diff --git a/.gitignore b/.gitignore index fed427b..0288827 100644 --- a/.gitignore +++ b/.gitignore @@ -24,3 +24,4 @@ libgcrypt-1.4.5-hobbled.tar.bz2 /libgcrypt-1.8.6-hobbled.tar.xz /libgcrypt-1.8.7-hobbled.tar.xz /libgcrypt-1.9.0-hobbled.tar.xz +/libgcrypt-1.9.1-hobbled.tar.xz diff --git a/ecc-curves.c b/ecc-curves.c index 4242117..a974bcf 100644 --- a/ecc-curves.c +++ b/ecc-curves.c @@ -1064,13 +1064,18 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags, if ((n+7)/8 != len) { - if ((n+7)/8 < len && ec->dialect == ECC_DIALECT_ED25519) + if (ec->dialect == ECC_DIALECT_ED25519) { /* * GnuPG (<= 2.2) or OpenPGP implementations with no * SOS support may remove zeros at the beginning. * Recover those zeros. */ + /* + * Also, GnuPG (<= 2.2) may add additional zero at + * the beginning, when private key is moved from + * OpenPGP to gpg-agent. Remove such a zero-prefix. + */ const unsigned char *buf; unsigned char *value; @@ -1078,13 +1083,26 @@ mpi_ec_setup_elliptic_curve (mpi_ec_t ec, int flags, if (!buf) return GPG_ERR_INV_OBJ; - value = xtrycalloc_secure (1, len); + value = xtrymalloc_secure (len); if (!value) return gpg_err_code_from_syserror (); - memset (value, 0, len - (n+7)/8); - memcpy (value + len - (n+7)/8, buf, (n+7)/8); - mpi_set_opaque (ec->d, value, len); + if ((n+7)/8 < len) + /* Recover zeros. */ + { + memset (value, 0, len - (n+7)/8); + memcpy (value + len - (n+7)/8, buf, (n+7)/8); + } + else if ((n+7)/8 == len + 1) + /* Remove a zero. */ + memcpy (value, buf+1, len); + else + { + xfree (value); + return GPG_ERR_INV_OBJ; + } + + mpi_set_opaque (ec->d, value, len*8); } else { diff --git a/libgcrypt-1.7.3-fips-reqs.patch b/libgcrypt-1.7.3-fips-reqs.patch deleted file mode 100644 index ef7f765..0000000 --- a/libgcrypt-1.7.3-fips-reqs.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff -up libgcrypt-1.7.3/src/visibility.c.fips-reqs libgcrypt-1.7.3/src/visibility.c ---- libgcrypt-1.7.3/src/visibility.c.fips-reqs 2016-03-23 12:59:34.000000000 +0100 -+++ libgcrypt-1.7.3/src/visibility.c 2016-11-22 16:29:36.992042480 +0100 -@@ -1288,6 +1288,8 @@ gcry_kdf_derive (const void *passphrase, - unsigned long iterations, - size_t keysize, void *keybuffer) - { -+ if (!fips_is_operational ()) -+ return gpg_error (fips_not_operational ()); - return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo, - salt, saltlen, iterations, - keysize, keybuffer)); -@@ -1343,6 +1345,13 @@ void - gcry_mpi_randomize (gcry_mpi_t w, - unsigned int nbits, enum gcry_random_level level) - { -+ if (!fips_is_operational ()) -+ { -+ (void)fips_not_operational (); -+ fips_signal_fatal_error ("called in non-operational state"); -+ fips_noreturn (); -+ } -+ - _gcry_mpi_randomize (w, nbits, level); - } - -@@ -1368,6 +1377,8 @@ gcry_prime_generate (gcry_mpi_t *prime, - gcry_random_level_t random_level, - unsigned int flags) - { -+ if (!fips_is_operational ()) -+ return gpg_error (fips_not_operational ()); - return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits, - factors, cb_func, cb_arg, - random_level, flags)); diff --git a/libgcrypt-1.8.4-fips-keygen.patch b/libgcrypt-1.8.4-fips-keygen.patch index 9d3a647..a3e241f 100644 --- a/libgcrypt-1.8.4-fips-keygen.patch +++ b/libgcrypt-1.8.4-fips-keygen.patch @@ -1,16 +1,15 @@ diff -up libgcrypt-1.8.4/cipher/dsa.c.fips-keygen libgcrypt-1.8.4/cipher/dsa.c --- libgcrypt-1.8.4/cipher/dsa.c.fips-keygen 2017-11-23 19:16:58.000000000 +0100 +++ libgcrypt-1.8.4/cipher/dsa.c 2019-02-12 14:29:25.629513989 +0100 -@@ -457,11 +457,22 @@ generate_fips186 (DSA_secret_key *sk, un +@@ -457,13 +457,22 @@ generate_fips186 (DSA_secret_key *sk, un &prime_q, &prime_p, r_counter, r_seed, r_seedlen); - else -- ec = _gcry_generate_fips186_3_prime (nbits, qbits, NULL, 0, + else if (!domain->p || !domain->q) -+ ec = _gcry_generate_fips186_3_prime (nbits, qbits, -+ initial_seed.seed, -+ initial_seed.seedlen, + ec = _gcry_generate_fips186_3_prime (nbits, qbits, + initial_seed.seed, + initial_seed.seedlen, &prime_q, &prime_p, r_counter, r_seed, r_seedlen, NULL); diff --git a/libgcrypt-1.8.4-tests-fipsmode.patch b/libgcrypt-1.8.4-tests-fipsmode.patch index d6e29d1..a415d18 100644 --- a/libgcrypt-1.8.4-tests-fipsmode.patch +++ b/libgcrypt-1.8.4-tests-fipsmode.patch @@ -142,7 +142,7 @@ diff -up libgcrypt-1.8.4/tests/pubkey.c.tests-fipsmode libgcrypt-1.8.4/tests/pub " (use-fips186)" " (transient-key)" " (derive-parms" -- " (seed #0cb1990c1fd3626055d7a0096f8fa99807399871#))))", +- " (seed #f770a4598ff756931fc529764513b103ce57d85f4ad8c5cf297c9b4d48241c5b#))))", + " (seed #8b4c4d671fff82e8ed932260206d0571e3a1c2cee8cd94cb73fe58f9b67488fa#))))", 0, 1); if (rc) diff --git a/libgcrypt-1.8.4-use-poll.patch b/libgcrypt-1.8.4-use-poll.patch index d55b6a3..01dcf82 100644 --- a/libgcrypt-1.8.4-use-poll.patch +++ b/libgcrypt-1.8.4-use-poll.patch @@ -6,9 +6,9 @@ diff -up libgcrypt-1.8.4/random/rndlinux.c.use-poll libgcrypt-1.8.4/random/rndli #include #include +#include - #if defined(__linux__) || !defined(HAVE_GETENTROPY) - #ifdef HAVE_SYSCALL - # include + #if defined(__APPLE__) && defined(__MACH__) + extern int getentropy (void *buf, size_t buflen) __attribute__ ((weak_import)); + #define HAVE_GETENTROPY @@ -241,9 +242,8 @@ _gcry_rndlinux_gather_random (void (*add return with something we will actually use 100ms. */ while (length) diff --git a/libgcrypt-1.9.0-kdf-missing-terminator.patch b/libgcrypt-1.9.0-kdf-missing-terminator.patch deleted file mode 100644 index 1d60f3f..0000000 --- a/libgcrypt-1.9.0-kdf-missing-terminator.patch +++ /dev/null @@ -1,31 +0,0 @@ -From: Jussi Kivilinna -Date: Tue, 19 Jan 2021 18:04:30 +0000 (+0200) -Subject: kdf: add missing null-terminator for self-test test-vector array -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff_plain;h=c6425a5537294dfe2beaafc9105f7af4ceac677f - -kdf: add missing null-terminator for self-test test-vector array - -* cipher/kdf.c (selftest_pbkdf2): Add null-terminator to TV array. --- - -This was causing kdf self-test to fail on s390x builds. - -GnuPG-bug-id: 5254 -Signed-off-by: Jussi Kivilinna ---- - -diff --git a/cipher/kdf.c b/cipher/kdf.c -index 3d707bd0..b916a3f8 100644 ---- a/cipher/kdf.c -+++ b/cipher/kdf.c -@@ -452,7 +452,8 @@ selftest_pbkdf2 (int extended, selftest_report_func_t report) - "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8\x14\xb8\x11\x6e\x84\xcf" - "\x2b\x17\x34\x7e\xbc\x18\x00\x18\x1c\x4e\x2a\x1f\xb8\xdd\x53\xe1" - "\xc6\x35\x51\x8c\x7d\xac\x47\xe9" -- } -+ }, -+ { NULL } - }; - const char *what; - const char *errtxt; - diff --git a/libgcrypt.spec b/libgcrypt.spec index 3cc62db..971a4b1 100644 --- a/libgcrypt.spec +++ b/libgcrypt.spec @@ -1,5 +1,5 @@ Name: libgcrypt -Version: 1.9.0 +Version: 1.9.1 Release: 1%{?dist} URL: https://www.gnupg.org/ Source0: libgcrypt-%{version}-hobbled.tar.xz @@ -36,8 +36,6 @@ Patch13: libgcrypt-1.6.1-mpicoder-gccopt.patch Patch14: libgcrypt-1.7.3-ecc-test-fix.patch # Run the FIPS mode initialization in the shared library constructor Patch18: libgcrypt-1.8.3-fips-ctor.patch -# Block some operations if in FIPS non-operational state -Patch22: libgcrypt-1.7.3-fips-reqs.patch # Do not try to open /dev/urandom if getrandom() works Patch24: libgcrypt-1.8.5-getrandom.patch # Continuous FIPS entropy test @@ -46,8 +44,6 @@ Patch26: libgcrypt-1.8.3-fips-enttest.patch Patch27: libgcrypt-1.8.3-md-fips-enforce.patch # FIPS module is redefined a little bit (implicit by kernel FIPS mode) Patch30: libgcrypt-1.8.5-fips-module.patch -# Missing terminator in the kdf vectors causing s390x builds failing -Patch31: libgcrypt-1.9.0-kdf-missing-terminator.patch %global gcrylibdir %{_libdir} %global gcrysoname libgcrypt.so.20 @@ -92,12 +88,10 @@ applications using libgcrypt. %patch13 -p1 -b .gccopt %patch14 -p1 -b .eccfix %patch18 -p1 -b .fips-ctor -%patch22 -p1 -b .fips-reqs %patch24 -p1 -b .getrandom %patch26 -p1 -b .fips-enttest %patch27 -p1 -b .fips-enforce %patch30 -p1 -b .fips-module -%patch31 -p1 -b .kdf-terminator cp %{SOURCE4} cipher/ cp %{SOURCE5} %{SOURCE6} tests/ @@ -207,6 +201,9 @@ install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/gcrypt/random.conf %license COPYING %changelog +* Fri Jan 29 2021 Jakub Jelen - 1.9.1-1 +- New upstream release (#1922156, #1922097) + * Wed Jan 20 2021 Jakub Jelen - 1.9.0-1 - New upstream release (#1917878) diff --git a/sources b/sources index 69b2536..3fb2e74 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (libgcrypt-1.9.0-hobbled.tar.xz) = d4ea9a1b732b05f605f0c99dd2b1e9747539bf2b6a8ff2fad7ab5350888f68b7f0b94bdd9253356ec9c8e6d3b87b5c76bc8dc4fbb3950acd8354b691f1f2ad3e +SHA512 (libgcrypt-1.9.1-hobbled.tar.xz) = 87c474c7b5054d7d6c75ca0d2458b2be197d7b8131b1e0a2017f391287a9e7bca666a9ac743c24210df869839518294c0091858245c96d10c5856f2473f35943