Commit Graph

183 Commits

Author SHA1 Message Date
Tomas Mraz
31bc02d1fa new upstream version 1.8.6 2020-07-20 16:41:19 +02:00
Tomas Mraz
0a37c41ff7 use the hmac256 tool to calculate the library hmac 2020-07-01 13:49:13 +02:00
Jeff Law
5cbca409ee Disable LTO. 2020-06-30 13:42:31 -06:00
Tomas Mraz
4b43d13b58 Revert "Temporary hack to workaround fipshmac incompatibility"
This reverts commit 26769c9e86.
2020-04-23 15:31:46 +02:00
Tomas Mraz
26769c9e86 Temporary hack to workaround fipshmac incompatibility 2020-04-23 13:13:57 +02:00
Tomas Mraz
a51c9f8187 Fix regression - missing -ldl linkage 2020-04-23 10:22:16 +02:00
Tomas Mraz
618a71d4e9 AES performance improvements backported from master branch 2020-04-22 19:00:26 +02:00
Tomas Mraz
d7ce942d74 FIPS selftest is run directly from the constructor
FIPS module is implicit with kernel FIPS flag
2020-04-20 19:36:34 +02:00
Tomas Mraz
95e0a34ad5 fix the build on ARMv7 2020-01-30 17:29:55 +01:00
Fedora Release Engineering
e6a86d0e91 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-29 09:11:09 +00:00
Tomas Mraz
8c18517a25 Intel CET support by H. J. Lu 2020-01-23 15:47:41 +01:00
Tomas Mraz
402a3b5f2e new upstream version 1.8.5
add CMAC selftest for FIPS POST
add continuous FIPS entropy test
disable non-approved FIPS hashes in the enforced FIPS mode
2019-09-03 14:12:27 +02:00
Fedora Release Engineering
24a8b93dca - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-25 13:18:59 +00:00
Tomas Mraz
3b24cd465f fix the build tests to pass in the FIPS mode 2019-02-12 14:37:45 +01:00
Fedora Release Engineering
1bdd0f0858 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-02-01 07:11:04 +00:00
Igor Gnatenko
31f411aab3 Remove obsolete Group tag
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
2019-01-28 20:24:11 +01:00
Igor Gnatenko
2aacaf900f
Remove obsolete scriptlets
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-01-27 19:05:26 +01:00
Igor Gnatenko
736889c246
Remove obsolete ldconfig scriptlets
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-01-22 18:39:43 +01:00
Tomas Mraz
abc0e95a20 new upstream version 1.8.4 2018-11-20 16:22:10 +01:00
Fedora Release Engineering
66ba0d50ee - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-13 08:08:04 +00:00
Tomas Mraz
6b6d4b0dbd Improve situation with libgcrypt blocking when getting kernel entropy on boot
make only_urandom a default in non-presence of configuration file
run the full FIPS selftests only when the library is called from
  application
2018-07-12 15:45:03 +02:00
Jason Tibbitts
1aa209e7a1 Remove needless use of %defattr 2018-07-10 01:39:53 -05:00
Tomas Mraz
297f7867bf new upstream version 1.8.3 2018-06-14 16:33:23 +02:00
Tomas Mraz
088a628978 Add gcc to BuildRequires 2018-02-21 15:08:25 +01:00
Tomas Mraz
e4efa24217 fix behavior when getrandom syscall is not present (#1542453) 2018-02-06 16:37:17 +01:00
Tomas Mraz
ff389a60e8 new upstream version 1.8.2 2017-12-21 11:31:50 +01:00
Tomas Mraz
ed535bbc52 do not try to access() /dev/urandom either if getrandom() works 2017-12-05 11:54:01 +01:00
Tomas Mraz
e16cfed1d6 do not try to open /dev/urandom if getrandom() works (#1380866) 2017-12-04 09:53:29 +01:00
Tomas Mraz
66671a43b4 new upstream version 1.8.1 2017-09-05 14:35:26 +02:00
Tomas Mraz
6c13b08816 Fix the t-secmem on PPC64 2017-08-16 15:15:51 +02:00
Tomas Mraz
0c8865f0b9 new upstream version 1.8.0 2017-08-16 10:55:16 +02:00
Fedora Release Engineering
2f0819346c - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 01:29:36 +00:00
Fedora Release Engineering
7518a93c42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 18:52:56 +00:00
Tomas Mraz
0b4ad5ed69 new upstream version 1.7.8 2017-06-29 11:17:10 +02:00
Tomas Mraz
0a0dd31666 new upstream version 1.7.7
GOST is now enabled
2017-06-02 15:58:46 +02:00
Fedora Release Engineering
396c70cd7a - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 18:41:27 +00:00
Tomas Mraz
1c953f2503 new upstream version 1.7.6 2017-01-30 18:05:13 +01:00
Tomas Mraz
0aa4874598 new upstream version 1.7.5 2016-12-16 16:12:33 +01:00
Tomas Mraz
2c8c02279a new upstream version 1.7.3 2016-11-23 09:59:17 +01:00
Tomas Mraz
055651971a new upstream version with important security fix (CVE-2016-6316) 2016-08-17 22:45:22 +02:00
Tomas Mraz
8edb81fb56 Update the leak patch. 2016-07-21 11:23:26 +02:00
Tomas Mraz
69a497f079 new upstream version fixing low impact issue CVE-2015-7511 2016-07-21 10:59:48 +02:00
Dennis Gilmore
8ac557bc57 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 03:11:35 +00:00
Tomas Mraz
4ae7a5a6ff new upstream version 2015-09-09 16:35:09 +02:00
Dennis Gilmore
f2b1f203bc - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 15:18:45 +00:00
Tomas Mraz
ab1d80feb6 deinitialize the RNG after the selftest is run 2015-04-03 16:47:34 +02:00
Tomas Mraz
376991d05a Two selftest bug fixes.
- touch only urandom in the selftest and when /dev/random is
  unavailable for example by SELinux confinement
- fix the RSA selftest key (p q swap) (#1204517)
2015-03-24 09:57:39 +01:00
Tomas Mraz
f56a95f03b do not use strict aliasing for bufhelp functions (#1201219) 2015-03-13 15:07:21 +01:00
Tomas Mraz
69ded97bb9 new upstream version 2015-03-06 17:30:30 +01:00
Tomas Mraz
eea2829999 do not initialize secure memory during the selftest (#1195850) 2015-02-25 14:22:30 +01:00
Till Maas
e731723f38 Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
2015-02-21 22:16:54 +01:00
Tomas Mraz
6898eaa051 fix buildability of programs using gcrypt.h with -ansi (#1182200) 2015-01-14 17:02:08 +01:00
Tomas Mraz
040c39b7c3 new upstream version 2014-12-08 17:29:08 +01:00
Peter Robinson
7dc558c93f - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 03:24:07 +00:00
Tom Callaway
4b3e944276 fix license handling 2014-07-17 14:40:00 -04:00
Dennis Gilmore
147485e2a2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-06 22:26:35 -05:00
Kyle McMartin
45283d138c Re-enable below algos, apply patch from upstream list to make that code -fPIC friendly. (rhbz#1069792) 2014-05-22 13:28:35 -04:00
Kyle McMartin
4df13ba77f disable rijndael, cast5, camellia ARM assembly
as it's non-PIC as presently written, which results in .text relocations
in the shared library.

Resolves: rhbz#1069792
2014-05-19 16:57:04 -04:00
Tomas Mraz
85a7dd9dad drop the temporary compat shared library version
- fix the soname version in -use-fipscheck.patch
2014-04-24 16:41:24 +02:00
Tomas Mraz
247b2115d1 new upstream version breaking ABI compatibility
- this release temporarily includes old compatibility .so
2014-02-28 16:32:41 +01:00
Tomas Mraz
1e4987983a Fix bogus dates in changelog 2014-01-21 16:11:17 +01:00
Tomas Mraz
1725d42356 add back the nistp521r1 EC curve
- fix a bug in the Whirlpool hash implementation
- speed up the PBKDF2 computation
2014-01-21 16:05:07 +01:00
Tom Callaway
5eab7fdca5 add cleared ECC support 2013-10-21 17:50:29 +01:00
Tomas Mraz
0551bce381 new upstream version fixing cache side-channel attack on RSA private keys 2013-07-26 14:27:50 +02:00
Tomas Mraz
03c131f7fa silence false error detected by valgrind (#968288) 2013-06-20 11:51:19 +02:00
Tomas Mraz
b5413f756a silence strict aliasing warning in Rijndael
- apply UsrMove
- spec file cleanups
2013-04-25 21:59:33 +02:00
Tomas Mraz
771f7f2ed7 new upstream version 2013-04-19 10:34:04 +02:00
Tomas Mraz
d7bb823f85 AUTHORS file is now UTF-8 upstream. 2013-03-20 19:34:46 +01:00
Tomas Mraz
1aafe14181 new upstream version 2013-03-20 16:38:05 +01:00
Tomas Mraz
6fb8d4d1e6 use poll() instead of select() when gathering randomness (#913773) 2013-03-05 14:27:20 +01:00
Dennis Gilmore
8df0581f5a - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild 2013-02-13 22:22:29 -06:00
Tomas Mraz
02a80de472 allow empty passphrase in PBKDF2 needed for cryptsetup (=891266) 2013-01-03 14:54:02 +01:00
Tomas Mraz
07b385d5db And also apply the patch. 2012-12-03 16:45:37 +01:00
Tomas Mraz
c907a55cb5 fix minor memory leaks and other bugs found by Coverity scan 2012-12-03 15:43:32 +01:00
Tomas Mraz
d630de2f61 fix multilib conflict in libgcrypt-config 2012-12-03 13:44:00 +01:00
Dennis Gilmore
f98619e858 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-19 14:49:18 -05:00
Tomas Mraz
4e2e7e9367 Correctly rebuild the info documentation 2012-04-05 23:35:22 +02:00
Tomas Mraz
92db45d693 Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command 2012-04-04 15:28:35 +02:00
Dennis Gilmore
01a0c8d733 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-13 01:42:32 -06:00
Kalev Lember
4c532c0904 Rebuilt for rpm bug #728707 2011-08-15 08:03:55 +03:00
Tomas Mraz
b5054585fe new upstream version 2011-07-21 15:57:57 +02:00
Tomas Mraz
9371d8c5fa Always xor seed from /dev/urandom over /etc/gcrypt/rngseed 2011-06-20 21:40:03 +02:00
Tomas Mraz
7082be2ecd Make the FIPS-186-3 DSA implementation CAVS testable
add configurable source of RNG seed /etc/gcrypt/rngseed
in the FIPS mode (#700388)
2011-05-30 15:25:11 +02:00
Tomas Mraz
db9fb5d2e7 Make the FIPS-186-3 DSA implementation CAVS testable 2011-05-30 14:23:11 +02:00
Tomas Mraz
d1e5e2486a - new upstream version with minor changes 2011-02-11 19:53:59 +01:00
Dennis Gilmore
1a76790722 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-07 23:55:13 -06:00
Tomas Mraz
474b273f7d - fix a bug in the fips-186-3 dsa parameter generation code 2011-02-04 10:04:08 +01:00
Tomas Mraz
16991a5be4 - use /dev/urandom for seeding in the FIPS mode
- make the tests to pass in the FIPS mode also fixing
  the FIPS-186-3 DSA keygen
2011-02-01 18:54:42 +01:00
Rex Dieter
6d243f390f - FTBFS libgcrypt-1.4.5-3.fc13: ImplicitDSOLinking (#564973) 2010-02-14 20:32:09 +00:00
Tomáš Mráz
c9eae9797f - drop the S390 build workaround as it is no longer needed
- additional spec file cleanups for merge review (#226008)
2010-02-03 08:23:55 +00:00
Tomáš Mráz
9b6823253d - workaround for build on S390 (#548825)
- spec file cleanups
- upgrade to new minor upstream release
2009-12-21 08:46:43 +00:00
Tomáš Mráz
e56dfebe1c *** empty log message *** 2009-12-21 08:26:28 +00:00
Tomáš Mráz
c9de6acdac Drop dot from summary 2009-10-27 14:36:08 +00:00
Tomáš Mráz
f235e635ad - fix warning when installed with --excludedocs (#515961) 2009-08-11 12:41:05 +00:00
Jesse Keating
2a6e183e10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-25 05:40:56 +00:00
Tomáš Mráz
06cc870937 - and now really apply the padlock patch 2009-06-18 21:30:12 +00:00
Tomáš Mráz
0d713cca5e - fix VIA padlock RNG inline assembly call (#505724) 2009-06-17 18:17:06 +00:00
Tomáš Mráz
e569e43744 - with the integrity verification check the library needs to link to libdl
(#488702)
2009-03-05 10:25:19 +00:00
Tomáš Mráz
4b8542ad6d - add hmac FIPS integrity verification check 2009-03-03 20:32:37 +00:00
Jesse Keating
7de5049932 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild 2009-02-25 15:00:17 +00:00