File libgcrypt-fips_dont_seed_drbg_in_selftests.patch of Package libgcrypt.22247

Index: libgcrypt-1.6.1/random/drbg.c
===================================================================
--- libgcrypt-1.6.1.orig/random/drbg.c	2017-07-13 13:36:36.057989859 +0200
+++ libgcrypt-1.6.1/random/drbg.c	2017-07-13 13:38:48.564149105 +0200
@@ -2198,24 +2198,22 @@ gcry_drbg_healthcheck_sanity (struct gcr
   if (!drbg)
     goto outbuf;
 
+  drbg->core = &gcry_drbg_cores[coreref];
+
   /* if the following tests fail, it is likely that there is a buffer
    * overflow and we get a SIGSEV */
-  ret = gcry_drbg_instantiate (drbg, NULL, coreref, 1);
-  if (ret)
-    goto outbuf;
   max_addtllen = gcry_drbg_max_addtl ();
   max_request_bytes = gcry_drbg_max_request_bytes ();
   /* overflow addtllen with additonal info string */
   gcry_drbg_string_fill (&addtl, test->addtla, (max_addtllen + 1));
   len = gcry_drbg_generate (drbg, buf, test->expectedlen, &addtl);
   if (len)
-    goto outdrbg;
+    goto outbuf;
 
   /* overflow max_bits */
   len = gcry_drbg_generate (drbg, buf, (max_request_bytes + 1), NULL);
   if (len)
-    goto outdrbg;
-  gcry_drbg_uninstantiate (drbg);
+    goto outbuf;
 
   /* test failing entropy source as defined in 11.3.2 */
   test_data.testentropy = NULL;
@@ -2229,7 +2227,7 @@ gcry_drbg_healthcheck_sanity (struct gcr
   test_data.testentropy = &testentropy;
   gcry_drbg_string_fill (&testentropy, test->entropy, test->entropylen);
   /* overflow max addtllen with personalization string */
-  tmpret = gcry_drbg_instantiate (drbg, &addtl, coreref, 0);
+  tmpret = gcry_drbg_seed(drbg, &addtl, 0);
   if (!tmpret)
     goto outdrbg;
 
Index: libgcrypt-1.6.1/cipher/rsa.c
===================================================================
--- libgcrypt-1.6.1.orig/cipher/rsa.c	2017-07-13 13:36:36.001988953 +0200
+++ libgcrypt-1.6.1/cipher/rsa.c	2017-07-13 13:36:36.097990505 +0200
@@ -1856,6 +1856,7 @@ selftest_encr_2048 (gcry_sexp_t pkey, gc
   const char plaintext[] = "Jim quickly realized that the beautiful gowns are expensive.";
   gcry_sexp_t plain = NULL;
   gcry_sexp_t encr  = NULL;
+  gcry_sexp_t encr_nobl = NULL;
   gcry_mpi_t  ciphertext = NULL;
   gcry_sexp_t decr  = NULL;
   char *decr_plaintext = NULL;
@@ -1914,8 +1915,18 @@ selftest_encr_2048 (gcry_sexp_t pkey, gc
       goto leave;
     }
 
+  /* We need to avoid seeding the drbg in selftests. For that we must
+     tell the library to not use blinding for RSA decryption.
+     For that we need to recreate the sexp with the "no-blinding" flag */
+  err = sexp_build (&encr_nobl, NULL, "(enc-val (flags no-blinding) (rsa (a %M)))", ciphertext);
+  if (err)
+    {
+      errtxt = "adding no-blinding flags failed";
+      goto leave;
+    }
+
   /* Decrypt.  */
-  err = _gcry_pk_decrypt (&decr, encr, skey);
+  err = _gcry_pk_decrypt (&decr, encr_nobl, skey);
   if (err)
     {
       errtxt = "decrypt failed";
@@ -1953,6 +1964,7 @@ selftest_encr_2048 (gcry_sexp_t pkey, gc
   _gcry_mpi_release (ciphertext);
   _gcry_mpi_release (ref_mpi);
   sexp_release (encr);
+  sexp_release (encr_nobl);
   sexp_release (plain);
   return errtxt;
 }