File fix-test-suite-for-RSA-in-fips-mode.patch of Package libgcrypt.7109

From 5958dd99b173ef62fac0e21ff97a52a67aa6423f Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Wed, 24 Sep 2014 18:02:28 +0200
Subject: [PATCH] fix test suite for RSA in fips mode

---
 tests/basic.c     |  2 +-
 tests/benchmark.c | 30 +++++++++++++++++++--------
 tests/keygen.c    | 62 ++++++++++++++++++++++++++++++++++++++++++-------------
 tests/pubkey.c    | 49 ++++++++++++++++++++++++++++++++++++++++---
 4 files changed, 116 insertions(+), 27 deletions(-)

diff --git a/tests/basic.c b/tests/basic.c
index f7e2005..6c43b45 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -5710,7 +5710,7 @@ get_keys_new (gcry_sexp_t *pkey, gcry_sexp_t *skey)
   if (verbose)
     fprintf (stderr, "  generating RSA key:");
   rc = gcry_sexp_new (&key_spec,
-		      in_fips_mode ? "(genkey (rsa (nbits 4:1024)))"
+		      in_fips_mode ? "(genkey (rsa (nbits 4:2048)))"
                       : "(genkey (rsa (nbits 4:1024)(transient-key)))",
                       0, 1);
   if (rc)
diff --git a/tests/benchmark.c b/tests/benchmark.c
index 5efc083..9a45918 100644
--- a/tests/benchmark.c
+++ b/tests/benchmark.c
@@ -716,6 +716,11 @@ cipher_bench ( const char *algoname )
 
   for (modeidx=0; modes[modeidx].mode; modeidx++)
     {
+      if (in_fips_mode && modes[modeidx].mode == GCRY_CIPHER_MODE_GCM)
+        {
+          printf("    [skipped]");
+          continue;
+        }
       if ((blklen > 1 && modes[modeidx].mode == GCRY_CIPHER_MODE_STREAM)
           || (blklen == 1 && modes[modeidx].mode != GCRY_CIPHER_MODE_STREAM))
         continue;
@@ -862,28 +867,35 @@ rsa_bench (int iterations, int print_header, int no_blinding)
 {
   gpg_error_t err;
   int p_sizes[] = { 1024, 2048, 3072, 4096 };
-  int testno;
+  int testno = 0;
 
   if (print_header)
     printf ("Algorithm         generate %4d*sign %4d*verify\n"
             "------------------------------------------------\n",
             iterations, iterations );
-  for (testno=0; testno < DIM (p_sizes); testno++)
+  for (; testno < DIM (p_sizes); testno++)
     {
       gcry_sexp_t key_spec, key_pair, pub_key, sec_key;
       gcry_mpi_t x;
       gcry_sexp_t data;
       gcry_sexp_t sig = NULL;
       int count;
+      unsigned nbits = p_sizes[testno];
 
-      printf ("RSA %3d bit    ", p_sizes[testno]);
+      printf ("RSA %3d bit    ", nbits);
       fflush (stdout);
 
+      if (in_fips_mode && !(nbits == 2048 || nbits == 3072))
+        {
+          puts ("[skipped in fips mode]");
+          continue;
+        }
+
       err = gcry_sexp_build (&key_spec, NULL,
                              gcry_fips_mode_active ()
                              ? "(genkey (RSA (nbits %d)))"
                              : "(genkey (RSA (nbits %d)(transient-key)))",
-                             p_sizes[testno]);
+                             nbits);
       if (err)
         die ("creating S-expression failed: %s\n", gcry_strerror (err));
 
@@ -891,7 +903,7 @@ rsa_bench (int iterations, int print_header, int no_blinding)
       err = gcry_pk_genkey (&key_pair, key_spec);
       if (err)
         die ("creating %d bit RSA key failed: %s\n",
-             p_sizes[testno], gcry_strerror (err));
+             nbits, gcry_strerror (err));
 
       pub_key = gcry_sexp_find_token (key_pair, "public-key", 0);
       if (! pub_key)
@@ -906,8 +918,8 @@ rsa_bench (int iterations, int print_header, int no_blinding)
       printf ("   %s", elapsed_time ());
       fflush (stdout);
 
-      x = gcry_mpi_new (p_sizes[testno]);
-      gcry_mpi_randomize (x, p_sizes[testno]-8, GCRY_WEAK_RANDOM);
+      x = gcry_mpi_new (nbits);
+      gcry_mpi_randomize (x, nbits-8, GCRY_WEAK_RANDOM);
       err = gcry_sexp_build (&data, NULL,
                              "(data (flags raw) (value %m))", x);
       gcry_mpi_release (x);
@@ -945,8 +957,8 @@ rsa_bench (int iterations, int print_header, int no_blinding)
       if (no_blinding)
         {
           fflush (stdout);
-          x = gcry_mpi_new (p_sizes[testno]);
-          gcry_mpi_randomize (x, p_sizes[testno]-8, GCRY_WEAK_RANDOM);
+          x = gcry_mpi_new (nbits);
+          gcry_mpi_randomize (x, nbits-8, GCRY_WEAK_RANDOM);
           err = gcry_sexp_build (&data, NULL,
                                  "(data (flags no-blinding) (value %m))", x);
           gcry_mpi_release (x);
diff --git a/tests/keygen.c b/tests/keygen.c
index 4aff9c9..4d4034a 100644
--- a/tests/keygen.c
+++ b/tests/keygen.c
@@ -40,6 +40,7 @@
 static int verbose;
 static int debug;
 static int error_count;
+static int in_fips_mode;
 
 
 static void
@@ -63,7 +64,7 @@ fail (const char *format, ...)
   va_list arg_ptr;
 
   fflush (stdout);
-  fprintf (stderr, "%s: ", PGM);
+  fprintf (stderr, "FAIL %s: ", PGM);
   /* if (wherestr) */
   /*   fprintf (stderr, "%s: ", wherestr); */
   va_start (arg_ptr, format);
@@ -196,11 +197,11 @@ check_rsa_keys (void)
   int rc;
 
   if (verbose)
-    show ("creating 1024 bit RSA key\n");
+    show ("creating 2048 bit RSA key\n");
   rc = gcry_sexp_new (&keyparm,
                       "(genkey\n"
                       " (rsa\n"
-                      "  (nbits 4:1024)\n"
+                      "  (nbits 4:2048)\n"
                       " ))", 0, 1);
   if (rc)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
@@ -208,9 +209,29 @@ check_rsa_keys (void)
   gcry_sexp_release (keyparm);
   if (rc)
     die ("error generating RSA key: %s\n", gpg_strerror (rc));
-  if (verbose > 1)
-    show_sexp ("1024 bit RSA key:\n", key);
-  check_generated_rsa_key (key, 65537);
+
+  if (verbose)
+    show ("creating 1024 bit RSA key\n");
+  rc = gcry_sexp_new (&keyparm,
+                      "(genkey\n"
+                      " (rsa\n"
+                      "  (nbits 4:1024)\n"
+                      " ))", 0, 1);
+  if (rc)
+    die ("error creating S-expression: %s\n", gpg_strerror (rc));
+  rc = gcry_pk_genkey (&key, keyparm);
+  gcry_sexp_release (keyparm);
+  if (rc && !in_fips_mode)
+    fail ("error generating RSA key: %s\n", gpg_strerror (rc));
+  else if (!rc && in_fips_mode)
+    fail ("generating 1024 bit RSA key must not work!");
+
+  if (!rc)
+    {
+      if (verbose > 1)
+        show_sexp ("1024 bit RSA key:\n", key);
+      check_generated_rsa_key (key, 65537);
+    }
   gcry_sexp_release (key);
 
 
@@ -226,10 +247,13 @@ check_rsa_keys (void)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
   rc = gcry_pk_genkey (&key, keyparm);
   gcry_sexp_release (keyparm);
-  if (rc)
-    die ("error generating RSA key: %s\n", gpg_strerror (rc));
+  if (rc && !in_fips_mode)
+    fail ("error generating RSA key: %s\n", gpg_strerror (rc));
+  else if (!rc && in_fips_mode)
+    fail ("generating 512 bit RSA key must not work!");
 
-  check_generated_rsa_key (key, 257);
+  if (!rc)
+    check_generated_rsa_key (key, 257);
   gcry_sexp_release (key);
 
   if (verbose)
@@ -244,10 +268,13 @@ check_rsa_keys (void)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
   rc = gcry_pk_genkey (&key, keyparm);
   gcry_sexp_release (keyparm);
-  if (rc)
-    die ("error generating RSA key: %s\n", gpg_strerror (rc));
+  if (rc && !in_fips_mode)
+    fail ("error generating RSA key: %s\n", gpg_strerror (rc));
+  else if (!rc && in_fips_mode)
+    fail ("generating 512 bit RSA key must not work!");
 
-  check_generated_rsa_key (key, 0); /* We don't expect a constant exponent. */
+  if (!rc)
+    check_generated_rsa_key (key, 0); /* We don't expect a constant exponent. */
   gcry_sexp_release (key);
 }
 
@@ -299,8 +326,10 @@ check_dsa_keys (void)
         die ("error creating S-expression: %s\n", gpg_strerror (rc));
       rc = gcry_pk_genkey (&key, keyparm);
       gcry_sexp_release (keyparm);
-      if (rc)
+      if (rc && !in_fips_mode)
         die ("error generating DSA key: %s\n", gpg_strerror (rc));
+      else if (!rc && in_fips_mode)
+        die ("generating 512 bit DSA key must not work!");
       if (!i && verbose > 1)
         show_sexp ("1024 bit DSA key:\n", key);
       gcry_sexp_release (key);
@@ -318,8 +347,10 @@ check_dsa_keys (void)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
   rc = gcry_pk_genkey (&key, keyparm);
   gcry_sexp_release (keyparm);
-  if (rc)
+  if (rc && !in_fips_mode)
     die ("error generating DSA key: %s\n", gpg_strerror (rc));
+  else if (!rc && in_fips_mode)
+    die ("generating 1536 bit DSA key must not work!");
   if (verbose > 1)
     show_sexp ("1536 bit DSA key:\n", key);
   gcry_sexp_release (key);
@@ -550,6 +581,9 @@ main (int argc, char **argv)
         break;
     }
 
+  if ( gcry_fips_mode_active () )
+    in_fips_mode = 1;
+
   if (!gcry_check_version (GCRYPT_VERSION))
     die ("version mismatch\n");
   gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
diff --git a/tests/pubkey.c b/tests/pubkey.c
index f5da67b..e1bde8b 100644
--- a/tests/pubkey.c
+++ b/tests/pubkey.c
@@ -165,6 +165,33 @@ show_sexp (const char *prefix, gcry_sexp_t a)
   gcry_free (buf);
 }
 
+/* from ../cipher/pubkey-util.c */
+gpg_err_code_t
+_gcry_pk_util_get_nbits (gcry_sexp_t list, unsigned int *r_nbits)
+{
+  char buf[50];
+  const char *s;
+  size_t n;
+
+  *r_nbits = 0;
+
+  list = gcry_sexp_find_token (list, "nbits", 0);
+  if (!list)
+    return 0; /* No NBITS found.  */
+
+  s = gcry_sexp_nth_data (list, 1, &n);
+  if (!s || n >= DIM (buf) - 1 )
+    {
+      /* NBITS given without a cdr.  */
+      gcry_sexp_release (list);
+      return GPG_ERR_INV_OBJ;
+    }
+  memcpy (buf, s, n);
+  buf[n] = 0;
+  *r_nbits = (unsigned int)strtoul (buf, NULL, 0);
+  gcry_sexp_release (list);
+  return 0;
+}
 
 /* Convert STRING consisting of hex characters into its binary
    representation and return it as an allocated buffer. The valid
@@ -903,8 +930,8 @@ check_x931_derived_key (int what)
     }
   };
   gpg_error_t err;
-  gcry_sexp_t key_spec, key, pub_key, sec_key;
-  gcry_mpi_t d_expected, d_have;
+  gcry_sexp_t key_spec = NULL, key = NULL, pub_key = NULL, sec_key = NULL;
+  gcry_mpi_t d_expected = NULL, d_have = NULL;
 
   if (what < 0 && what >= sizeof testtable)
     die ("invalid WHAT value\n");
@@ -913,10 +940,25 @@ check_x931_derived_key (int what)
   if (err)
     die ("error creating S-expression [%d]: %s\n", what, gpg_strerror (err));
 
+  {
+    unsigned nbits;
+    err = _gcry_pk_util_get_nbits(key_spec, &nbits);
+    if (err)
+      die ("nbits not found\n");
+    if (gcry_fips_mode_active() && nbits < 2048)
+      {
+        info("RSA key test with %d bits skipped in fips mode\n", nbits);
+        goto leave;
+      }
+  }
+
   err = gcry_pk_genkey (&key, key_spec);
   gcry_sexp_release (key_spec);
   if (err)
-    die ("error generating RSA key [%d]: %s\n", what, gpg_strerror (err));
+    {
+      fail ("error generating RSA key [%d]: %s\n", what, gpg_strerror (err));
+      goto leave;
+    }
 
   pub_key = gcry_sexp_find_token (key, "public-key", 0);
   if (!pub_key)
@@ -942,6 +984,7 @@ check_x931_derived_key (int what)
       show_sexp (NULL, sec_key);
       die ("parameter d does match expected value [%d]\n", what);
     }
+leave:
   gcry_mpi_release (d_expected);
   gcry_mpi_release (d_have);
 
-- 
2.1.0