Package not found: devel:languages:python/.collapse-python-patiencediff-16_0
Overview

File libgcrypt-FIPS-SLI-Only-allow-defined-digest-algo-for-EdDSA.patch of Package libgcrypt.38414

From d15fe6aac10b0ffc2eb8974c23095d8123025e5c Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 28 Jun 2023 14:20:22 +0900
Subject: [PATCH] cipher:ecc:fips: Only allow defined digest algo for EdDSA.

* cipher/ecc.c (ecc_sign): Add the check if it's proper digest
algo for EdDSA on FIPS mode.

--

GnuPG-bug-id: 6539
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
---
 cipher/ecc.c | 54 ++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 42 insertions(+), 12 deletions(-)

Index: libgcrypt-1.10.3/cipher/ecc.c
===================================================================
--- libgcrypt-1.10.3.orig/cipher/ecc.c
+++ libgcrypt-1.10.3/cipher/ecc.c
@@ -790,13 +790,28 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_
   if (rc)
     goto leave;
 
-  /* Hash algo is determined by curve in EdDSA.  Fill it if not specified.  */
-  if ((ctx.flags & PUBKEY_FLAG_EDDSA) && !ctx.hash_algo)
+  /* Hash algo is determined by curve in EdDSA.  */
+  if ((ctx.flags & PUBKEY_FLAG_EDDSA))
     {
-      if (ec->dialect == ECC_DIALECT_ED25519)
-        ctx.hash_algo = GCRY_MD_SHA512;
-      else if (ec->dialect == ECC_DIALECT_SAFECURVE)
-        ctx.hash_algo = GCRY_MD_SHAKE256;
+      if (ctx.hash_algo)
+        {
+          if (fips_mode ()
+              && ((ec->dialect == ECC_DIALECT_ED25519
+                   &&ctx.hash_algo != GCRY_MD_SHA512)
+                  || (ec->dialect == ECC_DIALECT_SAFECURVE
+                      && ctx.hash_algo != GCRY_MD_SHAKE256)))
+            {
+              rc = GPG_ERR_DIGEST_ALGO;
+              goto leave;
+            }
+        }
+      else
+        {
+          if (ec->dialect == ECC_DIALECT_ED25519)
+            ctx.hash_algo = GCRY_MD_SHA512;
+          else if (ec->dialect == ECC_DIALECT_SAFECURVE)
+            ctx.hash_algo = GCRY_MD_SHAKE256;
+        }
     }
 
   sig_r = mpi_new (0);
@@ -897,13 +912,28 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp
   if (DBG_CIPHER)
     log_mpidump ("ecc_verify data", data);
 
-  /* Hash algo is determined by curve in EdDSA.  Fill it if not specified.  */
-  if ((ctx.flags & PUBKEY_FLAG_EDDSA) && !ctx.hash_algo)
+  /* Hash algo is determined by curve in EdDSA.  */
+  if ((ctx.flags & PUBKEY_FLAG_EDDSA))
     {
-      if (ec->dialect == ECC_DIALECT_ED25519)
-        ctx.hash_algo = GCRY_MD_SHA512;
-      else if (ec->dialect == ECC_DIALECT_SAFECURVE)
-        ctx.hash_algo = GCRY_MD_SHAKE256;
+      if (ctx.hash_algo)
+        {
+          if (fips_mode ()
+              && ((ec->dialect == ECC_DIALECT_ED25519
+                   &&ctx.hash_algo != GCRY_MD_SHA512)
+                  || (ec->dialect == ECC_DIALECT_SAFECURVE
+                      && ctx.hash_algo != GCRY_MD_SHAKE256)))
+            {
+              rc = GPG_ERR_DIGEST_ALGO;
+              goto leave;
+            }
+        }
+      else
+        {
+          if (ec->dialect == ECC_DIALECT_ED25519)
+            ctx.hash_algo = GCRY_MD_SHA512;
+          else if (ec->dialect == ECC_DIALECT_SAFECURVE)
+            ctx.hash_algo = GCRY_MD_SHAKE256;
+        }
     }
 
   /*
openSUSE Build Service is sponsored by
Places