import libgcrypt-1.8.5-3.el8
This commit is contained in:
commit
337170f97e
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/libgcrypt-1.8.5-hobbled.tar.xz
|
1
.libgcrypt.metadata
Normal file
1
.libgcrypt.metadata
Normal file
@ -0,0 +1 @@
|
||||
1edcc623a15ed87ff832e021b4cb77fd94eb66c9 SOURCES/libgcrypt-1.8.5-hobbled.tar.xz
|
144
SOURCES/curves.c
Normal file
144
SOURCES/curves.c
Normal file
@ -0,0 +1,144 @@
|
||||
/* curves.c - ECC curves regression tests
|
||||
* Copyright (C) 2011 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of Libgcrypt.
|
||||
*
|
||||
* Libgcrypt is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as
|
||||
* published by the Free Software Foundation; either version 2.1 of
|
||||
* the License, or (at your option) any later version.
|
||||
*
|
||||
* Libgcrypt is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdarg.h>
|
||||
|
||||
#include "../src/gcrypt-int.h"
|
||||
|
||||
|
||||
#define PGM "curves"
|
||||
#include "t-common.h"
|
||||
|
||||
/* Number of curves defined in ../cipger/ecc.c */
|
||||
#define N_CURVES 14
|
||||
|
||||
/* A real world sample public key. */
|
||||
static char const sample_key_1[] =
|
||||
"(public-key\n"
|
||||
" (ecdsa\n"
|
||||
" (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)\n"
|
||||
" (a #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC#)\n"
|
||||
" (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)\n"
|
||||
" (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
|
||||
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)\n"
|
||||
" (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)\n"
|
||||
" (h #000000000000000000000000000000000000000000000000000000000000000001#)\n"
|
||||
" (q #0442B927242237639A36CE9221B340DB1A9AB76DF2FE3E171277F6A4023DED146EE"
|
||||
"86525E38CCECFF3FB8D152CC6334F70D23A525175C1BCBDDE6E023B2228770E#)\n"
|
||||
" ))";
|
||||
static char const sample_key_1_curve[] = "NIST P-256";
|
||||
static unsigned int sample_key_1_nbits = 256;
|
||||
|
||||
|
||||
|
||||
static void
|
||||
list_curves (void)
|
||||
{
|
||||
int idx;
|
||||
const char *name;
|
||||
unsigned int nbits;
|
||||
|
||||
for (idx=0; (name = gcry_pk_get_curve (NULL, idx, &nbits)); idx++)
|
||||
{
|
||||
if (verbose)
|
||||
printf ("%s - %u bits\n", name, nbits);
|
||||
}
|
||||
if (idx != N_CURVES)
|
||||
fail ("expected %d curves but got %d\n", N_CURVES, idx);
|
||||
if (gcry_pk_get_curve (NULL, -1, NULL))
|
||||
fail ("curve iteration failed\n");
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
check_matching (void)
|
||||
{
|
||||
gpg_error_t err;
|
||||
gcry_sexp_t key;
|
||||
const char *name;
|
||||
unsigned int nbits;
|
||||
|
||||
err = gcry_sexp_new (&key, sample_key_1, 0, 1);
|
||||
if (err)
|
||||
die ("parsing s-expression string failed: %s\n", gpg_strerror (err));
|
||||
name = gcry_pk_get_curve (key, 0, &nbits);
|
||||
if (!name)
|
||||
fail ("curve name not found for sample_key_1\n");
|
||||
else if (strcmp (name, sample_key_1_curve))
|
||||
fail ("expected curve name %s but got %s for sample_key_1\n",
|
||||
sample_key_1_curve, name);
|
||||
else if (nbits != sample_key_1_nbits)
|
||||
fail ("expected curve size %u but got %u for sample_key_1\n",
|
||||
sample_key_1_nbits, nbits);
|
||||
|
||||
gcry_sexp_release (key);
|
||||
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
check_get_params (void)
|
||||
{
|
||||
gcry_sexp_t param;
|
||||
const char *name;
|
||||
|
||||
param = gcry_pk_get_param (GCRY_PK_ECDSA, sample_key_1_curve);
|
||||
if (!param)
|
||||
fail ("error gerring parameters for `%s'\n", sample_key_1_curve);
|
||||
|
||||
name = gcry_pk_get_curve (param, 0, NULL);
|
||||
if (!name)
|
||||
fail ("get_param: curve name not found for sample_key_1\n");
|
||||
else if (strcmp (name, sample_key_1_curve))
|
||||
fail ("get_param: expected curve name %s but got %s for sample_key_1\n",
|
||||
sample_key_1_curve, name);
|
||||
|
||||
gcry_sexp_release (param);
|
||||
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
if (argc > 1 && !strcmp (argv[1], "--verbose"))
|
||||
verbose = 1;
|
||||
else if (argc > 1 && !strcmp (argv[1], "--debug"))
|
||||
verbose = debug = 1;
|
||||
|
||||
if (!gcry_check_version (GCRYPT_VERSION))
|
||||
die ("version mismatch\n");
|
||||
|
||||
xgcry_control (GCRYCTL_DISABLE_SECMEM, 0);
|
||||
xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
||||
if (debug)
|
||||
xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
|
||||
list_curves ();
|
||||
check_matching ();
|
||||
check_get_params ();
|
||||
|
||||
return error_count ? 1 : 0;
|
||||
}
|
1207
SOURCES/ecc-curves.c
Normal file
1207
SOURCES/ecc-curves.c
Normal file
File diff suppressed because it is too large
Load Diff
11
SOURCES/hobble-libgcrypt
Executable file
11
SOURCES/hobble-libgcrypt
Executable file
@ -0,0 +1,11 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Quit out if anything fails.
|
||||
set -e -x
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code.
|
||||
# EC: ????????? ??/??/2015
|
||||
|
||||
rm -f cipher/ecc-curves.c
|
||||
rm -f tests/curves.c
|
||||
rm -f tests/t-mpi-point.c
|
104
SOURCES/libgcrypt-1.6.1-mpicoder-gccopt.patch
Normal file
104
SOURCES/libgcrypt-1.6.1-mpicoder-gccopt.patch
Normal file
@ -0,0 +1,104 @@
|
||||
diff -up libgcrypt-1.6.1/mpi/mpicoder.c.gccopt libgcrypt-1.6.1/mpi/mpicoder.c
|
||||
--- libgcrypt-1.6.1/mpi/mpicoder.c.gccopt 2014-02-28 15:37:53.983139821 +0100
|
||||
+++ libgcrypt-1.6.1/mpi/mpicoder.c 2014-02-28 15:47:35.312576387 +0100
|
||||
@@ -627,16 +627,16 @@ _gcry_mpi_print (enum gcry_mpi_format fo
|
||||
extra = 1;
|
||||
}
|
||||
|
||||
- if (buffer && n > len)
|
||||
- {
|
||||
- /* The provided buffer is too short. */
|
||||
- xfree (tmp);
|
||||
- return GPG_ERR_TOO_SHORT;
|
||||
- }
|
||||
if (buffer)
|
||||
{
|
||||
unsigned char *s = buffer;
|
||||
|
||||
+ if (n > len)
|
||||
+ {
|
||||
+ /* The provided buffer is too short. */
|
||||
+ xfree (tmp);
|
||||
+ return GPG_ERR_TOO_SHORT;
|
||||
+ }
|
||||
if (extra == 1)
|
||||
*s++ = 0;
|
||||
else if (extra)
|
||||
@@ -654,13 +654,12 @@ _gcry_mpi_print (enum gcry_mpi_format fo
|
||||
/* Note: We ignore the sign for this format. */
|
||||
/* FIXME: for performance reasons we should put this into
|
||||
mpi_aprint because we can then use the buffer directly. */
|
||||
-
|
||||
- if (buffer && n > len)
|
||||
- return GPG_ERR_TOO_SHORT;
|
||||
if (buffer)
|
||||
{
|
||||
unsigned char *tmp;
|
||||
|
||||
+ if (n > len)
|
||||
+ return GPG_ERR_TOO_SHORT;
|
||||
tmp = _gcry_mpi_get_buffer (a, 0, &n, NULL);
|
||||
if (!tmp)
|
||||
return gpg_err_code_from_syserror ();
|
||||
@@ -678,14 +677,14 @@ _gcry_mpi_print (enum gcry_mpi_format fo
|
||||
if (negative)
|
||||
return GPG_ERR_INV_ARG;
|
||||
|
||||
- if (buffer && n+2 > len)
|
||||
- return GPG_ERR_TOO_SHORT;
|
||||
-
|
||||
if (buffer)
|
||||
{
|
||||
unsigned char *tmp;
|
||||
unsigned char *s = buffer;
|
||||
|
||||
+ if (n+2 > len)
|
||||
+ return GPG_ERR_TOO_SHORT;
|
||||
+
|
||||
s[0] = nbits >> 8;
|
||||
s[1] = nbits;
|
||||
|
||||
@@ -724,16 +723,16 @@ _gcry_mpi_print (enum gcry_mpi_format fo
|
||||
extra=1;
|
||||
}
|
||||
|
||||
- if (buffer && n+4 > len)
|
||||
- {
|
||||
- xfree(tmp);
|
||||
- return GPG_ERR_TOO_SHORT;
|
||||
- }
|
||||
-
|
||||
if (buffer)
|
||||
{
|
||||
unsigned char *s = buffer;
|
||||
|
||||
+ if (n+4 > len)
|
||||
+ {
|
||||
+ xfree(tmp);
|
||||
+ return GPG_ERR_TOO_SHORT;
|
||||
+ }
|
||||
+
|
||||
*s++ = n >> 24;
|
||||
*s++ = n >> 16;
|
||||
*s++ = n >> 8;
|
||||
@@ -761,15 +760,15 @@ _gcry_mpi_print (enum gcry_mpi_format fo
|
||||
if (!n || (*tmp & 0x80))
|
||||
extra = 2;
|
||||
|
||||
- if (buffer && 2*n + extra + negative + 1 > len)
|
||||
- {
|
||||
- xfree(tmp);
|
||||
- return GPG_ERR_TOO_SHORT;
|
||||
- }
|
||||
if (buffer)
|
||||
{
|
||||
unsigned char *s = buffer;
|
||||
|
||||
+ if (2*n + extra + negative + 1 > len)
|
||||
+ {
|
||||
+ xfree(tmp);
|
||||
+ return GPG_ERR_TOO_SHORT;
|
||||
+ }
|
||||
if (negative)
|
||||
*s++ = '-';
|
||||
if (extra)
|
122
SOURCES/libgcrypt-1.7.3-ecc-test-fix.patch
Normal file
122
SOURCES/libgcrypt-1.7.3-ecc-test-fix.patch
Normal file
@ -0,0 +1,122 @@
|
||||
diff -up libgcrypt-1.7.3/tests/benchmark.c.eccfix libgcrypt-1.7.3/tests/benchmark.c
|
||||
--- libgcrypt-1.7.3/tests/benchmark.c.eccfix 2016-07-14 11:19:17.000000000 +0200
|
||||
+++ libgcrypt-1.7.3/tests/benchmark.c 2016-11-22 16:21:00.109004197 +0100
|
||||
@@ -1412,7 +1412,7 @@ ecc_bench (int iterations, int print_hea
|
||||
{
|
||||
#if USE_ECC
|
||||
gpg_error_t err;
|
||||
- const char *p_sizes[] = { "192", "224", "256", "384", "521", "Ed25519",
|
||||
+ const char *p_sizes[] = { "224", "256", "384", "521", "Ed25519",
|
||||
"gost256", "gost512" };
|
||||
int testno;
|
||||
|
||||
diff -up libgcrypt-1.7.3/tests/dsa-rfc6979.c.eccfix libgcrypt-1.7.3/tests/dsa-rfc6979.c
|
||||
--- libgcrypt-1.7.3/tests/dsa-rfc6979.c.eccfix 2016-02-18 09:38:03.000000000 +0100
|
||||
+++ libgcrypt-1.7.3/tests/dsa-rfc6979.c 2016-11-22 16:22:11.804674008 +0100
|
||||
@@ -210,16 +210,6 @@ check_dsa_rfc6979 (void)
|
||||
" ))"
|
||||
},
|
||||
{
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "(private-key"
|
||||
- " (ecdsa"
|
||||
- " (curve \"NIST P-192\")"
|
||||
- " (q #04AC2C77F529F91689FEA0EA5EFEC7F210D8EEA0B9E047ED56"
|
||||
- " 3BC723E57670BD4887EBC732C523063D0A7C957BC97C1C43#)"
|
||||
- " (d #6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4#)"
|
||||
- " ))"
|
||||
- },
|
||||
- {
|
||||
"ECDSA, 224 bits (prime field)",
|
||||
"(private-key"
|
||||
" (ecdsa"
|
||||
@@ -443,89 +433,6 @@ check_dsa_rfc6979 (void)
|
||||
"C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1"
|
||||
},
|
||||
{
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-1, message = \"sample\"",
|
||||
- "sha1", "sample",
|
||||
- "37D7CA00D2C7B0E5E412AC03BD44BA837FDD5B28CD3B0021",
|
||||
- "98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF",
|
||||
- "57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-224, message = \"sample\"",
|
||||
- "sha224", "sample",
|
||||
- "4381526B3FC1E7128F202E194505592F01D5FF4C5AF015D8",
|
||||
- "A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5",
|
||||
- "E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-256, message = \"sample\"",
|
||||
- "sha256", "sample",
|
||||
- "32B1B6D7D42A05CB449065727A84804FB1A3E34D8F261496",
|
||||
- "4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55",
|
||||
- "CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-384, message = \"sample\"",
|
||||
- "sha384", "sample",
|
||||
- "4730005C4FCB01834C063A7B6760096DBE284B8252EF4311",
|
||||
- "DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5",
|
||||
- "C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-512, message = \"sample\"",
|
||||
- "sha512", "sample",
|
||||
- "A2AC7AB055E4F20692D49209544C203A7D1F2C0BFBC75DB1",
|
||||
- "4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8",
|
||||
- "3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-1, message = \"test\"",
|
||||
- "sha1", "test",
|
||||
- "D9CF9C3D3297D3260773A1DA7418DB5537AB8DD93DE7FA25",
|
||||
- "0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D",
|
||||
- "EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-224, message = \"test\"",
|
||||
- "sha224", "test",
|
||||
- "F5DC805F76EF851800700CCE82E7B98D8911B7D510059FBE",
|
||||
- "6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34",
|
||||
- "B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-256, message = \"test\"",
|
||||
- "sha256", "test",
|
||||
- "5C4CE89CF56D9E7C77C8585339B006B97B5F0680B4306C6C",
|
||||
- "3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE",
|
||||
- "5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-384, message = \"test\"",
|
||||
- "sha384", "test",
|
||||
- "5AFEFB5D3393261B828DB6C91FBC68C230727B030C975693",
|
||||
- "B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367",
|
||||
- "7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A"
|
||||
- },
|
||||
- {
|
||||
- "ECDSA, 192 bits (prime field)",
|
||||
- "With SHA-512, message = \"test\"",
|
||||
- "sha512", "test",
|
||||
- "0758753A5254759C7CFBAD2E2D9B0792EEE44136C9480527",
|
||||
- "FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739",
|
||||
- "74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290"
|
||||
- },
|
||||
-
|
||||
-
|
||||
-
|
||||
- {
|
||||
"ECDSA, 224 bits (prime field)",
|
||||
"With SHA-1, message = \"sample\"",
|
||||
"sha1", "sample",
|
1311
SOURCES/libgcrypt-1.7.3-fips-cavs.patch
Normal file
1311
SOURCES/libgcrypt-1.7.3-fips-cavs.patch
Normal file
File diff suppressed because it is too large
Load Diff
35
SOURCES/libgcrypt-1.7.3-fips-reqs.patch
Normal file
35
SOURCES/libgcrypt-1.7.3-fips-reqs.patch
Normal file
@ -0,0 +1,35 @@
|
||||
diff -up libgcrypt-1.7.3/src/visibility.c.fips-reqs libgcrypt-1.7.3/src/visibility.c
|
||||
--- libgcrypt-1.7.3/src/visibility.c.fips-reqs 2016-03-23 12:59:34.000000000 +0100
|
||||
+++ libgcrypt-1.7.3/src/visibility.c 2016-11-22 16:29:36.992042480 +0100
|
||||
@@ -1288,6 +1288,8 @@ gcry_kdf_derive (const void *passphrase,
|
||||
unsigned long iterations,
|
||||
size_t keysize, void *keybuffer)
|
||||
{
|
||||
+ if (!fips_is_operational ())
|
||||
+ return gpg_error (fips_not_operational ());
|
||||
return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo,
|
||||
salt, saltlen, iterations,
|
||||
keysize, keybuffer));
|
||||
@@ -1343,6 +1345,13 @@ void
|
||||
gcry_mpi_randomize (gcry_mpi_t w,
|
||||
unsigned int nbits, enum gcry_random_level level)
|
||||
{
|
||||
+ if (!fips_is_operational ())
|
||||
+ {
|
||||
+ (void)fips_not_operational ();
|
||||
+ fips_signal_fatal_error ("called in non-operational state");
|
||||
+ fips_noreturn ();
|
||||
+ }
|
||||
+
|
||||
_gcry_mpi_randomize (w, nbits, level);
|
||||
}
|
||||
|
||||
@@ -1368,6 +1377,8 @@ gcry_prime_generate (gcry_mpi_t *prime,
|
||||
gcry_random_level_t random_level,
|
||||
unsigned int flags)
|
||||
{
|
||||
+ if (!fips_is_operational ())
|
||||
+ return gpg_error (fips_not_operational ());
|
||||
return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits,
|
||||
factors, cb_func, cb_arg,
|
||||
random_level, flags));
|
322
SOURCES/libgcrypt-1.8.3-cmac-selftest.patch
Normal file
322
SOURCES/libgcrypt-1.8.3-cmac-selftest.patch
Normal file
@ -0,0 +1,322 @@
|
||||
diff -up libgcrypt-1.8.3/cipher/cipher-cmac.c.cmac-selftest libgcrypt-1.8.3/cipher/cipher-cmac.c
|
||||
--- libgcrypt-1.8.3/cipher/cipher-cmac.c.cmac-selftest 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.3/cipher/cipher-cmac.c 2019-05-31 17:33:35.594407152 +0200
|
||||
@@ -251,3 +251,246 @@ _gcry_cipher_cmac_set_subkeys (gcry_ciph
|
||||
|
||||
return GPG_ERR_NO_ERROR;
|
||||
}
|
||||
+
|
||||
+/* CMAC selftests.
|
||||
+ * Copyright (C) 2008 Free Software Foundation, Inc.
|
||||
+ * Copyright (C) 2019 Red Hat, Inc.
|
||||
+ */
|
||||
+
|
||||
+
|
||||
+
|
||||
+/* Check one MAC with MAC ALGO using the regular MAC
|
||||
+ * API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key
|
||||
+ * and (EXPECT,EXPECTLEN) the expected result. If TRUNC is set, the
|
||||
+ * EXPECTLEN may be less than the digest length. Returns NULL on
|
||||
+ * success or a string describing the failure. */
|
||||
+static const char *
|
||||
+check_one (int algo,
|
||||
+ const void *data, size_t datalen,
|
||||
+ const void *key, size_t keylen,
|
||||
+ const void *expect, size_t expectlen)
|
||||
+{
|
||||
+ gcry_mac_hd_t hd;
|
||||
+ unsigned char mac[512]; /* hardcoded to avoid allocation */
|
||||
+ size_t macoutlen = expectlen;
|
||||
+
|
||||
+/* printf ("MAC algo %d\n", algo); */
|
||||
+ if (_gcry_mac_get_algo_maclen (algo) != expectlen ||
|
||||
+ expectlen > sizeof (mac))
|
||||
+ return "invalid tests data";
|
||||
+ if (_gcry_mac_open (&hd, algo, 0, NULL))
|
||||
+ return "gcry_mac_open failed";
|
||||
+ if (_gcry_mac_setkey (hd, key, keylen))
|
||||
+ {
|
||||
+ _gcry_mac_close (hd);
|
||||
+ return "gcry_md_setkey failed";
|
||||
+ }
|
||||
+ if (_gcry_mac_write (hd, data, datalen))
|
||||
+ {
|
||||
+ _gcry_mac_close (hd);
|
||||
+ return "gcry_mac_write failed";
|
||||
+ }
|
||||
+ if (_gcry_mac_read (hd, mac, &macoutlen))
|
||||
+ {
|
||||
+ _gcry_mac_close (hd);
|
||||
+ return "gcry_mac_read failed";
|
||||
+ }
|
||||
+ _gcry_mac_close (hd);
|
||||
+ if (macoutlen != expectlen || memcmp (mac, expect, expectlen))
|
||||
+ {
|
||||
+/* int i; */
|
||||
+
|
||||
+/* fputs (" {", stdout); */
|
||||
+/* for (i=0; i < expectlen-1; i++) */
|
||||
+/* { */
|
||||
+/* if (i && !(i % 8)) */
|
||||
+/* fputs ("\n ", stdout); */
|
||||
+/* printf (" 0x%02x,", mac[i]); */
|
||||
+/* } */
|
||||
+/* printf (" 0x%02x } },\n", mac[i]); */
|
||||
+
|
||||
+ return "does not match";
|
||||
+ }
|
||||
+ return NULL;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static gpg_err_code_t
|
||||
+selftests_cmac_tdes (int extended, selftest_report_func_t report)
|
||||
+{
|
||||
+ const char *what;
|
||||
+ const char *errtxt;
|
||||
+
|
||||
+ what = "Basic TDES";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_3DES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57", 20,
|
||||
+ "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
|
||||
+ "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", 24,
|
||||
+ "\x74\x3d\xdb\xe0\xce\x2d\xc2\xed", 8);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ if (extended)
|
||||
+ {
|
||||
+ what = "Extended TDES #1";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_3DES,
|
||||
+ "", 0,
|
||||
+ "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
|
||||
+ "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", 24,
|
||||
+ "\xb7\xa6\x88\xe1\x22\xff\xaf\x95", 8);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Extended TDES #2";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_3DES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96", 8,
|
||||
+ "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
|
||||
+ "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", 24,
|
||||
+ "\x8e\x8f\x29\x31\x36\x28\x37\x97", 8);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Extended TDES #3";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_3DES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51", 32,
|
||||
+ "\x8a\xa8\x3b\xf8\xcb\xda\x10\x62\x0b\xc1\xbf\x19\xfb\xb6\xcd\x58"
|
||||
+ "\xbc\x31\x3d\x4a\x37\x1c\xa8\xb5", 24,
|
||||
+ "\x33\xe6\xb1\x09\x24\x00\xea\xe5", 8);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+ }
|
||||
+
|
||||
+ return 0; /* Succeeded. */
|
||||
+
|
||||
+ failed:
|
||||
+ if (report)
|
||||
+ report ("cmac", GCRY_MAC_CMAC_3DES, what, errtxt);
|
||||
+ return GPG_ERR_SELFTEST_FAILED;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+
|
||||
+static gpg_err_code_t
|
||||
+selftests_cmac_aes (int extended, selftest_report_func_t report)
|
||||
+{
|
||||
+ const char *what;
|
||||
+ const char *errtxt;
|
||||
+
|
||||
+ what = "Basic AES128";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
|
||||
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", 40,
|
||||
+ "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
|
||||
+ "\xdf\xa6\x67\x47\xde\x9a\xe6\x30\x30\xca\x32\x61\x14\x97\xc8\x27", 16);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Basic AES192";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
|
||||
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", 40,
|
||||
+ "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
|
||||
+ "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", 24,
|
||||
+ "\x8a\x1d\xe5\xbe\x2e\xb3\x1a\xad\x08\x9a\x82\xe6\xee\x90\x8b\x0e", 16);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Basic AES256";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
|
||||
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11", 40,
|
||||
+ "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
|
||||
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", 32,
|
||||
+ "\xaa\xf3\xd8\xf1\xde\x56\x40\xc2\x32\xf5\xb1\x69\xb9\xc9\x11\xe6", 16);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+ if (extended)
|
||||
+ {
|
||||
+ what = "Extended AES #1";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "", 0,
|
||||
+ "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
|
||||
+ "\xbb\x1d\x69\x29\xe9\x59\x37\x28\x7f\xa3\x7d\x12\x9b\x75\x67\x46", 16);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Extended AES #2";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a", 16,
|
||||
+ "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
|
||||
+ "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", 24,
|
||||
+ "\x9e\x99\xa7\xbf\x31\xe7\x10\x90\x06\x62\xf6\x5e\x61\x7c\x51\x84", 16);
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+
|
||||
+ what = "Extended AES #3";
|
||||
+ errtxt = check_one (GCRY_MAC_CMAC_AES,
|
||||
+ "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
|
||||
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
|
||||
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
|
||||
+ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", 64,
|
||||
+ "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
|
||||
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", 32,
|
||||
+ "\xe1\x99\x21\x90\x54\x9f\x6e\xd5\x69\x6a\x2c\x05\x6c\x31\x54\x10", 16 );
|
||||
+ if (errtxt)
|
||||
+ goto failed;
|
||||
+ }
|
||||
+
|
||||
+ return 0; /* Succeeded. */
|
||||
+
|
||||
+ failed:
|
||||
+ if (report)
|
||||
+ report ("cmac", GCRY_MAC_CMAC_AES, what, errtxt);
|
||||
+ return GPG_ERR_SELFTEST_FAILED;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+/* Run a full self-test for ALGO and return 0 on success. */
|
||||
+static gpg_err_code_t
|
||||
+run_cmac_selftests (int algo, int extended, selftest_report_func_t report)
|
||||
+{
|
||||
+ gpg_err_code_t ec;
|
||||
+
|
||||
+ switch (algo)
|
||||
+ {
|
||||
+ case GCRY_MAC_CMAC_3DES:
|
||||
+ ec = selftests_cmac_tdes (extended, report);
|
||||
+ break;
|
||||
+ case GCRY_MAC_CMAC_AES:
|
||||
+ ec = selftests_cmac_aes (extended, report);
|
||||
+ break;
|
||||
+
|
||||
+ default:
|
||||
+ ec = GPG_ERR_MAC_ALGO;
|
||||
+ break;
|
||||
+ }
|
||||
+ return ec;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+
|
||||
+
|
||||
+/* Run the selftests for CMAC with CMAC algorithm ALGO with optional
|
||||
+ reporting function REPORT. */
|
||||
+gpg_error_t
|
||||
+_gcry_cmac_selftest (int algo, int extended, selftest_report_func_t report)
|
||||
+{
|
||||
+ gcry_err_code_t ec = 0;
|
||||
+
|
||||
+ if (!_gcry_mac_algo_info( algo, GCRYCTL_TEST_ALGO, NULL, NULL ))
|
||||
+ {
|
||||
+ ec = run_cmac_selftests (algo, extended, report);
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ ec = GPG_ERR_MAC_ALGO;
|
||||
+ if (report)
|
||||
+ report ("mac", algo, "module", "algorithm not available");
|
||||
+ }
|
||||
+ return gpg_error (ec);
|
||||
+}
|
||||
diff -up libgcrypt-1.8.3/src/cipher-proto.h.cmac-selftest libgcrypt-1.8.3/src/cipher-proto.h
|
||||
--- libgcrypt-1.8.3/src/cipher-proto.h.cmac-selftest 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.3/src/cipher-proto.h 2019-05-31 17:29:34.574588234 +0200
|
||||
@@ -256,6 +256,8 @@ gcry_error_t _gcry_pk_selftest (int algo
|
||||
selftest_report_func_t report);
|
||||
gcry_error_t _gcry_hmac_selftest (int algo, int extended,
|
||||
selftest_report_func_t report);
|
||||
+gcry_error_t _gcry_cmac_selftest (int algo, int extended,
|
||||
+ selftest_report_func_t report);
|
||||
|
||||
gcry_error_t _gcry_random_selftest (selftest_report_func_t report);
|
||||
|
||||
diff -up libgcrypt-1.8.3/src/fips.c.cmac-selftest libgcrypt-1.8.3/src/fips.c
|
||||
--- libgcrypt-1.8.3/src/fips.c.cmac-selftest 2018-11-01 15:40:36.051865535 +0100
|
||||
+++ libgcrypt-1.8.3/src/fips.c 2019-05-31 17:31:20.157756640 +0200
|
||||
@@ -521,29 +521,32 @@ run_digest_selftests (int extended)
|
||||
|
||||
/* Run self-tests for all HMAC algorithms. Return 0 on success. */
|
||||
static int
|
||||
-run_hmac_selftests (int extended)
|
||||
+run_mac_selftests (int extended)
|
||||
{
|
||||
- static int algos[] =
|
||||
+ static int algos[][2] =
|
||||
{
|
||||
- GCRY_MD_SHA1,
|
||||
- GCRY_MD_SHA224,
|
||||
- GCRY_MD_SHA256,
|
||||
- GCRY_MD_SHA384,
|
||||
- GCRY_MD_SHA512,
|
||||
- GCRY_MD_SHA3_224,
|
||||
- GCRY_MD_SHA3_256,
|
||||
- GCRY_MD_SHA3_384,
|
||||
- GCRY_MD_SHA3_512,
|
||||
- 0
|
||||
+ { GCRY_MD_SHA1, 0 },
|
||||
+ { GCRY_MD_SHA224, 0 },
|
||||
+ { GCRY_MD_SHA256, 0 },
|
||||
+ { GCRY_MD_SHA384, 0 },
|
||||
+ { GCRY_MD_SHA512, 0 },
|
||||
+ { GCRY_MD_SHA3_224, 0 },
|
||||
+ { GCRY_MD_SHA3_256, 0 },
|
||||
+ { GCRY_MD_SHA3_384, 0 },
|
||||
+ { GCRY_MD_SHA3_512, 0 },
|
||||
+ { GCRY_MAC_CMAC_3DES, 1 },
|
||||
+ { GCRY_MAC_CMAC_AES, 1 },
|
||||
+ { 0, 0 }
|
||||
};
|
||||
int idx;
|
||||
gpg_error_t err;
|
||||
int anyerr = 0;
|
||||
|
||||
- for (idx=0; algos[idx]; idx++)
|
||||
+ for (idx=0; algos[idx][0]; idx++)
|
||||
{
|
||||
- err = _gcry_hmac_selftest (algos[idx], extended, reporter);
|
||||
- reporter ("hmac", algos[idx], NULL,
|
||||
+ err = algos[idx][1] ? _gcry_cmac_selftest (algos[idx][0], extended, reporter) :
|
||||
+ _gcry_hmac_selftest (algos[idx][0], extended, reporter);
|
||||
+ reporter (algos[idx][1] ? "cmac" : "hmac", algos[idx][0], NULL,
|
||||
err? gpg_strerror (err):NULL);
|
||||
if (err)
|
||||
anyerr = 1;
|
||||
@@ -747,7 +750,7 @@ _gcry_fips_run_selftests (int extended)
|
||||
if (run_digest_selftests (extended))
|
||||
goto leave;
|
||||
|
||||
- if (run_hmac_selftests (extended))
|
||||
+ if (run_mac_selftests (extended))
|
||||
goto leave;
|
||||
|
||||
/* Run random tests before the pubkey tests because the latter
|
60
SOURCES/libgcrypt-1.8.3-fips-ctor.patch
Normal file
60
SOURCES/libgcrypt-1.8.3-fips-ctor.patch
Normal file
@ -0,0 +1,60 @@
|
||||
diff -up libgcrypt-1.8.3/src/global.c.fips-ctor libgcrypt-1.8.3/src/global.c
|
||||
--- libgcrypt-1.8.3/src/global.c.fips-ctor 2017-11-23 19:25:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.3/src/global.c 2020-04-17 16:29:59.258218015 +0200
|
||||
@@ -141,6 +141,34 @@ global_init (void)
|
||||
}
|
||||
|
||||
|
||||
+#ifndef FIPS_MODULE_PATH
|
||||
+#define FIPS_MODULE_PATH "/etc/system-fips"
|
||||
+#endif
|
||||
+
|
||||
+void __attribute__ ((constructor)) _gcry_global_constructor (void)
|
||||
+{
|
||||
+ int rv;
|
||||
+
|
||||
+ rv = access (FIPS_MODULE_PATH, F_OK);
|
||||
+ if (rv < 0 && errno != ENOENT)
|
||||
+ rv = 0;
|
||||
+
|
||||
+ if (!rv)
|
||||
+ {
|
||||
+ int no_secmem_save;
|
||||
+
|
||||
+ /* it should be always 0 at this point but let's keep on the safe side */
|
||||
+ no_secmem_save = no_secure_memory;
|
||||
+ no_secure_memory = 1;
|
||||
+ /* force selftests */
|
||||
+ global_init();
|
||||
+ _gcry_fips_run_selftests (0);
|
||||
+ if (!fips_mode())
|
||||
+ _gcry_random_close_fds ();
|
||||
+ no_secure_memory = no_secmem_save;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
/* This function is called by the macro fips_is_operational and makes
|
||||
sure that the minimal initialization has been done. This is far
|
||||
from a perfect solution and hides problems with an improper
|
||||
@@ -671,8 +699,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
|
||||
|
||||
case GCRYCTL_FIPS_MODE_P:
|
||||
if (fips_mode ()
|
||||
- && !_gcry_is_fips_mode_inactive ()
|
||||
- && !no_secure_memory)
|
||||
+ && !_gcry_is_fips_mode_inactive ())
|
||||
rc = GPG_ERR_GENERAL; /* Used as TRUE value */
|
||||
break;
|
||||
|
||||
@@ -749,9 +776,9 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
|
||||
break;
|
||||
|
||||
case GCRYCTL_SET_ENFORCED_FIPS_FLAG:
|
||||
- if (!any_init_done)
|
||||
+ if (fips_mode ())
|
||||
{
|
||||
- /* Not yet initialized at all. Set the enforced fips mode flag */
|
||||
+ /* We are in FIPS mode, we can set the enforced fips mode flag. */
|
||||
_gcry_set_preferred_rng_type (0);
|
||||
_gcry_set_enforced_fips_mode ();
|
||||
}
|
113
SOURCES/libgcrypt-1.8.3-fips-enttest.patch
Normal file
113
SOURCES/libgcrypt-1.8.3-fips-enttest.patch
Normal file
@ -0,0 +1,113 @@
|
||||
diff -up libgcrypt-1.8.3/random/random-drbg.c.fips-enttest libgcrypt-1.8.3/random/random-drbg.c
|
||||
--- libgcrypt-1.8.3/random/random-drbg.c.fips-enttest 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.3/random/random-drbg.c 2019-06-24 10:04:23.219547141 +0200
|
||||
@@ -317,6 +317,7 @@ struct drbg_state_s
|
||||
unsigned char *ctr_null; /* CTR mode zero buffer */
|
||||
int seeded:1; /* DRBG fully seeded? */
|
||||
int pr:1; /* Prediction resistance enabled? */
|
||||
+ int ent_primed:1; /* Previous entropy data primed? */
|
||||
/* Taken from libgcrypt ANSI X9.31 DRNG: We need to keep track of the
|
||||
* process which did the initialization so that we can detect a fork.
|
||||
* The volatile modifier is required so that the compiler does not
|
||||
@@ -324,6 +325,7 @@ struct drbg_state_s
|
||||
pid_t seed_init_pid;
|
||||
const struct drbg_state_ops_s *d_ops;
|
||||
const struct drbg_core_s *core;
|
||||
+ unsigned char ent_hash[64]; /* Hash of previous entropy data */
|
||||
struct drbg_test_data_s *test_data;
|
||||
};
|
||||
|
||||
@@ -610,11 +612,13 @@ drbg_get_entropy (drbg_state_t drbg, uns
|
||||
size_t len)
|
||||
{
|
||||
int rc = 0;
|
||||
+ unsigned char newhash[64];
|
||||
|
||||
/* Perform testing as defined in 11.3.2 */
|
||||
if (drbg->test_data && drbg->test_data->fail_seed_source)
|
||||
return -1;
|
||||
|
||||
+redo:
|
||||
read_cb_buffer = buffer;
|
||||
read_cb_size = len;
|
||||
read_cb_len = 0;
|
||||
@@ -634,6 +638,27 @@ drbg_get_entropy (drbg_state_t drbg, uns
|
||||
#else
|
||||
rc = -1;
|
||||
#endif
|
||||
+
|
||||
+ /* to avoid storing the actual entropy obtained for indefinite
|
||||
+ time, we just store the SHA-512 hash of the entropy gathered
|
||||
+ */
|
||||
+ _gcry_md_hash_buffer (GCRY_MD_SHA512, newhash, buffer, len);
|
||||
+
|
||||
+ if (!drbg->ent_primed)
|
||||
+ {
|
||||
+ memcpy (drbg->ent_hash, newhash, sizeof (drbg->ent_hash));
|
||||
+ drbg->ent_primed = 1;
|
||||
+ goto redo;
|
||||
+ }
|
||||
+
|
||||
+ if (memcmp (newhash, drbg->ent_hash, sizeof (drbg->ent_hash)) == 0)
|
||||
+ {
|
||||
+ fips_signal_error ("Entropy source failed the continuous test");
|
||||
+ return -1; /* continuous entropy test failed */
|
||||
+ }
|
||||
+
|
||||
+ memcpy (drbg->ent_hash, newhash, sizeof (drbg->ent_hash));
|
||||
+
|
||||
return rc;
|
||||
}
|
||||
|
||||
@@ -1341,26 +1366,38 @@ drbg_seed (drbg_state_t drbg, drbg_strin
|
||||
}
|
||||
else
|
||||
{
|
||||
+ int nonce = 0;
|
||||
/* Gather entropy equal to the security strength of the DRBG.
|
||||
* With a derivation function, a nonce is required in addition
|
||||
* to the entropy. A nonce must be at least 1/2 of the security
|
||||
* strength of the DRBG in size. Thus, entropy * nonce is 3/2
|
||||
* of the strength. The consideration of a nonce is only
|
||||
- * applicable during initial seeding. */
|
||||
+ * applicable during initial seeding.
|
||||
+ * To avoid pulling different length of data from entropy
|
||||
+ * source, we use 2 * strength for initial seeding. */
|
||||
entropylen = drbg_sec_strength (drbg->core->flags);
|
||||
if (!entropylen)
|
||||
return GPG_ERR_GENERAL;
|
||||
if (0 == reseed)
|
||||
- /* make sure we round up strength/2 in
|
||||
- * case it is not divisible by 2 */
|
||||
- entropylen = ((entropylen + 1) / 2) * 3;
|
||||
+ {
|
||||
+ nonce = 1;
|
||||
+ }
|
||||
dbg (("DRBG: (re)seeding with %lu bytes of entropy\n", entropylen));
|
||||
- entropy = xcalloc_secure (1, entropylen);
|
||||
+ entropy = xcalloc_secure (nonce + 1, entropylen);
|
||||
if (!entropy)
|
||||
return GPG_ERR_ENOMEM;
|
||||
ret = drbg_get_entropy (drbg, entropy, entropylen);
|
||||
if (ret)
|
||||
goto out;
|
||||
+ if (nonce)
|
||||
+ {
|
||||
+ ret = drbg_get_entropy (drbg, entropy + entropylen, entropylen);
|
||||
+ if (ret)
|
||||
+ goto out;
|
||||
+ /* make sure we round up strength/2 in
|
||||
+ * case it is not divisible by 2 */
|
||||
+ entropylen = 2 * entropylen;
|
||||
+ }
|
||||
drbg_string_fill (&data1, entropy, entropylen);
|
||||
}
|
||||
|
||||
@@ -1597,6 +1634,7 @@ drbg_instantiate (drbg_state_t drbg,
|
||||
drbg->core = &drbg_cores[coreref];
|
||||
drbg->pr = pr;
|
||||
drbg->seeded = 0;
|
||||
+ drbg->ent_primed = 0;
|
||||
if (drbg->core->flags & DRBG_HMAC)
|
||||
drbg->d_ops = &drbg_hmac_ops;
|
||||
else if (drbg->core->flags & DRBG_HASH_MASK)
|
18
SOURCES/libgcrypt-1.8.3-md-fips-enforce.patch
Normal file
18
SOURCES/libgcrypt-1.8.3-md-fips-enforce.patch
Normal file
@ -0,0 +1,18 @@
|
||||
diff -up libgcrypt-1.8.3/cipher/md.c.fips-enforce libgcrypt-1.8.3/cipher/md.c
|
||||
--- libgcrypt-1.8.3/cipher/md.c.fips-enforce 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.3/cipher/md.c 2020-04-17 15:07:31.364945130 +0200
|
||||
@@ -409,13 +409,10 @@ md_enable (gcry_md_hd_t hd, int algorith
|
||||
}
|
||||
|
||||
|
||||
- if (!err && algorithm == GCRY_MD_MD5 && fips_mode ())
|
||||
+ if (!err && !spec->flags.fips && fips_mode ())
|
||||
{
|
||||
- _gcry_inactivate_fips_mode ("MD5 used");
|
||||
if (_gcry_enforced_fips_mode () )
|
||||
{
|
||||
- /* We should never get to here because we do not register
|
||||
- MD5 in enforced fips mode. But better throw an error. */
|
||||
err = GPG_ERR_DIGEST_ALGO;
|
||||
}
|
||||
}
|
65
SOURCES/libgcrypt-1.8.4-fips-keygen.patch
Normal file
65
SOURCES/libgcrypt-1.8.4-fips-keygen.patch
Normal file
@ -0,0 +1,65 @@
|
||||
diff -up libgcrypt-1.8.4/cipher/dsa.c.fips-keygen libgcrypt-1.8.4/cipher/dsa.c
|
||||
--- libgcrypt-1.8.4/cipher/dsa.c.fips-keygen 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/cipher/dsa.c 2019-02-12 14:29:25.629513989 +0100
|
||||
@@ -457,11 +457,22 @@ generate_fips186 (DSA_secret_key *sk, un
|
||||
&prime_q, &prime_p,
|
||||
r_counter,
|
||||
r_seed, r_seedlen);
|
||||
- else
|
||||
- ec = _gcry_generate_fips186_3_prime (nbits, qbits, NULL, 0,
|
||||
+ else if (!domain->p || !domain->q)
|
||||
+ ec = _gcry_generate_fips186_3_prime (nbits, qbits,
|
||||
+ initial_seed.seed,
|
||||
+ initial_seed.seedlen,
|
||||
&prime_q, &prime_p,
|
||||
r_counter,
|
||||
r_seed, r_seedlen, NULL);
|
||||
+ else
|
||||
+ {
|
||||
+ /* Domain parameters p and q are given; use them. */
|
||||
+ prime_p = mpi_copy (domain->p);
|
||||
+ prime_q = mpi_copy (domain->q);
|
||||
+ gcry_assert (mpi_get_nbits (prime_p) == nbits);
|
||||
+ gcry_assert (mpi_get_nbits (prime_q) == qbits);
|
||||
+ ec = 0;
|
||||
+ }
|
||||
sexp_release (initial_seed.sexp);
|
||||
if (ec)
|
||||
goto leave;
|
||||
@@ -855,13 +866,12 @@ dsa_generate (const gcry_sexp_t genparms
|
||||
sexp_release (l1);
|
||||
sexp_release (domainsexp);
|
||||
|
||||
- /* Check that all domain parameters are available. */
|
||||
- if (!domain.p || !domain.q || !domain.g)
|
||||
+ /* Check that p and q domain parameters are available. */
|
||||
+ if (!domain.p || !domain.q || (!domain.g && !(flags & PUBKEY_FLAG_USE_FIPS186)))
|
||||
{
|
||||
_gcry_mpi_release (domain.p);
|
||||
_gcry_mpi_release (domain.q);
|
||||
_gcry_mpi_release (domain.g);
|
||||
- sexp_release (deriveparms);
|
||||
return GPG_ERR_MISSING_VALUE;
|
||||
}
|
||||
|
||||
diff -up libgcrypt-1.8.4/cipher/rsa.c.fips-keygen libgcrypt-1.8.4/cipher/rsa.c
|
||||
--- libgcrypt-1.8.4/cipher/rsa.c.fips-keygen 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/cipher/rsa.c 2019-02-12 14:29:25.630513971 +0100
|
||||
@@ -389,7 +389,7 @@ generate_fips (RSA_secret_key *sk, unsig
|
||||
|
||||
if (nbits < 1024 || (nbits & 0x1FF))
|
||||
return GPG_ERR_INV_VALUE;
|
||||
- if (_gcry_enforced_fips_mode() && nbits != 2048 && nbits != 3072)
|
||||
+ if (fips_mode() && nbits < 2048)
|
||||
return GPG_ERR_INV_VALUE;
|
||||
|
||||
/* The random quality depends on the transient_key flag. */
|
||||
@@ -696,7 +696,7 @@ generate_x931 (RSA_secret_key *sk, unsig
|
||||
|
||||
*swapped = 0;
|
||||
|
||||
- if (e_value == 1) /* Alias for a secure value. */
|
||||
+ if (e_value == 1 || e_value == 0) /* Alias for a secure value. */
|
||||
e_value = 65537;
|
||||
|
||||
/* Point 1 of section 4.1: k = 1024 + 256s with S >= 0 */
|
184
SOURCES/libgcrypt-1.8.4-tests-fipsmode.patch
Normal file
184
SOURCES/libgcrypt-1.8.4-tests-fipsmode.patch
Normal file
@ -0,0 +1,184 @@
|
||||
diff -up libgcrypt-1.8.4/tests/basic.c.tests-fipsmode libgcrypt-1.8.4/tests/basic.c
|
||||
--- libgcrypt-1.8.4/tests/basic.c.tests-fipsmode 2018-04-17 17:29:40.000000000 +0200
|
||||
+++ libgcrypt-1.8.4/tests/basic.c 2019-02-12 13:30:48.935791024 +0100
|
||||
@@ -6964,7 +6964,7 @@ check_ciphers (void)
|
||||
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CTR, 0);
|
||||
if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_CCM_BLOCK_LEN)
|
||||
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CCM, 0);
|
||||
- if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_GCM_BLOCK_LEN)
|
||||
+ if (!in_fips_mode && gcry_cipher_get_algo_blklen (algos[i]) == GCRY_GCM_BLOCK_LEN)
|
||||
check_one_cipher (algos[i], GCRY_CIPHER_MODE_GCM, 0);
|
||||
if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_OCB_BLOCK_LEN)
|
||||
check_one_cipher (algos[i], GCRY_CIPHER_MODE_OCB, 0);
|
||||
@@ -7010,11 +7010,17 @@ check_cipher_modes(void)
|
||||
check_cfb_cipher ();
|
||||
check_ofb_cipher ();
|
||||
check_ccm_cipher ();
|
||||
- check_gcm_cipher ();
|
||||
- check_poly1305_cipher ();
|
||||
- check_ocb_cipher ();
|
||||
+ if (!in_fips_mode)
|
||||
+ {
|
||||
+ check_gcm_cipher ();
|
||||
+ check_poly1305_cipher ();
|
||||
+ check_ocb_cipher ();
|
||||
+ }
|
||||
check_xts_cipher ();
|
||||
- check_gost28147_cipher ();
|
||||
+ if (!in_fips_mode)
|
||||
+ {
|
||||
+ check_gost28147_cipher ();
|
||||
+ }
|
||||
check_stream_cipher ();
|
||||
check_stream_cipher_large_block ();
|
||||
|
||||
@@ -10001,7 +10007,7 @@ check_mac (void)
|
||||
show_mac_not_available (algos[i].algo);
|
||||
continue;
|
||||
}
|
||||
- if (gcry_mac_test_algo (algos[i].algo) && in_fips_mode)
|
||||
+ if ((algos[i].algo == GCRY_MAC_GMAC_AES || gcry_mac_test_algo (algos[i].algo)) && in_fips_mode)
|
||||
{
|
||||
if (verbose)
|
||||
fprintf (stderr, " algorithm %d not available in fips mode\n",
|
||||
@@ -11095,8 +11101,6 @@ main (int argc, char **argv)
|
||||
/* If we are in fips mode do some more tests. */
|
||||
gcry_md_hd_t md;
|
||||
|
||||
- /* First trigger a self-test. */
|
||||
- xgcry_control (GCRYCTL_FORCE_FIPS_MODE, 0);
|
||||
if (!gcry_control (GCRYCTL_OPERATIONAL_P, 0))
|
||||
fail ("not in operational state after self-test\n");
|
||||
|
||||
@@ -11121,15 +11125,6 @@ main (int argc, char **argv)
|
||||
gcry_md_close (md);
|
||||
if (gcry_control (GCRYCTL_OPERATIONAL_P, 0))
|
||||
fail ("expected error state but still in operational state\n");
|
||||
- else
|
||||
- {
|
||||
- /* Now run a self-test and to get back into
|
||||
- operational state. */
|
||||
- xgcry_control (GCRYCTL_FORCE_FIPS_MODE, 0);
|
||||
- if (!gcry_control (GCRYCTL_OPERATIONAL_P, 0))
|
||||
- fail ("did not reach operational after error "
|
||||
- "and self-test\n");
|
||||
- }
|
||||
}
|
||||
}
|
||||
|
||||
diff -up libgcrypt-1.8.4/tests/benchmark.c.tests-fipsmode libgcrypt-1.8.4/tests/benchmark.c
|
||||
--- libgcrypt-1.8.4/tests/benchmark.c.tests-fipsmode 2019-02-12 11:31:44.859603883 +0100
|
||||
+++ libgcrypt-1.8.4/tests/benchmark.c 2019-02-12 14:10:40.271999352 +0100
|
||||
@@ -872,8 +872,10 @@ cipher_bench ( const char *algoname )
|
||||
|| (blklen == 1 && modes[modeidx].mode != GCRY_CIPHER_MODE_STREAM))
|
||||
continue;
|
||||
|
||||
- if (modes[modeidx].req_blocksize > 0
|
||||
- && blklen != modes[modeidx].req_blocksize)
|
||||
+ if ((modes[modeidx].req_blocksize > 0
|
||||
+ && blklen != modes[modeidx].req_blocksize)
|
||||
+ || (in_fips_mode
|
||||
+ && modes[modeidx].mode == GCRY_CIPHER_MODE_GCM))
|
||||
{
|
||||
printf (" %7s %7s", "-", "-" );
|
||||
continue;
|
||||
diff -up libgcrypt-1.8.4/tests/bench-slope.c.tests-fipsmode libgcrypt-1.8.4/tests/bench-slope.c
|
||||
--- libgcrypt-1.8.4/tests/bench-slope.c.tests-fipsmode 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/tests/bench-slope.c 2019-02-12 14:14:33.618763325 +0100
|
||||
@@ -1338,7 +1338,7 @@ cipher_bench_one (int algo, struct bench
|
||||
return;
|
||||
|
||||
/* GCM has restrictions for block-size */
|
||||
- if (mode.mode == GCRY_CIPHER_MODE_GCM && blklen != GCRY_GCM_BLOCK_LEN)
|
||||
+ if (mode.mode == GCRY_CIPHER_MODE_GCM && (gcry_fips_mode_active () || blklen != GCRY_GCM_BLOCK_LEN))
|
||||
return;
|
||||
|
||||
/* XTS has restrictions for block-size */
|
||||
diff -up libgcrypt-1.8.4/tests/pubkey.c.tests-fipsmode libgcrypt-1.8.4/tests/pubkey.c
|
||||
--- libgcrypt-1.8.4/tests/pubkey.c.tests-fipsmode 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/tests/pubkey.c 2019-02-12 13:52:25.658746415 +0100
|
||||
@@ -504,15 +504,30 @@ get_dsa_key_with_domain_new (gcry_sexp_t
|
||||
rc = gcry_sexp_new
|
||||
(&key_spec,
|
||||
"(genkey (dsa (transient-key)(domain"
|
||||
- "(p #d3aed1876054db831d0c1348fbb1ada72507e5fbf9a62cbd47a63aeb7859d6921"
|
||||
- "4adeb9146a6ec3f43520f0fd8e3125dd8bbc5d87405d1ac5f82073cd762a3f8d7"
|
||||
- "74322657c9da88a7d2f0e1a9ceb84a39cb40876179e6a76e400498de4bb9379b0"
|
||||
- "5f5feb7b91eb8fea97ee17a955a0a8a37587a272c4719d6feb6b54ba4ab69#)"
|
||||
- "(q #9c916d121de9a03f71fb21bc2e1c0d116f065a4f#)"
|
||||
- "(g #8157c5f68ca40b3ded11c353327ab9b8af3e186dd2e8dade98761a0996dda99ab"
|
||||
- "0250d3409063ad99efae48b10c6ab2bba3ea9a67b12b911a372a2bba260176fad"
|
||||
- "b4b93247d9712aad13aa70216c55da9858f7a298deb670a403eb1e7c91b847f1e"
|
||||
- "ccfbd14bd806fd42cf45dbb69cd6d6b43add2a78f7d16928eaa04458dea44#)"
|
||||
+ " (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
|
||||
+ " 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
|
||||
+ " 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
|
||||
+ " 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
|
||||
+ " 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
|
||||
+ " eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
|
||||
+ " 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
|
||||
+ " 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
|
||||
+ " 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
|
||||
+ " 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
|
||||
+ " 2c8d7469db02e24d592394a7dba069e9#)"
|
||||
+ " (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
|
||||
+ " 7441a0a5#)"
|
||||
+ " (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
|
||||
+ " 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
|
||||
+ " ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
|
||||
+ " 0df242b75b414df372121e53a553f222f836b000f016485b"
|
||||
+ " 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
|
||||
+ " 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
|
||||
+ " 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
|
||||
+ " ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
|
||||
+ " 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
|
||||
+ " 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
|
||||
+ " 45f322f82e4e85ca3ab85591b3c2a966#)"
|
||||
")))", 0, 1);
|
||||
if (rc)
|
||||
die ("error creating S-expression: %s\n", gcry_strerror (rc));
|
||||
@@ -595,7 +610,7 @@ get_dsa_key_fips186_with_seed_new (gcry_
|
||||
" (use-fips186)"
|
||||
" (transient-key)"
|
||||
" (derive-parms"
|
||||
- " (seed #0cb1990c1fd3626055d7a0096f8fa99807399871#))))",
|
||||
+ " (seed #8b4c4d671fff82e8ed932260206d0571e3a1c2cee8cd94cb73fe58f9b67488fa#))))",
|
||||
0, 1);
|
||||
if (rc)
|
||||
die ("error creating S-expression: %s\n", gcry_strerror (rc));
|
||||
diff -up libgcrypt-1.8.4/tests/t-cv25519.c.tests-fipsmode libgcrypt-1.8.4/tests/t-cv25519.c
|
||||
--- libgcrypt-1.8.4/tests/t-cv25519.c.tests-fipsmode 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/tests/t-cv25519.c 2019-02-12 14:02:35.935705390 +0100
|
||||
@@ -560,6 +560,9 @@ main (int argc, char **argv)
|
||||
xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
|
||||
xgcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
|
||||
xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
||||
+ /* Curve25519 isn't supported in fips mode */
|
||||
+ if (gcry_fips_mode_active())
|
||||
+ return 77;
|
||||
|
||||
start_timer ();
|
||||
check_cv25519 ();
|
||||
diff -up libgcrypt-1.8.4/tests/t-secmem.c.tests-fipsmode libgcrypt-1.8.4/tests/t-secmem.c
|
||||
--- libgcrypt-1.8.4/tests/t-secmem.c.tests-fipsmode 2017-11-23 19:19:54.000000000 +0100
|
||||
+++ libgcrypt-1.8.4/tests/t-secmem.c 2019-02-12 11:51:02.462190538 +0100
|
||||
@@ -174,7 +174,8 @@ main (int argc, char **argv)
|
||||
xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
|
||||
xgcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
|
||||
xgcry_control (GCRYCTL_INIT_SECMEM, pool_size, 0);
|
||||
- gcry_set_outofcore_handler (outofcore_handler, NULL);
|
||||
+ if (!gcry_fips_mode_active ())
|
||||
+ gcry_set_outofcore_handler (outofcore_handler, NULL);
|
||||
xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
||||
|
||||
/* Libgcrypt prints a warning when the first overflow is allocated;
|
||||
@@ -184,7 +185,8 @@ main (int argc, char **argv)
|
||||
|
||||
|
||||
test_secmem ();
|
||||
- test_secmem_overflow ();
|
||||
+ if (!gcry_fips_mode_active ())
|
||||
+ test_secmem_overflow ();
|
||||
/* FIXME: We need to improve the tests, for example by registering
|
||||
* our own log handler and comparing the output of
|
||||
* PRIV_CTL_DUMP_SECMEM_STATS to expected pattern. */
|
77
SOURCES/libgcrypt-1.8.4-use-poll.patch
Normal file
77
SOURCES/libgcrypt-1.8.4-use-poll.patch
Normal file
@ -0,0 +1,77 @@
|
||||
diff -up libgcrypt-1.8.4/random/rndlinux.c.use-poll libgcrypt-1.8.4/random/rndlinux.c
|
||||
--- libgcrypt-1.8.4/random/rndlinux.c.use-poll 2018-10-26 13:50:20.000000000 +0200
|
||||
+++ libgcrypt-1.8.4/random/rndlinux.c 2018-11-20 15:51:56.760669058 +0100
|
||||
@@ -32,6 +32,7 @@
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
+#include <poll.h>
|
||||
#if defined(__linux__) && defined(HAVE_SYSCALL)
|
||||
# include <sys/syscall.h>
|
||||
#endif
|
||||
@@ -241,9 +242,8 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
return with something we will actually use 100ms. */
|
||||
while (length)
|
||||
{
|
||||
- fd_set rfds;
|
||||
- struct timeval tv;
|
||||
int rc;
|
||||
+ struct pollfd pfd;
|
||||
|
||||
/* If we have a modern Linux kernel, we first try to use the new
|
||||
* getrandom syscall. That call guarantees that the kernel's
|
||||
@@ -300,36 +300,25 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
any_need_entropy = 1;
|
||||
}
|
||||
|
||||
- /* If the system has no limit on the number of file descriptors
|
||||
- and we encounter an fd which is larger than the fd_set size,
|
||||
- we don't use the select at all. The select code is only used
|
||||
- to emit progress messages. A better solution would be to
|
||||
- fall back to poll() if available. */
|
||||
-#ifdef FD_SETSIZE
|
||||
- if (fd < FD_SETSIZE)
|
||||
-#endif
|
||||
+ pfd.fd = fd;
|
||||
+ pfd.events = POLLIN;
|
||||
+
|
||||
+ _gcry_pre_syscall ();
|
||||
+ rc = poll(&pfd, 1, delay);
|
||||
+ _gcry_post_syscall ();
|
||||
+ if (!rc)
|
||||
{
|
||||
- FD_ZERO(&rfds);
|
||||
- FD_SET(fd, &rfds);
|
||||
- tv.tv_sec = delay;
|
||||
- tv.tv_usec = delay? 0 : 100000;
|
||||
- _gcry_pre_syscall ();
|
||||
- rc = select (fd+1, &rfds, NULL, NULL, &tv);
|
||||
- _gcry_post_syscall ();
|
||||
- if (!rc)
|
||||
- {
|
||||
- any_need_entropy = 1;
|
||||
- delay = 3; /* Use 3 seconds henceforth. */
|
||||
- continue;
|
||||
- }
|
||||
- else if( rc == -1 )
|
||||
- {
|
||||
- log_error ("select() error: %s\n", strerror(errno));
|
||||
- if (!delay)
|
||||
- delay = 1; /* Use 1 second if we encounter an error before
|
||||
- we have ever blocked. */
|
||||
- continue;
|
||||
- }
|
||||
+ any_need_entropy = 1;
|
||||
+ delay = 3000; /* Use 3 seconds henceforth. */
|
||||
+ continue;
|
||||
+ }
|
||||
+ else if( rc == -1 )
|
||||
+ {
|
||||
+ log_error ("poll() error: %s\n", strerror(errno));
|
||||
+ if (!delay)
|
||||
+ delay = 1000; /* Use 1 second if we encounter an error before
|
||||
+ we have ever blocked. */
|
||||
+ continue;
|
||||
}
|
||||
|
||||
do
|
8156
SOURCES/libgcrypt-1.8.5-aes-perf.patch
Normal file
8156
SOURCES/libgcrypt-1.8.5-aes-perf.patch
Normal file
File diff suppressed because it is too large
Load Diff
14
SOURCES/libgcrypt-1.8.5-build.patch
Normal file
14
SOURCES/libgcrypt-1.8.5-build.patch
Normal file
@ -0,0 +1,14 @@
|
||||
diff -up libgcrypt-1.8.5/cipher/poly1305-armv7-neon.S.build libgcrypt-1.8.5/cipher/poly1305-armv7-neon.S
|
||||
--- libgcrypt-1.8.5/cipher/poly1305-armv7-neon.S.build 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/poly1305-armv7-neon.S 2020-01-30 17:26:12.026404286 +0100
|
||||
@@ -87,9 +87,8 @@ _gcry_poly1305_armv7_neon_init_ext:
|
||||
.Lpoly1305_init_ext_neon_local:
|
||||
stmfd sp!, {r4-r11, lr}
|
||||
sub sp, sp, #32
|
||||
- mov r14, r2
|
||||
+ mov r14, #-1
|
||||
and r2, r2, r2
|
||||
- moveq r14, #-1
|
||||
UNALIGNED_LDMIA4(r1, r2, r3, r4, r5)
|
||||
GET_DATA_POINTER(r7,.Lpoly1305_init_constants_neon,r8)
|
||||
mov r6, r2
|
139
SOURCES/libgcrypt-1.8.5-fips-module.patch
Normal file
139
SOURCES/libgcrypt-1.8.5-fips-module.patch
Normal file
@ -0,0 +1,139 @@
|
||||
diff -up libgcrypt-1.8.5/src/fips.c.fips-module libgcrypt-1.8.5/src/fips.c
|
||||
--- libgcrypt-1.8.5/src/fips.c.fips-module 2020-04-20 19:07:45.924919645 +0200
|
||||
+++ libgcrypt-1.8.5/src/fips.c 2020-04-20 19:10:33.690722470 +0200
|
||||
@@ -35,10 +35,6 @@
|
||||
#include "hmac256.h"
|
||||
|
||||
|
||||
-/* The name of the file used to force libgcrypt into fips mode. */
|
||||
-#define FIPS_FORCE_FILE "/etc/gcrypt/fips_enabled"
|
||||
-
|
||||
-
|
||||
/* The states of the finite state machine used in fips mode. */
|
||||
enum module_states
|
||||
{
|
||||
@@ -122,54 +118,6 @@ _gcry_initialize_fips_mode (int force)
|
||||
goto leave;
|
||||
}
|
||||
|
||||
- /* For testing the system it is useful to override the system
|
||||
- provided detection of the FIPS mode and force FIPS mode using a
|
||||
- file. The filename is hardwired so that there won't be any
|
||||
- confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is
|
||||
- actually used. The file itself may be empty. */
|
||||
- if ( !access (FIPS_FORCE_FILE, F_OK) )
|
||||
- {
|
||||
- gcry_assert (!no_fips_mode_required);
|
||||
- goto leave;
|
||||
- }
|
||||
-
|
||||
- /* Checking based on /proc file properties. */
|
||||
- {
|
||||
- static const char procfname[] = "/proc/sys/crypto/fips_enabled";
|
||||
- FILE *fp;
|
||||
- int saved_errno;
|
||||
-
|
||||
- fp = fopen (procfname, "r");
|
||||
- if (fp)
|
||||
- {
|
||||
- char line[256];
|
||||
-
|
||||
- if (fgets (line, sizeof line, fp) && atoi (line))
|
||||
- {
|
||||
- /* System is in fips mode. */
|
||||
- fclose (fp);
|
||||
- gcry_assert (!no_fips_mode_required);
|
||||
- goto leave;
|
||||
- }
|
||||
- fclose (fp);
|
||||
- }
|
||||
- else if ((saved_errno = errno) != ENOENT
|
||||
- && saved_errno != EACCES
|
||||
- && !access ("/proc/version", F_OK) )
|
||||
- {
|
||||
- /* Problem reading the fips file despite that we have the proc
|
||||
- file system. We better stop right away. */
|
||||
- log_info ("FATAL: error reading `%s' in libgcrypt: %s\n",
|
||||
- procfname, strerror (saved_errno));
|
||||
-#ifdef HAVE_SYSLOG
|
||||
- syslog (LOG_USER|LOG_ERR, "Libgcrypt error: "
|
||||
- "reading `%s' failed: %s - abort",
|
||||
- procfname, strerror (saved_errno));
|
||||
-#endif /*HAVE_SYSLOG*/
|
||||
- abort ();
|
||||
- }
|
||||
- }
|
||||
-
|
||||
/* Fips not not requested, set flag. */
|
||||
no_fips_mode_required = 1;
|
||||
|
||||
diff -up libgcrypt-1.8.5/src/g10lib.h.fips-module libgcrypt-1.8.5/src/g10lib.h
|
||||
--- libgcrypt-1.8.5/src/g10lib.h.fips-module 2020-04-20 19:07:45.918919759 +0200
|
||||
+++ libgcrypt-1.8.5/src/g10lib.h 2020-04-20 19:11:05.003125740 +0200
|
||||
@@ -422,6 +422,9 @@ gpg_err_code_t _gcry_sexp_vextract_param
|
||||
|
||||
/*-- fips.c --*/
|
||||
|
||||
+/* The name of the file used to force libgcrypt into fips mode. */
|
||||
+#define FIPS_FORCE_FILE "/etc/gcrypt/fips_enabled"
|
||||
+
|
||||
void _gcry_initialize_fips_mode (int force);
|
||||
|
||||
int _gcry_fips_mode (void);
|
||||
diff -up libgcrypt-1.8.5/src/global.c.fips-module libgcrypt-1.8.5/src/global.c
|
||||
--- libgcrypt-1.8.5/src/global.c.fips-module 2020-04-20 19:07:45.919919741 +0200
|
||||
+++ libgcrypt-1.8.5/src/global.c 2020-04-20 19:07:45.950919149 +0200
|
||||
@@ -160,6 +160,53 @@ void __attribute__ ((constructor)) _gcry
|
||||
rv = access (FIPS_MODULE_PATH, F_OK);
|
||||
if (rv < 0 && errno != ENOENT)
|
||||
rv = 0;
|
||||
+
|
||||
+ /* For testing the system it is useful to override the system
|
||||
+ provided detection of the FIPS mode and force FIPS mode using a
|
||||
+ file. The filename is hardwired so that there won't be any
|
||||
+ confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is
|
||||
+ actually used. The file itself may be empty. */
|
||||
+ if ( !access (FIPS_FORCE_FILE, F_OK) )
|
||||
+ {
|
||||
+ rv = 0;
|
||||
+ force_fips_mode = 1;
|
||||
+ }
|
||||
+
|
||||
+ /* Checking based on /proc file properties. */
|
||||
+ {
|
||||
+ static const char procfname[] = "/proc/sys/crypto/fips_enabled";
|
||||
+ FILE *fp;
|
||||
+ int saved_errno;
|
||||
+
|
||||
+ fp = fopen (procfname, "r");
|
||||
+ if (fp)
|
||||
+ {
|
||||
+ char line[256];
|
||||
+
|
||||
+ if (fgets (line, sizeof line, fp) && atoi (line))
|
||||
+ {
|
||||
+ /* System is in fips mode. */
|
||||
+ rv = 0;
|
||||
+ force_fips_mode = 1;
|
||||
+ }
|
||||
+ fclose (fp);
|
||||
+ }
|
||||
+ else if ((saved_errno = errno) != ENOENT
|
||||
+ && saved_errno != EACCES
|
||||
+ && !access ("/proc/version", F_OK) )
|
||||
+ {
|
||||
+ /* Problem reading the fips file despite that we have the proc
|
||||
+ file system. We better stop right away. */
|
||||
+ log_info ("FATAL: error reading `%s' in libgcrypt: %s\n",
|
||||
+ procfname, strerror (saved_errno));
|
||||
+#ifdef HAVE_SYSLOG
|
||||
+ syslog (LOG_USER|LOG_ERR, "Libgcrypt error: "
|
||||
+ "reading `%s' failed: %s - abort",
|
||||
+ procfname, strerror (saved_errno));
|
||||
+#endif /*HAVE_SYSLOG*/
|
||||
+ abort ();
|
||||
+ }
|
||||
+ }
|
||||
|
||||
if (!rv)
|
||||
{
|
285
SOURCES/libgcrypt-1.8.5-getrandom.patch
Normal file
285
SOURCES/libgcrypt-1.8.5-getrandom.patch
Normal file
@ -0,0 +1,285 @@
|
||||
diff -up libgcrypt-1.8.5/random/rand-internal.h.getrandom libgcrypt-1.8.5/random/rand-internal.h
|
||||
--- libgcrypt-1.8.5/random/rand-internal.h.getrandom 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/random/rand-internal.h 2020-04-20 14:55:34.875949624 +0200
|
||||
@@ -47,6 +47,7 @@ void _gcry_random_progress (const char *
|
||||
|
||||
/*-- random-csprng.c --*/
|
||||
void _gcry_rngcsprng_initialize (int full);
|
||||
+void _gcry_rngcsprng_deinit (void);
|
||||
void _gcry_rngcsprng_close_fds (void);
|
||||
void _gcry_rngcsprng_dump_stats (void);
|
||||
void _gcry_rngcsprng_secure_alloc (void);
|
||||
@@ -68,6 +69,7 @@ void _gcry_rngcsprng_fast_poll (void);
|
||||
|
||||
/*-- random-drbg.c --*/
|
||||
void _gcry_rngdrbg_inititialize (int full);
|
||||
+void _gcry_rngdrbg_deinit (void);
|
||||
void _gcry_rngdrbg_close_fds (void);
|
||||
void _gcry_rngdrbg_dump_stats (void);
|
||||
int _gcry_rngdrbg_is_faked (void);
|
||||
diff -up libgcrypt-1.8.5/random/random.c.getrandom libgcrypt-1.8.5/random/random.c
|
||||
--- libgcrypt-1.8.5/random/random.c.getrandom 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/random/random.c 2020-04-20 14:55:34.876949605 +0200
|
||||
@@ -110,8 +110,8 @@ _gcry_random_read_conf (void)
|
||||
unsigned int result = 0;
|
||||
|
||||
fp = fopen (fname, "r");
|
||||
- if (!fp)
|
||||
- return result;
|
||||
+ if (!fp) /* We make only_urandom the default. */
|
||||
+ return RANDOM_CONF_ONLY_URANDOM;
|
||||
|
||||
for (;;)
|
||||
{
|
||||
@@ -228,6 +228,22 @@ _gcry_random_initialize (int full)
|
||||
}
|
||||
|
||||
|
||||
+/* Deinitialize this random subsystem. */
|
||||
+void
|
||||
+_gcry_random_deinit (void)
|
||||
+{
|
||||
+ if (fips_mode ())
|
||||
+ _gcry_rngdrbg_deinit ();
|
||||
+ else if (rng_types.standard)
|
||||
+ _gcry_rngcsprng_deinit ();
|
||||
+ else if (rng_types.fips)
|
||||
+ _gcry_rngdrbg_deinit ();
|
||||
+ else
|
||||
+ _gcry_rngcsprng_deinit ();
|
||||
+ /* not needed for system */
|
||||
+}
|
||||
+
|
||||
+
|
||||
/* If possible close file descriptors used by the RNG. */
|
||||
void
|
||||
_gcry_random_close_fds (void)
|
||||
diff -up libgcrypt-1.8.5/random/random-csprng.c.getrandom libgcrypt-1.8.5/random/random-csprng.c
|
||||
--- libgcrypt-1.8.5/random/random-csprng.c.getrandom 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/random/random-csprng.c 2020-04-20 15:04:27.182877975 +0200
|
||||
@@ -55,6 +55,10 @@
|
||||
#ifdef __MINGW32__
|
||||
#include <process.h>
|
||||
#endif
|
||||
+#if defined(__linux__) && defined(HAVE_SYSCALL)
|
||||
+# include <sys/syscall.h>
|
||||
+# include <linux/random.h>
|
||||
+#endif
|
||||
#include "g10lib.h"
|
||||
#include "random.h"
|
||||
#include "rand-internal.h"
|
||||
@@ -343,6 +347,21 @@ _gcry_rngcsprng_initialize (int full)
|
||||
}
|
||||
|
||||
|
||||
+void
|
||||
+_gcry_rngcsprng_deinit (void)
|
||||
+{
|
||||
+ lock_pool();
|
||||
+ pool_writepos = 0;
|
||||
+ pool_readpos = 0;
|
||||
+ pool_filled = 0;
|
||||
+ pool_filled_counter = 0;
|
||||
+ did_initial_extra_seeding = 0;
|
||||
+ pool_balance = 0;
|
||||
+ just_mixed = 0;
|
||||
+ unlock_pool();
|
||||
+}
|
||||
+
|
||||
+
|
||||
/* Try to close the FDs of the random gather module. This is
|
||||
currently only implemented for rndlinux. */
|
||||
void
|
||||
@@ -1116,6 +1135,22 @@ getfnc_gather_random (void))(void (*)(co
|
||||
enum random_origins, size_t, int);
|
||||
|
||||
#if USE_RNDLINUX
|
||||
+#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
|
||||
+ long ret;
|
||||
+ char buffer[1];
|
||||
+
|
||||
+ _gcry_pre_syscall ();
|
||||
+ ret = syscall (__NR_getrandom,
|
||||
+ (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
|
||||
+ _gcry_post_syscall ();
|
||||
+ if (ret != -1 || errno != ENOSYS)
|
||||
+ {
|
||||
+ fnc = _gcry_rndlinux_gather_random;
|
||||
+ return fnc;
|
||||
+ }
|
||||
+ else
|
||||
+ /* The syscall is not supported - fallback to /dev/urandom. */
|
||||
+#endif
|
||||
if ( !access (NAME_OF_DEV_RANDOM, R_OK)
|
||||
&& !access (NAME_OF_DEV_URANDOM, R_OK))
|
||||
{
|
||||
diff -up libgcrypt-1.8.5/random/random-drbg.c.getrandom libgcrypt-1.8.5/random/random-drbg.c
|
||||
--- libgcrypt-1.8.5/random/random-drbg.c.getrandom 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/random/random-drbg.c 2020-04-20 15:02:37.782947902 +0200
|
||||
@@ -1811,6 +1811,22 @@ _gcry_rngdrbg_inititialize (int full)
|
||||
}
|
||||
|
||||
/*
|
||||
+ * Deinitialize the DRBG invoked by the libgcrypt API
|
||||
+ * It will be automatically re-initialized on next call
|
||||
+ */
|
||||
+void
|
||||
+_gcry_rngdrbg_deinit (void)
|
||||
+{
|
||||
+ drbg_lock ();
|
||||
+ if (drbg_state)
|
||||
+ {
|
||||
+ drbg_uninstantiate (drbg_state);
|
||||
+ drbg_state = NULL;
|
||||
+ }
|
||||
+ drbg_unlock ();
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
* Backend handler function for GCRYCTL_DRBG_REINIT
|
||||
*
|
||||
* Select a different DRBG type and initialize it.
|
||||
diff -up libgcrypt-1.8.5/random/random.h.getrandom libgcrypt-1.8.5/random/random.h
|
||||
--- libgcrypt-1.8.5/random/random.h.getrandom 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/random/random.h 2020-04-20 14:55:34.877949586 +0200
|
||||
@@ -29,6 +29,7 @@ void _gcry_register_random_progress (voi
|
||||
|
||||
void _gcry_set_preferred_rng_type (int type);
|
||||
void _gcry_random_initialize (int full);
|
||||
+void _gcry_random_deinit (void);
|
||||
void _gcry_random_close_fds (void);
|
||||
int _gcry_get_rng_type (int ignore_fips_mode);
|
||||
void _gcry_random_dump_stats(void);
|
||||
diff -up libgcrypt-1.8.5/random/rndlinux.c.getrandom libgcrypt-1.8.5/random/rndlinux.c
|
||||
--- libgcrypt-1.8.5/random/rndlinux.c.getrandom 2020-04-20 15:01:50.159848963 +0200
|
||||
+++ libgcrypt-1.8.5/random/rndlinux.c 2020-04-20 16:14:21.901610921 +0200
|
||||
@@ -35,6 +35,7 @@
|
||||
#include <poll.h>
|
||||
#if defined(__linux__) && defined(HAVE_SYSCALL)
|
||||
# include <sys/syscall.h>
|
||||
+# include <linux/random.h>
|
||||
#endif
|
||||
|
||||
#include "types.h"
|
||||
@@ -147,12 +148,12 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
if (!add)
|
||||
{
|
||||
/* Special mode to close the descriptors. */
|
||||
- if (fd_random != -1)
|
||||
+ if (fd_random >= 0)
|
||||
{
|
||||
close (fd_random);
|
||||
fd_random = -1;
|
||||
}
|
||||
- if (fd_urandom != -1)
|
||||
+ if (fd_urandom >= 0)
|
||||
{
|
||||
close (fd_urandom);
|
||||
fd_urandom = -1;
|
||||
@@ -166,12 +167,12 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
apid = getpid ();
|
||||
if (my_pid != apid)
|
||||
{
|
||||
- if (fd_random != -1)
|
||||
+ if (fd_random >= 0)
|
||||
{
|
||||
close (fd_random);
|
||||
fd_random = -1;
|
||||
}
|
||||
- if (fd_urandom != -1)
|
||||
+ if (fd_urandom >= 0)
|
||||
{
|
||||
close (fd_urandom);
|
||||
fd_urandom = -1;
|
||||
@@ -216,7 +217,23 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
that we always require the device to be existent but want a more
|
||||
graceful behaviour if the rarely needed close operation has been
|
||||
used and the device needs to be re-opened later. */
|
||||
- if (level >= GCRY_VERY_STRONG_RANDOM && !only_urandom)
|
||||
+#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
|
||||
+ if (fd_urandom != -2 && !_gcry_in_constructor ())
|
||||
+ {
|
||||
+ long ret;
|
||||
+
|
||||
+ _gcry_pre_syscall ();
|
||||
+ ret = syscall (__NR_getrandom,
|
||||
+ (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK);
|
||||
+ _gcry_post_syscall ();
|
||||
+ if (ret > -1 || errno == EAGAIN || errno == EINTR)
|
||||
+ {
|
||||
+ fd_urandom = -2;
|
||||
+ fd_random = -2;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+ if (level >= GCRY_VERY_STRONG_RANDOM && !only_urandom && !_gcry_in_constructor ())
|
||||
{
|
||||
if (fd_random == -1)
|
||||
{
|
||||
@@ -255,6 +272,7 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
* syscall and not a new device and thus we are not able to use
|
||||
* select(2) to have a timeout. */
|
||||
#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
|
||||
+ if (fd == -2)
|
||||
{
|
||||
long ret;
|
||||
size_t nbytes;
|
||||
@@ -270,9 +288,7 @@ _gcry_rndlinux_gather_random (void (*add
|
||||
_gcry_post_syscall ();
|
||||
}
|
||||
while (ret == -1 && errno == EINTR);
|
||||
- if (ret == -1 && errno == ENOSYS)
|
||||
- ; /* The syscall is not supported - fallback to pulling from fd. */
|
||||
- else
|
||||
+ if (1)
|
||||
{ /* The syscall is supported. Some sanity checks. */
|
||||
if (ret == -1)
|
||||
log_fatal ("unexpected error from getrandom: %s\n",
|
||||
diff -up libgcrypt-1.8.5/src/g10lib.h.getrandom libgcrypt-1.8.5/src/g10lib.h
|
||||
--- libgcrypt-1.8.5/src/g10lib.h.getrandom 2020-04-20 15:08:16.528538580 +0200
|
||||
+++ libgcrypt-1.8.5/src/g10lib.h 2020-04-20 15:08:28.641309399 +0200
|
||||
@@ -464,6 +464,6 @@ gpg_err_code_t _gcry_fips_run_selftests
|
||||
void _gcry_fips_noreturn (void);
|
||||
#define fips_noreturn() (_gcry_fips_noreturn ())
|
||||
|
||||
-
|
||||
+int _gcry_in_constructor (void);
|
||||
|
||||
#endif /* G10LIB_H */
|
||||
diff -up libgcrypt-1.8.5/src/global.c.getrandom libgcrypt-1.8.5/src/global.c
|
||||
--- libgcrypt-1.8.5/src/global.c.getrandom 2020-04-20 15:06:21.891707597 +0200
|
||||
+++ libgcrypt-1.8.5/src/global.c 2020-04-20 15:07:29.018437509 +0200
|
||||
@@ -145,10 +145,18 @@ global_init (void)
|
||||
#define FIPS_MODULE_PATH "/etc/system-fips"
|
||||
#endif
|
||||
|
||||
+static int in_constructor = 0;
|
||||
+
|
||||
+int _gcry_in_constructor(void)
|
||||
+{
|
||||
+ return in_constructor;
|
||||
+}
|
||||
+
|
||||
void __attribute__ ((constructor)) _gcry_global_constructor (void)
|
||||
{
|
||||
int rv;
|
||||
|
||||
+ in_constructor = 1;
|
||||
rv = access (FIPS_MODULE_PATH, F_OK);
|
||||
if (rv < 0 && errno != ENOENT)
|
||||
rv = 0;
|
||||
@@ -163,10 +171,12 @@ void __attribute__ ((constructor)) _gcry
|
||||
/* force selftests */
|
||||
global_init();
|
||||
_gcry_fips_run_selftests (0);
|
||||
- if (!fips_mode())
|
||||
- _gcry_random_close_fds ();
|
||||
+ _gcry_random_close_fds ();
|
||||
+ _gcry_random_deinit ();
|
||||
no_secure_memory = no_secmem_save;
|
||||
}
|
||||
+
|
||||
+ in_constructor = 0;
|
||||
}
|
||||
|
||||
/* This function is called by the macro fips_is_operational and makes
|
348
SOURCES/libgcrypt-1.8.5-intel-cet.patch
Normal file
348
SOURCES/libgcrypt-1.8.5-intel-cet.patch
Normal file
@ -0,0 +1,348 @@
|
||||
diff -up libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/camellia-aesni-avx2-amd64.S 2020-01-23 15:36:44.148972045 +0100
|
||||
@@ -18,8 +18,9 @@
|
||||
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
-#ifdef __x86_64
|
||||
#include <config.h>
|
||||
+
|
||||
+#ifdef __x86_64
|
||||
#if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
|
||||
defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && \
|
||||
defined(ENABLE_AESNI_SUPPORT) && defined(ENABLE_AVX2_SUPPORT)
|
||||
diff -up libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S.intel-cet libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/camellia-aesni-avx-amd64.S 2020-01-23 15:36:44.145972088 +0100
|
||||
@@ -18,8 +18,9 @@
|
||||
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
-#ifdef __x86_64
|
||||
#include <config.h>
|
||||
+
|
||||
+#ifdef __x86_64
|
||||
#if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
|
||||
defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && \
|
||||
defined(ENABLE_AESNI_SUPPORT) && defined(ENABLE_AVX_SUPPORT)
|
||||
diff -up libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/chacha20-avx2-amd64.S 2020-01-23 15:36:16.780250066 +0100
|
||||
@@ -48,6 +48,9 @@
|
||||
.globl _gcry_chacha20_amd64_avx2_blocks
|
||||
ELF(.type _gcry_chacha20_amd64_avx2_blocks,@function;)
|
||||
_gcry_chacha20_amd64_avx2_blocks:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lchacha_blocks_avx2_local:
|
||||
vzeroupper
|
||||
pushq %rbx
|
||||
diff -up libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/chacha20-sse2-amd64.S 2020-01-23 15:36:16.783250095 +0100
|
||||
@@ -41,6 +41,9 @@
|
||||
.globl _gcry_chacha20_amd64_sse2_blocks
|
||||
ELF(.type _gcry_chacha20_amd64_sse2_blocks,@function;)
|
||||
_gcry_chacha20_amd64_sse2_blocks:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lchacha_blocks_sse2_local:
|
||||
pushq %rbx
|
||||
pushq %rbp
|
||||
diff -up libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/poly1305-avx2-amd64.S 2020-01-23 15:36:16.784250105 +0100
|
||||
@@ -43,6 +43,9 @@
|
||||
.globl _gcry_poly1305_amd64_avx2_init_ext
|
||||
ELF(.type _gcry_poly1305_amd64_avx2_init_ext,@function;)
|
||||
_gcry_poly1305_amd64_avx2_init_ext:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_init_ext_avx2_local:
|
||||
xor %edx, %edx
|
||||
vzeroupper
|
||||
@@ -406,6 +409,9 @@ ELF(.size _gcry_poly1305_amd64_avx2_init
|
||||
.globl _gcry_poly1305_amd64_avx2_blocks
|
||||
ELF(.type _gcry_poly1305_amd64_avx2_blocks,@function;)
|
||||
_gcry_poly1305_amd64_avx2_blocks:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_blocks_avx2_local:
|
||||
vzeroupper
|
||||
pushq %rbp
|
||||
@@ -732,6 +738,9 @@ ELF(.size _gcry_poly1305_amd64_avx2_bloc
|
||||
.globl _gcry_poly1305_amd64_avx2_finish_ext
|
||||
ELF(.type _gcry_poly1305_amd64_avx2_finish_ext,@function;)
|
||||
_gcry_poly1305_amd64_avx2_finish_ext:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_finish_ext_avx2_local:
|
||||
vzeroupper
|
||||
pushq %rbp
|
||||
diff -up libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/poly1305-sse2-amd64.S 2020-01-23 15:36:16.787250134 +0100
|
||||
@@ -42,6 +42,9 @@
|
||||
.globl _gcry_poly1305_amd64_sse2_init_ext
|
||||
ELF(.type _gcry_poly1305_amd64_sse2_init_ext,@function;)
|
||||
_gcry_poly1305_amd64_sse2_init_ext:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_init_ext_x86_local:
|
||||
xor %edx, %edx
|
||||
pushq %r12
|
||||
@@ -288,6 +291,9 @@ ELF(.size _gcry_poly1305_amd64_sse2_init
|
||||
.globl _gcry_poly1305_amd64_sse2_finish_ext
|
||||
ELF(.type _gcry_poly1305_amd64_sse2_finish_ext,@function;)
|
||||
_gcry_poly1305_amd64_sse2_finish_ext:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_finish_ext_x86_local:
|
||||
pushq %rbp
|
||||
movq %rsp, %rbp
|
||||
@@ -439,6 +445,9 @@ ELF(.size _gcry_poly1305_amd64_sse2_fini
|
||||
.globl _gcry_poly1305_amd64_sse2_blocks
|
||||
ELF(.type _gcry_poly1305_amd64_sse2_blocks,@function;)
|
||||
_gcry_poly1305_amd64_sse2_blocks:
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
.Lpoly1305_blocks_x86_local:
|
||||
pushq %rbp
|
||||
movq %rsp, %rbp
|
||||
diff -up libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S.intel-cet libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S
|
||||
--- libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/cipher/serpent-avx2-amd64.S 2020-01-23 15:36:44.151972003 +0100
|
||||
@@ -18,8 +18,9 @@
|
||||
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
-#ifdef __x86_64
|
||||
#include <config.h>
|
||||
+
|
||||
+#ifdef __x86_64
|
||||
#if (defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) || \
|
||||
defined(HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS)) && defined(USE_SERPENT) && \
|
||||
defined(ENABLE_AVX2_SUPPORT)
|
||||
diff -up libgcrypt-1.8.5/configure.ac.intel-cet libgcrypt-1.8.5/configure.ac
|
||||
--- libgcrypt-1.8.5/configure.ac.intel-cet 2019-08-29 15:00:08.000000000 +0200
|
||||
+++ libgcrypt-1.8.5/configure.ac 2020-01-23 15:35:28.147774463 +0100
|
||||
@@ -95,6 +95,12 @@ AH_TOP([
|
||||
AH_BOTTOM([
|
||||
#define _GCRYPT_IN_LIBGCRYPT 1
|
||||
|
||||
+/* Add .note.gnu.property section for Intel CET in assembler sources
|
||||
+ when CET is enabled. */
|
||||
+#if defined(__ASSEMBLER__) && defined(__CET__)
|
||||
+# include <cet.h>
|
||||
+#endif
|
||||
+
|
||||
/* If the configure check for endianness has been disabled, get it from
|
||||
OS macros. This is intended for making fat binary builds on OS X. */
|
||||
#ifdef DISABLED_ENDIAN_CHECK
|
||||
diff -up libgcrypt-1.8.5/mpi/config.links.intel-cet libgcrypt-1.8.5/mpi/config.links
|
||||
--- libgcrypt-1.8.5/mpi/config.links.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/mpi/config.links 2020-01-23 15:35:46.398952954 +0100
|
||||
@@ -382,6 +382,16 @@ if test x"$mpi_cpu_arch" = x ; then
|
||||
mpi_cpu_arch="unknown"
|
||||
fi
|
||||
|
||||
+# Add .note.gnu.property section for Intel CET in assembler sources
|
||||
+# when CET is enabled. */
|
||||
+if test x"$mpi_cpu_arch" = xx86 ; then
|
||||
+ cat <<EOF >> ./mpi/asm-syntax.h
|
||||
+
|
||||
+#if defined(__ASSEMBLER__) && defined(__CET__)
|
||||
+# include <cet.h>
|
||||
+#endif
|
||||
+EOF
|
||||
+fi
|
||||
|
||||
# Make sysdep.h
|
||||
echo '/* created by config.links - do not edit */' >./mpi/sysdep.h
|
||||
diff -up libgcrypt-1.8.5/mpi/i386/mpih-add1.S.intel-cet libgcrypt-1.8.5/mpi/i386/mpih-add1.S
|
||||
--- libgcrypt-1.8.5/mpi/i386/mpih-add1.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/mpi/i386/mpih-add1.S 2020-01-23 15:37:40.470175379 +0100
|
||||
@@ -52,6 +52,10 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
|
||||
movl 20(%esp),%edx /* s2_ptr */
|
||||
movl 24(%esp),%ecx /* size */
|
||||
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ pushl %ebx
|
||||
+#endif
|
||||
+
|
||||
movl %ecx,%eax
|
||||
shrl $3,%ecx /* compute count for unrolled loop */
|
||||
negl %eax
|
||||
@@ -63,6 +67,9 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
|
||||
subl %eax,%esi /* ... by a constant when we ... */
|
||||
subl %eax,%edx /* ... enter the loop */
|
||||
shrl $2,%eax /* restore previous value */
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
|
||||
+#endif
|
||||
#ifdef PIC
|
||||
/* Calculate start address in loop for PIC. Due to limitations in some
|
||||
assemblers, Loop-L0-3 cannot be put into the leal */
|
||||
@@ -75,29 +82,53 @@ L0: leal (%eax,%eax,8),%eax
|
||||
/* Calculate start address in loop for non-PIC. */
|
||||
leal (Loop - 3)(%eax,%eax,8),%eax
|
||||
#endif
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ addl %ebx,%eax /* Adjust for endbr32 */
|
||||
+#endif
|
||||
jmp *%eax /* jump into loop */
|
||||
ALIGN (3)
|
||||
Loop: movl (%esi),%eax
|
||||
adcl (%edx),%eax
|
||||
movl %eax,(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 4(%esi),%eax
|
||||
adcl 4(%edx),%eax
|
||||
movl %eax,4(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 8(%esi),%eax
|
||||
adcl 8(%edx),%eax
|
||||
movl %eax,8(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 12(%esi),%eax
|
||||
adcl 12(%edx),%eax
|
||||
movl %eax,12(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 16(%esi),%eax
|
||||
adcl 16(%edx),%eax
|
||||
movl %eax,16(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 20(%esi),%eax
|
||||
adcl 20(%edx),%eax
|
||||
movl %eax,20(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 24(%esi),%eax
|
||||
adcl 24(%edx),%eax
|
||||
movl %eax,24(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 28(%esi),%eax
|
||||
adcl 28(%edx),%eax
|
||||
movl %eax,28(%edi)
|
||||
@@ -110,6 +141,10 @@ Loop: movl (%esi),%eax
|
||||
sbbl %eax,%eax
|
||||
negl %eax
|
||||
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ popl %ebx
|
||||
+#endif
|
||||
+
|
||||
popl %esi
|
||||
popl %edi
|
||||
ret
|
||||
diff -up libgcrypt-1.8.5/mpi/i386/mpih-sub1.S.intel-cet libgcrypt-1.8.5/mpi/i386/mpih-sub1.S
|
||||
--- libgcrypt-1.8.5/mpi/i386/mpih-sub1.S.intel-cet 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/mpi/i386/mpih-sub1.S 2020-01-23 15:37:40.472175351 +0100
|
||||
@@ -53,6 +53,10 @@ C_SYMBOL_NAME(_gcry_mpih_sub_n:)
|
||||
movl 20(%esp),%edx /* s2_ptr */
|
||||
movl 24(%esp),%ecx /* size */
|
||||
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ pushl %ebx
|
||||
+#endif
|
||||
+
|
||||
movl %ecx,%eax
|
||||
shrl $3,%ecx /* compute count for unrolled loop */
|
||||
negl %eax
|
||||
@@ -64,6 +68,9 @@ C_SYMBOL_NAME(_gcry_mpih_sub_n:)
|
||||
subl %eax,%esi /* ... by a constant when we ... */
|
||||
subl %eax,%edx /* ... enter the loop */
|
||||
shrl $2,%eax /* restore previous value */
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
|
||||
+#endif
|
||||
#ifdef PIC
|
||||
/* Calculate start address in loop for PIC. Due to limitations in some
|
||||
assemblers, Loop-L0-3 cannot be put into the leal */
|
||||
@@ -76,29 +83,53 @@ L0: leal (%eax,%eax,8),%eax
|
||||
/* Calculate start address in loop for non-PIC. */
|
||||
leal (Loop - 3)(%eax,%eax,8),%eax
|
||||
#endif
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ addl %ebx,%eax /* Adjust for endbr32 */
|
||||
+#endif
|
||||
jmp *%eax /* jump into loop */
|
||||
ALIGN (3)
|
||||
Loop: movl (%esi),%eax
|
||||
sbbl (%edx),%eax
|
||||
movl %eax,(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 4(%esi),%eax
|
||||
sbbl 4(%edx),%eax
|
||||
movl %eax,4(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 8(%esi),%eax
|
||||
sbbl 8(%edx),%eax
|
||||
movl %eax,8(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 12(%esi),%eax
|
||||
sbbl 12(%edx),%eax
|
||||
movl %eax,12(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 16(%esi),%eax
|
||||
sbbl 16(%edx),%eax
|
||||
movl %eax,16(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 20(%esi),%eax
|
||||
sbbl 20(%edx),%eax
|
||||
movl %eax,20(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 24(%esi),%eax
|
||||
sbbl 24(%edx),%eax
|
||||
movl %eax,24(%edi)
|
||||
+#ifdef _CET_ENDBR
|
||||
+ _CET_ENDBR
|
||||
+#endif
|
||||
movl 28(%esi),%eax
|
||||
sbbl 28(%edx),%eax
|
||||
movl %eax,28(%edi)
|
||||
@@ -111,6 +142,10 @@ Loop: movl (%esi),%eax
|
||||
sbbl %eax,%eax
|
||||
negl %eax
|
||||
|
||||
+#if defined __CET__ && (__CET__ & 1) != 0
|
||||
+ popl %ebx
|
||||
+#endif
|
||||
+
|
||||
popl %esi
|
||||
popl %edi
|
||||
ret
|
89
SOURCES/libgcrypt-1.8.5-use-fipscheck.patch
Normal file
89
SOURCES/libgcrypt-1.8.5-use-fipscheck.patch
Normal file
@ -0,0 +1,89 @@
|
||||
diff -up libgcrypt-1.8.5/src/fips.c.use-fipscheck libgcrypt-1.8.5/src/fips.c
|
||||
--- libgcrypt-1.8.5/src/fips.c.use-fipscheck 2017-11-23 19:16:58.000000000 +0100
|
||||
+++ libgcrypt-1.8.5/src/fips.c 2020-04-23 10:18:36.235764741 +0200
|
||||
@@ -581,23 +581,50 @@ run_random_selftests (void)
|
||||
return !!err;
|
||||
}
|
||||
|
||||
+#ifdef ENABLE_HMAC_BINARY_CHECK
|
||||
+static int
|
||||
+get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
|
||||
+{
|
||||
+ Dl_info info;
|
||||
+ void *dl, *sym;
|
||||
+ int rv = -1;
|
||||
+
|
||||
+ dl = dlopen(libname, RTLD_LAZY);
|
||||
+ if (dl == NULL) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ sym = dlsym(dl, symbolname);
|
||||
+
|
||||
+ if (sym != NULL && dladdr(sym, &info)) {
|
||||
+ strncpy(path, info.dli_fname, pathlen-1);
|
||||
+ path[pathlen-1] = '\0';
|
||||
+ rv = 0;
|
||||
+ }
|
||||
+
|
||||
+ dlclose(dl);
|
||||
+
|
||||
+ return rv;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* Run an integrity check on the binary. Returns 0 on success. */
|
||||
static int
|
||||
check_binary_integrity (void)
|
||||
{
|
||||
#ifdef ENABLE_HMAC_BINARY_CHECK
|
||||
gpg_error_t err;
|
||||
- Dl_info info;
|
||||
+ char libpath[4096];
|
||||
unsigned char digest[32];
|
||||
int dlen;
|
||||
char *fname = NULL;
|
||||
- const char key[] = "What am I, a doctor or a moonshuttle conductor?";
|
||||
-
|
||||
- if (!dladdr ("gcry_check_version", &info))
|
||||
+ const char key[] = "orboDeJITITejsirpADONivirpUkvarP";
|
||||
+
|
||||
+ if (get_library_path ("libgcrypt.so.20", "gcry_check_version", libpath, sizeof(libpath)))
|
||||
err = gpg_error_from_syserror ();
|
||||
else
|
||||
{
|
||||
- dlen = _gcry_hmac256_file (digest, sizeof digest, info.dli_fname,
|
||||
+ dlen = _gcry_hmac256_file (digest, sizeof digest, libpath,
|
||||
key, strlen (key));
|
||||
if (dlen < 0)
|
||||
err = gpg_error_from_syserror ();
|
||||
@@ -605,7 +632,7 @@ check_binary_integrity (void)
|
||||
err = gpg_error (GPG_ERR_INTERNAL);
|
||||
else
|
||||
{
|
||||
- fname = xtrymalloc (strlen (info.dli_fname) + 1 + 5 + 1 );
|
||||
+ fname = xtrymalloc (strlen (libpath) + 1 + 5 + 1 );
|
||||
if (!fname)
|
||||
err = gpg_error_from_syserror ();
|
||||
else
|
||||
@@ -614,7 +641,7 @@ check_binary_integrity (void)
|
||||
char *p;
|
||||
|
||||
/* Prefix the basename with a dot. */
|
||||
- strcpy (fname, info.dli_fname);
|
||||
+ strcpy (fname, libpath);
|
||||
p = strrchr (fname, '/');
|
||||
if (p)
|
||||
p++;
|
||||
diff -up libgcrypt-1.8.5/src/Makefile.am.use-fipscheck libgcrypt-1.8.5/src/Makefile.am
|
||||
--- libgcrypt-1.8.5/src/Makefile.am.use-fipscheck 2020-04-23 10:18:36.237764702 +0200
|
||||
+++ libgcrypt-1.8.5/src/Makefile.am 2020-04-23 10:19:03.186247455 +0200
|
||||
@@ -125,7 +125,7 @@ libgcrypt_la_LIBADD = $(gcrypt_res) \
|
||||
../cipher/libcipher.la \
|
||||
../random/librandom.la \
|
||||
../mpi/libmpi.la \
|
||||
- ../compat/libcompat.la $(GPG_ERROR_LIBS)
|
||||
+ ../compat/libcompat.la $(GPG_ERROR_LIBS) -ldl
|
||||
|
||||
|
||||
dumpsexp_SOURCES = dumpsexp.c
|
4
SOURCES/random.conf
Normal file
4
SOURCES/random.conf
Normal file
@ -0,0 +1,4 @@
|
||||
# use only /dev/urandom - see https://www.2uo.de/myths-about-urandom/
|
||||
only-urandom
|
||||
# Keep jitter entropy generator enabled (should do no harm)
|
||||
#disable-jent
|
1225
SOURCES/t-mpi-point.c
Normal file
1225
SOURCES/t-mpi-point.c
Normal file
File diff suppressed because it is too large
Load Diff
2007
SOURCES/wk@g10code.com
Normal file
2007
SOURCES/wk@g10code.com
Normal file
File diff suppressed because it is too large
Load Diff
602
SPECS/libgcrypt.spec
Normal file
602
SPECS/libgcrypt.spec
Normal file
@ -0,0 +1,602 @@
|
||||
Name: libgcrypt
|
||||
Version: 1.8.5
|
||||
Release: 3%{?dist}
|
||||
URL: http://www.gnupg.org/
|
||||
Source0: libgcrypt-%{version}-hobbled.tar.xz
|
||||
# The original libgcrypt sources now contain potentially patented ECC
|
||||
# cipher support. We have to remove it in the tarball we ship with
|
||||
# the hobble-libgcrypt script.
|
||||
# (We replace it with RH approved ECC in Source4-5)
|
||||
#Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-{version}.tar.bz2
|
||||
#Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-{version}.tar.bz2.sig
|
||||
Source2: wk@g10code.com
|
||||
Source3: hobble-libgcrypt
|
||||
# Approved ECC support
|
||||
Source4: ecc-curves.c
|
||||
Source5: curves.c
|
||||
Source6: t-mpi-point.c
|
||||
Source7: random.conf
|
||||
# make FIPS hmac compatible with fipscheck - non upstreamable
|
||||
# update on soname bump
|
||||
Patch2: libgcrypt-1.8.5-use-fipscheck.patch
|
||||
# modify FIPS RSA and DSA keygen to comply with requirements
|
||||
Patch5: libgcrypt-1.8.4-fips-keygen.patch
|
||||
# fix the tests to work correctly in the FIPS mode
|
||||
Patch6: libgcrypt-1.8.4-tests-fipsmode.patch
|
||||
# update the CAVS tests
|
||||
Patch7: libgcrypt-1.7.3-fips-cavs.patch
|
||||
# use poll instead of select when gathering randomness
|
||||
Patch11: libgcrypt-1.8.4-use-poll.patch
|
||||
# slight optimalization of mpicoder.c to silence Valgrind (#968288)
|
||||
Patch13: libgcrypt-1.6.1-mpicoder-gccopt.patch
|
||||
# fix tests to work with approved ECC
|
||||
Patch14: libgcrypt-1.7.3-ecc-test-fix.patch
|
||||
# Run the FIPS mode initialization in the shared library constructor
|
||||
Patch18: libgcrypt-1.8.3-fips-ctor.patch
|
||||
# Block some operations if in FIPS non-operational state
|
||||
Patch22: libgcrypt-1.7.3-fips-reqs.patch
|
||||
# Do not try to open /dev/urandom if getrandom() works
|
||||
Patch24: libgcrypt-1.8.5-getrandom.patch
|
||||
# CMAC selftest for FIPS POST
|
||||
Patch25: libgcrypt-1.8.3-cmac-selftest.patch
|
||||
# Continuous FIPS entropy test
|
||||
Patch26: libgcrypt-1.8.3-fips-enttest.patch
|
||||
# Disable non-approved FIPS hashes in the enforced FIPS mode
|
||||
Patch27: libgcrypt-1.8.3-md-fips-enforce.patch
|
||||
# Intel CET support, in upstream master
|
||||
Patch28: libgcrypt-1.8.5-intel-cet.patch
|
||||
# Fix build on ARMv7
|
||||
Patch29: libgcrypt-1.8.5-build.patch
|
||||
# FIPS module is redefined a little bit (implicit by kernel FIPS mode)
|
||||
Patch30: libgcrypt-1.8.5-fips-module.patch
|
||||
# Backported AES performance improvements
|
||||
Patch31: libgcrypt-1.8.5-aes-perf.patch
|
||||
|
||||
%define gcrylibdir %{_libdir}
|
||||
|
||||
# Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction.
|
||||
# Documentation and some utilities are GPLv2+ licensed. These files
|
||||
# are in the devel subpackage.
|
||||
License: LGPLv2+
|
||||
Summary: A general-purpose cryptography library
|
||||
BuildRequires: gcc
|
||||
BuildRequires: gawk, libgpg-error-devel >= 1.11, pkgconfig
|
||||
BuildRequires: fipscheck
|
||||
# This is needed only when patching the .texi doc.
|
||||
BuildRequires: texinfo
|
||||
BuildRequires: autoconf, automake, libtool
|
||||
|
||||
%package devel
|
||||
Summary: Development files for the %{name} package
|
||||
License: LGPLv2+ and GPLv2+
|
||||
Requires(pre): /sbin/install-info
|
||||
Requires(post): /sbin/install-info
|
||||
Requires: libgpg-error-devel
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
|
||||
%description
|
||||
Libgcrypt is a general purpose crypto library based on the code used
|
||||
in GNU Privacy Guard. This is a development version.
|
||||
|
||||
%description devel
|
||||
Libgcrypt is a general purpose crypto library based on the code used
|
||||
in GNU Privacy Guard. This package contains files needed to develop
|
||||
applications using libgcrypt.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%{SOURCE3}
|
||||
%patch2 -p1 -b .use-fipscheck
|
||||
%patch5 -p1 -b .fips-keygen
|
||||
%patch6 -p1 -b .tests-fipsmode
|
||||
%patch7 -p1 -b .cavs
|
||||
%patch11 -p1 -b .use-poll
|
||||
%patch13 -p1 -b .gccopt
|
||||
%patch14 -p1 -b .eccfix
|
||||
%patch18 -p1 -b .fips-ctor
|
||||
%patch22 -p1 -b .fips-reqs
|
||||
%patch24 -p1 -b .getrandom
|
||||
%patch25 -p1 -b .cmac-selftest
|
||||
%patch26 -p1 -b .fips-enttest
|
||||
%patch27 -p1 -b .fips-enforce
|
||||
%patch28 -p1 -b .intel-cet
|
||||
%patch29 -p1 -b .build
|
||||
%patch30 -p1 -b .fips-module
|
||||
%patch31 -p1 -b .aes-perf
|
||||
|
||||
cp %{SOURCE4} cipher/
|
||||
cp %{SOURCE5} %{SOURCE6} tests/
|
||||
|
||||
%build
|
||||
autoreconf -f
|
||||
%configure --disable-static \
|
||||
%ifarch sparc64
|
||||
--disable-asm \
|
||||
%endif
|
||||
--enable-noexecstack \
|
||||
--enable-hmac-binary-check \
|
||||
--enable-pubkey-ciphers='dsa elgamal rsa ecc' \
|
||||
--disable-O-flag-munging
|
||||
sed -i -e '/^sys_lib_dlsearch_path_spec/s,/lib /usr/lib,/usr/lib /lib64 /usr/lib64 /lib,g' libtool
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%check
|
||||
fipshmac src/.libs/libgcrypt.so.??
|
||||
make check
|
||||
|
||||
# Add generation of HMAC checksums of the final stripped binaries
|
||||
%define __spec_install_post \
|
||||
%{?__debug_package:%{__debug_install_post}} \
|
||||
%{__arch_install_post} \
|
||||
%{__os_install_post} \
|
||||
fipshmac $RPM_BUILD_ROOT%{gcrylibdir}/*.so.?? \
|
||||
%{nil}
|
||||
|
||||
%install
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
# Change /usr/lib64 back to /usr/lib. This saves us from having to patch the
|
||||
# script to "know" that -L/usr/lib64 should be suppressed, and also removes
|
||||
# a file conflict between 32- and 64-bit versions of this package.
|
||||
# Also replace my_host with none.
|
||||
sed -i -e 's,^libdir="/usr/lib.*"$,libdir="/usr/lib",g' $RPM_BUILD_ROOT/%{_bindir}/libgcrypt-config
|
||||
sed -i -e 's,^my_host=".*"$,my_host="none",g' $RPM_BUILD_ROOT/%{_bindir}/libgcrypt-config
|
||||
|
||||
rm -f ${RPM_BUILD_ROOT}/%{_infodir}/dir ${RPM_BUILD_ROOT}/%{_libdir}/*.la
|
||||
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_libdir}
|
||||
|
||||
%if "%{gcrylibdir}" != "%{_libdir}"
|
||||
# Relocate the shared libraries to %{gcrylibdir}.
|
||||
mkdir -p $RPM_BUILD_ROOT%{gcrylibdir}
|
||||
for shlib in $RPM_BUILD_ROOT%{_libdir}/*.so* ; do
|
||||
if test -L "$shlib" ; then
|
||||
rm "$shlib"
|
||||
else
|
||||
mv "$shlib" $RPM_BUILD_ROOT%{gcrylibdir}/
|
||||
fi
|
||||
done
|
||||
|
||||
# Add soname symlink.
|
||||
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}/
|
||||
%endif
|
||||
|
||||
# Overwrite development symlinks.
|
||||
pushd $RPM_BUILD_ROOT/%{gcrylibdir}
|
||||
for shlib in lib*.so.?? ; do
|
||||
target=$RPM_BUILD_ROOT/%{_libdir}/`echo "$shlib" | sed -e 's,\.so.*,,g'`.so
|
||||
%if "%{gcrylibdir}" != "%{_libdir}"
|
||||
shlib=%{gcrylibdir}/$shlib
|
||||
%endif
|
||||
ln -sf $shlib $target
|
||||
done
|
||||
popd
|
||||
|
||||
# Create /etc/gcrypt (hardwired, not dependent on the configure invocation) so
|
||||
# that _someone_ owns it.
|
||||
mkdir -p -m 755 $RPM_BUILD_ROOT/etc/gcrypt
|
||||
install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/gcrypt/random.conf
|
||||
|
||||
# Drop the pkgconfig as it would require an updated libgpg-error
|
||||
rm $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/libgcrypt.pc
|
||||
|
||||
%post -p /sbin/ldconfig
|
||||
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%post devel
|
||||
[ -f %{_infodir}/gcrypt.info.gz ] && \
|
||||
/sbin/install-info %{_infodir}/gcrypt.info.gz %{_infodir}/dir
|
||||
exit 0
|
||||
|
||||
%preun devel
|
||||
if [ $1 = 0 -a -f %{_infodir}/gcrypt.info.gz ]; then
|
||||
/sbin/install-info --delete %{_infodir}/gcrypt.info.gz %{_infodir}/dir
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%files
|
||||
%dir /etc/gcrypt
|
||||
%config(noreplace) /etc/gcrypt/random.conf
|
||||
%{gcrylibdir}/libgcrypt.so.*
|
||||
%{gcrylibdir}/.libgcrypt.so.*.hmac
|
||||
%{!?_licensedir:%global license %%doc}
|
||||
%license COPYING.LIB
|
||||
%doc AUTHORS NEWS THANKS
|
||||
|
||||
%files devel
|
||||
%{_bindir}/%{name}-config
|
||||
%{_bindir}/dumpsexp
|
||||
%{_bindir}/hmac256
|
||||
%{_bindir}/mpicalc
|
||||
%{_includedir}/*
|
||||
%{_libdir}/*.so
|
||||
%{_datadir}/aclocal/*
|
||||
%{_mandir}/man1/*
|
||||
|
||||
%{_infodir}/gcrypt.info*
|
||||
%{!?_licensedir:%global license %%doc}
|
||||
%license COPYING
|
||||
|
||||
%changelog
|
||||
* Tue Apr 28 2020 Tomáš Mráz <tmraz@redhat.com> 1.8.5-3
|
||||
- new upstream version 1.8.5
|
||||
- AES performance improvements backported from master branch
|
||||
- FIPS module is implicit with kernel FIPS flag
|
||||
- always run the FIPS selftests if FIPS module is installed
|
||||
|
||||
* Mon Jun 24 2019 Tomáš Mráz <tmraz@redhat.com> 1.8.3-4
|
||||
- improve the continuous FIPS entropy test
|
||||
|
||||
* Mon Jun 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.8.3-3
|
||||
- add CMAC selftest for FIPS POST
|
||||
- add continuous FIPS entropy test
|
||||
- disable non-approved FIPS hashes in the enforced FIPS mode
|
||||
|
||||
* Thu Jul 12 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.3-2
|
||||
- make only_urandom a default in non-presence of configuration file
|
||||
- run the full FIPS selftests only when the library is called from
|
||||
application
|
||||
|
||||
* Thu Jun 14 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.3-1
|
||||
- new upstream version 1.8.3
|
||||
|
||||
* Tue Feb 6 2018 Tomáš Mráz <tmraz@redhat.com> 1.8.2-2
|
||||
- fix behavior when getrandom syscall is not present (#1542453)
|
||||
|
||||
* Thu Dec 21 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.2-1
|
||||
- new upstream version 1.8.2
|
||||
|
||||
* Tue Dec 5 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-3
|
||||
- do not try to access() /dev/urandom either if getrandom() works
|
||||
|
||||
* Mon Dec 4 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-2
|
||||
- do not try to open /dev/urandom if getrandom() works (#1380866)
|
||||
|
||||
* Tue Sep 5 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.1-1
|
||||
- new upstream version 1.8.1
|
||||
|
||||
* Wed Aug 16 2017 Tomáš Mráz <tmraz@redhat.com> 1.8.0-1
|
||||
- new upstream version 1.8.0
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.8-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Thu Jun 29 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.8-1
|
||||
- new upstream version 1.7.8
|
||||
|
||||
* Fri Jun 2 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.7-1
|
||||
- new upstream version 1.7.7
|
||||
- GOST is now enabled
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Mon Jan 30 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.6-1
|
||||
- new upstream version 1.7.6
|
||||
|
||||
* Fri Dec 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.7.5-1
|
||||
- new upstream version 1.7.5
|
||||
|
||||
* Wed Nov 23 2016 Tomáš Mráz <tmraz@redhat.com> 1.7.3-1
|
||||
- new upstream version 1.7.3
|
||||
|
||||
* Wed Aug 17 2016 Tomáš Mráz <tmraz@redhat.com> 1.6.6-1
|
||||
- new upstream version with important security fix (CVE-2016-6316)
|
||||
|
||||
* Thu Jul 21 2016 Tomáš Mráz <tmraz@redhat.com> 1.6.5-1
|
||||
- new upstream version fixing low impact issue CVE-2015-7511
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Wed Sep 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.4-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.3-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Fri Apr 3 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-4
|
||||
- deinitialize the RNG after the selftest is run
|
||||
|
||||
* Tue Mar 24 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-3
|
||||
- touch only urandom in the selftest and when /dev/random is
|
||||
unavailable for example by SELinux confinement
|
||||
- fix the RSA selftest key (p q swap) (#1204517)
|
||||
|
||||
* Fri Mar 13 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-2
|
||||
- do not use strict aliasing for bufhelp functions (#1201219)
|
||||
|
||||
* Fri Mar 6 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Feb 25 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.2-4
|
||||
- do not initialize secure memory during the selftest (#1195850)
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 1.6.2-3
|
||||
- Rebuilt for Fedora 23 Change
|
||||
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
||||
|
||||
* Wed Jan 14 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.2-2
|
||||
- fix buildability of programs using gcrypt.h with -ansi (#1182200)
|
||||
|
||||
* Mon Dec 8 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.2-1
|
||||
- new upstream version
|
||||
|
||||
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Thu Jul 17 2014 Tom Callaway <spot@fedoraproject.org> - 1.6.1-6
|
||||
- fix license handling
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Tue May 20 2014 Kyle McMartin <kyle@fedoraproject.org> 1.6.1-4
|
||||
- Re-enable below algos, apply patch from upstream list to make
|
||||
that code -fPIC friendly. (rhbz#1069792)
|
||||
|
||||
* Mon May 19 2014 Kyle McMartin <kyle@fedoraproject.org> 1.6.1-3
|
||||
- Disable rijndael, cast5, camellia ARM assembly, as it's non-PIC as
|
||||
presently written, which results in .text relocations in the shared
|
||||
library. (rhbz#1069792)
|
||||
|
||||
* Thu Apr 24 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.1-2
|
||||
- drop the temporary compat shared library version
|
||||
- fix the soname version in -use-fipscheck.patch
|
||||
|
||||
* Fri Feb 28 2014 Tomáš Mráz <tmraz@redhat.com> 1.6.1-1
|
||||
- new upstream version breaking ABI compatibility
|
||||
- this release temporarily includes old compatibility .so
|
||||
|
||||
* Tue Jan 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.5.3-3
|
||||
- add back the nistp521r1 EC curve
|
||||
- fix a bug in the Whirlpool hash implementation
|
||||
- speed up the PBKDF2 computation
|
||||
|
||||
* Sun Oct 20 2013 Tom Callaway <spot@fedoraproject.org> - 1.5.3-2
|
||||
- add cleared ECC support
|
||||
|
||||
* Fri Jul 26 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.3-1
|
||||
- new upstream version fixing cache side-channel attack on RSA private keys
|
||||
|
||||
* Thu Jun 20 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-3
|
||||
- silence false error detected by valgrind (#968288)
|
||||
|
||||
* Thu Apr 25 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-2
|
||||
- silence strict aliasing warning in Rijndael
|
||||
- apply UsrMove
|
||||
- spec file cleanups
|
||||
|
||||
* Fri Apr 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.5.2-1
|
||||
- new upstream version
|
||||
|
||||
* Wed Mar 20 2013 Tomas Mraz <tmraz@redhat.com> 1.5.1-1
|
||||
- new upstream version
|
||||
|
||||
* Tue Mar 5 2013 Tomas Mraz <tmraz@redhat.com> 1.5.0-11
|
||||
- use poll() instead of select() when gathering randomness (#913773)
|
||||
|
||||
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-10
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Thu Jan 3 2013 Tomas Mraz <tmraz@redhat.com> 1.5.0-9
|
||||
- allow empty passphrase in PBKDF2 needed for cryptsetup (=891266)
|
||||
|
||||
* Mon Dec 3 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-8
|
||||
- fix multilib conflict in libgcrypt-config
|
||||
- fix minor memory leaks and other bugs found by Coverity scan
|
||||
|
||||
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Thu Apr 5 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-5
|
||||
- Correctly rebuild the info documentation
|
||||
|
||||
* Wed Apr 4 2012 Tomas Mraz <tmraz@redhat.com> 1.5.0-4
|
||||
- Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command
|
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Mon Aug 15 2011 Kalev Lember <kalevlember@gmail.com> 1.5.0-2
|
||||
- Rebuilt for rpm bug #728707
|
||||
|
||||
* Thu Jul 21 2011 Tomas Mraz <tmraz@redhat.com> 1.5.0-1
|
||||
- new upstream version
|
||||
|
||||
* Mon Jun 20 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-4
|
||||
- Always xor seed from /dev/urandom over /etc/gcrypt/rngseed
|
||||
|
||||
* Mon May 30 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-3
|
||||
- Make the FIPS-186-3 DSA implementation CAVS testable
|
||||
- add configurable source of RNG seed /etc/gcrypt/rngseed
|
||||
in the FIPS mode (#700388)
|
||||
|
||||
* Fri Feb 11 2011 Tomas Mraz <tmraz@redhat.com> 1.4.6-1
|
||||
- new upstream version with minor changes
|
||||
|
||||
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.5-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Fri Feb 4 2011 Tomas Mraz <tmraz@redhat.com> 1.4.5-6
|
||||
- fix a bug in the fips-186-3 dsa parameter generation code
|
||||
|
||||
* Tue Feb 1 2011 Tomas Mraz <tmraz@redhat.com> 1.4.5-5
|
||||
- use /dev/urandom for seeding in the FIPS mode
|
||||
- make the tests to pass in the FIPS mode also fixing
|
||||
the FIPS-186-3 DSA keygen
|
||||
|
||||
* Sun Feb 14 2010 Rex Dieter <rdieter@fedoraproject.org> 1.4.5-4
|
||||
- FTBFS libgcrypt-1.4.5-3.fc13: ImplicitDSOLinking (#564973)
|
||||
|
||||
* Wed Feb 3 2010 Tomas Mraz <tmraz@redhat.com> 1.4.5-3
|
||||
- drop the S390 build workaround as it is no longer needed
|
||||
- additional spec file cleanups for merge review (#226008)
|
||||
|
||||
* Mon Dec 21 2009 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
|
||||
- workaround for build on S390 (#548825)
|
||||
- spec file cleanups
|
||||
- upgrade to new minor upstream release
|
||||
|
||||
* Tue Aug 11 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-8
|
||||
- fix warning when installed with --excludedocs (#515961)
|
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Thu Jun 18 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-6
|
||||
- and now really apply the padlock patch
|
||||
|
||||
* Wed Jun 17 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-5
|
||||
- fix VIA padlock RNG inline assembly call (#505724)
|
||||
|
||||
* Thu Mar 5 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-4
|
||||
- with the integrity verification check the library needs to link to libdl
|
||||
(#488702)
|
||||
|
||||
* Tue Mar 3 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-3
|
||||
- add hmac FIPS integrity verification check
|
||||
|
||||
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Fri Jan 30 2009 Tomas Mraz <tmraz@redhat.com> 1.4.4-1
|
||||
- update to 1.4.4
|
||||
- do not abort when the fips mode kernel flag is inaccessible
|
||||
due to permissions (#470219)
|
||||
- hobble the library to drop the ECC support
|
||||
|
||||
* Mon Oct 20 2008 Dennis Gilmore <dennis@ausil.us> 1.4.3-2
|
||||
- disable asm on sparc64
|
||||
|
||||
* Thu Sep 18 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.3-1
|
||||
- update to 1.4.3
|
||||
- own /etc/gcrypt
|
||||
|
||||
* Mon Sep 15 2008 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- invoke make with %%{?_smp_mflags} to build faster on multi-processor
|
||||
systems (Steve Grubb)
|
||||
|
||||
* Mon Sep 8 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.2-1
|
||||
- update to 1.4.2
|
||||
|
||||
* Tue Apr 29 2008 Nalin Dahyabhai <nalin@redhat.com> 1.4.1-1
|
||||
- update to 1.4.1
|
||||
- bump libgpgerror-devel requirement to 1.4, matching the requirement enforced
|
||||
by the configure script
|
||||
|
||||
* Thu Apr 3 2008 Joe Orton <jorton@redhat.com> 1.4.0-3
|
||||
- add patch from upstream to fix severe performance regression
|
||||
in entropy gathering
|
||||
|
||||
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.4.0-2
|
||||
- Autorebuild for GCC 4.3
|
||||
|
||||
* Mon Dec 10 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.4.0-1
|
||||
- update to 1.4.0
|
||||
|
||||
* Tue Oct 16 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-6
|
||||
- use ldconfig to build the soname symlink for packaging along with the
|
||||
shared library (#334731)
|
||||
|
||||
* Wed Aug 22 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-5
|
||||
- add missing gawk buildrequirement
|
||||
- switch from explicitly specifying the /dev/random RNG to just verifying
|
||||
that the non-LGPL ones were disabled by the configure script
|
||||
|
||||
* Thu Aug 16 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-4
|
||||
- clarify license
|
||||
- force use of the linux /dev/random RNG, to avoid accidentally falling back
|
||||
to others which would affect the license of the resulting library
|
||||
|
||||
* Mon Jul 30 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-3
|
||||
- disable static libraries (part of #249815)
|
||||
|
||||
* Fri Jul 27 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-2
|
||||
- move libgcrypt shared library to /%%{_lib} (#249815)
|
||||
|
||||
* Tue Feb 6 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.4-1
|
||||
- update to 1.2.4
|
||||
|
||||
* Mon Jan 22 2007 Nalin Dahyabhai <nalin@redhat.com> - 1.2.3-2
|
||||
- make use of install-info more failsafe (Ville Skyttä, #223705)
|
||||
|
||||
* Fri Sep 1 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.2.3-1
|
||||
- update to 1.2.3
|
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-3.1
|
||||
- rebuild
|
||||
|
||||
* Mon Jun 05 2006 Jesse Keating <jkeating@redhat.com> 1.2.2-3
|
||||
- Added missing buildreq pkgconfig
|
||||
|
||||
* Tue May 16 2006 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-2
|
||||
- remove file conflicts in libgcrypt-config by making the 64-bit version
|
||||
think the libraries are in /usr/lib (which is wrong, but which it also
|
||||
prunes from the suggest --libs output, so no harm done, hopefully)
|
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-1.2.1
|
||||
- bump again for double-long bug on ppc(64)
|
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.2-1.2
|
||||
- rebuilt for new gcc4.1 snapshot and glibc changes
|
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Wed Oct 5 2005 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-1
|
||||
- update to 1.2.2
|
||||
|
||||
* Wed Mar 16 2005 Nalin Dahyabhai <nalin@redhat.com> 1.2.1-1
|
||||
- update to 1.2.1
|
||||
|
||||
* Fri Jul 30 2004 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- another try to package the symlink
|
||||
|
||||
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Sun May 2 2004 Bill Nottingham <notting@redhat.com> - 1.2.0-1
|
||||
- update to official 1.2.0
|
||||
|
||||
* Fri Apr 16 2004 Bill Nottingham <notting@redhat.com> - 1.1.94-1
|
||||
- update to 1.1.94
|
||||
|
||||
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Sat Feb 21 2004 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- add symlinks to shared libs at compile time
|
||||
|
||||
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Thu Mar 20 2003 Jeff Johnson <jbj@redhat.com> 1.1.12-1
|
||||
- upgrade to 1.1.12 (beta).
|
||||
|
||||
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
||||
- automated rebuild
|
||||
|
||||
* Sun May 26 2002 Tim Powers <timp@redhat.com>
|
||||
- automated rebuild
|
||||
|
||||
* Tue May 21 2002 Jeff Johnson <jbj@redhat.com>
|
||||
- update to 1.1.7
|
||||
- change license to LGPL.
|
||||
- include splint annotations patch.
|
||||
- install info pages.
|
||||
|
||||
* Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 1.1.6-1
|
||||
- update to 1.1.6
|
||||
|
||||
* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 1.1.5-1
|
||||
- fix the Source tag so that it's a real URL
|
||||
|
||||
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- initial package
|
Loading…
Reference in New Issue
Block a user