libgcrypt/libgcrypt-1.6.2-fips-reqs.patch
Tomas Mraz 376991d05a Two selftest bug fixes.
- touch only urandom in the selftest and when /dev/random is
  unavailable for example by SELinux confinement
- fix the RSA selftest key (p q swap) (#1204517)
2015-03-24 09:57:39 +01:00

346 lines
16 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

diff -up libgcrypt-1.6.2/cipher/dsa.c.fips-reqs libgcrypt-1.6.2/cipher/dsa.c
--- libgcrypt-1.6.2/cipher/dsa.c.fips-reqs 2014-12-08 17:15:07.198102721 +0100
+++ libgcrypt-1.6.2/cipher/dsa.c 2014-12-08 17:16:59.636645610 +0100
@@ -66,42 +66,86 @@ static const char *dsa_names[] =
};
-/* A sample 1024 bit DSA key used for the selftests. */
+/* A sample 2048 bit DSA key used for the selftests. */
static const char sample_secret_key[] =
"(private-key"
" (dsa"
-" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
-" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
-" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
-" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)"
-" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)"
-" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
-" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
-" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
-" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)"
-" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
-" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
-" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
-" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)"
-" (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))";
-/* A sample 1024 bit DSA key used for the selftests (public only). */
+" (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
+" 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
+" 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
+" 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
+" 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
+" eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
+" 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
+" 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
+" 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
+" 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
+" 2c8d7469db02e24d592394a7dba069e9#)"
+" (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
+" 7441a0a5#)"
+" (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
+" 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
+" ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
+" 0df242b75b414df372121e53a553f222f836b000f016485b"
+" 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
+" 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
+" 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
+" ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
+" 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
+" 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
+" 45f322f82e4e85ca3ab85591b3c2a966#)"
+" (y #2452f3ccbe9ed5ca7dc74c602b99226e8f2fab38e7d7ddfb"
+" 75539b17155e9fcfd1aba564eb8535d812c9c2dcf9728444"
+" 1bc482243624c7f457580c1c38a57c46c457392470edb52c"
+" b5a6e03fe6287bb6f49a42a2065a054f030839df1fd3149c"
+" 4ca0531dd8ca8aaa9cc7337193387348336118224545e88c"
+" 80ffd8765d74360333ccab9972779b6525a65bdd0d10c675"
+" c109bbd3e5be4d72ef6eba6e438d5226237db888379c5fcc"
+" 47a3847ff63711baed6d03afe81e694a413b680bd38ab490"
+" 3f8370a707ef551d4941026d9579d691de8edaa16105eb9d"
+" ba3c2f4c1bec508275aa0207e251b5eccb286a4b01d449d3"
+" 0acb673717a0d2fb3b50c893f7dab14f#)"
+" (x #0c4b3089d1b862cb3c436491f0915470c52796e3acbee800"
+" ec55f6cc#)))";
+/* A sample 2048 bit DSA key used for the selftests (public only). */
static const char sample_public_key[] =
"(public-key"
" (dsa"
-" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
-" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
-" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
-" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)"
-" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)"
-" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
-" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
-" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
-" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)"
-" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
-" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
-" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
-" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)))";
-
+" (p #a85378d8fd3f8d72ec7418080da21317e43ec4b62ba8c862"
+" 3b7e4d04441dd1a0658662596493ca8e9e8fbb7e34aaddb6"
+" 2e5d67b6d09a6e61b769e7c352aa2b10e20ca0636963b552"
+" 3e86470decbbeda027e797e7b67635d4d49c30700e74af8a"
+" 0ff156a801af57a26e7078f1d82f74908ecb6d07e70b3503"
+" eed94fa32cf17a7fc3d6cf40dc7b00830e6a2566dc073e34"
+" 3312517c6aa5152b4bfecd2e551fee346318a153423c996b"
+" 0d5dcb9102aedd38798616f1f1e0d6c403525b1f9b3d4dc7"
+" 66de2dfc4a56d7b8ba5963d60f3e16318870ad436952e557"
+" 65374eab85e8ec17d6b9a4547b9b5f2752f3105be809b23a"
+" 2c8d7469db02e24d592394a7dba069e9#)"
+" (q #d277044e50f5a4e3f510a50a0b84fdffbca047ed27602056"
+" 7441a0a5#)"
+" (g #13d754e21fd241655da891c522a65a72a89bdc64ec9b54a8"
+" 21ed4a898b490e0c4fcb72192a4a20f541f3f2925399f0ba"
+" ecf929aafbf79dfe4332393b32cd2e2fcf272f32a627434a"
+" 0df242b75b414df372121e53a553f222f836b000f016485b"
+" 6bd0898451801dcd8de64cd5365696ffc532d528c506620a"
+" 942a0305046d8f1876341f1e570bc3974ba6b9a438e97023"
+" 02a2e6e67bfd06d32bc679962271d7b40cd72f386e64e0d7"
+" ef86ca8ca5d14228dc2a4f16e3189886b5990674f4200f3a"
+" 4cf65a3f0ddba1fa672dff2f5e143d10e4e97ae84f6da095"
+" 35d5b9df259181a79b63b069e949972b02ba36b3586aab7e"
+" 45f322f82e4e85ca3ab85591b3c2a966#)"
+" (y #2452f3ccbe9ed5ca7dc74c602b99226e8f2fab38e7d7ddfb"
+" 75539b17155e9fcfd1aba564eb8535d812c9c2dcf9728444"
+" 1bc482243624c7f457580c1c38a57c46c457392470edb52c"
+" b5a6e03fe6287bb6f49a42a2065a054f030839df1fd3149c"
+" 4ca0531dd8ca8aaa9cc7337193387348336118224545e88c"
+" 80ffd8765d74360333ccab9972779b6525a65bdd0d10c675"
+" c109bbd3e5be4d72ef6eba6e438d5226237db888379c5fcc"
+" 47a3847ff63711baed6d03afe81e694a413b680bd38ab490"
+" 3f8370a707ef551d4941026d9579d691de8edaa16105eb9d"
+" ba3c2f4c1bec508275aa0207e251b5eccb286a4b01d449d3"
+" 0acb673717a0d2fb3b50c893f7dab14f#)))";
@@ -1164,14 +1208,14 @@ dsa_get_nbits (gcry_sexp_t parms)
*/
static const char *
-selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_sign (gcry_sexp_t pkey, gcry_sexp_t skey)
{
static const char sample_data[] =
"(data (flags raw)"
- " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4#))";
+ " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4f1e2d3c4b5a6978879605142#))";
static const char sample_data_bad[] =
"(data (flags raw)"
- " (value #a0b1c2d3e4f510102030405060708090a1b2c3d4#))";
+ " (value #a0b1c2d3e4f500102030405060708090a1b2c3d401e2d3c4b5a6978879605142#))";
const char *errtxt = NULL;
gcry_error_t err;
@@ -1247,7 +1291,7 @@ selftests_dsa (selftest_report_func_t re
}
what = "sign";
- errtxt = selftest_sign_1024 (pkey, skey);
+ errtxt = selftest_sign (pkey, skey);
if (errtxt)
goto failed;
diff -up libgcrypt-1.6.2/cipher/rsa.c.fips-reqs libgcrypt-1.6.2/cipher/rsa.c
--- libgcrypt-1.6.2/cipher/rsa.c.fips-reqs 2014-12-08 17:15:07.218103174 +0100
+++ libgcrypt-1.6.2/cipher/rsa.c 2014-12-08 17:20:24.666282521 +0100
@@ -62,33 +62,57 @@ static const char *rsa_names[] =
};
-/* A sample 1024 bit RSA key used for the selftests. */
+/* A sample 2048 bit RSA key used for the selftests. */
static const char sample_secret_key[] =
"(private-key"
" (rsa"
-" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
-" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
-" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
-" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)"
+" (n #00c9d56d9d90db43d602ed9688138ab2bf6ea10610b27837a714a8ffdd00"
+" ddb493a045cc9690edada9ddc4d6ca0cf0ed4f725e21499a1812158f905a"
+" dbb63399a3e6b4f0c4972126bbe3baf2ffa072da89638e8b3e089d922abe"
+" 16e14315fc57c71f0911671ca996d18b3e8093c159d06d39f2ac95cc1075"
+" e93124d143af68524be716d749656f26c086adc0070ac1e12f8785863bdc"
+" 5a99bee9f9b9e98227510415ab060e765a288d92bdc5b57ba8df4e47a2c1"
+" e752bf47f762e03a6f4d6a4d4ed4b95969fab214c1eee62f95cd9472aee4"
+" db189ac4cd70bdee3116b74965ac40190eb56d83f136bb082f2e4e9262a4"
+" ff50db2045a2eb167af2d528c1fd4e0371#)"
" (e #010001#)"
-" (d #046129f2489d71579be0a75fe029bd6cdb574ebf57ea8a5b0fda942cab943b11"
-" 7d7bb95e5d28875e0f9fc5fcc06a72f6d502464dabded78ef6b716177b83d5bd"
-" c543dc5d3fed932e59f5897e92e6f58a0f33424106a3b6fa2cbf877510e4ac21"
-" c3ee47851e97d12996222ac3566d4ccb0b83d164074abf7de655fc2446da1781#)"
-" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
-" fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)"
-" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9"
-" 35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)"
-" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
-" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))";
-/* A sample 1024 bit RSA key used for the selftests (public only). */
+" (d #03b1e24a94e50ab21f8619701ec97679be2cf8f733c9331d9e2974dba721"
+" 27e5def480290e78a769f96b19d28397a284868fb614ca9b1fb3a0d7efed"
+" df41451204ce71aceba659f6ed15964ebb317712364e1cfaf2fded77d658"
+" 8561acc49c97c2d7efe75f1534b35bd4f6561e1f468b45590db34553d4d0"
+" c2cb4d806b74e1b2c52740462538865d9792b0aefbbf7b9827f4b3badcb3"
+" 5adab638266a2d2fb8422a7a19142e08848e56af77a66c39b2afafa2e15b"
+" 1a7e4ed1f2c7ed350678c0465d86472af97371b13ef5058662f835ef9087"
+" f6cca8281bbf1b6b155c737b33d9e443350df85e7cc3b507231fb839f41f"
+" 02c654b29017f35d69007c70e13ba0e5#)"
+" (p #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
+" ef2ce74f4af74e268d850b3fecc31cd4ebec6ac8722a257dfda67796f01e"
+" cd2857f83730756bbdd47b0c87c56c8740a5bb272c78c9745a545b0b306f"
+" 444afa71e4216166f9ee65de7c04d7fda9155b7fe27aba698672a6068d9b"
+" 9055609e4c5da9b655#)"
+" (q #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
+" 26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
+" 381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
+" 2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
+" 97da57e836da7a9cad#)"
+" (u #2396c191175e0a83d2dc7b69b2591d3358523f18c709501cb9a1bb4ca238"
+" 404c9a8efe9c9092d0719f899950911f348b745311114a70e2f730d88c80"
+" e1cc9ff163171a7d67294ccb4e747be03e9e2ff4678fecb95c001e7ea27b"
+" 92c96f4ce40ef94863cd50225dbfb69d01336af450be86984fca3f3afacf"
+" 0740c4aaadaebebf#)))";
+/* A sample 2048 bit RSA key used for the selftests (public only). */
static const char sample_public_key[] =
"(public-key"
" (rsa"
-" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
-" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
-" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
-" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)"
+" (n #00c9d56d9d90db43d602ed9688138ab2bf6ea10610b27837a714a8ffdd00"
+" ddb493a045cc9690edada9ddc4d6ca0cf0ed4f725e21499a1812158f905a"
+" dbb63399a3e6b4f0c4972126bbe3baf2ffa072da89638e8b3e089d922abe"
+" 16e14315fc57c71f0911671ca996d18b3e8093c159d06d39f2ac95cc1075"
+" e93124d143af68524be716d749656f26c086adc0070ac1e12f8785863bdc"
+" 5a99bee9f9b9e98227510415ab060e765a288d92bdc5b57ba8df4e47a2c1"
+" e752bf47f762e03a6f4d6a4d4ed4b95969fab214c1eee62f95cd9472aee4"
+" db189ac4cd70bdee3116b74965ac40190eb56d83f136bb082f2e4e9262a4"
+" ff50db2045a2eb167af2d528c1fd4e0371#)"
" (e #010001#)))";
@@ -1610,20 +1634,35 @@ compute_keygrip (gcry_md_hd_t md, gcry_s
*/
static const char *
-selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_sign (gcry_sexp_t pkey, gcry_sexp_t skey)
{
static const char sample_data[] =
"(data (flags pkcs1)"
- " (hash sha1 #11223344556677889900aabbccddeeff10203040#))";
+ " (hash sha256 #11223344556677889900aabbccddeeffa0b0c0d0102030405060708090a1b1c1#))";
static const char sample_data_bad[] =
"(data (flags pkcs1)"
- " (hash sha1 #11223344556677889900aabbccddeeff80203040#))";
+ " (hash sha256 #11223344556677889900aabbccddeeffa0b0c0d0102030405060708091a1b1c1#))";
+ static const char signature_ka[] =
+ "(sig-val \n"
+ " (rsa \n"
+ " (s #0B12D55738B099D401C81BEEDA54E045B4B7D9CDA5A8769E9C484F696A58912A"
+ "1E5DE7E5A2D181DA15A5C254D802AB75F1056E27406850AC7BE310BC32D2CED8"
+ "6697FE84508F7EFFF4D147C52E955A0873EF2F52ED71F2FC9C3C12D4045CB643"
+ "70158378E1494D8FBAD2248B9B64233D2CC2C1932B0531E539DEB07434B76D3B"
+ "6959E8A37E33B234C0C8C2C8FB1D00939239C9C491B2EBEED77BF952B597E11B"
+ "D4ED0C103D2B88BC78B4E505CF9D8D08B585CE3688D4FBE83ED58D1E1341AC4D"
+ "7C5EFF3CBC565CC7AE61C2F568426763A5239D31C1FFFD366984901679A343C4"
+ "01BB778BBA5E533B7875BA658A19AA9E56170F4A28E4322BF1621175FB06463E#)\n"
+ " )\n"
+ " )\n";
const char *errtxt = NULL;
gcry_error_t err;
gcry_sexp_t data = NULL;
gcry_sexp_t data_bad = NULL;
gcry_sexp_t sig = NULL;
+ char buf[1024];
+ size_t len;
err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data));
if (!err)
@@ -1641,6 +1680,12 @@ selftest_sign_1024 (gcry_sexp_t pkey, gc
errtxt = "signing failed";
goto leave;
}
+ len = sexp_sprint (sig, GCRYSEXP_FMT_ADVANCED, buf, sizeof(buf));
+ if (len != sizeof (signature_ka) - 1 || memcmp (buf, signature_ka, len) != 0)
+ {
+ errtxt = "signature KAT failed";
+ goto leave;
+ }
err = _gcry_pk_verify (sig, data, pkey);
if (err)
{
@@ -1697,11 +1742,11 @@ extract_a_from_sexp (gcry_sexp_t encr_da
static const char *
-selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
+selftest_encr (gcry_sexp_t pkey, gcry_sexp_t skey)
{
const char *errtxt = NULL;
gcry_error_t err;
- const unsigned int nbits = 1000; /* Encrypt 1000 random bits. */
+ const unsigned int nbits = 2000; /* Encrypt 2000 random bits. */
gcry_mpi_t plaintext = NULL;
gcry_sexp_t plain = NULL;
gcry_sexp_t encr = NULL;
@@ -1822,12 +1867,12 @@ selftests_rsa (selftest_report_func_t re
}
what = "sign";
- errtxt = selftest_sign_1024 (pkey, skey);
+ errtxt = selftest_sign (pkey, skey);
if (errtxt)
goto failed;
what = "encrypt";
- errtxt = selftest_encr_1024 (pkey, skey);
+ errtxt = selftest_encr (pkey, skey);
if (errtxt)
goto failed;
diff -up libgcrypt-1.6.2/random/drbg.c.fips-reqs libgcrypt-1.6.2/random/drbg.c
diff -up libgcrypt-1.6.2/src/visibility.c.fips-reqs libgcrypt-1.6.2/src/visibility.c
--- libgcrypt-1.6.2/src/visibility.c.fips-reqs 2014-08-21 14:50:39.000000000 +0200
+++ libgcrypt-1.6.2/src/visibility.c 2014-12-08 17:23:06.530943221 +0100
@@ -1259,6 +1259,8 @@ gcry_kdf_derive (const void *passphrase,
unsigned long iterations,
size_t keysize, void *keybuffer)
{
+ if (!fips_is_operational ())
+ return gpg_error (fips_not_operational ());
return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo,
salt, saltlen, iterations,
keysize, keybuffer));
@@ -1314,6 +1316,13 @@ void
gcry_mpi_randomize (gcry_mpi_t w,
unsigned int nbits, enum gcry_random_level level)
{
+ if (!fips_is_operational ())
+ {
+ (void)fips_not_operational ();
+ fips_signal_fatal_error ("called in non-operational state");
+ fips_noreturn ();
+ }
+
_gcry_mpi_randomize (w, nbits, level);
}
@@ -1339,6 +1348,8 @@ gcry_prime_generate (gcry_mpi_t *prime,
gcry_random_level_t random_level,
unsigned int flags)
{
+ if (!fips_is_operational ())
+ return gpg_error (fips_not_operational ());
return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits,
factors, cb_func, cb_arg,
random_level, flags));