diff options
author | Jakub Jelen <jjelen@redhat.com> | 2022-04-01 18:29:08 +0200 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-04-21 10:21:58 +0900 |
commit | c7709f7b23848abf4ba65cb99cb2a9e9c7ebdefc (patch) | |
tree | 5549eeee675c67e1390a53e57b0982c437ad1bea /cipher | |
parent | f436bf4451cb2ad0a1f56aa843bf79a58878022f (diff) | |
download | libgcrypt-c7709f7b23848abf4ba65cb99cb2a9e9c7ebdefc.tar.gz |
Do not allow PKCS #1.5 padding for encryption in FIPS
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi): Block PKCS #1.5
padding for encryption in FIPS mode
* cipher/rsa.c (rsa_decrypt): Block PKCS #1.5 decryption in FIPS mode
--
GnuPG-bug-id: 5918
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'cipher')
-rw-r--r-- | cipher/pubkey-util.c | 5 | ||||
-rw-r--r-- | cipher/rsa.c | 5 |
2 files changed, 9 insertions, 1 deletions
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 68defea6..4953caf3 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -957,7 +957,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, void *random_override = NULL; size_t random_override_len = 0; - if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + /* The RSA PKCS#1.5 encryption is no longer supported by FIPS */ + if (fips_mode ()) + rc = GPG_ERR_INV_FLAG; + else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) rc = GPG_ERR_INV_OBJ; else { diff --git a/cipher/rsa.c b/cipher/rsa.c index 771413b3..c6319b67 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -1391,6 +1391,11 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) rc = GPG_ERR_INV_DATA; goto leave; } + if (fips_mode () && (ctx.encoding == PUBKEY_ENC_PKCS1)) + { + rc = GPG_ERR_INV_FLAG; + goto leave; + } /* Extract the key. */ rc = sexp_extract_param (keyparms, NULL, "nedp?q?u?", |