summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* doc: add documentation for GCRYCTL_SET_ALLOW_WEAK_KEYLIBGCRYPT-1.10-BRANCHJussi Kivilinna2023-04-211-0/+22
| | | | | | | | | * doc/gcrypt.texi: Add 'GCRYCTL_SET_ALLOW_WEAK_KEY' under 'gcry_cipher_ctl'. -- GnuPG-bug-id: 6451 Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* Revert "cipher: Fix edge case for SET_ALLOW_WEAK_KEY."Jussi Kivilinna2023-04-212-5/+0
| | | | | | | | | | * cipher/cipher.c (cipher_setkey): Do not reset RC. -- This reverts commit b75a58df84a5137954cb678adf8c202b39ee1def. GnuPG-bug-id: 6451 Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* cipher: Fix edge case for SET_ALLOW_WEAK_KEY.Werner Koch2023-04-162-0/+5
| | | | | | | * cipher/cipher.c (cipher_setkey): Reset RC. -- GnuPG-bug-id: 6451
* random: Use getrandom only when it's appropriate.NIIBE Yutaka2023-04-111-0/+2
| | | | | | | | | | | | | | | * random/rndgetentropy.c (_gcry_rndgetentropy_gather_random) [GRND_RANDOM]: Conditionalize the use of getrandom, as it's not a portable function. -- Cherry-picked master commit of: fa21ddc158b5d7b5900856e5b131071302217a51 Fixes-commit: aab1d63e4def41593312f76de016c885ffafecde GnuPG-bug-id: 6442 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* Post release updatesWerner Koch2023-04-062-1/+5
| | | | --
* Release 1.10.2libgcrypt-1.10.2Werner Koch2023-04-066-8/+77
|
* cipher: Enable the fast path to ChaCha20 only when supported.NIIBE Yutaka2023-04-041-0/+4
| | | | | | | | | | | | | | cipher/cipher-poly1305.c (_gcry_cipher_poly1305_encrypt) (_gcry_cipher_poly1305_decrypt) [USE_CHACHA20]: Conditionalize. -- Cherry-picked master commit of: 137f1fd82bc9136d434ca41f58d62091b64df6db GnuPG-bug-id: 6384 Reported-by: Andrew Collier Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build: Allow build with -Oz.NIIBE Yutaka2023-04-042-2/+2
| | | | | | | | | | | | | * cipher/Makefile.am [ENABLE_O_FLAG_MUNGING]: Support -Oz. * random/Makefile.am [ENABLE_O_FLAG_MUNGING]: Support -Oz. -- Cherry-picked from master commit of: 7edf1abb9a0d892a80cbf7ab42f64b2720671ee9 GnuPG-bug-id: 6432 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* doc: Add remark that leading zeroes are stripped from printed MPIs.Werner Koch2023-04-031-1/+2
| | | | | -- GnuPG-bug-id: 6435
* m4: Update gpg-error.m4.NIIBE Yutaka2023-04-031-1/+2
| | | | | | | | * m4/gpg-error.m4: Update from libgpg-error master. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* fips: More elaborate way of getting FIPS pk flags indicators.NIIBE Yutaka2023-03-242-7/+76
| | | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_pk_flags): List more allowed string in the S-expression. * doc/gcrypt.texi: Add document for the FIPS service indicator GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS with example. -- GnuPG-bug-id: 6417 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build: Update gpg-error.m4.NIIBE Yutaka2023-03-231-23/+35
| | | | | | | | * m4/gpg-error.m4: Update from libgpg-error master. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests: Improve test coverage for FIPS service indicators.Jakub Jelen2023-03-141-0/+13
| | | | | | | | | | | * tests/basic.c (check_digests): Check the FIPS indicators. (check_mac): Ditto. -- Cherry-pick master commit of: fae63f517906ba8f46d255f1b5770665f2197ad9 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Explicitly disable overriding random in FIPS mode.Jakub Jelen2023-03-141-1/+2
| | | | | | | | | | | * src/fips.c: (_gcry_fips_indicator_function): Mark using random override non-approved in FIPS mode. -- Cherry-pick master commit of: e0a5a9eb8301991c28fae8632add8dacce81aeb4 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Mark gcry_pk_encrypt/decrypt function non-approved.Jakub Jelen2023-03-141-1/+3
| | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_function): Add gcry_pk_encrypt/decrypt as non-approved. -- Cherry-pick master commit of: 05cb8355d3e66f15425ad85ae2203882e80f4792 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Fix fips indicator function.Jakub Jelen2023-03-141-2/+2
| | | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_function): Fix typo in sign/verify function names. -- Cherry-pick master commit of: c5de9e77fb332939695918710b0842030515cce0 Fixes-commit: 05a9c9d1ba1db6c1cd160fba979e9ddf4700a0c0 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Explicitly allow only some PK flags.Jakub Jelen2023-03-145-1/+31
| | | | | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_pk_flags): New function for explicit FIPS indicator for public key algorithm flags. * src/g10lib.h (_gcry_fips_indicator_pk_flags): New. * src/gcrypt.h.in (GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS): New. * src/global.c (_gcry_vcontrol): Handle the new option. * doc/gcrypt.texi: Document new options. -- Cherry-picked master commit of: 4c1c8a707f9652dbfad8f8b531d8b84556f655f1 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* doc: Document the new FIPS indicators.Tobias Heider2023-03-141-0/+13
| | | | | | | | | | * doc/gcrypt.texi: Document the new options for FIPS indicators. -- Cherry-picked master commit of: 0b7ad923978f708b41933d6b91d3159ffc7a84a1 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Unblock MD5 in fips mode but mark non-approved in indicator.Tobias Heider2023-03-082-2/+2
| | | | | | | | | | | | * cipher/mac-hmac.c (_gcry_mac_type_spec_hmac_md5): Allow in fips mode. * cipher/md5.c (_gcry_digest_spec_md5): Allow in fips mode. -- Cherry-pick master commit of: dc4a60e2d70bc52ba2955f8e676341d675ab89a0 GnuPG-bug-id: 6376 Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
* fips: Add explicit indicators for md and mac algorithms.Tobias Heider2023-03-084-1/+70
| | | | | | | | | | | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_mac): New function indicating non-approved mac algorithms. (_gcry_fips_indicator_md): new functions indicating non-approved message digest algorithms. * src/g10lib.h (_gcry_fips_indicator_mac): New function. (_gcry_fips_indicator_md): Ditto. * src/gcrypt.h.in (enum gcry_ctl_cmds): New symbols, GCRYCTL_FIPS_SERVICE_INDICATOR_MAC and GCRYCTL_FIPS_SERVICE_INDICATOR_MD. * src/global.c (_gcry_vcontrol): Handle new FIPS indicators. -- Cherry-pick master commit of: c88672a327f6774a66d75a35f25266eec99b16f4 GnuPG-bug-id: 6376 Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
* kdf: Update tests in regards to the allowed parameters in FIPS mode.Jakub Jelen2023-03-071-7/+15
| | | | | | | | | | | | | | * cipher/kdf.c (check_one): run selftests for more approved parameters and check that wrong parameters correctly fail in FIPS mode. -- Cherry-picked from master commit of: f5fe94810f3099c9ccc2ca3a5891502922ab0576 Fixes-commit: 535a4d345872aa2cd2ab3a5f9c4411d0a0313328 GnuPG-bug-id: 5512 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Check return value from ftellJakub Jelen2023-03-071-0/+2
| | | | | | | | | | | | | * src/fips.c (get_file_offset): Check return value of ftell to be able to detect errors. -- Cherry-picked master commit of: 3fd3bb31597f80c76a94ea62e42d58d796beabf1 Originally reported by coverity. Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* random: Remove unused SHA384 DRBGs.Jakub Jelen2023-03-071-11/+2
| | | | | | | | | | | | | | | | * random/random-drbg.c (global): Remove unused SHA384-based defines. (drbg_cores): Remove SHA384 configurations. (drbg_sec_strength): Remove unused SHA384. -- Cherry-picked from master commit of: 45b80678109e5817b7cd15566a9d6c96b064b95f These are no longer allowed by FIPS and it looks like they were never usable as they do not have any conversion from the string flags. GnuPG-bug-id: 6393 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* visibility: Check FIPS operational status for MD+Sign operation.Jakub Jelen2023-03-071-0/+7
| | | | | | | | | | | | | | * src/visibility.c (gcry_pk_hash_sign): Check fips status before calling the operation itself. (gcry_pk_hash_verify): Ditto. -- Cherry-picked master commit of: 654d0dfa04993ebe28c0536d42f4bc6d87c28369 GnuPG-bug-id: 6396 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* ecc: Make the PCT recoverable in FIPS mode and consistent with RSA.Jakub Jelen2023-03-071-8/+28
| | | | | | | | | | | | | | * cipher/ecc.c (test_keys_fips): Replace calls to log_fatal with return code on error. (ecc_generate): Signal error when PCT fails in FIPS mode. -- Cherry-picked master commit of: 23a2d1285e35b2eb91bb422609eb1c965c8a9bf6 GnuPG-bug-id: 6397 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* ecc: Do not allow skipping tests in FIPS Mode.Jakub Jelen2023-03-071-1/+1
| | | | | | | | | | | | | | | | * cipher/ecc.c (ecc_generate): Do not allow skipping tests PCT tests in FIPS mode. -- Cherry-picked from master commit of: 2ddeec574bc1ae90bb4242c4ce9ad9e7975a27bd The new FIPS specification requires to run the PCT without any exceptions. GnuPG-bug-id: 6394 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* fips: Remove GCM mode from the allowed FIPS indicators.Jakub Jelen2023-01-231-1/+0
| | | | | | | | | * src/fips.c (_gcry_fips_indicator_cipher): Do not mark GCM mode as FIPS approved. -- Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* build: Silence libtool warnings on Windows.Werner Koch2023-01-201-2/+2
| | | | --
* build: Fix m4 macros for strict C compiler.NIIBE Yutaka2022-12-162-2/+2
| | | | | | | | | | | | * m4/ax_cc_for_build.m4: Fix for no arg. * m4/noexecstack.m4: Likewise. -- Cherry-pick master commit of: e3b441214f93d8f61875b8223480e57afa2a3f10 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build: Fix configure.ac for strict C99.NIIBE Yutaka2022-12-161-28/+42
| | | | | | | | | | | | * configure.ac: Add function declarations for asm functions. -- Cherry-pick master commit of: 693ffa145378682229473b0e811a9cea7c4d307a Suggested-by: Florian Weimer <fweimer@redhat.com> Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* t-rsa-testparm: fix 'function declaration isn’t a prototype' warningJussi Kivilinna2022-12-071-1/+1
| | | | | | | | | | | * cipher/t-rsa-testparm.c (check_rsa_testparm): Define parameters as void. -- Cherry-picked master commit of: 0909186b9e66aa3a8fac7b2571915c45a7bfaeb3 Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* doc: Minor fix up.NIIBE Yutaka2022-12-071-3/+3
| | | | | | | | | -- Cherry-pick master commit of: 896fe69757e0fe84696d3b23f7b15425e128988a Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.Jakub Jelen2022-12-073-7/+54
| | | | | | | | | | | | | | | | * cipher/rsa.c (rsa_generate): Do not accept use-x931 or derive-parms in FIPS mode. * tests/pubkey.c (get_keys_x931_new): Expect failure in FIPS mode. (check_run): Skip checking X9.31 keys in FIPS mode. * doc/gcrypt.texi: Document "test-parms" and clarify some cases around the X9.31 keygen. -- Cherry-pick master commit of: 06ea5b5332ffdb44a0a394d766be8989bcb6a95c Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* rsa: Prevent usage of long salt in FIPS modeJakub Jelen2022-12-053-2/+33
| | | | | | | | | | | | | | * cipher/rsa-common.c (_gcry_rsa_pss_encode): Prevent usage of large salt lengths (_gcry_rsa_pss_verify): Ditto. * tests/basic.c (check_pubkey_sign): Check longer salt length fails in FIPS mode * tests/t-rsa-pss.c (one_test_sexp): Fix function name in error message -- Backport the master commit of: bf1e62e59200b2046680d1d3d1599facc88cfe63
* fips: Mark AES key wrapping as approved.Jakub Jelen2022-11-181-0/+1
| | | | | | | | | | | | | * src/fips.c (_gcry_fips_indicator_cipher): Add key wrapping mode as approved. -- Cherry-picked master branch of: c34c9e70055ee43e5ef257384fa15941f064e5a4 GnuPG-bug-id: 5512 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* pkdf2: Add checks for FIPS.Jakub Jelen2022-11-181-0/+12
| | | | | | | | | | | | | * cipher/kdf.c (_gcry_kdf_pkdf2): Require 8 chars passphrase for FIPS. Set bounds for salt length and iteration count in FIPS mode. -- Cherry-picked from master branch of: f4a861f3e5ae82f278284061e4829c03edf9c3a7 GnuPG-bug-id: 6039 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* doc: Update document for pkg-config and libgcrypt.m4.NIIBE Yutaka2022-11-181-28/+18
| | | | | | -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build: Prefer gpgrt-config when available.NIIBE Yutaka2022-11-011-2/+2
| | | | | | | | | | | | | | | | * src/libgcrypt.m4: Overriding the decision by --with-libgcrypt-prefix, use gpgrt-config libgcrypt when gpgrt-config is available. -- Backport the master commit of: 0dcb7e05c9e1c9c2a23abe0a0390680741b61414 This may offer better migration. GnuPG-bug-id: 5034 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* hmac,hkdf: Check the HMAC key length in FIPS mode.Jakub Jelen2022-10-271-0/+4
| | | | | | | | | | | | | | * src/visibility.c (gcry_md_setkey): Add the check here, too. -- Cherry-picked from the master commit of: b095ea7559734f519fbe92d570afe567330eb474 GnuPG-bug-id: 6039 Fixes-commit: 58c92098d053aae7c78cc42bdd7c80c13efc89bb Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* Revert "kdf:pkdf2: Require longer input when FIPS mode."Jakub Jelen2022-10-271-4/+0
| | | | | | | | | | | | | | * cipher/kdf.c (_gcry_kdf_pkdf2): Remove the length limitation of passphrase input length. -- Cherry-picked from master commit of: 47db7fe3a0c36523d2ccec31705cffff9a2337bc This reverts commit d09d3d33c79daa2f8d385dfedf3f20ad205b0fba Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* build: Update gpg-error.m4.NIIBE Yutaka2022-10-241-1/+5
| | | | | | | | * m4/gpg-error.m4: Update from libgpg-error 1.46. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests: Reproducer for short dklen in FIPS modeJakub Jelen2022-10-061-2/+10
| | | | | | | | | | | | * tests/t-kdf.c (check_pbkdf2): Add test vector with short dklen and verify it fails in FIPS mode -- Cherry-picked master commit of: efdc87b305ff326f37acd3a9c2606de24a706cce GnuPG-bug-id: 6219 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* random: Extend the comment about FIPS specificsJakub Jelen2022-10-061-1/+11
| | | | | | | | | | | * random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Clarify description of the chainging DRBG in FIPS mode. -- Cherry-picked master commit of: 6e832840a8b7cdd30f77e66685ad0de863d7e84d Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* random: Get maximum 32B of entropy at once in FIPS ModeJakub Jelen2022-10-041-3/+9
| | | | | | | | | | | | | | | * random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): In fips mode, gather max 32 B of strong entropy for initialization. -- Cherry-pick master commit of: a6a6e94027abf18a51f5f93bf9fb2cfe5496bdf8 The limitation of our current kernel patch guarantees that only 32B of strong random data can be gathered using getrandom(). Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* keccak: Use size_t to avoid integer overflowJakub Jelen2022-10-043-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * cipher/keccak-armv7-neon.S: Fix function name in comment and change parameter type to size_t. * cipher/keccak.c (keccak_ops_t): Change absorb function signature to use size_t. (keccak_absorb_lanes64_avx512): Change nlanes type to size_t. (_gcry_keccak_absorb_lanes64_armv7_neon): Ditto. (keccak_absorb_lanes64_armv7_neon): Ditto. (keccak_absorb_lanes32bi): Ditto. (keccak_absorb_lanes32bi_bmi2): Ditto. (keccak_write): Change nlanes variable to use size_t and avoid overflow when calculating count. * cipher/keccak_permute_64.h (KECCAK_F1600_ABSORB_FUNC_NAME): Change nlanes argument to use size_t. -- Cherry-pick master commit of: 9c828129b2058c3f36e07634637929a54e8377ee Any input to the SHA3 functions > 4GB was giving wrong result when it was invoked in one-shot, while working correctly when it was fed by chunks. It turned out that the calculation in the `keccak_write` overflows the `unsigned int` type (`nlanes * 8` does not fit 32b when the `inlen` > 4GB). GnuPG-bug-id: 6217 Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* kdf:pkdf2: Check minimum allowed key size when running in FIPS mode.Tobias Heider2022-10-041-0/+4
| | | | | | | | | | | * cipher/kdf.c (_gcry_kdf_pkdf2): Add output length check. -- Cherry-picked master commit of: 3c04b692de1e7b45b764ff8d66bf84609b012e3a GnuPG-bug-id: 6219
* kdf:pkdf2: Require longer input when FIPS mode.NIIBE Yutaka2022-10-041-0/+3
| | | | | | | | | | | | | * cipher/kdf.c (_gcry_kdf_pkdf2): Add length check. -- Cherry-pick master commit of: 857e6f467d0fc9fd858a73d84122695425970075 GnuPG-bug-id: 6039 Fixes-commit: ab5aef9b7b6ef757eff7bea4a17ade0ce3d3191b Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build: Fix configure script.NIIBE Yutaka2022-09-221-2/+1
| | | | | | | | | | | * configure.ac (AC_USE_SYSTEM_EXTENSIONS): Use it earlier. -- Cherry-picked master commit of: 2efb90104591eda490d9f7ba281aa29bceb92487 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* fips: Skip PCT if RSA keygen test-parms specifiedClemens Lang2022-09-223-2/+135
| | | | | | | | | | | | | | | | | | | | | | | | * cipher/rsa.c (rsa_generate): Skip PCT is test-parms were specified. * tests/t-rsa-testparm.c: Add test for this functionality * tests/Makefile.am: Add test to build system -- Cherry-pick master commit of: c20022ffd4ad2cea51928a109dfa102d711d30ac ACVP testing uses the test-parms option to specify p and q to be checked for primality. When test-parms is specified, generate_fips() always returns keys with p=q=0. These keys then fail the pairwise consistency test, because they cannot be used to successfully sign a message and verify the signature. Skip the PCT when test-parms is specified. Add a regression test to check that this functionality continues to work in the future. Signed-off-by: Clemens Lang <cllang@redhat.com>
* build: Skip PK-specific tests if algo is disabledClemens Lang2022-09-222-4/+19
| | | | | | | | | | | | | | | | | | | * configure.ac: Define AM_CONDITIONALs for USE_DSA, USE_RSA, USE_ELGAMAL, USE_ECC so Makefiles can depend on them. * tests/Makefile.am: Skip tests that test only one public key algorithm if that algorithm is disabled. -- Cherry-pick master commit of: 56000fb5c42f01f1ced4e3dd0bb30662c0ba87c3 Skip building and running tests that are specific for a public key algorithm if that algorithm was disabled using the --enable-pubkey-ciphers configure option. GnuPG-bug-id: 6048 Signed-off-by: Clemens Lang <cllang@redhat.com>
View Lorry Controller Status