[libgcrypt] Two selftest bug fixes.
Tomáš Mráz
tmraz at fedoraproject.org
Tue Mar 24 08:57:43 UTC 2015
commit 376991d05a1a0e2911242061c41ca5c5a915e339
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Tue Mar 24 09:57:39 2015 +0100
Two selftest bug fixes.
- touch only urandom in the selftest and when /dev/random is
unavailable for example by SELinux confinement
- fix the RSA selftest key (p q swap) (#1204517)
libgcrypt-1.6.2-fips-reqs.patch | 40 +++++++++++++++++------------------
libgcrypt-1.6.3-rsa-fips-keygen.patch | 12 +++++------
libgcrypt-1.6.3-urandom-only.patch | 29 +++++++++++++++++++++++++
libgcrypt.spec | 11 +++++++++-
4 files changed, 65 insertions(+), 27 deletions(-)
---
diff --git a/libgcrypt-1.6.2-fips-reqs.patch b/libgcrypt-1.6.2-fips-reqs.patch
index dea7e34..4fa5f33 100644
--- a/libgcrypt-1.6.2-fips-reqs.patch
+++ b/libgcrypt-1.6.2-fips-reqs.patch
@@ -182,30 +182,30 @@ diff -up libgcrypt-1.6.2/cipher/rsa.c.fips-reqs libgcrypt-1.6.2/cipher/rsa.c
-" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
-" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))";
-/* A sample 1024 bit RSA key used for the selftests (public only). */
-+" (d #36273db1f91bdba7a0417f1223ac232999d53a7b606741076353b4d2e758"
-+" 950ac705f34eb2b412d470dc4f8506d3ddd863273e673121243904bc06a4"
-+" ccce2b7afe7badde116ea3a5e604530ea34e2db48f31bfca7525520285de"
-+" 3db27243b2898a9a3441263f9a67bea4967b0e75baa693d5b8d8b857f24b"
-+" 0f1481d1574ef6454ca63bd070cad39d55de2205e78e284dee11cfb66776"
-+" 09d3e33c13f99934107bec8138f0b6349c9b506f0b91814d8994047bf03c"
-+" f4b1b200488d5a8f889ec5ab3a9e443f54e7d96e47aaa1bd404631f9f034"
-+" b604e12b5b7386dd3a921b71c73f32e5c3c2aba17ebfa452a0b06890d120"
-+" 1279e9d7c940baf219c7a50092860d01#)"
-+" (p #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
-+" 26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
-+" 381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
-+" 2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
-+" 97da57e836da7a9cad#)"
-+" (q #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
++" (d #03b1e24a94e50ab21f8619701ec97679be2cf8f733c9331d9e2974dba721"
++" 27e5def480290e78a769f96b19d28397a284868fb614ca9b1fb3a0d7efed"
++" df41451204ce71aceba659f6ed15964ebb317712364e1cfaf2fded77d658"
++" 8561acc49c97c2d7efe75f1534b35bd4f6561e1f468b45590db34553d4d0"
++" c2cb4d806b74e1b2c52740462538865d9792b0aefbbf7b9827f4b3badcb3"
++" 5adab638266a2d2fb8422a7a19142e08848e56af77a66c39b2afafa2e15b"
++" 1a7e4ed1f2c7ed350678c0465d86472af97371b13ef5058662f835ef9087"
++" f6cca8281bbf1b6b155c737b33d9e443350df85e7cc3b507231fb839f41f"
++" 02c654b29017f35d69007c70e13ba0e5#)"
++" (p #00ccbe7b096906ee45bf884738a8f817e5b6ba6755e3e8058bb8e253d68e"
+" ef2ce74f4af74e268d850b3fecc31cd4ebec6ac8722a257dfda67796f01e"
+" cd2857f83730756bbdd47b0c87c56c8740a5bb272c78c9745a545b0b306f"
+" 444afa71e4216166f9ee65de7c04d7fda9155b7fe27aba698672a6068d9b"
+" 9055609e4c5da9b655#)"
-+" (u #00afdecbdc5268ea7b1bff7284db7f6757dae3165fd80691ed2bbe8e54a1"
-+" 6f7ff950aad059e9695903d93e59ff206ee1470bd2b099ca4e83426a7684"
-+" 75a1ecafd3092fec0f008d78fe773174ec6fbff85384f3a91c2e4b1f59f1"
-+" 1f2000fee86569f6cab5de338087bc615b90570de4aeb1a9125abbe3834d"
-+" 5a69716c0a5fa20603#)))";
++" (q #00fc5c6e16ce1f037bcdf7b372b28f1672b856aef7cd67d84e7d07afd543"
++" 26c335be438f4e2f1c434e6bd2b2ec526d97522bcc5c3a6bf414c674da66"
++" 381c7a3f842fe3f95ab865694606a33779b2a15b58ed5ea75f8c6566bbd1"
++" 2436e637a73d49778a8c34d86929f34d5822b05124b640a886590ab7ba5c"
++" 97da57e836da7a9cad#)"
++" (u #2396c191175e0a83d2dc7b69b2591d3358523f18c709501cb9a1bb4ca238"
++" 404c9a8efe9c9092d0719f899950911f348b745311114a70e2f730d88c80"
++" e1cc9ff163171a7d67294ccb4e747be03e9e2ff4678fecb95c001e7ea27b"
++" 92c96f4ce40ef94863cd50225dbfb69d01336af450be86984fca3f3afacf"
++" 0740c4aaadaebebf#)))";
+/* A sample 2048 bit RSA key used for the selftests (public only). */
static const char sample_public_key[] =
"(public-key"
diff --git a/libgcrypt-1.6.3-rsa-fips-keygen.patch b/libgcrypt-1.6.3-rsa-fips-keygen.patch
index 6d2243e..d160e64 100644
--- a/libgcrypt-1.6.3-rsa-fips-keygen.patch
+++ b/libgcrypt-1.6.3-rsa-fips-keygen.patch
@@ -189,15 +189,15 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
+ if (testparms) goto err;
+ goto qloop;
+ }
-+ if (mpi_cmp (p, q) < 0)
++ if (mpi_cmp (p, q) > 0)
+ {
+ pqswitch = 1;
-+ mpi_sub (diff, q, p);
-+ }
++ mpi_sub (diff, p, q);
++ }
+ else
+ {
+ pqswitch = 0;
-+ mpi_sub (diff, p, q);
++ mpi_sub (diff, q, p);
+ }
+ if (mpi_cmp (diff, mindiff) < 0)
+ {
@@ -248,7 +248,7 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
+ mpi_gcd (g, p1, q1);
+ mpi_fdiv_q (f, p1, g);
+ mpi_mul (f, f, q1);
-+
++
+ mpi_invm (d, e, f);
+
+ _gcry_mpi_release (f);
@@ -329,7 +329,7 @@ diff -up libgcrypt-1.6.3/cipher/rsa.c.fips-keygen libgcrypt-1.6.3/cipher/rsa.c
- ec = generate_std (&sk, nbits, evalue,
- !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ if (deriveparms || fips_mode())
-+ ec = generate_fips (&sk, nbits, evalue, deriveparms, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
++ ec = generate_fips (&sk, nbits, evalue, deriveparms, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ else
+ ec = generate_std (&sk, nbits, evalue, !!(flags & PUBKEY_FLAG_TRANSIENT_KEY));
+ sexp_release (deriveparms);
diff --git a/libgcrypt-1.6.3-urandom-only.patch b/libgcrypt-1.6.3-urandom-only.patch
new file mode 100644
index 0000000..cf0901d
--- /dev/null
+++ b/libgcrypt-1.6.3-urandom-only.patch
@@ -0,0 +1,29 @@
+diff -up libgcrypt-1.6.3/random/random-csprng.c.urandom-only libgcrypt-1.6.3/random/random-csprng.c
+--- libgcrypt-1.6.3/random/random-csprng.c.urandom-only 2015-02-27 10:54:03.000000000 +0100
++++ libgcrypt-1.6.3/random/random-csprng.c 2015-03-20 08:29:27.513113519 +0100
+@@ -1125,8 +1125,7 @@ getfnc_gather_random (void))(void (*)(co
+ enum random_origins, size_t, int);
+
+ #if USE_RNDLINUX
+- if ( !access (NAME_OF_DEV_RANDOM, R_OK)
+- && !access (NAME_OF_DEV_URANDOM, R_OK))
++ if (!access (NAME_OF_DEV_URANDOM, R_OK))
+ {
+ fnc = _gcry_rndlinux_gather_random;
+ return fnc;
+diff -up libgcrypt-1.6.3/random/rndlinux.c.urandom-only libgcrypt-1.6.3/random/rndlinux.c
+--- libgcrypt-1.6.3/random/rndlinux.c.urandom-only 2015-03-20 08:36:13.472098269 +0100
++++ libgcrypt-1.6.3/random/rndlinux.c 2015-03-20 08:36:43.765097131 +0100
+@@ -178,7 +178,11 @@ _gcry_rndlinux_gather_random (void (*add
+ {
+ if (fd_random == -1)
+ {
+- fd_random = open_device (NAME_OF_DEV_RANDOM, (ever_opened & 1), 1);
++ /* We try to open /dev/random first but in case the open fails
++ we gracefully retry with /dev/urandom. */
++ fd_random = open_device (NAME_OF_DEV_RANDOM, 0, 0);
++ if (fd_random == -1)
++ fd_random = open_device (NAME_OF_DEV_URANDOM, (ever_opened & 1), 1);
+ ever_opened |= 1;
+ }
+ fd = fd_random;
diff --git a/libgcrypt.spec b/libgcrypt.spec
index 08030d0..18985c6 100644
--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@@ -1,6 +1,6 @@
Name: libgcrypt
Version: 1.6.3
-Release: 2%{?dist}
+Release: 3%{?dist}
URL: http://www.gnupg.org/
Source0: libgcrypt-%{version}-hobbled.tar.xz
# The original libgcrypt sources now contain potentially patented ECC
@@ -45,6 +45,8 @@ Patch20: libgcrypt-1.6.3-rsa-fips-keygen.patch
Patch22: libgcrypt-1.6.2-fips-reqs.patch
# do not use strict aliasing for bufhelp functions
Patch23: libgcrypt-1.6.3-aliasing.patch
+# use only urandom if /dev/random cannot be opened
+Patch24: libgcrypt-1.6.3-urandom-only.patch
%define gcrylibdir %{_libdir}
@@ -94,6 +96,8 @@ applications using libgcrypt.
%patch20 -p1 -b .fips-keygen
%patch22 -p1 -b .fips-reqs
%patch23 -p1 -b .aliasing
+%patch24 -p1 -b .urandom-only
+
cp %{SOURCE4} cipher/
cp %{SOURCE5} %{SOURCE6} tests/
@@ -204,6 +208,11 @@ exit 0
%license COPYING
%changelog
+* Tue Mar 24 2015 Tomáš Mráz <tmraz at redhat.com> 1.6.3-3
+- touch only urandom in the selftest and when /dev/random is
+ unavailable for example by SELinux confinement
+- fix the RSA selftest key (p q swap) (#1204517)
+
* Fri Mar 13 2015 Tomáš Mráz <tmraz at redhat.com> 1.6.3-2
- do not use strict aliasing for bufhelp functions (#1201219)
More information about the scm-commits
mailing list