rpms/libgcrypt
5
0
Fork 0
Code Issues Pull Requests Releases Activity

libgcrypt-1.9.3-1

Browse Source
This commit is contained in:
Jakub Jelen 2021-04-20 11:35:10 +02:00
parent a8c423ec7b
commit e8a3eea434
5 changed files with 349 additions and 317 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hobble-libgcrypt
View File

@ -9,3 +9,4 @@ set -e -x
rm -f cipher/ecc-curves.c
rm -f tests/curves.c
rm -f tests/t-mpi-point.c
rm -f tests/keygrip.c

341
keygrip.c Normal file
View File

@ -0,0 +1,341 @@
/* keygrip.c - verifies that keygrips are calculated as expected
* Copyright (C) 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <assert.h>
#define PGM "keygrip"
#include "t-common.h"
static int repetitions;
static void
print_hex (const char *text, const void *buf, size_t n)
{
const unsigned char *p = buf;
fputs (text, stdout);
for (; n; n--, p++)
printf ("%02X", *p);
putchar ('\n');
}
static struct
{
int algo;
const char *key;
const unsigned char grip[20];
} key_grips[] =
{
{
GCRY_PK_RSA,
"(private-key"
" (rsa"
" (n #00B6B509596A9ECABC939212F891E656A626BA07DA8521A9CAD4C08E640C04052FBB87F424EF1A0275A48A9299AC9DB69ABE3D0124E6C756B1F7DFB9B842D6251AEA6EE85390495CADA73D671537FCE5850A932F32BAB60AB1AC1F852C1F83C625E7A7D70CDA9EF16D5C8E47739D77DF59261ABE8454807FF441E143FBD37F8545#)"
" (e #010001#)"
" (d #077AD3DE284245F4806A1B82B79E616FBDE821C82D691A65665E57B5FAD3F34E67F401E7BD2E28699E89D9C496CF821945AE83AC7A1231176A196BA6027E77D85789055D50404A7A2A95B1512F91F190BBAEF730ED550D227D512F89C0CDB31AC06FA9A19503DDF6B66D0B42B9691BFD6140EC1720FFC48AE00C34796DC899E5#)"
" (p #00D586C78E5F1B4BF2E7CD7A04CA091911706F19788B93E44EE20AAF462E8363E98A72253ED845CCBF2481BB351E8557C85BCFFF0DABDBFF8E26A79A0938096F27#)"
" (q #00DB0CDF60F26F2A296C88D6BF9F8E5BE45C0DDD713C96CC73EBCB48B061740943F21D2A93D6E42A7211E7F02A95DCED6C390A67AD21ECF739AE8A0CA46FF2EBB3#)"
" (u #33149195F16912DB20A48D020DBC3B9E3881B39D722BF79378F6340F43148A6E9FC5F53E2853B7387BA4443BA53A52FCA8173DE6E85B42F9783D4A7817D0680B#)))",
"\x32\xCF\xFA\x85\xB1\x79\x1F\xBB\x26\x14\xE9\x1A\xFD\xF3\xAF\xE3\x32\x08\x2E\x25"
},
{
GCRY_PK_DSA,
" (public-key"
" (dsa"
" (p #0084E4C626E16005770BD9509ABF7354492E85B8C0060EFAAAEC617F725B592FAA59DF5460575F41022776A9718CE62EDD542AB73C7720869EBDBC834D174ADCD7136827DF51E2613545A25CA573BC502A61B809000B6E35F5EB7FD6F18C35678C23EA1C3638FB9CFDBA2800EE1B62F41A4479DE824F2834666FBF8DC5B53C2617#)"
" (q #00B0E6F710051002A9F425D98A677B18E0E5B038AB#)"
" (g #44370CEE0FE8609994183DBFEBA7EEA97D466838BCF65EFF506E35616DA93FA4E572A2F08886B74977BC00CA8CD3DBEA7AEB7DB8CBB180E6975E0D2CA76E023E6DE9F8CCD8826EBA2F72B8516532F6001DEFFAE76AA5E59E0FA33DBA3999B4E92D1703098CDEDCC416CF008801964084CDE1980132B2B78CB4CE9C15A559528B#)"
" (y #3D5DD14AFA2BF24A791E285B90232213D0E3BA74AB1109E768AED19639A322F84BB7D959E2BA92EF73DE4C7F381AA9F4053CFA3CD4527EF9043E304E5B95ED0A3A5A9D590AA641C13DB2B6E32B9B964A6A2C730DD3EA7C8E13F7A140AFF1A91CE375E9B9B960384779DC4EA180FA1F827C52288F366C0770A220F50D6D8FD6F6#)))",
"\x04\xA3\x4F\xA0\x2B\x03\x94\xD7\x32\xAD\xD5\x9B\x50\xAF\xDB\x5D\x57\x22\xA6\x10"
},
{
GCRY_PK_DSA,
"(private-key"
" (dsa"
" (p #0084E4C626E16005770BD9509ABF7354492E85B8C0060EFAAAEC617F725B592FAA59DF5460575F41022776A9718CE62EDD542AB73C7720869EBDBC834D174ADCD7136827DF51E2613545A25CA573BC502A61B809000B6E35F5EB7FD6F18C35678C23EA1C3638FB9CFDBA2800EE1B62F41A4479DE824F2834666FBF8DC5B53C2617#)"
" (q #00B0E6F710051002A9F425D98A677B18E0E5B038AB#)"
" (g #44370CEE0FE8609994183DBFEBA7EEA97D466838BCF65EFF506E35616DA93FA4E572A2F08886B74977BC00CA8CD3DBEA7AEB7DB8CBB180E6975E0D2CA76E023E6DE9F8CCD8826EBA2F72B8516532F6001DEFFAE76AA5E59E0FA33DBA3999B4E92D1703098CDEDCC416CF008801964084CDE1980132B2B78CB4CE9C15A559528B#)"
" (y #3D5DD14AFA2BF24A791E285B90232213D0E3BA74AB1109E768AED19639A322F84BB7D959E2BA92EF73DE4C7F381AA9F4053CFA3CD4527EF9043E304E5B95ED0A3A5A9D590AA641C13DB2B6E32B9B964A6A2C730DD3EA7C8E13F7A140AFF1A91CE375E9B9B960384779DC4EA180FA1F827C52288F366C0770A220F50D6D8FD6F6#)"
" (x #0087F9E91BFBCC1163DE71ED86D557708E32F8ADDE#)))",
"\x04\xA3\x4F\xA0\x2B\x03\x94\xD7\x32\xAD\xD5\x9B\x50\xAF\xDB\x5D\x57\x22\xA6\x10"
},
{
GCRY_PK_ECDSA,
"(public-key"
" (ecdsa(flags param)"
" (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)"
" (a #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC#)"
" (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)"
" (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)"
" (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)"
" (h #000000000000000000000000000000000000000000000000000000000000000001#)"
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
{
GCRY_PK_ECDSA,
"(public-key"
" (ecdsa(flags param)"
" (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)"
" (curve \"NIST P-256\")"
" (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)"
" (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)"
" (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)"
" (h #000000000000000000000000000000000000000000000000000000000000000001#)"
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
{
GCRY_PK_ECDSA,
"(public-key"
" (ecdsa"
" (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)"
" (curve \"NIST P-256\")"
" (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)"
" (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)"
" (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)"
" (h #000000000000000000000000000000000000000000000000000000000000000001#)"
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
{
GCRY_PK_ECDSA,
"(public-key"
" (ecdsa"
" (curve secp256r1)"
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
{
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve secp256r1)"
" (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))",
"\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6"
},
{ /* Ed25519 standard */
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve Ed25519)"
" (q #04"
" 1CC662926E7EFF4982B7FB8B928E61CD74CCDD85277CC57196C3AD20B611085F"
" 47BD24842905C049257673B3F5249524E0A41FAA17B25B818D0F97E625F1A1D0#)"
" ))",
"\x0C\xCA\xB2\xFD\x48\x9A\x33\x40\x2C\xE8"
"\xE0\x4A\x1F\xB2\x45\xEA\x80\x3D\x0A\xF1"
},
{ /* Ed25519+EdDSA */
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve Ed25519)(flags eddsa)"
" (q #773E72848C1FD5F9652B29E2E7AF79571A04990E96F2016BF4E0EC1890C2B7DB#)"
" ))",
"\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70"
"\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47"
},
{ /* Ed25519+EdDSA (with compression prefix) */
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve Ed25519)(flags eddsa)"
" (q #40"
" 773E72848C1FD5F9652B29E2E7AF79571A04990E96F2016BF4E0EC1890C2B7DB#)"
" ))",
"\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70"
"\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47"
},
{ /* Ed25519+EdDSA (same but uncompressed)*/
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve Ed25519)(flags eddsa)"
" (q #04"
" 629ad237d1ed04dcd4abe1711dd699a1cf51b1584c4de7a4ef8b8a640180b26f"
" 5bb7c29018ece0f46b01f2960e99041a5779afe7e2292b65f9d51f8c84723e77#)"
" ))",
"\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70"
"\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47"
},
{ /* Cv25519 */
GCRY_PK_ECC,
"(public-key"
" (ecc"
" (curve Curve25519)(flags djb-tweak)"
" (q #40"
" 918C1733127F6BF2646FAE3D081A18AE77111C903B906310B077505EFFF12740#)"
" ))",
"\x0F\x89\xA5\x65\xD3\xEA\x18\x7C\xE8\x39"
"\x33\x23\x98\xF5\xD4\x80\x67\x7D\xF4\x9C"
},
{ /* Random key */
GCRY_PK_RSA,
"(shadowed-private-key"
" (rsa"
" (n #00B493C79928398DA9D99AC0E949FE6EB62F683CB974FFFBFBC01066F5C9A89B"
" D3DC48EAD7C65F36EA943C2B2C865C26C4884FF9EDFDA8C99C855B737D77EEF6"
" B85DBC0CCEC0E900C1F89A6893A2A93E8B31028469B6927CEB2F08687E547C68"
" 6B0A2F7E50A194FF7AB7637E03DE0912EF7F6E5F1EC37625BD1620CCC2E7A564"
" 31E168CDAFBD1D9E61AE47A69A6FA03EF22F844528A710B2392F262B95A3078C"
" F321DC8325F92A5691EF69F34FD0DE0B22C79D29DC87723FCADE463829E8E5F7"
" D196D73D6C9C180F6A6A0DDBF7B9D8F7FA293C36163B12199EF6A1A95CAE4051"
" E3069C522CC6C4A7110F663A5DAD20F66C13A1674D050088208FAE4F33B3AB51"
" 03#)"
" (e #00010001#)"
" (shadowed t1-v1"
" (#D2760001240102000005000123350000# OPENPGP.1)"
")))",
"\xE5\x6E\xE6\xEE\x5A\x2F\xDC\x3E\x98\x9D"
"\xFE\x49\xDA\xF5\x67\x43\xE3\x27\x28\x33"
}
};
static void
check (void)
{
unsigned char buf[20];
unsigned char *ret;
gcry_error_t err;
gcry_sexp_t sexp;
unsigned int i;
int repn;
for (i = 0; i < (sizeof (key_grips) / sizeof (*key_grips)); i++)
{
if (gcry_pk_test_algo (key_grips[i].algo))
{
if (verbose)
fprintf (stderr, "algo %d not available; test skipped\n",
key_grips[i].algo);
continue;
}
err = gcry_sexp_sscan (&sexp, NULL, key_grips[i].key,
strlen (key_grips[i].key));
if (err)
die ("scanning data %d failed: %s\n", i, gpg_strerror (err));
if (debug)
info ("check(%d): s-exp='%s'\n", i, key_grips[i].key);
for (repn=0; repn < repetitions; repn++)
{
ret = gcry_pk_get_keygrip (sexp, buf);
if (!ret)
die ("gcry_pk_get_keygrip failed for %d\n", i);
if ( memcmp (key_grips[i].grip, buf, sizeof (buf)) )
{
print_hex ("keygrip: ", buf, sizeof buf);
die ("keygrip for %d does not match\n", i);
}
else if (debug && !repn)
print_hex ("keygrip: ", buf, sizeof buf);
}
gcry_sexp_release (sexp);
}
}
static void
progress_handler (void *cb_data, const char *what, int printchar,
int current, int total)
{
(void)cb_data;
(void)what;
(void)current;
(void)total;
putchar (printchar);
}
int
main (int argc, char **argv)
{
int last_argc = -1;
if (argc)
{ argc--; argv++; }
while (argc && last_argc != argc )
{
last_argc = argc;
if (!strcmp (*argv, "--"))
{
argc--; argv++;
break;
}
else if (!strcmp (*argv, "--verbose"))
{
verbose = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--debug"))
{
verbose = 1;
debug = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--repetitions"))
{
argc--; argv++;
if (argc)
{
repetitions = atoi(*argv);
argc--; argv++;
}
}
}
if (repetitions < 1)
repetitions = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
gcry_set_progress_handler (progress_handler, NULL);
xgcry_control ((GCRYCTL_DISABLE_SECMEM, 0));
xgcry_control ((GCRYCTL_INITIALIZATION_FINISHED, 0));
if (debug)
xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u, 0));
check ();
return 0;
}

55
libgcrypt-1.9.2-coverity.patch
View File

@ -1,55 +0,0 @@
commit a8d6c6c1b258548260748eefba0532fd35c8ce47
Author: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu Apr 15 16:08:24 2021 +0900
cipher: Fix memory leaks for EdDSA.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Free the point Q.
(_gcry_ecc_eddsa_verify): Avoid memory leaks for points and MPIs.
--
GnuPG-bug-id: 5385
Co-authored-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index 2a1a8907..8b32545a 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -641,7 +641,10 @@ _gcry_ecc_eddsa_genkey (mpi_ec_t ec, int flags)
ec->d = _gcry_mpi_set_opaque (NULL, dbuf, dlen*8);
rc = _gcry_ecc_eddsa_compute_h_d (&hash_d, ec);
if (rc)
- goto leave;
+ {
+ point_free (&Q);
+ goto leave;
+ }
_gcry_mpi_set_buffer (a, hash_d, b, 0);
xfree (hash_d);
@@ -991,11 +994,6 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, mpi_ec_t ec,
if (!mpi_is_opaque (input) || !mpi_is_opaque (r_in) || !mpi_is_opaque (s_in))
return GPG_ERR_INV_DATA;
- point_init (&Ia);
- point_init (&Ib);
- h = mpi_new (0);
- s = mpi_new (0);
-
b = (ec->nbits+7)/8;
if (ec->nbits == 255)
@@ -1005,6 +1003,11 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, mpi_ec_t ec,
else
return GPG_ERR_NOT_IMPLEMENTED;
+ point_init (&Ia);
+ point_init (&Ib);
+ h = mpi_new (0);
+ s = mpi_new (0);
+
/* Encode and check the public key. */
rc = _gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, 0,
&encpk, &encpklen);

253
libgcrypt-1.9.2-s390x-ocb.patch
View File

@ -1,253 +0,0 @@
From 56da81ac47209dc41af08a129f5e0c15538261b2 Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Thu, 25 Mar 2021 19:33:44 +0200
Subject: [PATCH 1/3] tests/basic: add decryption check to
check_ocb_cipher_checksum
* tests/basic.c (check_ocb_cipher_checksum): Add decryption.
--
GnuPG-bug-id: T5356
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
tests/basic.c | 32 +++++++++++++++++++++++++++++++-
1 file changed, 31 insertions(+), 1 deletion(-)
diff --git a/tests/basic.c b/tests/basic.c
index 9a7e33cc..b39b901a 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -6800,9 +6800,10 @@ check_ocb_cipher_checksum (int algo, int keylen)
const size_t buflen = 128 * 16;
unsigned char *inbuf, *outbuf;
gpg_error_t err = 0;
- gcry_cipher_hd_t hde, hde2;
+ gcry_cipher_hd_t hde, hde2, hdd;
unsigned char tag[16];
unsigned char tag2[16];
+ unsigned char tag3[16];
int i;
inbuf = xmalloc(buflen);
@@ -6833,6 +6834,8 @@ check_ocb_cipher_checksum (int algo, int keylen)
err = gcry_cipher_open (&hde, algo, GCRY_CIPHER_MODE_OCB, 0);
if (!err)
err = gcry_cipher_open (&hde2, algo, GCRY_CIPHER_MODE_OCB, 0);
+ if (!err)
+ err = gcry_cipher_open (&hdd, algo, GCRY_CIPHER_MODE_OCB, 0);
if (err)
{
fail ("cipher-ocb, gcry_cipher_open failed (checksum, algo %d): %s\n",
@@ -6843,24 +6846,30 @@ check_ocb_cipher_checksum (int algo, int keylen)
err = gcry_cipher_setkey (hde, key, keylen);
if (!err)
err = gcry_cipher_setkey (hde2, key, keylen);
+ if (!err)
+ err = gcry_cipher_setkey (hdd, key, keylen);
if (err)
{
fail ("cipher-ocb, gcry_cipher_setkey failed (checksum, algo %d): %s\n",
algo, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hde2);
+ gcry_cipher_close (hdd);
goto out_free;
}
err = gcry_cipher_setiv (hde, nonce, 12);
if (!err)
err = gcry_cipher_setiv (hde2, nonce, 12);
+ if (!err)
+ err = gcry_cipher_setiv (hdd, nonce, 12);
if (err)
{
fail ("cipher-ocb, gcry_cipher_setiv failed (checksum, algo %d): %s\n",
algo, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hde2);
+ gcry_cipher_close (hdd);
goto out_free;
}
@@ -6876,6 +6885,14 @@ check_ocb_cipher_checksum (int algo, int keylen)
if (!err)
err = gcry_cipher_encrypt (hde2, outbuf + i, 16, inbuf + i, 16);
}
+ if (!err)
+ {
+ err = gcry_cipher_final (hdd);
+ }
+ if (!err)
+ {
+ err = gcry_cipher_decrypt (hdd, outbuf, buflen, outbuf, buflen);
+ }
if (err)
{
@@ -6883,6 +6900,7 @@ check_ocb_cipher_checksum (int algo, int keylen)
algo, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hde2);
+ gcry_cipher_close (hdd);
goto out_free;
}
@@ -6899,14 +6917,26 @@ check_ocb_cipher_checksum (int algo, int keylen)
fail ("cipher_ocb, gcry_cipher_gettag failed (checksum2, algo %d): %s\n",
algo, gpg_strerror (err));
}
+ err = gcry_cipher_gettag (hdd, tag3, 16);
+ if (err)
+ {
+ fail ("cipher_ocb, gcry_cipher_gettag failed (checksum3, algo %d): %s\n",
+ algo, gpg_strerror (err));
+ }
if (memcmp (tag, tag2, 16))
{
mismatch (tag, 16, tag2, 16);
fail ("cipher-ocb, encrypt tag mismatch (checksum, algo %d)\n", algo);
}
+ if (memcmp (tag, tag3, 16))
+ {
+ mismatch (tag, 16, tag3, 16);
+ fail ("cipher-ocb, decrypt tag mismatch (checksum, algo %d)\n", algo);
+ }
gcry_cipher_close (hde);
gcry_cipher_close (hde2);
+ gcry_cipher_close (hdd);
out_free:
xfree(inbuf);
--
2.27.0
From 21c273cecfd58408b8d3287f5bc8c246c3010313 Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Thu, 25 Mar 2021 19:43:41 +0200
Subject: [PATCH 2/3] tests/basic: OCB large buffer check: make input buffer
non-repeatable
* tests/basic.c (check_ocb_cipher_largebuf_split): Use SHA1 to
initialize input buffer.
(check_ocb_cipher): Update largebuf test vectors.
--
GnuPG-bug-id: T5356
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
tests/basic.c | 36 +++++++++++++++++++++++-------------
1 file changed, 23 insertions(+), 13 deletions(-)
diff --git a/tests/basic.c b/tests/basic.c
index b39b901a..f9ada8ef 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -6630,8 +6630,18 @@ check_ocb_cipher_largebuf_split (int algo, int keylen, const char *tagexpect,
return;
}
- for (i = 0; i < buflen; i++)
- inbuf[i] = (unsigned int)(i + 181081) * 5039U;
+ for (i = 0; i < buflen; i += 16)
+ {
+ unsigned char hash[20];
+ unsigned char ctr[4];
+
+ ctr[0] = (i >> 0) & 0xff;
+ ctr[1] = (i >> 8) & 0xff;
+ ctr[2] = (i >> 16) & 0xff;
+ ctr[3] = (i >> 24) & 0xff;
+ gcry_md_hash_buffer (GCRY_MD_SHA1, hash, ctr, sizeof(ctr));
+ memcpy(inbuf + i, hash, 16);
+ }
err = gcry_cipher_open (&hde, algo, GCRY_CIPHER_MODE_OCB, 0);
if (!err)
@@ -7200,27 +7210,27 @@ check_ocb_cipher (void)
/* Check large buffer encryption/decryption. */
check_ocb_cipher_largebuf(GCRY_CIPHER_AES, 16,
- "\xc1\x5b\xf1\x80\xa4\xd5\xea\xfd\xae\x17\xa6\xcd\x6b\x10\xa8\xea");
+ "\x4a\x00\x7f\x8d\xbe\x38\x32\x48\xb2\x2f\x7f\x27\xd8\x15\x7f\xb0");
check_ocb_cipher_largebuf(GCRY_CIPHER_AES256, 32,
- "\x2b\xb7\x25\x6b\x77\xc7\xfb\x21\x5c\xc9\x6c\x36\x17\x1a\x1a\xd5");
+ "\xec\xc5\xe9\x2b\x24\x91\xba\x64\xbc\xe3\x62\xb6\x83\x20\xad\xbd");
check_ocb_cipher_largebuf(GCRY_CIPHER_CAMELLIA128, 16,
- "\xe0\xae\x3f\x29\x3a\xee\xd8\xe3\xf2\x20\xc1\xa2\xd8\x72\x12\xd9");
+ "\xd5\xbd\x76\xec\x75\x4a\xab\x6c\x13\xec\x87\x95\x11\xd4\xf0\x3d");
check_ocb_cipher_largebuf(GCRY_CIPHER_CAMELLIA192, 24,
- "\xd7\x98\x71\xcf\x19\x5c\xa3\x3d\x6c\xfc\xc9\xbe\x9f\x13\x6b\xbd");
+ "\xde\xdd\x6b\xbf\xce\x15\x01\x39\x7c\xc5\x69\x19\x72\xa2\x67\x23");
check_ocb_cipher_largebuf(GCRY_CIPHER_CAMELLIA256, 32,
- "\x03\xf6\xec\x1a\x0e\xae\x66\x24\x2b\xba\x26\x0f\xb3\xb3\x1f\xb9");
+ "\x0c\xf3\xd5\x82\x20\x73\xee\x0f\xbd\x6b\x32\x38\xf9\x10\xef\xe5");
check_ocb_cipher_largebuf(GCRY_CIPHER_TWOFISH, 16,
- "\x1c\xf9\xc7\xfc\x3a\x32\xac\xc7\x5e\x0a\xc2\x5c\x90\xd6\xf6\xf9");
+ "\x54\x87\x68\xb6\x17\xe6\xd7\xa6\x76\x0d\x7e\x9f\x57\x8b\xec\x88");
check_ocb_cipher_largebuf(GCRY_CIPHER_TWOFISH, 32,
- "\x53\x02\xc8\x0d\x4e\x9a\x44\x9e\x43\xd4\xaa\x06\x30\x93\xcc\x16");
+ "\x0b\xc3\x93\x52\xfa\x97\x22\xe6\x88\x6e\x29\x4d\x77\x35\x48\x84");
check_ocb_cipher_largebuf(GCRY_CIPHER_SERPENT128, 16,
- "\xd3\x64\xac\x40\x48\x88\x77\xe2\x41\x26\x4c\xde\x21\x29\x21\x8d");
+ "\x7e\x49\x3b\xd6\xde\x6e\x9e\x53\x67\xcd\x00\xad\xc9\xd9\xa5\xbc");
check_ocb_cipher_largebuf(GCRY_CIPHER_SERPENT192, 24,
- "\x99\xeb\x35\xb0\x62\x4e\x7b\xf1\x5e\x9f\xed\x32\x78\x90\x0b\xd0");
+ "\x1e\x33\x0e\x06\xc8\x27\x6a\x0b\x41\x5e\x93\xae\x39\xf4\x50\x12");
check_ocb_cipher_largebuf(GCRY_CIPHER_SERPENT256, 32,
- "\x71\x66\x2f\x68\xbf\xdd\xcc\xb1\xbf\x81\x56\x5f\x01\x73\xeb\x44");
+ "\x6b\x4c\x3f\x8f\x77\x75\xf2\x4d\xaf\xde\x2c\x5f\x1a\x80\xb8\x4d");
check_ocb_cipher_largebuf(GCRY_CIPHER_SM4, 16,
- "\x2c\x0b\x31\x0b\xf4\x71\x9b\x01\xf4\x18\x5d\xf1\xe9\x3d\xed\x6b");
+ "\x3c\x32\x54\x5d\xc5\x17\xa1\x16\x3f\x8e\xc7\x1d\x8d\x8b\x2d\xb0");
/* Check that the AAD data is correctly buffered. */
check_ocb_cipher_splitaad ();
--
2.27.0
From 68bb0ddc5504c9c0f3f52259a4085bb2fc1a02ad Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Thu, 25 Mar 2021 19:52:23 +0200
Subject: [PATCH 3/3] rijndael-s390x: fix checksum calculation in OCB
decryption
* cipher/rijndael-s390x.c (aes_s390x_ocb_dec): Calculate checksum
after decryption instead of inlining.
--
OCB decryption was missing checksum inlining in 64 block loop.
GnuPG-bug-id: T5356
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
cipher/rijndael-s390x.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/cipher/rijndael-s390x.c b/cipher/rijndael-s390x.c
index aea65c5a..c3da9fb2 100644
--- a/cipher/rijndael-s390x.c
+++ b/cipher/rijndael-s390x.c
@@ -777,9 +777,7 @@ aes_s390x_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
OCB_INPUT_4((n) + 12);
#define OCB_OUTPUT(n) \
- cipher_block_xor_1 (&blocks[n], outbuf + (n) * BLOCKSIZE, BLOCKSIZE); \
- cipher_block_xor_1 (c->u_ctr.ctr, &blocks[n], BLOCKSIZE); \
- cipher_block_cpy (outbuf + (n) * BLOCKSIZE, &blocks[n], BLOCKSIZE);
+ cipher_block_xor_1 (outbuf + (n) * BLOCKSIZE, &blocks[n], BLOCKSIZE);
#define OCB_OUTPUT_4(n) \
OCB_OUTPUT((n) + 0); OCB_OUTPUT((n) + 1); OCB_OUTPUT((n) + 2); \
@@ -895,6 +893,8 @@ aes_s390x_ocb_dec (gcry_cipher_hd_t c, void *outbuf_arg,
if (max_blocks_used)
wipememory (&blocks, max_blocks_used * BLOCKSIZE);
+ aes_s390x_ocb_checksum (c->u_ctr.ctr, outbuf_arg, nblocks_arg);
+
return 0;
}
--
2.27.0

16
libgcrypt.spec
View File

@ -1,6 +1,6 @@
Name: libgcrypt
Version: 1.9.2
Release: 3%{?dist}
Version: 1.9.3
Release: 1%{?dist}
URL: https://www.gnupg.org/
Source0: libgcrypt-%{version}-hobbled.tar.xz
# The original libgcrypt sources now contain potentially patented ECC
@ -19,6 +19,7 @@ Source4: ecc-curves.c
Source5: curves.c
Source6: t-mpi-point.c
Source7: random.conf
Source8: keygrip.c
# make FIPS hmac compatible with fipscheck - non upstreamable
# update on soname bump
Patch2: libgcrypt-1.8.5-use-fipscheck.patch
@ -44,10 +45,6 @@ Patch26: libgcrypt-1.8.3-fips-enttest.patch
Patch27: libgcrypt-1.8.3-md-fips-enforce.patch
# FIPS module is redefined a little bit (implicit by kernel FIPS mode)
Patch30: libgcrypt-1.8.5-fips-module.patch
# Unbreak gnupg2 build on s390x: https://dev.gnupg.org/T5356
Patch31: libgcrypt-1.9.2-s390x-ocb.patch
# Coverity reported issues https://dev.gnupg.org/T5385
Patch32: libgcrypt-1.9.2-coverity.patch
%global gcrylibdir %{_libdir}
%global gcrysoname libgcrypt.so.20
@ -96,11 +93,9 @@ applications using libgcrypt.
%patch26 -p1 -b .fips-enttest
%patch27 -p1 -b .fips-enforce
%patch30 -p1 -b .fips-module
%patch31 -p1 -b .s390x-ocb
%patch32 -p1 -b .coverity
cp %{SOURCE4} cipher/
cp %{SOURCE5} %{SOURCE6} tests/
cp %{SOURCE5} %{SOURCE6} %{SOURCE8} tests/
%build
# This package has a configure test which uses ASMs, but does not link the
@ -207,6 +202,9 @@ install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/gcrypt/random.conf
%license COPYING
%changelog
* Tue Apr 20 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.3-1
- New upstream release (#1951325)
* Thu Apr 15 2021 Jakub Jelen <jjelen@redhat.com> - 1.9.2-3
- Fix issues reported by coverity