Two selftest bug fixes.

- touch only urandom in the selftest and when /dev/random is
  unavailable for example by SELinux confinement
- fix the RSA selftest key (p q swap) (#1204517)

libgcrypt-1.6.2-fips-reqs.patch

@@ -182,30 +182,30 @@ diff -up libgcrypt-1.6.2/cipher/rsa.c.fips-reqs libgcrypt-1.6.2/cipher/rsa.c
 -"  (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
 -"      ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))";
 -/* A sample 1024 bit RSA key used for the selftests (public only).  */
-+"  (d #36273db1f91bdba7a0417f1223ac232999d53a7b606741076353b4d2e758"
-+"      950ac705f34eb2b412d470dc4f8506d3ddd863273e673121243904bc06a4"
-+"      ccce2b7afe7badde116ea3a5e604530ea34e2db48f31bfca7525520285de"
-+"      3db27243b2898a9a3441263f9a67bea4967b0e75baa693d5b8d8b857f24b"
-+"      0f1481d1574ef6454ca63bd070cad39d55de2205e78e284dee11cfb66776"
-+"      09d3e33c13f99934107bec8138f0b6349c9b506f0b91814d8994047bf03c"
-+"      f4b1b200488d5a8f889ec5ab3a9e443f54e7d96e47aaa1bd404631f9f034"
-+"      b604e12b5b7386dd3a921b71c73f32e5c3c2aba17ebfa452a0b06890d120"
-+"      1279e9d7c940baf219c7a50092860d01#)"
-+"  (p #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
-+"      26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
-+"      381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
-+"      2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
-+"      97da57e836da7a9cad#)"
-+"  (q #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
++"  (d #03b1e24a94e50ab21f8619701ec97679be2cf8f733c9331d9e2974dba721"
++"      27e5def480290e78a769f96b19d28397a284868fb614ca9b1fb3a0d7efed"
++"      df41451204ce71aceba659f6ed15964ebb317712364e1cfaf2fded77d658"
++"      8561acc49c97c2d7efe75f1534b35bd4f6561e1f468b45590db34553d4d0"
++"      c2cb4d806b74e1b2c52740462538865d9792b0aefbbf7b9827f4b3badcb3"
++"      5adab638266a2d2fb8422a7a19142e08848e56af77a66c39b2afafa2e15b"
++"      1a7e4ed1f2c7ed350678c0465d86472af97371b13ef5058662f835ef9087"
++"      f6cca8281bbf1b6b155c737b33d9e443350df85e7cc3b507231fb839f41f"
++"      02c654b29017f35d69007c70e13ba0e5#)"
++"  (p #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
 +"      ef2ce74f4af74e268d850b3fecc31cd4ebec6ac8722a257dfda67796f01e"
 +"      cd2857f83730756bbdd47b0c87c56c8740a5bb272c78c9745a545b0b306f"
 +"      444afa71e4216166f9ee65de7c04d7fda9155b7fe27aba698672a6068d9b"
 +"      9055609e4c5da9b655#)"
-+"  (u #00afdecbdc5268ea7b1bff7284db7f6757dae3165fd80691ed2bbe8e54a1"
-+"      6f7ff950aad059e9695903d93e59ff206ee1470bd2b099ca4e83426a7684"
-+"      75a1ecafd3092fec0f008d78fe773174ec6fbff85384f3a91c2e4b1f59f1"
-+"      1f2000fee86569f6cab5de338087bc615b90570de4aeb1a9125abbe3834d"
-+"      5a69716c0a5fa20603#)))";
++"  (q #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
++"      26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
++"      381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
++"      2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
++"      97da57e836da7a9cad#)"
++"  (u #2396c191175e0a83d2dc7b69b2591d3358523f18c709501cb9a1bb4ca238"
++"      404c9a8efe9c9092d0719f899950911f348b745311114a70e2f730d88c80"
++"      e1cc9ff163171a7d67294ccb4e747be03e9e2ff4678fecb95c001e7ea27b"
++"      92c96f4ce40ef94863cd50225dbfb69d01336af450be86984fca3f3afacf"
++"      0740c4aaadaebebf#)))";
 +/* A sample 2048 bit RSA key used for the selftests (public only).  */
  static const char sample_public_key[] =
  "(public-key"

libgcrypt-1.6.3-rsa-fips-keygen.patch

@@ -189,15 +189,15 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
 +          if (testparms) goto err;
 +          goto qloop;
 +        }
-+      if (mpi_cmp (p, q) < 0)
++      if (mpi_cmp (p, q) > 0)
 +        {
 +          pqswitch = 1;
-+          mpi_sub (diff, q, p);
-+        }      
++          mpi_sub (diff, p, q);
++        }
 +      else
 +        {
 +          pqswitch = 0;
-+          mpi_sub (diff, p, q);
++          mpi_sub (diff, q, p);
 +        }
 +      if (mpi_cmp (diff, mindiff) < 0)
 +        {
@@ -248,7 +248,7 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
 +      mpi_gcd (g, p1, q1);
 +      mpi_fdiv_q (f, p1, g);
 +      mpi_mul (f, f, q1);
-+      
++
 +      mpi_invm (d, e, f);
 +
 +      _gcry_mpi_release (f);
@@ -329,7 +329,7 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
 -      ec = generate_std (&sk, nbits, evalue,
 -                         !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
 +      if (deriveparms || fips_mode())
-+	ec = generate_fips (&sk, nbits, evalue, deriveparms, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
++        ec = generate_fips (&sk, nbits, evalue, deriveparms, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
 +      else
 +        ec = generate_std (&sk, nbits, evalue, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
 +      sexp_release (deriveparms);

libgcrypt-1.6.3-urandom-only.patch

@@ -0,0 +1,29 @@
+diff -up libgcrypt-1.6.3/random/random-csprng.c.urandom-only libgcrypt-1.6.3/random/random-csprng.c
+--- libgcrypt-1.6.3/random/random-csprng.c.urandom-only	2015-02-27 10:54:03.000000000 +0100
++++ libgcrypt-1.6.3/random/random-csprng.c	2015-03-20 08:29:27.513113519 +0100
+@@ -1125,8 +1125,7 @@ getfnc_gather_random (void))(void (*)(co
+              enum random_origins, size_t, int);
+ 
+ #if USE_RNDLINUX
+-  if ( !access (NAME_OF_DEV_RANDOM, R_OK)
+-       && !access (NAME_OF_DEV_URANDOM, R_OK))
++  if (!access (NAME_OF_DEV_URANDOM, R_OK))
+     {
+       fnc = _gcry_rndlinux_gather_random;
+       return fnc;
+diff -up libgcrypt-1.6.3/random/rndlinux.c.urandom-only libgcrypt-1.6.3/random/rndlinux.c
+--- libgcrypt-1.6.3/random/rndlinux.c.urandom-only	2015-03-20 08:36:13.472098269 +0100
++++ libgcrypt-1.6.3/random/rndlinux.c	2015-03-20 08:36:43.765097131 +0100
+@@ -178,7 +178,11 @@ _gcry_rndlinux_gather_random (void (*add
+     {
+       if (fd_random == -1)
+         {
+-          fd_random = open_device (NAME_OF_DEV_RANDOM, (ever_opened & 1), 1);
++          /* We try to open /dev/random first but in case the open fails
++             we gracefully retry with /dev/urandom. */
++          fd_random = open_device (NAME_OF_DEV_RANDOM, 0, 0);
++          if (fd_random == -1)
++            fd_random = open_device (NAME_OF_DEV_URANDOM, (ever_opened & 1), 1);
+           ever_opened |= 1;
+         }
+       fd = fd_random;

libgcrypt.spec

@@ -1,6 +1,6 @@
 Name: libgcrypt
 Version: 1.6.3
-Release: 2%{?dist}
+Release: 3%{?dist}
 URL: http://www.gnupg.org/
 Source0: libgcrypt-%{version}-hobbled.tar.xz
 # The original libgcrypt sources now contain potentially patented ECC
@@ -45,6 +45,8 @@ Patch20: libgcrypt-1.6.3-rsa-fips-keygen.patch
 Patch22: libgcrypt-1.6.2-fips-reqs.patch
 # do not use strict aliasing for bufhelp functions
 Patch23: libgcrypt-1.6.3-aliasing.patch
+# use only urandom if /dev/random cannot be opened
+Patch24: libgcrypt-1.6.3-urandom-only.patch
 
 %define gcrylibdir %{_libdir}
 
@@ -94,6 +96,8 @@ applications using libgcrypt.
 %patch20 -p1 -b .fips-keygen
 %patch22 -p1 -b .fips-reqs
 %patch23 -p1 -b .aliasing
+%patch24 -p1 -b .urandom-only
+
 cp %{SOURCE4} cipher/
 cp %{SOURCE5} %{SOURCE6} tests/
 
@@ -204,6 +208,11 @@ exit 0
 %license COPYING
 
 %changelog
+* Tue Mar 24 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-3
+- touch only urandom in the selftest and when /dev/random is
+  unavailable for example by SELinux confinement
+- fix the RSA selftest key (p q swap) (#1204517)
+
 * Fri Mar 13 2015 Tomáš Mráz <tmraz@redhat.com> 1.6.3-2
 - do not use strict aliasing for bufhelp functions (#1201219)