T7338: Make SHA1 non-FIPS and differentiate in the SLI

Mon, 10 Feb 2025 02:56:52 -0800 

Hi,

Consider: NIST's deprecation of SHA1, effective 2030-12-31.

Patch series to make SHA1 non-FIPS compliant and differentiate in the
SLI, by means of GCRY_FIPS_FLAG_REJECT_MD_SHA1.

Best,
        Mülling

From 3d74259865e7c63fe46626fee3c973c789e0eac8 Mon Sep 17 00:00:00 2001
From: Lucas Mulling <lucas.mull...@suse.com>
Date: Tue, 28 Jan 2025 15:34:43 -0300
Subject: [PATCH 1/2] md: Make SHA1 non-FIPS and differentiate in the SLI

* cipher/md.c (_gcry_md_open, md_enable, _gcry_md_enable, md_copy):
Differentiate SHA1.
* cipher/sha1.c (_gcry_digest_spec_sha1): Make SHA1 not FIPS.
* src/fips.c (_gcry_fips_indicator_mac, _gcry_fips_indicator_md,
run_digest_selftests, run_mac_selftests): Differentiate SHA1.
* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_MD_SHA1): New.
* tests/basic.c: (check_pubkey_sign): Use sha256 for baddata, add
FLAG_NOFIPS to non FIPS compliant tests that use SHA1, and improve error
messages.
* tests/pkcs1v2.c (main): Skip tests in FIPS mode.
* tests/t-fips-service-ind.c (check_kdf_derive): Use sha256 as pbkdf2
subalgo.
* tests/t-fips-service-ind.c (check_mac_o_w_r_c): Check for rejection of
SHA1 test cases if in FIPS mode.

Signed-off-by: Lucas Mulling <lucas.mull...@suse.com>
---
 cipher/md.c                |  8 ++++++++
 cipher/sha1.c              |  2 +-
 src/fips.c                 |  4 ----
 src/gcrypt.h.in            |  1 +
 tests/basic.c              | 16 ++++++++++-----
 tests/pkcs1v2.c            |  8 ++++++++
 tests/t-fips-service-ind.c | 42 +++++++++++++++++++-------------------
 7 files changed, 50 insertions(+), 31 deletions(-)

diff --git a/cipher/md.c b/cipher/md.c
index f600e7bb..3e14ccd6 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -566,6 +566,8 @@ _gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
 
           if (algo == GCRY_MD_MD5)
             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
+          else if (algo == GCRY_MD_SHA1)
+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
           else
             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
 
@@ -601,6 +603,8 @@ md_enable (gcry_md_hd_t hd, int algorithm)
 
   if (algorithm == GCRY_MD_MD5)
     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
+  else if (algorithm == GCRY_MD_SHA1)
+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
   else
     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
 
@@ -679,6 +683,8 @@ _gcry_md_enable (gcry_md_hd_t hd, int algorithm)
 
           if (algorithm == GCRY_MD_MD5)
             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
+          else if (algorithm == GCRY_MD_SHA1)
+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
           else
             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
 
@@ -756,6 +762,8 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
 
           if (spec->algo == GCRY_MD_MD5)
             reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
+          else if (spec->algo == GCRY_MD_SHA1)
+            reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
           else
             reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
         }
diff --git a/cipher/sha1.c b/cipher/sha1.c
index b83b9de0..e4069e1d 100644
--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@@ -759,7 +759,7 @@ static const gcry_md_oid_spec_t oid_spec_sha1[] =
 
 const gcry_md_spec_t _gcry_digest_spec_sha1 =
   {
-    GCRY_MD_SHA1, {0, 1},
+    GCRY_MD_SHA1, {0, 0},
     "SHA1", asn, DIM (asn), oid_spec_sha1, 20,
     sha1_init, _gcry_md_block_write, sha1_final, sha1_read, NULL,
     _gcry_sha1_hash_buffers,
diff --git a/src/fips.c b/src/fips.c
index 7ae89503..7848fa11 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -430,7 +430,6 @@ _gcry_fips_indicator_mac (va_list arg_ptr)
   switch (alg)
     {
     case GCRY_MAC_CMAC_AES:
-    case GCRY_MAC_HMAC_SHA1:
     case GCRY_MAC_HMAC_SHA224:
     case GCRY_MAC_HMAC_SHA256:
     case GCRY_MAC_HMAC_SHA384:
@@ -454,7 +453,6 @@ _gcry_fips_indicator_md (va_list arg_ptr)
 
   switch (alg)
     {
-    case GCRY_MD_SHA1:
     case GCRY_MD_SHA224:
     case GCRY_MD_SHA256:
     case GCRY_MD_SHA384:
@@ -626,7 +624,6 @@ run_digest_selftests (int extended)
 {
   static int algos[] =
     {
-      GCRY_MD_SHA1,
       GCRY_MD_SHA224,
 #ifndef ENABLE_HMAC_BINARY_CHECK
       GCRY_MD_SHA256,
@@ -657,7 +654,6 @@ run_mac_selftests (int extended)
 {
   static int algos[] =
     {
-      GCRY_MAC_HMAC_SHA1,
       GCRY_MAC_HMAC_SHA224,
 #ifndef ENABLE_HMAC_BINARY_CHECK
       GCRY_MAC_HMAC_SHA256,
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index 1a6f7269..3a7acb13 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -1989,6 +1989,7 @@ char *gcry_get_config (int mode, const char *what);
 #define GCRY_FIPS_FLAG_REJECT_PK_MD         (1 << 6)
 #define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2   (1 << 7)
 #define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE   (1 << 8)
+#define GCRY_FIPS_FLAG_REJECT_MD_SHA1       (1 << 9)
 
 #define GCRY_FIPS_FLAG_REJECT_MD \
   (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
diff --git a/tests/basic.c b/tests/basic.c
index 72c65b58..f32e41db 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -17127,9 +17127,15 @@ verify_one_signature (gcry_sexp_t pkey, gcry_sexp_t hash,
   if (rc)
     fail ("gcry_pk_verify failed: %s\n", gpg_strerror (rc));
   rc = gcry_pk_verify (sig, badhash, pkey);
-  if (gcry_err_code (rc) != GPG_ERR_BAD_SIGNATURE)
+  if (gcry_err_code (rc) != GPG_ERR_BAD_SIGNATURE) {
+      if (verbose) {
+          show_sexp ("pkey: ", pkey);
+          show_sexp ("hash: ", hash);
+          show_sexp ("badhash: ", badhash);
+      }
     fail ("gcry_pk_verify failed to detect a bad signature: %s\n",
 	  gpg_strerror (rc));
+  }
 }
 
 
@@ -17144,7 +17150,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
   int dataidx;
   static const char baddata[] =
     "(data\n (flags pkcs1)\n"
-    " (hash sha1 #11223344556677889900AABBCCDDEEFF10203041#))\n";
+    " (hash sha256 #F972DABC31BBD154CC83A5208BEF1CB087100BDA548A9D704F789AC748694416#))\n";
   static const struct
   {
     const char *data;
@@ -17156,7 +17162,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
       { "(data\n (flags pkcs1)\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
-	0 },
+	0, FLAG_NOFIPS },
       { "(data\n (flags pkcs1-raw)\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
@@ -17171,7 +17177,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
 	" (hash oid.1.3.14.3.2.29 "
         "       #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
-	0 },
+	0, FLAG_NOFIPS },
       {	"(data\n (flags )\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	0,
@@ -17267,7 +17273,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
           goto next;
         }
       if (gcry_err_code (rc) != datas[dataidx].expected_rc)
-	fail ("gcry_pk_sign failed: %s\n", gpg_strerror (rc));
+	fail ("gcry_pk_sign %d failed: %s\n", dataidx, gpg_strerror (rc));
 
       if (!rc)
 	verify_one_signature (pkey, hash, badhash, sig);
diff --git a/tests/pkcs1v2.c b/tests/pkcs1v2.c
index ab070a94..9874b81c 100644
--- a/tests/pkcs1v2.c
+++ b/tests/pkcs1v2.c
@@ -720,6 +720,14 @@ main (int argc, char **argv)
   /* No valuable keys are create, so we can speed up our RNG. */
   xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0));
 
+  if (in_fips_mode) /* skip tests for now */
+    {
+      if (verbose)
+        fprintf (stderr, "\nAll tests skiped in FIPS mode...\n");
+
+      return 0;
+    }
+
   if (run_oaep)
     check_oaep ();
   if (run_pss)
diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
index 74521bb3..40dab620 100644
--- a/tests/t-fips-service-ind.c
+++ b/tests/t-fips-service-ind.c
@@ -816,7 +816,7 @@ check_mac_o_w_r_c (int reject)
 #if USE_SHA1
     { GCRY_MAC_HMAC_SHA1, "hmac input abc", 14, "hmac key input", 14,
       "\xc9\x62\x9d\x16\x0f\xc2\xc4\xcd\x38\xac\x3a\x00\xdc\x29\x61\x03"
-      "\x69\x50\xd7\x3a" },
+      "\x69\x50\xd7\x3a", 1 },
 #endif
     { GCRY_MAC_HMAC_SHA256, "hmac input abc", 14, "hmac key input", 14,
       "\x6a\xda\x4d\xd5\xf3\xa7\x32\x9d\xd2\x55\xc0\x7f\xe6\x0a\x93\xb8"
@@ -973,7 +973,7 @@ check_md_o_w_r_c (int reject)
 #if USE_SHA1
     { GCRY_MD_SHA1, "abc", 3,
       "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 1 },
 #endif
     { GCRY_MD_SHA256, "abc", 3,
       "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
@@ -1049,7 +1049,6 @@ check_md_o_w_r_c (int reject)
                 tvidx);
           continue;
         }
-
       if (in_fips_mode && !tv[tvidx].expect_failure && ec)
         {
           /* Success with the FIPS service indicator == 0 expected, but != 0.  */
@@ -1099,7 +1098,7 @@ check_hash_buffer (void)
 #if USE_SHA1
     { GCRY_MD_SHA1, "abc", 3,
       "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 1 },
 #endif
     { GCRY_MD_SHA256, "abc", 3,
       "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
@@ -1208,7 +1207,7 @@ check_hash_buffers (void)
     { GCRY_MD_SHA1, "abc", 3,
       "key", 3,
       "\x4f\xd0\xb2\x15\x27\x6e\xf1\x2f\x2b\x3e"
-      "\x4c\x8e\xca\xc2\x81\x14\x98\xb6\x56\xfc" },
+      "\x4c\x8e\xca\xc2\x81\x14\x98\xb6\x56\xfc", 1 },
 #endif
     { GCRY_MD_SHA256, "abc", 3,
       "key", 3,
@@ -1340,7 +1339,7 @@ check_kdf_derive (void)
       "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
       "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96"
       "\x4c\xf2\xf0\x70\x38",
-      0
+      1 /* not-compliant because subalgo is not the one of approved */
     },
     {
       "pleaseletmein", 13,
@@ -1356,45 +1355,45 @@ check_kdf_derive (void)
     },
     {
       "passwor", 7,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
       4096,
       25,
-      "\xf4\x93\xee\x2b\xbf\x44\x0b\x9e\x64\x53"
-      "\xc2\xb3\x87\xdc\x73\xf8\xfd\xe6\x97\xda"
-      "\xb8\x24\xa0\x26\x50",
+      "\x2d\x72\xa9\xe5\x4e\x2f\x37\x6e\xe5\xe4"
+      "\xf5\x55\x76\xb5\xaa\x49\x73\x01\x97\x1c"
+      "\xad\x3a\x7c\xc4\xde",
       1 /* not-compliant because passphrase len is too small */
     },
     {
       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
       "saltSALTsaltSAL", 15,
       4096,
       25,
-      "\x14\x05\xa4\x2a\xf4\xa8\x12\x14\x7b\x65"
-      "\x8f\xaa\xf0\x7f\x25\xe5\x0f\x0b\x2b\xb7"
-      "\xcf\x8d\x29\x23\x4b",
+      "\xf7\x55\xdd\x3c\x5e\xfb\x23\x06\xa7\x85"
+      "\x94\xa7\x31\x12\x45\xcf\x5a\x4b\xdc\x09"
+      "\xee\x65\x4b\x50\x3f",
       1 /* not-compliant because salt len is too small */
     },
     {
       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
       999,
       25,
-      "\xac\xf8\xb4\x67\x41\xc7\xf3\xd1\xa0\xc0"
-      "\x08\xbe\x9b\x23\x96\x78\xbd\x93\xda\x4a"
-      "\x30\xd4\xfb\xf0\x33",
+      "\x09\x3e\x1a\xd8\x63\x30\x71\x9c\x17\xcf"
+      "\xb0\x53\x3e\x1f\xc8\x51\x29\x71\x54\x28"
+      "\x5d\xf7\x8e\x41\xaa",
       1 /* not-compliant because too few iterations */
     },
     {
       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
       4096,
       13,
-      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-      "\xd8\x36\x62",
+      "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8"
+      "\x14\xb8\x11",
       1 /* not-compliant because key size too small */
     },
     {
@@ -1540,6 +1539,7 @@ main (int argc, char **argv)
 
   xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS,
                   (GCRY_FIPS_FLAG_REJECT_MD_MD5
+                   | GCRY_FIPS_FLAG_REJECT_MD_SHA1
                    | GCRY_FIPS_FLAG_REJECT_CIPHER_MODE
                    | GCRY_FIPS_FLAG_REJECT_PK_MD
                    | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-- 
2.48.1


From a21375ee6693f5d3a0e0317a267b8bf891850571 Mon Sep 17 00:00:00 2001
From: Lucas Mulling <lucas.mull...@suse.com>
Date: Sun, 2 Feb 2025 13:08:51 -0300
Subject: [PATCH 2/2] cipher: Differentiate SHA1 with
 GCRY_FIPS_FLAG_REJECT_MD_SHA1

* cipher/ecc.c (ecc_sign, ecc_verify, prepare_datasexp_to_be_signed):
Differentiate SHA1 with GCRY_FIPS_FLAG_REJECT_MD_SHA1 in the service
level indicator.
* cipher/md.c (check_digest_algo): Differentiate SHA1 with
GCRY_FIPS_FLAG_REJECT_MD_SHA1 in the service level indicator.
* tests/basic.c (check_pubkey_sign): Revert changes from previous
commit.
* tests/pkcs1v2.c (main): Revert changes from previous commit, don't
skip tests in FIPS mode.

Signed-off-by: Lucas Mulling <lucas.mull...@suse.com>
---
 cipher/ecc.c    | 26 ++++++++++++++++++++++----
 cipher/md.c     | 24 +++++++++++++++++++++---
 cipher/pubkey.c |  2 +-
 tests/basic.c   | 10 ++++++----
 tests/pkcs1v2.c |  8 --------
 5 files changed, 50 insertions(+), 20 deletions(-)

diff --git a/cipher/ecc.c b/cipher/ecc.c
index 525523ed..57166357 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -985,8 +985,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
     {
       if (fips_mode ())
         {
-          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-              || ctx.hash_algo == GCRY_MD_SHA1)
+          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL))
             {
               if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
                 {
@@ -996,6 +995,16 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
               else
                 fips_service_indicator_mark_non_compliant ();
             }
+          else if (ctx.hash_algo == GCRY_MD_SHA1)
+            {
+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+                {
+                  rc = GPG_ERR_DIGEST_ALGO;
+                  goto leave;
+                }
+              else
+                fips_service_indicator_mark_non_compliant ();
+            }
         }
     }
 
@@ -1141,8 +1150,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
     {
       if (fips_mode ())
         {
-          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-              || ctx.hash_algo == GCRY_MD_SHA1)
+          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL))
             {
               if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
                 {
@@ -1152,6 +1160,16 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
               else
                 fips_service_indicator_mark_non_compliant ();
             }
+          else if (ctx.hash_algo == GCRY_MD_SHA1)
+            {
+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+                {
+                  rc = GPG_ERR_DIGEST_ALGO;
+                  goto leave;
+                }
+              else
+                fips_service_indicator_mark_non_compliant ();
+            }
         }
     }
 
diff --git a/cipher/md.c b/cipher/md.c
index 3e14ccd6..3e260733 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -439,13 +439,29 @@ static gcry_err_code_t
 check_digest_algo (int algorithm)
 {
   const gcry_md_spec_t *spec;
+  int in_fipsmode;
 
   spec = spec_from_algo (algorithm);
-  if (spec && !spec->flags.disabled && (spec->flags.fips || !fips_mode ()))
+
+  in_fipsmode = fips_mode ();
+
+  if (spec && !spec->flags.disabled && (spec->flags.fips || !in_fipsmode))
     return 0;
+  else if(spec && !spec->flags.disabled &&
+          in_fipsmode && spec->algo == GCRY_MD_SHA1)
+    {
+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
+      {
+        return GPG_ERR_DIGEST_ALGO;
+      }
+      else
+        {
+          fips_service_indicator_mark_non_compliant ();
+          return 0;
+        }
+    }
 
   return GPG_ERR_DIGEST_ALGO;
-
 }
 
 
@@ -1799,9 +1815,11 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report)
 
   spec = spec_from_algo (algo);
   if (spec && !spec->flags.disabled
-      && (spec->flags.fips || !fips_mode ())
+      && ((spec->flags.fips || spec->algo == GCRY_MD_SHA1) || !fips_mode ())
       && spec->selftest)
+  {
     ec = spec->selftest (algo, extended, report);
+  }
   else
     {
       ec = (spec && spec->selftest) ? GPG_ERR_DIGEST_ALGO
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index c28ec124..a9bbb76c 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -564,7 +564,7 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
 	}
       else if (fips_mode () && algo == GCRY_MD_SHA1)
         {
-          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1))
             {
               _gcry_md_close (hd);
               return GPG_ERR_DIGEST_ALGO;
diff --git a/tests/basic.c b/tests/basic.c
index f32e41db..d7a76868 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -17162,7 +17162,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
       { "(data\n (flags pkcs1)\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
-	0, FLAG_NOFIPS },
+	0 },
       { "(data\n (flags pkcs1-raw)\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
@@ -17177,7 +17177,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
 	" (hash oid.1.3.14.3.2.29 "
         "       #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
-	0, FLAG_NOFIPS },
+	0 },
       {	"(data\n (flags )\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	0,
@@ -17269,7 +17269,8 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo,
       if (in_fips_mode && (flags & FLAG_NOFIPS || datas[dataidx].flags & FLAG_NOFIPS))
         {
           if (!rc)
-            fail ("gcry_pk_sign did not fail as expected in FIPS mode\n");
+            fail ("gcry_pk_sign (%d) did not fail as expected in FIPS mode\n",
+                    dataidx);
           goto next;
         }
       if (gcry_err_code (rc) != datas[dataidx].expected_rc)
@@ -17398,7 +17399,8 @@ check_pubkey_sign_ecdsa (int n, gcry_sexp_t skey, gcry_sexp_t pkey,
       if (in_fips_mode && (flags & FLAG_NOFIPS))
         {
           if (!rc)
-            fail ("gcry_pk_sign did not fail as expected in FIPS mode\n");
+            fail ("gcry_pk_sign (%d) did not fail as expected in FIPS mode\n",
+                   dataidx);
           goto next;
         }
       if (gcry_err_code (rc) != datas[dataidx].expected_rc)
diff --git a/tests/pkcs1v2.c b/tests/pkcs1v2.c
index 9874b81c..ab070a94 100644
--- a/tests/pkcs1v2.c
+++ b/tests/pkcs1v2.c
@@ -720,14 +720,6 @@ main (int argc, char **argv)
   /* No valuable keys are create, so we can speed up our RNG. */
   xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0));
 
-  if (in_fips_mode) /* skip tests for now */
-    {
-      if (verbose)
-        fprintf (stderr, "\nAll tests skiped in FIPS mode...\n");
-
-      return 0;
-    }
-
   if (run_oaep)
     check_oaep ();
   if (run_pss)
-- 
2.48.1


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Reply via email to