ -1822,12 +1867,12 @@ selftests_rsa (selftest_report_func_t re
}
what = "sign";
- errtxt = selftest_sign_1024 (pkey, skey);
+ errtxt = selftest_sign (pkey, skey);
if (errtxt)
goto failed;
what = "encrypt";
- errtxt = selftest_encr_1024 (pkey, skey);
+ errtxt = selftest_encr (pkey, skey);
if (errtxt)
goto failed;
diff -up libgcrypt-1.6.2/random/drbg.c.fips-reqs libgcrypt-1.6.2/random/drbg.c
diff -up libgcrypt-1.6.2/src/visibility.c.fips-reqs libgcrypt-1.6.2/src/visibility.c
--- libgcrypt-1.6.2/src/visibility.c.fips-reqs 2014-08-21 14:50:39.000000000 +0200
+++ libgcrypt-1.6.2/src/visibility.c 2014-12-08 17:23:06.530943221 +0100
@@ -1259,6 +1259,8 @@ gcry_kdf_derive (const void *passphrase,
unsigned long iterations,
size_t keysize, void *keybuffer)
{
+ if (!fips_is_operational ())
+ return gpg_error (fips_not_operational ());
return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo,
salt, saltlen, iterations,
keysize, keybuffer));
@@ -1314,6 +1316,13 @@ void
gcry_mpi_randomize (gcry_mpi_t w,
unsigned int nbits, enum gcry_random_level level)
{
+ if (!fips_is_operational ())
+ {
+ (void)fips_not_operational ();
+ fips_signal_fatal_error ("called in non-operational state");
+ fips_noreturn ();
+ }
+
_gcry_mpi_randomize (w, nbits, level);
}
@@ -1339,6 +1348,8 @@ gcry_prime_generate (gcry_mpi_t *prime,
gcry_random_level_t random_level,
unsigned int flags)
{
+ if (!fips_is_operational ())
+ return gpg_error (fips_not_operational ());
return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits,
factors, cb_func, cb_arg,
random_level, flags));

31
libgcrypt-1.6.2-fips-test.patch Normal file
View File

@ -0,0 +1,31 @@
diff -up libgcrypt-1.6.2/src/global.c.fips-test libgcrypt-1.6.2/src/global.c
--- libgcrypt-1.6.2/src/global.c.fips-test 2014-12-08 16:54:07.766619659 +0100
+++ libgcrypt-1.6.2/src/global.c 2014-12-08 16:55:18.555220601 +0100
@@ -564,8 +564,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
case GCRYCTL_FIPS_MODE_P:
if (fips_mode ()
- && !_gcry_is_fips_mode_inactive ()
- && !no_secure_memory)
+ && !_gcry_is_fips_mode_inactive ())
rc = GPG_ERR_GENERAL; /* Used as TRUE value */
break;
diff -up libgcrypt-1.6.2/tests/basic.c.fips-test libgcrypt-1.6.2/tests/basic.c
--- libgcrypt-1.6.2/tests/basic.c.fips-test 2014-08-21 14:50:39.000000000 +0200
+++ libgcrypt-1.6.2/tests/basic.c 2014-12-08 16:54:07.767619682 +0100
@@ -582,6 +582,14 @@ check_ctr_cipher (void)
if (!tv[i].algo)
continue;
+ if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
+ {
+ if (verbose)
+ fprintf (stderr, " algorithm %d not available in fips mode\n",
+ tv[i].algo);
+ continue;
+ }
+
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);

375
libgcrypt-1.6.2-rsa-fips-keygen.patch Normal file
View File

@ -0,0 +1,375 @@
diff -up libgcrypt-1.6.2/cipher/primegen.c.fips-keygen libgcrypt-1.6.2/cipher/primegen.c
--- libgcrypt-1.6.2/cipher/primegen.c.fips-keygen 2014-12-08 16:55:56.425077059 +0100
+++ libgcrypt-1.6.2/cipher/primegen.c 2014-12-08 16:59:26.039817665 +0100
@@ -1198,6 +1198,22 @@ _gcry_prime_check (gcry_mpi_t x, unsigne
return rc;
}
+/* Check whether the number X is prime according to FIPS 186-4 table C.2. */
+gcry_err_code_t
+_gcry_fips186_4_prime_check (gcry_mpi_t x, unsigned int bits)
+{
+ gcry_err_code_t ec = GPG_ERR_NO_ERROR;
+ gcry_mpi_t val_2 = mpi_alloc_set_ui (2); /* Used by the Fermat test. */
+
+ /* We use 5 or 4 rounds as specified in table C.2 */
+ if (! check_prime (x, val_2, bits > 1024 ? 4 : 5, NULL, NULL))
+ ec = GPG_ERR_NO_PRIME;
+
+ mpi_free (val_2);
+
+ return ec;
+}
+
/* Find a generator for PRIME where the factorization of (prime-1) is
in the NULL terminated array FACTORS. Return the generator as a
newly allocated MPI in R_G. If START_G is not NULL, use this as s
diff -up libgcrypt-1.6.2/cipher/rsa.c.fips-keygen libgcrypt-1.6.2/cipher/rsa.c
--- libgcrypt-1.6.2/cipher/rsa.c.fips-keygen 2014-12-08 16:55:56.407076652 +0100
+++ libgcrypt-1.6.2/cipher/rsa.c 2014-12-08 17:11:06.770665261 +0100
@@ -339,6 +339,279 @@ generate_std (RSA_secret_key *sk, unsign
}
+/****************
+ * Generate a key pair with a key of size NBITS.
+ * USE_E = 0 let Libcgrypt decide what exponent to use.
+ * = 1 request the use of a "secure" exponent; this is required by some
+ * specification to be 65537.
+ * > 2 Use this public exponent. If the given exponent
+ * is not odd one is internally added to it.
+ * TESTPARMS: If set, do not generate but test whether the p,q is probably prime
+ * Returns key with zeroes to not break code calling this function.
+ * TRANSIENT_KEY: If true, generate the primes using the standard RNG.
+ * Returns: 2 structures filled with all needed values
+ */
+static gpg_err_code_t
+generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
+ gcry_sexp_t testparms, int transient_key)
+{
+ gcry_mpi_t p, q; /* the two primes */
+ gcry_mpi_t d; /* the private key */
+ gcry_mpi_t u;
+ gcry_mpi_t p1, q1;
+ gcry_mpi_t n; /* the public key */
+ gcry_mpi_t e; /* the exponent */
+ gcry_mpi_t g;
+ gcry_mpi_t minp;
+ gcry_mpi_t diff, mindiff;
+ gcry_random_level_t random_level;
+ unsigned int pbits = nbits/2;
+ unsigned int i;
+ int pqswitch;
+ gpg_err_code_t ec = GPG_ERR_NO_PRIME;
+
+ if (nbits < 1024 || (nbits & 0x1FF))
+ return GPG_ERR_INV_VALUE;
+ if (_gcry_enforced_fips_mode() && nbits != 2048 && nbits != 3072)
+ return GPG_ERR_INV_VALUE;
+
+ /* The random quality depends on the transient_key flag. */
+ random_level = transient_key ? GCRY_STRONG_RANDOM : GCRY_VERY_STRONG_RANDOM;
+
+ if (testparms)
+ {
+ /* Parameters to derive the key are given. */
+ /* Note that we explicitly need to setup the values of tbl
+ because some compilers (e.g. OpenWatcom, IRIX) don't allow
+ to initialize a structure with automatic variables. */
+ struct { const char *name; gcry_mpi_t *value; } tbl[] = {
+ { "e" },
+ { "p" },
+ { "q" },
+ { NULL }
+ };
+ int idx;
+ gcry_sexp_t oneparm;
+
+ tbl[0].value = &e;
+ tbl[1].value = &p;
+ tbl[2].value = &q;
+
+ for (idx=0; tbl[idx].name; idx++)
+ {
+ oneparm = sexp_find_token (testparms, tbl[idx].name, 0);
+ if (oneparm)
+ {
+ *tbl[idx].value = sexp_nth_mpi (oneparm, 1,
+ GCRYMPI_FMT_USG);
+ sexp_release (oneparm);
+ }
+ }
+ for (idx=0; tbl[idx].name; idx++)
+ if (!*tbl[idx].value)
+ break;
+ if (tbl[idx].name)
+ {
+ /* At least one parameter is missing. */
+ for (idx=0; tbl[idx].name; idx++)
+ _gcry_mpi_release (*tbl[idx].value);
+ return GPG_ERR_MISSING_VALUE;
+ }
+ }
+ else
+ {
+ if (use_e < 65537)
+ use_e = 65537; /* This is the smallest value allowed by FIPS */
+
+ e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+
+ use_e |= 1; /* make sure this is odd */
+ mpi_set_ui (e, use_e);
+
+ p = mpi_snew (pbits);
+ q = mpi_snew (pbits);
+ }
+
+ n = mpi_new (nbits);
+ d = mpi_snew (nbits);
+ u = mpi_snew (nbits);
+
+ /* prepare approximate minimum p and q */
+ minp = mpi_new (pbits);
+ mpi_set_ui (minp, 0xB504F334);
+ mpi_lshift (minp, minp, pbits - 32);
+
+ /* prepare minimum p and q difference */
+ diff = mpi_new (pbits);
+ mindiff = mpi_new (pbits - 99);
+ mpi_set_ui (mindiff, 1);
+ mpi_lshift (mindiff, mindiff, pbits - 100);
+
+ p1 = mpi_snew (pbits);
+ q1 = mpi_snew (pbits);
+ g = mpi_snew (pbits);
+
+retry:
+ /* generate p and q */
+ for (i = 0; i < 5 * pbits; i++)
+ {
+ ploop:
+ if (!testparms)
+ {
+ _gcry_mpi_randomize (p, pbits, random_level);
+ }
+ if (mpi_cmp (p, minp) < 0)
+ {
+ if (testparms) goto err;
+ goto ploop;
+ }
+
+ mpi_sub_ui (p1, p, 1);
+ if (mpi_gcd (g, p1, e))
+ {
+ if (_gcry_fips186_4_prime_check (p, pbits) != GPG_ERR_NO_ERROR)
+ {
+ /* not a prime */
+ if (testparms) goto err;
+ }
+ else
+ break;
+ }
+ else if (testparms) goto err;
+ }
+ if (i >= 5 * pbits)
+ goto err;
+
+ for (i = 0; i < 5 * pbits; i++)
+ {
+ qloop:
+ if (!testparms)
+ {
+ _gcry_mpi_randomize (q, pbits, random_level);
+ }
+ if (mpi_cmp (q, minp) < 0)
+ {
+ if (testparms) goto err;
+ goto qloop;
+ }
+ if (mpi_cmp (p, q) < 0)
+ {
+ pqswitch = 1;
+ mpi_sub (diff, q, p);
+ }
+ else
+ {
+ pqswitch = 0;
+ mpi_sub (diff, p, q);
+ }
+ if (mpi_cmp (diff, mindiff) < 0)
+ {
+ if (testparms) goto err;
+ goto qloop;
+ }
+
+ mpi_sub_ui (q1, q, 1);
+ if (mpi_gcd (g, q1, e))
+ {
+ if (_gcry_fips186_4_prime_check (q, pbits) != GPG_ERR_NO_ERROR)
+ {
+ /* not a prime */
+ if (testparms) goto err;
+ }
+ else
+ break;
+ }
+ else if (testparms) goto err;
+ }
+ if (i >= 5 * pbits)
+ goto err;
+
+ if (testparms)
+ {
+ mpi_clear (p);
+ mpi_clear (q);
+ }
+ else
+ {
+ gcry_mpi_t f;
+
+ if (pqswitch)
+ {
+ gcry_mpi_t tmp;
+
+ tmp = p;
+ p = q;
+ q = tmp;
+ }
+
+ f = mpi_snew (nbits);
+
+ /* calculate the modulus */
+ mpi_mul(n, p, q);
+
+ /* calculate the secret key d = e^1 mod phi */
+ mpi_gcd (g, p1, q1);
+ mpi_fdiv_q (f, p1, g);
+ mpi_mul (f, f, q1);
+
+ mpi_invm (d, e, f);
+
+ _gcry_mpi_release (f);
+
+ if (mpi_get_nbits (d) < pbits) goto retry;
+
+ /* calculate the inverse of p and q (used for chinese remainder theorem)*/
+ mpi_invm(u, p, q );
+ }
+
+ ec = 0;
+
+ if( DBG_CIPHER )
+ {
+ log_mpidump(" p= ", p );
+ log_mpidump(" q= ", q );
+ log_mpidump(" n= ", n );
+ log_mpidump(" e= ", e );
+ log_mpidump(" d= ", d );
+ log_mpidump(" u= ", u );
+ }
+
+err:
+
+ _gcry_mpi_release (p1);
+ _gcry_mpi_release (q1);
+ _gcry_mpi_release (g);
+ _gcry_mpi_release (minp);
+ _gcry_mpi_release (mindiff);
+ _gcry_mpi_release (diff);
+
+ sk->n = n;
+ sk->e = e;
+ sk->p = p;
+ sk->q = q;
+ sk->d = d;
+ sk->u = u;
+
+ /* Now we can test our keys. */
+ if (ec || (!testparms && test_keys (sk, nbits - 64)))
+ {
+ _gcry_mpi_release (sk->n); sk->n = NULL;
+ _gcry_mpi_release (sk->e); sk->e = NULL;
+ _gcry_mpi_release (sk->p); sk->p = NULL;
+ _gcry_mpi_release (sk->q); sk->q = NULL;
+ _gcry_mpi_release (sk->d); sk->d = NULL;
+ _gcry_mpi_release (sk->u); sk->u = NULL;
+ if (!ec)
+ {
+ fips_signal_error ("self-test after key generation failed");
+ return GPG_ERR_SELFTEST_FAILED;
+ }
+ }
+
+ return ec;
+}
+
+
/* Helper for generate_x931. */
static gcry_mpi_t
gen_x931_parm_xp (unsigned int nbits)
@@ -799,7 +1072,7 @@ rsa_generate (const gcry_sexp_t genparms
}
}
- if (deriveparms || (flags & PUBKEY_FLAG_USE_X931) || fips_mode ())
+ if (deriveparms || (flags & PUBKEY_FLAG_USE_X931))
{
int swapped;
ec = generate_x931 (&sk, nbits, evalue, deriveparms, &swapped);
@@ -819,9 +1092,14 @@ rsa_generate (const gcry_sexp_t genparms
sexp_release (l1);
}
}
+ deriveparms = (genparms?
+ sexp_find_token (genparms, "test-parms", 0) : NULL);
/* Generate. */
- ec = generate_std (&sk, nbits, evalue,
- !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ if (deriveparms || fips_mode())
+ ec = generate_fips (&sk, nbits, evalue, deriveparms, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ else
+ ec = generate_std (&sk, nbits, evalue, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ sexp_release (deriveparms);
}
if (!ec)
diff -up libgcrypt-1.6.2/src/g10lib.h.fips-keygen libgcrypt-1.6.2/src/g10lib.h
--- libgcrypt-1.6.2/src/g10lib.h.fips-keygen 2014-08-21 12:29:09.000000000 +0200
+++ libgcrypt-1.6.2/src/g10lib.h 2014-12-08 16:55:56.426077081 +0100
@@ -259,6 +259,9 @@ gpg_err_code_t _gcry_generate_fips186_3_
int *r_counter,
void **r_seed, size_t *r_seedlen, int *r_hashalgo);
+gpg_err_code_t _gcry_fips186_4_prime_check
+ (const gcry_mpi_t x, unsigned int bits);
+
/* Replacements of missing functions (missing-string.c). */
#ifndef HAVE_STPCPY
diff -up libgcrypt-1.6.2/tests/keygen.c.fips-keygen libgcrypt-1.6.2/tests/keygen.c
--- libgcrypt-1.6.2/tests/keygen.c.fips-keygen 2014-12-08 16:55:56.407076652 +0100
+++ libgcrypt-1.6.2/tests/keygen.c 2014-12-08 17:13:29.449892067 +0100
@@ -215,12 +215,12 @@ check_rsa_keys (void)
if (verbose)
- show ("creating 1024 bit RSA key with e=257\n");
+ show ("creating 1024 bit RSA key with e=65539\n");
rc = gcry_sexp_new (&keyparm,
"(genkey\n"
" (rsa\n"
" (nbits 4:1024)\n"
- " (rsa-use-e 3:257)\n"
+ " (rsa-use-e 5:65539)\n"
" ))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gpg_strerror (rc));
@@ -229,7 +229,7 @@ check_rsa_keys (void)
if (rc)
die ("error generating RSA key: %s\n", gpg_strerror (rc));
- check_generated_rsa_key (key, 257);
+ check_generated_rsa_key (key, 65539);
gcry_sexp_release (key);
if (verbose)

24
libgcrypt-1.5.0-use-fipscheck.patch → libgcrypt-1.6.2-use-fipscheck.patch
View File

@ -1,7 +1,7 @@
diff -up libgcrypt-1.5.0/src/fips.c.use-fipscheck libgcrypt-1.5.0/src/fips.c
--- libgcrypt-1.5.0/src/fips.c.use-fipscheck 2011-02-04 20:17:33.000000000 +0100
+++ libgcrypt-1.5.0/src/fips.c 2011-07-20 16:17:21.000000000 +0200
@@ -570,23 +570,48 @@ run_random_selftests (void)
diff -up libgcrypt-1.6.2/src/fips.c.use-fipscheck libgcrypt-1.6.2/src/fips.c
--- libgcrypt-1.6.2/src/fips.c.use-fipscheck 2014-08-21 14:50:39.000000000 +0200
+++ libgcrypt-1.6.2/src/fips.c 2014-09-26 11:42:20.999588282 +0200
@@ -578,23 +578,48 @@ run_random_selftests (void)
return !!err;
}
@ -55,16 +55,16 @@ diff -up libgcrypt-1.5.0/src/fips.c.use-fipscheck libgcrypt-1.5.0/src/fips.c
key, strlen (key));
if (dlen < 0)
err = gpg_error_from_syserror ();
@@ -594,7 +619,7 @@ check_binary_integrity (void)
@@ -602,7 +627,7 @@ check_binary_integrity (void)
err = gpg_error (GPG_ERR_INTERNAL);
else
{
- fname = gcry_malloc (strlen (info.dli_fname) + 1 + 5 + 1 );
+ fname = _gcry_malloc (strlen (libpath) + 1 + 5 + 1 );
- fname = xtrymalloc (strlen (info.dli_fname) + 1 + 5 + 1 );
+ fname = xtrymalloc (strlen (libpath) + 1 + 5 + 1 );
if (!fname)
err = gpg_error_from_syserror ();
else
@@ -603,7 +628,7 @@ check_binary_integrity (void)
@@ -611,7 +636,7 @@ check_binary_integrity (void)
char *p;
/* Prefix the basename with a dot. */
@ -73,10 +73,10 @@ diff -up libgcrypt-1.5.0/src/fips.c.use-fipscheck libgcrypt-1.5.0/src/fips.c
p = strrchr (fname, '/');
if (p)
p++;
diff -up libgcrypt-1.5.0/src/Makefile.in.use-fipscheck libgcrypt-1.5.0/src/Makefile.in
--- libgcrypt-1.5.0/src/Makefile.in.use-fipscheck 2011-06-29 10:58:01.000000000 +0200
+++ libgcrypt-1.5.0/src/Makefile.in 2011-07-20 16:19:33.000000000 +0200
@@ -375,7 +375,7 @@ libgcrypt_la_LIBADD = $(gcrypt_res) \
diff -up libgcrypt-1.6.2/src/Makefile.in.use-fipscheck libgcrypt-1.6.2/src/Makefile.in
--- libgcrypt-1.6.2/src/Makefile.in.use-fipscheck 2014-08-21 15:14:08.000000000 +0200
+++ libgcrypt-1.6.2/src/Makefile.in 2014-09-26 11:41:13.271059281 +0200
@@ -449,7 +449,7 @@ libgcrypt_la_LIBADD = $(gcrypt_res) \
../cipher/libcipher.la \
../random/librandom.la \
../mpi/libmpi.la \

30
libgcrypt.spec
View File

@ -1,6 +1,6 @@
Name: libgcrypt
Version: 1.6.1
Release: 7%{?dist}
Version: 1.6.2
Release: 1%{?dist}
URL: http://www.gnupg.org/
Source0: libgcrypt-%{version}-hobbled.tar.xz
# The original libgcrypt sources now contain potentially patented ECC
@ -17,14 +17,14 @@ Source5: curves.c
Source6: t-mpi-point.c
# make FIPS hmac compatible with fipscheck - non upstreamable
# update on soname bump
Patch2: libgcrypt-1.5.0-use-fipscheck.patch
Patch2: libgcrypt-1.6.2-use-fipscheck.patch
# fix tests in the FIPS mode, fix the FIPS-186-3 DSA keygen
Patch5: libgcrypt-1.6.1-tests.patch
# add configurable source of RNG seed and seed by default
# from /dev/urandom in the FIPS mode
Patch6: libgcrypt-1.6.1-fips-cfgrandom.patch
# make the FIPS-186-3 DSA CAVS testable
Patch7: libgcrypt-1.6.1-fips-cavs.patch
# update the CAVS tests
Patch7: libgcrypt-1.6.2-fips-cavs.patch
# fix for memory leaks an other errors found by Coverity scan
Patch9: libgcrypt-1.6.1-leak.patch
# use poll instead of select when gathering randomness
@ -33,7 +33,16 @@ Patch11: libgcrypt-1.6.1-use-poll.patch
Patch13: libgcrypt-1.6.1-mpicoder-gccopt.patch
# fix tests to work with approved ECC
Patch14: libgcrypt-1.6.1-ecc-test-fix.patch
Patch15: libgcrypt-1.6.1-make-arm-asm-fPIC-friendly.patch
# Replace the FIPS RNG with DRBG
Patch15: libgcrypt-1.6.2-drbg.patch
# Run the FIPS mode initialization in the shared library constructor
Patch18: libgcrypt-1.6.2-fips-ctor.patch
# Make it possible to run the test suite in the FIPS mode
Patch19: libgcrypt-1.6.2-fips-test.patch
# Make the FIPS RSA keygen to be FIPS 186-4 compliant
Patch20: libgcrypt-1.6.2-rsa-fips-keygen.patch
# update the selftests for new FIPS requirements
Patch22: libgcrypt-1.6.2-fips-reqs.patch
%define gcrylibdir %{_libdir}
@ -77,7 +86,11 @@ applications using libgcrypt.
%patch11 -p1 -b .use-poll
%patch13 -p1 -b .gccopt
%patch14 -p1 -b .eccfix
%patch15 -p1 -b .pic
%patch15 -p1 -b .drbg
%patch18 -p1 -b .fips-ctor
%patch19 -p1 -b .fips-test
%patch20 -p1 -b .fips-keygen
%patch22 -p1 -b .fips-reqs
cp %{SOURCE4} cipher/
cp %{SOURCE5} %{SOURCE6} tests/
@ -188,6 +201,9 @@ exit 0
%license COPYING
%changelog
* Mon Dec 8 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.2-1
- new upstream version
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
3f1076b38a407f4775adcf6e9bf43893 libgcrypt-1.6.1-hobbled.tar.xz
e682099d3bf9cd13802e5a5e67a66544 libgcrypt-1.6.2-hobbled.tar.xz