Compare commits

..

No commits in common. "c8s" and "c8" have entirely different histories.
c8s ... c8

48 changed files with 3 additions and 455 deletions

View File

@ -1 +0,0 @@
1

23
.gitignore vendored
View File

@ -1,22 +1 @@
libgcrypt-1.4.5-hobbled.tar.bz2
/libgcrypt-1.4.6-hobbled.tar.bz2
/libgcrypt-1.5.0-hobbled.tar.bz2
/libgcrypt-1.5.1-hobbled.tar.xz
/libgcrypt-1.5.2-hobbled.tar.xz
/libgcrypt-1.5.3-hobbled.tar.xz
/libgcrypt-1.6.1-hobbled.tar.xz
/libgcrypt-1.6.2-hobbled.tar.xz
/libgcrypt-1.6.3-hobbled.tar.xz
/libgcrypt-1.6.4-hobbled.tar.xz
/libgcrypt-1.6.5-hobbled.tar.xz
/libgcrypt-1.6.6-hobbled.tar.xz
/libgcrypt-1.7.3-hobbled.tar.xz
/libgcrypt-1.7.5-hobbled.tar.xz
/libgcrypt-1.7.6-hobbled.tar.xz
/libgcrypt-1.7.7-hobbled.tar.xz
/libgcrypt-1.7.8-hobbled.tar.xz
/libgcrypt-1.8.0-hobbled.tar.xz
/libgcrypt-1.8.1-hobbled.tar.xz
/libgcrypt-1.8.2-hobbled.tar.xz
/libgcrypt-1.8.3-hobbled.tar.xz
/libgcrypt-1.8.5-hobbled.tar.xz
SOURCES/libgcrypt-1.8.5-hobbled.tar.xz

1
.libgcrypt.metadata Normal file
View File

@ -0,0 +1 @@
1edcc623a15ed87ff832e021b4cb77fd94eb66c9 SOURCES/libgcrypt-1.8.5-hobbled.tar.xz

View File

@ -1,6 +1,6 @@
Name: libgcrypt
Version: 1.8.5
Release: 8%{?dist}
Release: 7%{?dist}
URL: http://www.gnupg.org/
Source0: libgcrypt-%{version}-hobbled.tar.xz
# The original libgcrypt sources now contain potentially patented ECC
@ -69,8 +69,6 @@ Patch38: libgcrypt-1.8.5-fips-hwfeatures.patch
Patch39: libgcrypt-1.8.5-ppc-chacha20-poly1305.patch
# Fix CVE-2021-33560 (elgamal blinding)
Patch40: libgcrypt-1.8.5-elgamal-blinding.patch
# https://dev.gnupg.org/T8211.html
Patch41: libgcrypt-1.8.5-montgomery-zeroes.patch
%define gcrylibdir %{_libdir}
@ -132,7 +130,6 @@ applications using libgcrypt.
%patch38 -p1 -b .hw-fips
%patch39 -p1 -b .ppc-chacha
%patch40 -p1 -b .elgamal-blinding
%patch41 -p1 -b .montgomery-zeroes
cp %{SOURCE4} cipher/
cp %{SOURCE5} %{SOURCE6} tests/
@ -248,9 +245,6 @@ exit 0
%license COPYING
%changelog
* Mon Jun 29 2026 Jakub Jelen <jjelen@redhat.com> - 1.8.5-8
- Fix CVE-2026-41989: Denial of Service and buffer overflow via crafted ECDH ciphertext
* Tue Apr 05 2022 Jakub Jelen <jjelen@redhat.com> - 1.8.5-7
- Fix CVE-2021-33560 (#2018525)

1
ci.fmf
View File

@ -1 +0,0 @@
resultsdb-testcase: separate

View File

@ -1,9 +0,0 @@
--- !Policy
product_versions:
- rhel-8
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-disabled-buildroot-enabled.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-disabled-buildroot-disabled.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-enabled-buildroot-enabled.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/ci/fips-enabled-buildroot-disabled.functional}

View File

@ -1,151 +0,0 @@
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Tue, 27 Apr 2021 17:24:16 +0900
Subject: [PATCH] ecc: Check the input length for the point.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Check the length
of valid point representation.
--
Backport the commit of master:
060c378c050e7ec6206358c681a313d6e1967dcf
In the use case of GnuPG, ECDH decryption for anonymous recipient may
try to decrypt with different curves. When the input data of
ephemeral key does not match one of the private key, it should return
GPG_ERR_INV_OBJ.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/ecc-misc.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 34dd6804..b89dcfa6 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -294,6 +294,7 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result)
{
unsigned char *rawmpi;
unsigned int rawmpilen;
+ unsigned int nbytes = (ctx->nbits+7)/8;
if (mpi_is_opaque (pk))
{
@@ -305,27 +306,36 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result)
return GPG_ERR_INV_OBJ;
rawmpilen = (rawmpilen + 7)/8;
- if (rawmpilen > 1 && (rawmpilen%2) && buf[0] == 0x40)
+ if (rawmpilen == nbytes + 1
+ && (buf[0] == 0x00 || buf[0] == 0x40))
{
rawmpilen--;
buf++;
}
+ else if (rawmpilen > nbytes)
+ return GPG_ERR_INV_OBJ;
- rawmpi = xtrymalloc (rawmpilen? rawmpilen:1);
+ rawmpi = xtrymalloc (nbytes);
if (!rawmpi)
return gpg_err_code_from_syserror ();
p = rawmpi + rawmpilen;
while (p > rawmpi)
*--p = *buf++;
+
+ if (rawmpilen < nbytes)
+ memset (rawmpi + nbytes - rawmpilen, 0, nbytes - rawmpilen);
}
else
{
- unsigned int nbytes = (ctx->nbits+7)/8;
-
rawmpi = _gcry_mpi_get_buffer (pk, nbytes, &rawmpilen, NULL);
if (!rawmpi)
return gpg_err_code_from_syserror ();
+ if (rawmpilen > nbytes + 1)
+ {
+ xfree (rawmpi);
+ return GPG_ERR_INV_OBJ;
+ }
/*
* It is not reliable to assume that 0x40 means the prefix.
*
--
2.54.0
From bd662c090bd4a45cc830de9e42e96dd0f8e1f702 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 6 May 2021 12:35:19 +0900
Subject: [PATCH] ecc: Fix the previous commit.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the condition.
--
GnuPG-bug-id: 5423
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/ecc-misc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index b89dcfa6..0c387c27 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -331,7 +331,7 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result)
rawmpi = _gcry_mpi_get_buffer (pk, nbytes, &rawmpilen, NULL);
if (!rawmpi)
return gpg_err_code_from_syserror ();
- if (rawmpilen > nbytes + 1)
+ if (rawmpilen > nbytes + BYTES_PER_MPI_LIMB)
{
xfree (rawmpi);
return GPG_ERR_INV_OBJ;
--
2.54.0
From 5ba63ec41a6e734c9ff82e20e4f84ac94c59ae27 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 10 Apr 2026 16:58:57 +0900
Subject: [PATCH] cipher:ecc: Fix decoding a point on Montgomery curve.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the padding
mistake and add updating RAWMPILEN.
--
Reported by Calif.io in collaboration with Claude and Anthropic
Research.
GnuPG-bug-id: 8211
Fixes-commit: bbe15758c893dbf546416c1a6bccdad1ab000ad7
Suggested-by: Bronson Yen <bronson@calif.io>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/ecc-misc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 0c387c27..be4e2862 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -324,7 +324,10 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result)
*--p = *buf++;
if (rawmpilen < nbytes)
- memset (rawmpi + nbytes - rawmpilen, 0, nbytes - rawmpilen);
+ {
+ memset (rawmpi + rawmpilen, 0, nbytes - rawmpilen);
+ rawmpilen = nbytes;
+ }
}
else
{
--
2.54.0

View File

@ -1,23 +0,0 @@
/fips-disabled-buildroot-disabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/libgcrypt
name: /plans/ci/fips-disabled-buildroot-disabled
/fips-disabled-buildroot-enabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/libgcrypt
name: /plans/ci/fips-disabled-buildroot-enabled
/fips-enabled-buildroot-disabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/libgcrypt
name: /plans/ci/fips-enabled-buildroot-disabled
/fips-enabled-buildroot-enabled:
plan:
import:
url: https://pkgs.devel.redhat.com/git/tests/libgcrypt
name: /plans/ci/fips-enabled-buildroot-enabled

View File

@ -1 +0,0 @@
SHA512 (libgcrypt-1.8.5-hobbled.tar.xz) = 63391cdb4b2366dfc7869a45a9e5facbb05e4d28ada2646941cadfa2de93517ff5fb2a28aa7f486b79a1449cf701c8c36a6e99052d7c499b240dff606dd921a0

View File

@ -1 +0,0 @@
1

View File

@ -1,64 +0,0 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libgcrypt/Sanity/fips-selftest
# Description: FIPS mode initialization sanity
# Author: Tomas Mraz <tmraz@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libgcrypt/Sanity/fips-selftest
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE gcry-fips-random.c
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Tomas Mraz <tmraz@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: FIPS mode initialization sanity" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libgcrypt" >> $(METADATA)
@echo "Requires: make gcc libgcrypt-devel grub2" >> $(METADATA)
@echo "RhtsRequires: library(distribution/fips)" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHELServer6 -RHELServer7" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -1,3 +0,0 @@
PURPOSE of /CoreOS/libgcrypt/Sanity/fips-selftest
Description: FIPS mode initialization sanity
Author: Tomas Mraz <tmraz@redhat.com>

View File

@ -1,26 +0,0 @@
#include <stdio.h>
#include <gcrypt.h>
#include <stdlib.h>
#include <string.h>
static char zerobuf[64];
int main(int argc, char *argv[])
{
char rndbuf[64];
gcry_check_version("1.4.0");
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
printf("FIPS_MODE: %d\n", gcry_control(GCRYCTL_FIPS_MODE_P, 0) != 0);
printf("OPERATIONAL: %d\n", gcry_control(GCRYCTL_OPERATIONAL_P, 0) != 0);
/* a little rng test to do something */
memset(rndbuf, '\0', sizeof rndbuf);
gcry_randomize (rndbuf, sizeof rndbuf, GCRY_STRONG_RANDOM);
if (memcmp(rndbuf, zerobuf, sizeof rndbuf) == 0) {
printf("BAD RANDOMIZE!\n");
return 1;
}
return 0;
}

View File

@ -1,129 +0,0 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/gnutls/Sanity/fips-without-etc-system-fips
# Description: FIPS mode without /etc/system-fips
# Author: Alexander Sosedkin <asosedki@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE='libgcrypt'
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 'Creating tmp directory'
rlRun "cp gcry-fips-random.c $TmpDir/"
rlRun "pushd $TmpDir"
rlRun 'rlImport distribution/fips'
rlRun 'make CFLAGS="-g -O2 -Wall" LDFLAGS=-lgcrypt gcry-fips-random'
rlFileBackup "/etc/system-fips"
rlPhaseEnd
if [ $fipsMode == 'enabled' ]; then
rlPhaseStartTest "Check operation with FIPS $fipsMode"
rlRun -s './gcry-fips-random'
rlAssertGrep "FIPS_MODE: 1" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (corrupted hmac)"
hmacfile="$(ls /usr/lib*/.libgcrypt.so.??.hmac)"
rlFileBackup --namespace hmacfile $hmacfile
rlRun "sed -i 's/0/1/;s/1/2/;s/2/3/' $hmacfile"
rlRun -s './gcry-fips-random' 1-255
rlFileRestore --namespace hmacfile
rlPhaseEnd
if (rlIsRHEL && ! rlIsRHEL '<8.3') || (rlIsFedora && ! rlIsFedora '<33') || rlCheckRpm libgcrypt 1.8.5; then
rlPhaseStartTest 'RHEL >=8.3 or Fedora >=33 try removing /etc/system-fips'
# The file might disappear later completely so no need to error out
rlRun "mv /etc/system-fips /etc/system-fips.disabled || :"
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (no system-fips)"
rlRun -s './gcry-fips-random'
rlAssertGrep "FIPS_MODE: 1" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (no system-fips corrupted hmac)"
hmacfile="$(ls /usr/lib*/.libgcrypt.so.??.hmac)"
rlFileBackup --namespace hmacfile $hmacfile
rlRun "sed -i 's/0/1/;s/1/2/;s/2/3/' $hmacfile"
rlRun -s './gcry-fips-random' 1-255
rlFileRestore --namespace hmacfile
rlPhaseEnd
fi
elif [[ $fipsMode == 'disabled' ]]; then
rlPhaseStartTest "Check operation with FIPS $fipsMode"
rlRun -s './gcry-fips-random'
rlAssertGrep "FIPS_MODE: 0" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (corrupted hmac)"
hmacfile="$(ls /usr/lib*/.libgcrypt.so.??.hmac)"
rlFileBackup --namespace hmacfile $hmacfile
rlRun "sed -i 's/0/1/;s/1/2/;s/2/3/' $hmacfile"
rlRun -s './gcry-fips-random' 0
rlAssertGrep "FIPS_MODE: 0" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlFileRestore --namespace hmacfile
rlPhaseEnd
if (rlIsRHEL && ! rlIsRHEL '<8.3') || (rlIsFedora && ! rlIsFedora '<33') || rlCheckRpm libgcrypt 1.8.5; then
rlPhaseStartTest 'RHEL >=8.3 or Fedora >=33 try removing /etc/system-fips'
# The file might disappear later completely so no need to error out
rlRun "mv /etc/system-fips /etc/system-fips.disabled || :"
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (no system-fips)"
rlRun -s './gcry-fips-random'
rlAssertGrep "FIPS_MODE: 0" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Check operation with FIPS $fipsMode (no system-fips corrupted hmac)"
hmacfile="$(ls /usr/lib*/.libgcrypt.so.??.hmac)"
rlFileBackup --namespace hmacfile $hmacfile
rlRun "sed -i 's/0/1/;s/1/2/;s/2/3/' $hmacfile"
rlRun -s './gcry-fips-random' 0
rlAssertGrep "FIPS_MODE: 0" $rlRun_LOG
rlAssertGrep "OPERATIONAL: 1" $rlRun_LOG
rlFileRestore --namespace hmacfile
rlPhaseEnd
fi
fi
rlPhaseStartCleanup
rlFileRestore
rlRun 'popd'
rlRun "rm -r $TmpDir" 0 'Removing tmp directory'
rlPhaseEnd
rlJournalEnd

View File

@ -1,5 +0,0 @@
---
standard-inventory-qcow2:
qemu:
m: 2G

View File

@ -1,12 +0,0 @@
- hosts: localhost
tags:
- classic
- container
roles:
- role: standard-test-beakerlib
tests:
- fips-selftest
required_packages:
- make
- gcc-c++
- libgcrypt-devel