diff options
author | Jakub Jelen <jjelen@redhat.com> | 2022-08-17 09:01:44 +0200 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-08-30 11:03:30 +0900 |
commit | e5bfda492ab9496ed3d856a9f36250a2cc07ce70 (patch) | |
tree | f3dcbae0f655c49eaec43badf126c293fc398866 | |
parent | 15fb6257e827770a9f536f3049c02f47b996bc27 (diff) | |
download | libgcrypt-e5bfda492ab9496ed3d856a9f36250a2cc07ce70.tar.gz |
fips: Disable RSA-OAEP padding in FIPS mode.
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi): Block OAEP padding
in FIPS mode for encryption
* cipher/rsa.c (rsa_decrypt): Block OAEP padding in FIPS mode for
decryption
--
Cherry-picked from master commit:
e552e37983da0c54840786eeff34481685fde1e9
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r-- | cipher/pubkey-util.c | 5 | ||||
-rw-r--r-- | cipher/rsa.c | 3 |
2 files changed, 6 insertions, 2 deletions
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 4953caf3..244dd5d4 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -1092,7 +1092,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, const void * value; size_t valuelen; - if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + /* The RSA OAEP encryption requires some more assurances in FIPS */ + if (fips_mode ()) + rc = GPG_ERR_INV_FLAG; + else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) rc = GPG_ERR_INV_OBJ; else { diff --git a/cipher/rsa.c b/cipher/rsa.c index 96dba090..87f57b55 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -1457,7 +1457,8 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) rc = GPG_ERR_INV_DATA; goto leave; } - if (fips_mode () && (ctx.encoding == PUBKEY_ENC_PKCS1)) + if (fips_mode () && (ctx.encoding == PUBKEY_ENC_PKCS1 || + ctx.encoding == PUBKEY_ENC_OAEP)) { rc = GPG_ERR_INV_FLAG; goto leave; |