Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2022-11-10 14:21:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new.1597 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Thu Nov 10 14:21:13 2022 rev:142 rq:1034574 version:3.7.8 Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2022-09-15 22:58:07.789035729 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new.1597/gnutls.changes 2022-11-10 14:21:34.850110732 +0100 @@ -1,0 +2,68 @@ +Tue Nov 8 12:52:18 UTC 2022 - Pedro Monreal <[email protected]> + +- Verify only the libgnutls library HMAC [bsc#1199881] + * Do not use the brp-50-generate-fips-hmac script as this + is now calculated with the internal fipshmac tool. + * Add gnutls-verify-library-HMAC.patch + +------------------------------------------------------------------- +Wed Nov 2 20:51:43 UTC 2022 - Pedro Monreal <[email protected]> + +- Temporarily revert the jitterentropy patches in s390 and s390x + architectures until a fix is provided [bsc#1204937] +- Disable flaky test that fails in s390x architecture: + * Add gnutls-disable-flaky-test-dtls-resume.patch + +------------------------------------------------------------------- +Fri Oct 14 11:35:33 UTC 2022 - Pedro Monreal <[email protected]> + +- Consolidate the FIPS hmac files [bsc#1203245] + * Use the gnutls fipshmac tool instead of the brp-check-suse + and rename it to reflect on the library version. + * Remove not needed gnutls-FIPS-Run-CFB8-without-offset.patch +- Add a gnutls.rpmlintrc file to remove a hidden-file-or-dir false + positive for the FIPS hmac calculation. + +------------------------------------------------------------------- +Sun Oct 9 12:53:27 UTC 2022 - Pedro Monreal <[email protected]> + +- Update to 3.7.8: + * libgnutls: In FIPS140 mode, RSA signature verification is an + approved operation if the key has modulus with known sizes + (1024, 1280, 1536, and 1792 bits), in addition to any modulus + sizes larger than 2048 bits, according to SP800-131A rev2. + * libgnutls: gnutls_session_channel_binding performs additional + checks when GNUTLS_CB_TLS_EXPORTER is requested. According to + RFC9622 4.2, the "tls-exporter" channel binding is only usable + when the handshake is bound to a unique master secret (i.e., + either TLS 1.3 or extended master secret extension is + negotiated). Otherwise the function now returns error. + * libgnutls: usage of the following functions, which are designed + to loosen restrictions imposed by allowlisting mode of + configuration, has been additionally restricted. Invoking + them is now only allowed if system-wide TLS priority string + has not been initialized yet: + - gnutls_digest_set_secure + - gnutls_sign_set_secure + - gnutls_sign_set_secure_for_certs + - gnutls_protocol_set_enabled + * Delete gnutls-3.6.6-set_guile_site_dir.patch and use the + --with-guile-extension-dir configure option to properly + handle the guile extension directory. + * Rebase gnutls-Make-XTS-key-check-failure-not-fatal.patch + * Update gnutls.keyring + * Add a build depencency on gtk-doc required by autoreconf + +------------------------------------------------------------------- +Fri Oct 7 09:30:44 UTC 2022 - Otto Hollmann <[email protected]> + +- FIPS: Set error state when jent init failed in FIPS mode [bsc#1202146] + * Add patch gnutls-FIPS-Set-error-state-when-jent-init-failed.patch + +------------------------------------------------------------------- +Tue Oct 4 13:05:27 UTC 2022 - Otto Hollmann <[email protected]> + +- FIPS: Make XTS key check failure not fatal [bsc#1203779] + * Add gnutls-Make-XTS-key-check-failure-not-fatal.patch + +------------------------------------------------------------------- Old: ---- gnutls-3.6.6-set_guile_site_dir.patch gnutls-3.7.7.tar.xz gnutls-3.7.7.tar.xz.sig gnutls-FIPS-Run-CFB8-without-offset.patch New: ---- gnutls-3.7.8.tar.xz gnutls-3.7.8.tar.xz.sig gnutls-FIPS-Set-error-state-when-jent-init-failed.patch gnutls-Make-XTS-key-check-failure-not-fatal.patch gnutls-disable-flaky-test-dtls-resume.patch gnutls-verify-library-HMAC.patch gnutls.rpmlintrc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.lK9bsn/_old 2022-11-10 14:21:35.698115533 +0100 +++ /var/tmp/diff_new_pack.lK9bsn/_new 2022-11-10 14:21:35.702115555 +0100 @@ -36,7 +36,7 @@ %bcond_with tpm %bcond_without guile Name: gnutls -Version: 3.7.7 +Version: 3.7.8 Release: 0 Summary: The GNU Transport Layer Security Library License: GPL-3.0-or-later AND LGPL-2.1-or-later @@ -44,27 +44,37 @@ URL: https://www.gnutls.org/ Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz.sig +# https://gnutls.org/gnutls-release-keyring.gpg Source2: gnutls.keyring Source3: baselibs.conf +# Suppress a false positive on the .hmac file +Source4: gnutls.rpmlintrc Patch0: gnutls-3.5.11-skip-trust-store-tests.patch -Patch1: gnutls-3.6.6-set_guile_site_dir.patch -Patch2: gnutls-FIPS-TLS_KDF_selftest.patch -Patch3: gnutls-FIPS-disable-failing-tests.patch -Patch4: gnutls_ECDSA_signing.patch +Patch1: gnutls-FIPS-TLS_KDF_selftest.patch +Patch2: gnutls-FIPS-disable-failing-tests.patch +Patch3: gnutls_ECDSA_signing.patch %if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 +%ifnarch s390 s390x #PATCH-FIX-SUSE bsc#1202146 FIPS: Port gnutls to use jitterentropy -Patch5: gnutls-FIPS-jitterentropy.patch +Patch4: gnutls-FIPS-jitterentropy.patch +#PATCH-FIX-SUSE bsc#1202146 FIPS: Set error state when jent init failed in FIPS mode +Patch5: gnutls-FIPS-Set-error-state-when-jent-init-failed.patch +%endif %endif #PATCH-FIX-SUSE bsc#1190698 FIPS: SLI gnutls_pbkdf2: verify keylengths and allow SHA only Patch6: gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch -#PATCH-FIX-SUSE bsc#1203245 FIPS: Run the CFB8 cipher selftests without offset -Patch7: gnutls-FIPS-Run-CFB8-without-offset.patch +#PATCH-FIX-UPSTREAM bsc#1203779 Make XTS key check failure not fatal +Patch7: gnutls-Make-XTS-key-check-failure-not-fatal.patch +Patch8: gnutls-disable-flaky-test-dtls-resume.patch +#PATCH-FIX-OPENSUSE bsc#1199881 Verify only the libgnutls library HMAC +Patch9: gnutls-verify-library-HMAC.patch BuildRequires: autogen BuildRequires: automake BuildRequires: datefudge BuildRequires: fdupes BuildRequires: fipscheck BuildRequires: gcc-c++ +BuildRequires: gtk-doc # The test suite calls /usr/bin/ss from iproute2. It's our own duty to ensure we have it present BuildRequires: iproute2 BuildRequires: libidn2-devel @@ -218,7 +228,11 @@ export LDFLAGS="-pie -Wl,-z,now -Wl,-z,relro" export CFLAGS="%{optflags} -fPIE" export CXXFLAGS="%{optflags} -fPIE" -#autoreconf -fiv +autoreconf -fiv + +# Rename the internal .hmac file to include the so library version +sed -i "s/\.gnutls\.hmac/\.libgnutls\.so\.%{gnutls_sover}\.hmac/g" lib/Makefile.am lib/Makefile.in lib/fips.c + %configure \ gl_cv_func_printf_directive_n=yes \ gl_cv_func_printf_infinite_long_double=yes \ @@ -241,6 +255,7 @@ %endif %if %{with guile} --enable-guile \ + --with-guile-extension-dir=%{_libdir}/guile/3.0 \ %else --disable-guile \ %endif @@ -252,13 +267,32 @@ %install %make_install + +# Compute the FIPS hmac using the brp-50-generate-fips-hmac script +# export BRP_FIPSHMAC_FILES=%%{buildroot}%%{_libdir}/libgnutls.so.%%{gnutls_sover} + +# the hmac hashes: +# +# this is a hack that re-defines the __os_install_post macro +# for a simple reason: the macro strips the binaries and thereby +# invalidates a HMAC that may have been created earlier. +# solution: create the hashes _after_ the macro runs. +# +# this shows up earlier because otherwise the %%expand of +# the macro is too late. +# remark: This is the same as running +# openssl dgst -sha256 -hmac 'orboDeJITITejsirpADONivirpUkvarP' +# note: The FIPS hmac is now calculated with an internal tool since +# commit a86c8e87189e23920ae622da5e572cb4e1a6e0ed +%{expand:%%global __os_install_post {%__os_install_post +./lib/fipshmac "%{buildroot}%{_libdir}/libgnutls.so.%{gnutls_sover}" > %{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac +sed -i "s^%{buildroot}/usr^^" %{buildroot}%{_libdir}/.libgnutls.so.%{gnutls_sover}.hmac +}} + rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot # Do not package static libs and libtool files find %{buildroot} -type f -name "*.la" -delete -print -# Compute FIPS hmac using the brp-50-generate-fips-hmac script -export BRP_FIPSHMAC_FILES=%{buildroot}%{_libdir}/libgnutls.so.%{gnutls_sover} - # install docs mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/ cp doc/gnutls.html doc/*.png %{buildroot}%{_docdir}/libgnutls-devel/ @@ -379,7 +413,7 @@ %files guile %license LICENSE %{_libdir}/guile/* -%{_datadir}/guile/gnutls* +%{_datadir}/guile/site/* %endif %changelog ++++++ gnutls-3.7.7.tar.xz -> gnutls-3.7.8.tar.xz ++++++ /work/SRC/openSUSE:Factory/gnutls/gnutls-3.7.7.tar.xz /work/SRC/openSUSE:Factory/.gnutls.new.1597/gnutls-3.7.8.tar.xz differ: char 26, line 1 ++++++ gnutls-FIPS-Set-error-state-when-jent-init-failed.patch ++++++ --- lib/nettle/sysrng-linux.c | 6 ++++++ 1 file changed, 6 insertions(+) Index: gnutls-3.7.8/lib/nettle/sysrng-linux.c =================================================================== --- gnutls-3.7.8.orig/lib/nettle/sysrng-linux.c +++ gnutls-3.7.8/lib/nettle/sysrng-linux.c @@ -49,11 +49,13 @@ get_entropy_func _rnd_get_system_entropy = NULL; #if defined(__linux__) -# ifdef ENABLE_FIPS140 +# if defined(ENABLE_FIPS140) # define HAVE_JENT # include <jitterentropy.h> static int jent_initialized = 0; static struct rand_data* ec = NULL; +/* Declare function to fix a missing-prototypes compilation warning */ +void FIPS_jent_entropy_deinit(void); # endif # ifdef HAVE_GETRANDOM # include <sys/random.h> @@ -72,7 +74,8 @@ static ssize_t _getrandom0(void *buf, si # endif # endif -# if defined(HAVE_JENT) +# if defined(ENABLE_FIPS140) +# if defined(HAVE_JENT) /* check whether the CPU Jitter entropy collector is available. */ static unsigned FIPS_jent_entropy_init(void) { @@ -161,6 +164,7 @@ static int _rnd_get_system_entropy_jent( return 0; } +# endif # endif static unsigned have_getrandom(void) @@ -260,7 +264,8 @@ int _rnd_system_entropy_init(void) int urandom_fd; #if defined(__linux__) -# if defined(HAVE_JENT) +# if defined(ENABLE_FIPS140) +# if defined(HAVE_JENT) /* Enable jitterentropy usage if available */ if (FIPS_jent_entropy_init()) { _rnd_get_system_entropy = _rnd_get_system_entropy_jent; @@ -268,7 +273,14 @@ int _rnd_system_entropy_init(void) return 0; } else { _gnutls_debug_log("jitterentropy is not available\n"); + /* Set error state when FIPS_jent_entropy_init failed and FIPS mode is enabled */ + if (_gnutls_fips_mode_enabled()) { + _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); + _gnutls_switch_lib_state(LIB_STATE_ERROR); + return gnutls_assert_val(GNUTLS_E_RANDOM_DEVICE_ERROR); + } } +# endif # endif /* Enable getrandom() usage if available */ if (have_getrandom()) { @@ -300,8 +312,10 @@ void _rnd_system_entropy_deinit(void) { /* A no-op now when we open and close /dev/urandom every time */ #if defined(__linux__) -# if defined(HAVE_JENT) +# if defined(ENABLE_FIPS140) +# if defined(HAVE_JENT) FIPS_jent_entropy_deinit(); +# endif # endif #endif return; Index: gnutls-3.7.8/tests/Makefile.am =================================================================== --- gnutls-3.7.8.orig/tests/Makefile.am +++ gnutls-3.7.8/tests/Makefile.am @@ -208,7 +208,7 @@ ctests += mini-record-2 simple gnutls_hm dtls12-cert-key-exchange dtls10-cert-key-exchange x509-cert-callback-legacy \ keylog-env ssl2-hello tlsfeature-ext dtls-rehandshake-cert-2 dtls-session-ticket-lost \ tlsfeature-crt dtls-rehandshake-cert-3 resume-with-false-start \ - set_x509_key_file_ocsp client-fastopen rng-sigint srp rng-pthread \ + set_x509_key_file_ocsp client-fastopen srp rng-pthread \ safe-renegotiation/srn0 safe-renegotiation/srn1 safe-renegotiation/srn2 \ safe-renegotiation/srn3 safe-renegotiation/srn4 safe-renegotiation/srn5 \ rsa-illegal-import set_x509_ocsp_multi_invalid set_key set_x509_key_file_ocsp_multi2 \ ++++++ gnutls-Make-XTS-key-check-failure-not-fatal.patch ++++++ >From 00fff0aad2b606801704046042aa3b2b24f07d63 Mon Sep 17 00:00:00 2001 From: Zoltan Fridrich <[email protected]> Date: Thu, 29 Sep 2022 15:31:28 +0200 Subject: [PATCH] Make XTS key check failure not fatal Signed-off-by: Zoltan Fridrich <[email protected]> --- lib/accelerated/x86/aes-xts-x86-aesni.c | 1 - lib/nettle/cipher.c | 73 ++++++++--------------- tests/Makefile.am | 2 +- tests/xts-key-check.c | 78 +++++++++++++++++++++++++ 5 files changed, 103 insertions(+), 52 deletions(-) create mode 100644 tests/xts-key-check.c diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c index 0588d0bd55..d6936a688d 100644 --- a/lib/accelerated/x86/aes-xts-x86-aesni.c +++ b/lib/accelerated/x86/aes-xts-x86-aesni.c @@ -73,7 +73,6 @@ x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) /* Check key block according to FIPS-140-2 IG A.9 */ if (_gnutls_fips_mode_enabled()){ if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) { - _gnutls_switch_lib_state(LIB_STATE_ERROR); return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); } } diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c index c9c59fb0ba..9c2ce19e7e 100644 --- a/lib/nettle/cipher.c +++ b/lib/nettle/cipher.c @@ -448,12 +448,14 @@ _gcm_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, length, dst, src); } -static void _des_set_key(struct des_ctx *ctx, const uint8_t *key) +static void +_des_set_key(struct des_ctx *ctx, const uint8_t *key) { des_set_key(ctx, key); } -static void _des3_set_key(struct des3_ctx *ctx, const uint8_t *key) +static void +_des3_set_key(struct des3_ctx *ctx, const uint8_t *key) { des3_set_key(ctx, key); } @@ -476,50 +478,6 @@ _cfb8_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, length, dst, src); } -static void -_xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key, - const uint8_t *key) -{ - if (_gnutls_fips_mode_enabled() && - gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) - _gnutls_switch_lib_state(LIB_STATE_ERROR); - - xts_aes128_set_encrypt_key(xts_key, key); -} - -static void -_xts_aes128_set_decrypt_key(struct xts_aes128_key *xts_key, - const uint8_t *key) -{ - if (_gnutls_fips_mode_enabled() && - gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) - _gnutls_switch_lib_state(LIB_STATE_ERROR); - - xts_aes128_set_decrypt_key(xts_key, key); -} - -static void -_xts_aes256_set_encrypt_key(struct xts_aes256_key *xts_key, - const uint8_t *key) -{ - if (_gnutls_fips_mode_enabled() && - gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) - _gnutls_switch_lib_state(LIB_STATE_ERROR); - - xts_aes256_set_encrypt_key(xts_key, key); -} - -static void -_xts_aes256_set_decrypt_key(struct xts_aes256_key *xts_key, - const uint8_t *key) -{ - if (_gnutls_fips_mode_enabled() && - gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) - _gnutls_switch_lib_state(LIB_STATE_ERROR); - - xts_aes256_set_decrypt_key(xts_key, key); -} - static void _xts_aes128_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst, const uint8_t * src) @@ -1041,8 +999,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = { .ctx_size = sizeof(struct xts_aes128_key), .encrypt = _xts_aes128_encrypt, .decrypt = _xts_aes128_decrypt, - .set_encrypt_key = (nettle_set_key_func*)_xts_aes128_set_encrypt_key, - .set_decrypt_key = (nettle_set_key_func*)_xts_aes128_set_decrypt_key, + .set_encrypt_key = (nettle_set_key_func*)xts_aes128_set_encrypt_key, + .set_decrypt_key = (nettle_set_key_func*)xts_aes128_set_decrypt_key, .max_iv_size = AES_BLOCK_SIZE, }, { .algo = GNUTLS_CIPHER_AES_256_XTS, @@ -1052,8 +1010,8 @@ static const struct nettle_cipher_st builtin_ciphers[] = { .ctx_size = sizeof(struct xts_aes256_key), .encrypt = _xts_aes256_encrypt, .decrypt = _xts_aes256_decrypt, - .set_encrypt_key = (nettle_set_key_func*)_xts_aes256_set_encrypt_key, - .set_decrypt_key = (nettle_set_key_func*)_xts_aes256_set_decrypt_key, + .set_encrypt_key = (nettle_set_key_func*)xts_aes256_set_encrypt_key, + .set_decrypt_key = (nettle_set_key_func*)xts_aes256_set_decrypt_key, .max_iv_size = AES_BLOCK_SIZE, }, { .algo = GNUTLS_CIPHER_AES_128_SIV, @@ -1144,6 +1102,21 @@ wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize) return 0; } + switch (ctx->cipher->algo) { + case GNUTLS_CIPHER_AES_128_XTS: + if (_gnutls_fips_mode_enabled() && + gnutls_memcmp(key, (char *)key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + break; + case GNUTLS_CIPHER_AES_256_XTS: + if (_gnutls_fips_mode_enabled() && + gnutls_memcmp(key, (char *)key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + break; + default: + break; + } + if (ctx->enc) ctx->cipher->set_encrypt_key(ctx->ctx_ptr, key); else diff --git a/tests/Makefile.am b/tests/Makefile.am index 3e126f0046..1122886b31 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -233,7 +233,7 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei tls13-without-timeout-func buffer status-request-revoked \ set_x509_ocsp_multi_cli kdf-api keylog-func handshake-write \ x509cert-dntypes id-on-xmppAddr tls13-compat-mode ciphersuite-name \ - x509-upnconstraint cipher-padding pkcs7-verify-double-free \ + x509-upnconstraint xts-key-check cipher-padding pkcs7-verify-double-free \ fips-rsa-sizes ctests += tls-channel-binding diff --git a/tests/xts-key-check.c b/tests/xts-key-check.c new file mode 100644 index 0000000000..a3bea5abca --- /dev/null +++ b/tests/xts-key-check.c @@ -0,0 +1,78 @@ +/* + * Copyright (C) 2022 Red Hat, Inc. + * + * Author: Zoltan Fridrich + * + * This file is part of GnuTLS. + * + * GnuTLS is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS. If not, see <https://www.gnu.org/licenses/>. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <gnutls/crypto.h> + +#include "utils.h" + +static void test_xts_check(gnutls_cipher_algorithm_t alg) +{ + int ret; + gnutls_cipher_hd_t ctx; + gnutls_datum_t key, iv; + + iv.size = gnutls_cipher_get_iv_size(alg); + iv.data = gnutls_malloc(iv.size); + if (iv.data == NULL) + fail("Error: %s\n", gnutls_strerror(GNUTLS_E_MEMORY_ERROR)); + gnutls_memset(iv.data, 0xf0, iv.size); + + key.size = gnutls_cipher_get_key_size(alg); + key.data = gnutls_malloc(key.size); + if (key.data == NULL) { + gnutls_free(iv.data); + fail("Error: %s\n", gnutls_strerror(GNUTLS_E_MEMORY_ERROR)); + } + gnutls_memset(key.data, 0xf0, key.size); + + ret = gnutls_cipher_init(&ctx, alg, &key, &iv); + if (ret == GNUTLS_E_SUCCESS) { + gnutls_cipher_deinit(ctx); + gnutls_free(iv.data); + gnutls_free(key.data); + fail("cipher initialization should fail for key1 == key2\n"); + } + + key.data[0] = 0xff; + + ret = gnutls_cipher_init(&ctx, alg, &key, &iv); + gnutls_free(iv.data); + gnutls_free(key.data); + + if (ret == GNUTLS_E_SUCCESS) + gnutls_cipher_deinit(ctx); + else + fail("cipher initialization should succeed with key1 != key2" + "\n%s\n", gnutls_strerror(ret)); +} + +void doit(void) +{ + if (!gnutls_fips140_mode_enabled()) + exit(77); + + test_xts_check(GNUTLS_CIPHER_AES_128_XTS); + test_xts_check(GNUTLS_CIPHER_AES_256_XTS); +} -- GitLab ++++++ gnutls-disable-flaky-test-dtls-resume.patch ++++++ Index: gnutls-3.7.8/tests/Makefile.am =================================================================== --- gnutls-3.7.8.orig/tests/Makefile.am +++ gnutls-3.7.8/tests/Makefile.am @@ -508,7 +508,7 @@ if !WINDOWS # List of tests not available/functional under windows # -dist_check_SCRIPTS += dtls/dtls.sh dtls/dtls-resume.sh #dtls/dtls-nb +dist_check_SCRIPTS += dtls/dtls.sh #dtls/dtls-resume.sh #dtls/dtls-nb indirect_tests += dtls-stress ++++++ gnutls-verify-library-HMAC.patch ++++++ Index: gnutls-3.7.8/lib/fips.c =================================================================== --- gnutls-3.7.8.orig/lib/fips.c +++ gnutls-3.7.8/lib/fips.c @@ -402,6 +402,8 @@ static int check_binary_integrity(void) ret = check_lib_hmac(&file.gnutls, GNUTLS_LIBRARY_NAME, "gnutls_global_init"); if (ret < 0) return ret; + /* Check only the binary integrity of the libgnutls library */ +#if 0 ret = check_lib_hmac(&file.nettle, NETTLE_LIBRARY_NAME, "nettle_aes_set_encrypt_key"); if (ret < 0) return ret; @@ -411,6 +413,7 @@ static int check_binary_integrity(void) ret = check_lib_hmac(&file.gmp, GMP_LIBRARY_NAME, "__gmpz_init"); if (ret < 0) return ret; +#endif return 0; } ++++++ gnutls.keyring ++++++ ++++ 2044 lines (skipped) ++++ between gnutls.keyring ++++ and /work/SRC/openSUSE:Factory/.gnutls.new.1597/gnutls.keyring ++++++ gnutls.rpmlintrc ++++++ addFilter("hidden-file-or-dir /usr/lib64/.libgnutls.so.30.hmac")
