File libgcrypt-FIPS-SLI-cipher-Differentiate-SHA1-with-GCRY_FIPS_FLAG_REJECT_MD_SHA1.patch of Package libgcrypt.38414
From a21375ee6693f5d3a0e0317a267b8bf891850571 Mon Sep 17 00:00:00 2001
From: Lucas Mulling <lucas.mulling@suse.com>
Date: Sun, 2 Feb 2025 13:08:51 -0300
Subject: [PATCH 2/2] cipher: Differentiate SHA1 with
GCRY_FIPS_FLAG_REJECT_MD_SHA1
* cipher/ecc.c (ecc_sign, ecc_verify, prepare_datasexp_to_be_signed):
Differentiate SHA1 with GCRY_FIPS_FLAG_REJECT_MD_SHA1 in the service
level indicator.
* cipher/md.c (check_digest_algo): Differentiate SHA1 with
GCRY_FIPS_FLAG_REJECT_MD_SHA1 in the service level indicator.
* tests/basic.c (check_pubkey_sign): Revert changes from previous
commit.
* tests/pkcs1v2.c (main): Revert changes from previous commit, don't
skip tests in FIPS mode.
Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
---
cipher/ecc.c | 26 ++++++++++++++++++++++----
cipher/md.c | 24 +++++++++++++++++++++---
cipher/pubkey.c | 2 +-
tests/basic.c | 10 ++++++----
tests/pkcs1v2.c | 8 --------
5 files changed, 50 insertions(+), 20 deletions(-)
Index: libgcrypt-1.10.3/cipher/ecc.c
===================================================================
--- libgcrypt-1.10.3.orig/cipher/ecc.c
+++ libgcrypt-1.10.3/cipher/ecc.c
@@ -834,8 +834,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_
{
if (fips_mode ())
{
- if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
- || ctx.hash_algo == GCRY_MD_SHA1)
+ if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL))
{
if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
{
@@ -845,6 +844,16 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_
else
fips_service_indicator_mark_non_compliant ();
}
+ else if (ctx.hash_algo == GCRY_MD_SHA1)
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+ {
+ rc = GPG_ERR_DIGEST_ALGO;
+ goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
}
}
@@ -990,13 +999,22 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp
{
if (fips_mode ())
{
- if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
- || ctx.hash_algo == GCRY_MD_SHA1)
+ if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL))
{
if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
{
rc = GPG_ERR_DIGEST_ALGO;
goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
+ else if (ctx.hash_algo == GCRY_MD_SHA1)
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+ {
+ rc = GPG_ERR_DIGEST_ALGO;
+ goto leave;
}
else
fips_service_indicator_mark_non_compliant ();
Index: libgcrypt-1.10.3/cipher/md.c
===================================================================
--- libgcrypt-1.10.3.orig/cipher/md.c
+++ libgcrypt-1.10.3/cipher/md.c
@@ -430,13 +430,29 @@ static gcry_err_code_t
check_digest_algo (int algorithm)
{
const gcry_md_spec_t *spec;
+ int in_fipsmode;
spec = spec_from_algo (algorithm);
- if (spec && !spec->flags.disabled && (spec->flags.fips || !fips_mode ()))
+
+ in_fipsmode = fips_mode ();
+
+ if (spec && !spec->flags.disabled && (spec->flags.fips || !in_fipsmode))
return 0;
+ else if(spec && !spec->flags.disabled &&
+ in_fipsmode && spec->algo == GCRY_MD_SHA1)
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+ {
+ return GPG_ERR_DIGEST_ALGO;
+ }
+ else
+ {
+ fips_service_indicator_mark_non_compliant ();
+ return 0;
+ }
+ }
return GPG_ERR_DIGEST_ALGO;
-
}
@@ -1736,9 +1752,11 @@ _gcry_md_selftest (int algo, int extende
spec = spec_from_algo (algo);
if (spec && !spec->flags.disabled
- && (spec->flags.fips || !fips_mode ())
+ && ((spec->flags.fips || spec->algo == GCRY_MD_SHA1) || !fips_mode ())
&& spec->selftest)
+ {
ec = spec->selftest (algo, extended, report);
+ }
else
{
ec = (spec && spec->selftest) ? GPG_ERR_DIGEST_ALGO
Index: libgcrypt-1.10.3/cipher/pubkey.c
===================================================================
--- libgcrypt-1.10.3.orig/cipher/pubkey.c
+++ libgcrypt-1.10.3/cipher/pubkey.c
@@ -488,7 +488,7 @@ prepare_datasexp_to_be_signed (const cha
if (fips_mode () && algo == GCRY_MD_SHA1)
{
- if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
{
_gcry_md_close (hd);
return GPG_ERR_DIGEST_ALGO;
@@ -528,7 +528,7 @@ prepare_datasexp_to_be_signed (const cha
}
else if (fips_mode () && algo == GCRY_MD_SHA1)
{
- if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
{
_gcry_md_close (hd);
return GPG_ERR_DIGEST_ALGO;
Index: libgcrypt-1.10.3/tests/basic.c
===================================================================
--- libgcrypt-1.10.3.orig/tests/basic.c
+++ libgcrypt-1.10.3/tests/basic.c
@@ -15328,7 +15328,7 @@ check_pubkey_sign (int n, gcry_sexp_t sk
{ "(data\n (flags pkcs1)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
GCRY_PK_RSA,
- 0, FLAG_NOFIPS },
+ 0 },
{ "(data\n (flags pkcs1-raw)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
GCRY_PK_RSA,
@@ -15343,7 +15343,7 @@ check_pubkey_sign (int n, gcry_sexp_t sk
" (hash oid.1.3.14.3.2.29 "
" #11223344556677889900AABBCCDDEEFF10203040#))\n",
GCRY_PK_RSA,
- 0, FLAG_NOFIPS },
+ 0 },
{ "(data\n (flags )\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
0,
@@ -15435,7 +15435,8 @@ check_pubkey_sign (int n, gcry_sexp_t sk
if (in_fips_mode && (flags & FLAG_NOFIPS || datas[dataidx].flags & FLAG_NOFIPS))
{
if (!rc)
- fail ("gcry_pk_sign did not fail as expected in FIPS mode\n");
+ fail ("gcry_pk_sign (%d) did not fail as expected in FIPS mode\n",
+ dataidx);
goto next;
}
if (gcry_err_code (rc) != datas[dataidx].expected_rc)
@@ -15564,7 +15565,8 @@ check_pubkey_sign_ecdsa (int n, gcry_sex
if (in_fips_mode && (flags & FLAG_NOFIPS))
{
if (!rc)
- fail ("gcry_pk_sign did not fail as expected in FIPS mode\n");
+ fail ("gcry_pk_sign (%d) did not fail as expected in FIPS mode\n",
+ dataidx);
goto next;
}
if (gcry_err_code (rc) != datas[dataidx].expected_rc)
Index: libgcrypt-1.10.3/tests/pkcs1v2.c
===================================================================
--- libgcrypt-1.10.3.orig/tests/pkcs1v2.c
+++ libgcrypt-1.10.3/tests/pkcs1v2.c
@@ -757,14 +757,6 @@ main (int argc, char **argv)
/* No valuable keys are create, so we can speed up our RNG. */
xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0));
- if (in_fips_mode) /* skip tests for now */
- {
- if (verbose)
- fprintf (stderr, "\nAll tests skiped in FIPS mode...\n");
-
- return 0;
- }
-
if (run_oaep)
check_oaep ();
if (run_pss)
