Merge branch 'master' into LIBGCRYPT-1.9-BRANCH

--
author: Werner Koch <wk@gnupg.org> 2021-01-18 18:34:38 +0100
committer: Werner Koch <wk@gnupg.org> 2021-01-18 18:34:38 +0100
commit: 9ff0ab3761a37c396798c161f81627190949ced6 (patch)
tree: e8e07cbd6e752a03948d08ddb675122bf5720473 /src
parent: f26e3a1449ee6a29c7209d2ed04d42deedb050d4 (diff)
parent: 7a0da24925361a3109474d0e433511467a9e35d1 (diff)
download: libgcrypt-9ff0ab3761a37c396798c161f81627190949ced6.tar.gz
3 files changed, 36 insertions, 0 deletions
diff --git a/src/cipher-proto.h b/src/cipher-proto.h
index ece5322d..bb16d48d 100644
--- a/src/cipher-proto.h
+++ b/src/cipher-proto.h
@@ -269,6 +269,8 @@ gcry_error_t _gcry_pk_selftest (int algo, int extended,
                                 selftest_report_func_t report);
 gcry_error_t _gcry_mac_selftest (int algo, int extended,
                                  selftest_report_func_t report);
+gcry_error_t _gcry_kdf_selftest (int algo, int extended,
+                                 selftest_report_func_t report);
 
 gcry_error_t _gcry_random_selftest (selftest_report_func_t report);
 
diff --git a/src/fips.c b/src/fips.c
index 94ffbd20..2facc450 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -508,6 +508,8 @@ run_mac_selftests (int extended)
       GCRY_MAC_HMAC_SHA3_256,
       GCRY_MAC_HMAC_SHA3_384,
       GCRY_MAC_HMAC_SHA3_512,
+      GCRY_MAC_CMAC_3DES,
+      GCRY_MAC_CMAC_AES,
       0
     };
   int idx;
@@ -525,6 +527,29 @@ run_mac_selftests (int extended)
   return anyerr;
 }
 
+/* Run self-tests for all KDF algorithms.  Return 0 on success. */
+static int
+run_kdf_selftests (int extended)
+{
+  static int algos[] =
+    {
+      GCRY_KDF_PBKDF2,
+      0
+    };
+  int idx;
+  gpg_error_t err;
+  int anyerr = 0;
+
+  for (idx=0; algos[idx]; idx++)
+    {
+      err = _gcry_kdf_selftest (algos[idx], extended, reporter);
+      reporter ("kdf", algos[idx], NULL, err? gpg_strerror (err):NULL);
+      if (err)
+        anyerr = 1;
+    }
+  return anyerr;
+}
+
 
 /* Run self-tests for all required public key algorithms.  Return 0 on
    success. */
@@ -681,6 +706,9 @@ _gcry_fips_run_selftests (int extended)
   if (run_mac_selftests (extended))
     goto leave;
 
+  if (run_kdf_selftests (extended))
+    goto leave;
+
   /* Run random tests before the pubkey tests because the latter
      require random.  */
   if (run_random_selftests ())
diff --git a/src/sexp.c b/src/sexp.c
index de28aedc..864916be 100644
--- a/src/sexp.c
+++ b/src/sexp.c
@@ -1483,6 +1483,12 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
                 }
               else
                 {
+                  if (mpifmt == GCRYMPI_FMT_USG && mpi_cmp_ui (m, 0) < 0)
+                    {
+                      err = GPG_ERR_INV_ARG;
+                      goto leave;
+                    }
+
                   err = _gcry_mpi_print (mpifmt, NULL, 0, &nm, m);
                   if (err)
                     goto leave;
author	Werner Koch <wk@gnupg.org>	2021-01-18 18:34:38 +0100
committer	Werner Koch <wk@gnupg.org>	2021-01-18 18:34:38 +0100
commit	9ff0ab3761a37c396798c161f81627190949ced6 (patch)
tree	e8e07cbd6e752a03948d08ddb675122bf5720473 /src
parent	f26e3a1449ee6a29c7209d2ed04d42deedb050d4 (diff)
parent	7a0da24925361a3109474d0e433511467a9e35d1 (diff)
download	libgcrypt-9ff0ab3761a37c396798c161f81627190949ced6.tar.gz