fix sporadic failures generating RSA keys in FIPS mode

The test suite occasionally fails with "error generating RSA key: Number is not prime" in FIPS mode¹. Apply the upstream fix, cd30ed3c (cipher: Change the bounds for RSA key generation round., 2022-04-20). ¹ https://dev.gnupg.org/T5919
2022-11-09 17:53:31 -05:00 · 2022-11-09 17:53:31 -05:00 · 96a092be6b
commit 96a092be6b
parent 9e608ad3fa
2 changed files with 61 additions and 0 deletions
--- a/0001-cipher-Change-the-bounds-for-RSA-key-generation-roun.patch
+++ b/0001-cipher-Change-the-bounds-for-RSA-key-generation-roun.patch
@ -0,0 +1,55 @@
+From cd30ed3c0d715aa0c58a32a29cfb1476163a5b94 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Wed, 20 Apr 2022 15:09:41 +0900
+Subject: [PATCH] cipher: Change the bounds for RSA key generation round.
+
+* cipher/rsa.c (generate_fips): Use 10 for p, 20 for q.
+
+--
+
+Constants from FIPS 186-5-draft.
+
+GnuPG-bug-id: 5919
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ cipher/rsa.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/cipher/rsa.c b/cipher/rsa.c
+index 486a34f0..771413b3 100644
+--- a/cipher/rsa.c
+++ b/cipher/rsa.c
+@@ -476,7 +476,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
+ 
+  retry:
+   /* generate p and q */
+-  for (i = 0; i < 5 * pbits; i++)
+  for (i = 0; i < 10 * pbits; i++)
+     {
+     ploop:
+       if (!testparms)
+@@ -506,10 +506,10 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
+       else if (testparms)
+         goto err;
+     }
+-  if (i >= 5 * pbits)
+  if (i >= 10 * pbits)
+     goto err;
+ 
+-  for (i = 0; i < 5 * pbits; i++)
+  for (i = 0; i < 20 * pbits; i++)
+     {
+     qloop:
+       if (!testparms)
+@@ -555,7 +555,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
+       else if (testparms)
+         goto err;
+     }
+-  if (i >= 5 * pbits)
+  if (i >= 20 * pbits)
+     goto err;
+ 
+   if (testparms)
+-- 
+2.38.1
+
--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@ -22,6 +22,10 @@ Source1: https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
 Source2: wk@g10code.com
 # Pass the annobin flags to the libgcrypt.so (#2016349)
 Patch1: libgcrypt-1.10.1-annobin.patch
+# https://dev.gnupg.org/T5919
+# tests occasionally fail with "error generating RSA key: Number is not prime"
+# https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=cd30ed3c0
+Patch2: 0001-cipher-Change-the-bounds-for-RSA-key-generation-roun.patch

 %global gcrylibdir %{_libdir}
 %global gcrysoname libgcrypt.so.20
@ -58,6 +62,7 @@ applications using libgcrypt.
 %prep
 %setup -q
 %patch1 -p1
+%patch2 -p1

 %build
 # This package has a configure test which uses ASMs, but does not link the
@ -177,6 +182,7 @@ mkdir -p -m 755 $RPM_BUILD_ROOT/etc/gcrypt
 %changelog
 * Tue Nov 08 2022 Todd Zullinger <tmz@pobox.com> - 1.10.1-5
 - enable brainpool by default (#1413618)
+- fix sporadic failures generating RSA keys in FIPS mode

 * Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild