File libgcrypt-FIPS-SLI-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch of Package libgcrypt.38414
From fcb0c7004b0b6b318fdcced2bf61d9acb1e28cfc Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 13 Dec 2024 14:25:02 +0900
Subject: [PATCH 14/24] fips,mac: Implement new FIPS service indicator for
gcry_mac_open.
* src/gcrypt.h.in (GCRY_MAC_FLAG_REJECT_NON_FIPS): New.
* cipher/mac.c (mac_open): Have FLAGS, instead of SECURE. Reject when
GCRY_MAC_FLAG_REJECT_NON_FIPS, otherwise, mark non compliant.
(_gcry_mac_open): Follow the change.
* src/visibility.c (gcry_mac_open): Add initialization for FIPS
service indicator.
(gcry_mac_setkey): Likewise. Don't reject but mark.
--
GnuPG-bug-id: 7338
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
---
cipher/mac.c | 15 +++++++++++----
src/gcrypt.h.in | 3 ++-
src/visibility.c | 5 +++--
3 files changed, 16 insertions(+), 7 deletions(-)
Index: libgcrypt-1.10.3/cipher/mac.c
===================================================================
--- libgcrypt-1.10.3.orig/cipher/mac.c
+++ libgcrypt-1.10.3/cipher/mac.c
@@ -481,11 +481,13 @@ check_mac_algo (int algorithm)
* Open a message digest handle for use with algorithm ALGO.
*/
static gcry_err_code_t
-mac_open (gcry_mac_hd_t * hd, int algo, int secure, gcry_ctx_t ctx)
+mac_open (gcry_mac_hd_t * hd, int algo, unsigned int flags, gcry_ctx_t ctx)
{
const gcry_mac_spec_t *spec;
gcry_err_code_t err;
gcry_mac_hd_t h;
+ int secure = !!(flags & GCRY_MAC_FLAG_SECURE);
+ int reject_non_fips = !!(flags & GCRY_MAC_FLAG_REJECT_NON_FIPS);
spec = spec_from_algo (algo);
if (!spec)
@@ -493,7 +495,12 @@ mac_open (gcry_mac_hd_t * hd, int algo,
else if (spec->flags.disabled)
return GPG_ERR_MAC_ALGO;
else if (!spec->flags.fips && fips_mode ())
- return GPG_ERR_MAC_ALGO;
+ {
+ if (reject_non_fips)
+ return GPG_ERR_MAC_ALGO;
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
else if (!spec->ops)
return GPG_ERR_MAC_ALGO;
else if (!spec->ops->open || !spec->ops->write || !spec->ops->setkey ||
@@ -611,10 +618,10 @@ _gcry_mac_open (gcry_mac_hd_t * h, int a
gcry_err_code_t rc;
gcry_mac_hd_t hd = NULL;
- if ((flags & ~GCRY_MAC_FLAG_SECURE))
+ if ((flags & ~(GCRY_MAC_FLAG_SECURE | GCRY_MAC_FLAG_REJECT_NON_FIPS)))
rc = GPG_ERR_INV_ARG;
else
- rc = mac_open (&hd, algo, !!(flags & GCRY_MAC_FLAG_SECURE), ctx);
+ rc = mac_open (&hd, algo, flags, ctx);
*h = rc ? NULL : hd;
return rc;
Index: libgcrypt-1.10.3/src/gcrypt.h.in
===================================================================
--- libgcrypt-1.10.3.orig/src/gcrypt.h.in
+++ libgcrypt-1.10.3/src/gcrypt.h.in
@@ -1519,7 +1519,8 @@ enum gcry_mac_algos
/* Flags used with the open function. */
enum gcry_mac_flags
{
- GCRY_MAC_FLAG_SECURE = 1 /* Allocate all buffers in "secure" memory. */
+ GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
+ GCRY_MAC_FLAG_REJECT_NON_FIPS = 2 /* Reject non-FIPS-compliant algo. */
};
/* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR
Index: libgcrypt-1.10.3/src/visibility.c
===================================================================
--- libgcrypt-1.10.3.orig/src/visibility.c
+++ libgcrypt-1.10.3/src/visibility.c
@@ -930,7 +930,7 @@ gcry_mac_open (gcry_mac_hd_t *handle, in
*handle = NULL;
return gpg_error (fips_not_operational ());
}
-
+ fips_service_indicator_init ();
return gpg_error (_gcry_mac_open (handle, algo, flags, ctx));
}
@@ -946,8 +946,9 @@ gcry_mac_setkey (gcry_mac_hd_t hd, const
if (!fips_is_operational ())
return gpg_error (fips_not_operational ());
+ fips_service_indicator_init ();
if (fips_mode () && keylen < 14)
- return GPG_ERR_INV_VALUE;
+ fips_service_indicator_mark_non_compliant ();
return gpg_error (_gcry_mac_setkey (hd, key, keylen));
}
