Hello community, here is the log from the commit of package libgcrypt for openSUSE:Leap:15.2 checked in at 2020-05-26 18:32:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/libgcrypt (Old) and /work/SRC/openSUSE:Leap:15.2/.libgcrypt.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libgcrypt" Tue May 26 18:32:15 2020 rev:46 rq:808345 version:1.8.2 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/libgcrypt/libgcrypt.changes 2020-05-12 11:32:07.227709086 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.libgcrypt.new.2738/libgcrypt.changes 2020-05-26 18:32:21.681573301 +0200 @@ -1,0 +2,8 @@ +Tue May 19 11:25:37 UTC 2020 - Pedro Monreal Gonzalez <[email protected]> + +- FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872] + * Print the debug messages in test_keys() only in debug mode. +- Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch + libgcrypt-PCT-ECC.patch + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libgcrypt-PCT-DSA.patch ++++++ --- /var/tmp/diff_new_pack.WQipT2/_old 2020-05-26 18:32:22.589575285 +0200 +++ /var/tmp/diff_new_pack.WQipT2/_new 2020-05-26 18:32:22.589575285 +0200 @@ -2,7 +2,7 @@ =================================================================== --- libgcrypt-1.8.2.orig/cipher/dsa.c +++ libgcrypt-1.8.2/cipher/dsa.c -@@ -181,24 +181,91 @@ test_keys (DSA_secret_key *sk, unsigned +@@ -181,24 +181,101 @@ test_keys (DSA_secret_key *sk, unsigned /* Create a random plaintext. */ _gcry_mpi_randomize (data, qbits, GCRY_WEAK_RANDOM); @@ -23,7 +23,8 @@ + + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) + { -+ log_debug ("gcry_pk_sign failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_sign/open failed\n"); + goto leave; + } + @@ -31,6 +32,7 @@ + _gcry_md_write (hd, buf, buflen); + + xfree (buf); ++ buf = NULL; + + /* build DSA private key sexp in s_skey */ + sexp_build (&s_skey, NULL, "(private-key (dsa(p %m)(q %m)(g %m)(y %m)(x %m)))", @@ -38,20 +40,23 @@ + sexp_build (&s_hash, NULL, "(data (flags pkcs1)(hash-algo sha256))"); + if (_gcry_pk_sign_md (&r_sig, hd, s_hash, s_skey)) + { -+ log_debug ("gcry_pk_sign failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_sign failed\n"); + goto leave; + } + + /* Check that the signature and the original plaintext differ. */ + if (_gcry_sexp_extract_param (r_sig, NULL, "rs", &r_sig_mpi, &s_sig_mpi, NULL)) + { -+ log_debug ("extracting signature data failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("extracting signature data failed\n"); + goto leave; + } + + if ( !verify (r_sig_mpi, s_sig_mpi, data, &pk)) + { -+ log_debug ("Signature failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("Signature failed\n"); + goto leave; /* Signature matches but should not. */ + } + @@ -64,17 +69,22 @@ + sexp_build (&s_hash, NULL, "(data (flags pkcs1)(hash-algo sha256))"); + + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) -+ log_debug ("gcry_md_open failed\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("gcry_md_open failed\n"); ++ } + + _gcry_mpi_aprint (GCRYMPI_FMT_STD, &buf, &buflen, data); + _gcry_md_write (hd, buf, buflen); + + xfree (buf); ++ buf = NULL; + + /* verify the signature */ + if (_gcry_pk_verify_md (r_sig, hd, s_hash, s_pkey)) + { -+ log_debug ("gcry_pk_verify failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_verify failed\n"); + goto leave; /* Signature does not match. */ + } ++++++ libgcrypt-PCT-ECC.patch ++++++ --- /var/tmp/diff_new_pack.WQipT2/_old 2020-05-26 18:32:22.605575320 +0200 +++ /var/tmp/diff_new_pack.WQipT2/_new 2020-05-26 18:32:22.605575320 +0200 @@ -70,7 +70,7 @@ ECC_public_key pk; gcry_mpi_t test = mpi_new (nbits); mpi_point_struct R_; -@@ -297,17 +310,161 @@ test_keys (ECC_secret_key *sk, unsigned +@@ -297,17 +310,190 @@ test_keys (ECC_secret_key *sk, unsigned _gcry_mpi_randomize (test, nbits, GCRY_WEAK_RANDOM); @@ -91,13 +91,18 @@ + int flags = 0; + + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) -+ log_debug ("gcry_pk_sign failed: _gcry_md_open\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_sign failed: _gcry_md_open\n"); ++ } + + _gcry_mpi_aprint (GCRYMPI_FMT_STD, &buf, &buflen, test); + _gcry_md_write (hd, buf, buflen); + + xfree (buf); -+ ++ buf = NULL; + +- if (_gcry_ecc_ecdsa_verify (test, &pk, r, s)) + sexp_build (&s_hash, NULL, "(data (flags rfc6979)(hash-algo sha256))"); + + /* Assemble the point Q from affine coordinates by simple @@ -109,7 +114,11 @@ + ctx = _gcry_mpi_ec_p_internal_new (sk->E.model, sk->E.dialect, flags, + sk->E.p, sk->E.a, sk->E.b); + if (_gcry_mpi_ec_get_affine (Qx, Qy, &(sk->Q), ctx)) -+ log_debug ("ecdh: Failed to get affine coordinates for Q\n"); + { +- log_fatal ("ECDSA operation: sign, verify failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("ecdh: Failed to get affine coordinates for Q\n"); ++ } + + unsigned char *rawqx, *rawqy; + unsigned int rawqxlen, rawqylen; @@ -118,7 +127,6 @@ + + if (rawqxlen != rawqylen) + { -+ // log_debug ("qx and qy size differ: %d != %d\n", rawqxlen, rawqylen); + if (rawqxlen < rawqylen) + { + size_t diff = rawqylen - rawqxlen; @@ -153,16 +161,17 @@ + _gcry_mpi_release (Qy); + xfree (rawqx); + xfree (rawqy); - -- if (_gcry_ecc_ecdsa_verify (test, &pk, r, s)) ++ + /* build ECC private key sexp in s_skey */ + if (sk->E.name) - { -- log_fatal ("ECDSA operation: sign, verify failed\n"); ++ { + if (sexp_build (&s_skey, NULL, + "(private-key (ecc (curve %s)(d %m)(q %b)))", + sk->E.name, sk->d, qlen, q)) -+ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ } + } + else + { @@ -171,25 +180,31 @@ + " (ecc (curve %s)(d %m)(p %m)(a %m)(b %m)(n %m)(h %m)(q %b)))", + "NIST P-512", sk->d, sk->E.p, sk->E.a, sk->E.b, sk->E.n, sk->E.h, + qlen, q)) -+ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ } + } + + if (_gcry_pk_sign_md (&r_sig, hd, s_hash, s_skey)) + { -+ log_debug ("ecc: gcry_pk_sign failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("ecc: gcry_pk_sign failed\n"); + goto leave; + } + + /* Check that the signature and the original test differ. */ + if (_gcry_sexp_extract_param (r_sig, NULL, "s", &s_sig_mpi, NULL)) + { -+ log_debug ("extracting signature data failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("extracting signature data failed\n"); + goto leave; + } + + if (!mpi_cmp (s_sig_mpi, test)) + { -+ log_debug ("Signature failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("Signature failed\n"); + goto leave; /* Signature and test match but should not. */ + } + @@ -199,7 +214,10 @@ + { + if (sexp_build (&s_pkey, NULL, + "(public-key (ecc (curve %s)(q %b)))", pk.E.name, qlen, q)) -+ log_debug ("ecc: Failed to build sexp for public key.\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("ecc: Failed to build sexp for public key.\n"); ++ } + } + else + { @@ -207,36 +225,48 @@ + "(public-key" + " (ecc (curve %s)(p %m)(a %m)(b %m)(n %m)(h %m)(q %b)))", + "NIST P-512", pk.E.p, pk.E.a, pk.E.b, pk.E.n, pk.E.h, qlen, q)) -+ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("ecc: Failed to build sexp for private key.\n"); ++ } + } + + _gcry_md_close (hd); + + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) -+ log_debug ("gcry_pk_verify failed: _gcry_md_open\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_verify failed: _gcry_md_open\n"); ++ } + + _gcry_mpi_aprint (GCRYMPI_FMT_STD, &buf, &buflen, test); + _gcry_md_write (hd, buf, buflen); + + xfree (buf); ++ buf = NULL; + + /* verify the signature */ + if (_gcry_pk_verify_md (r_sig, hd, s_hash, s_pkey)) + { -+ log_debug ("ecc: gcry_pk_verify failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("ecc: gcry_pk_verify failed\n"); + goto leave; /* Signature does not match. */ } if (DBG_CIPHER) - log_debug ("ECDSA operation: sign, verify ok.\n"); - -+ result = 0; /* The test succeeded. */ +- log_debug ("ECDSA operation: sign, verify ok.\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("ECDSA operation: sign, verify ok.\n"); ++ } + ++ result = 0; /* The test succeeded. */ + + leave: point_free (&pk.Q); _gcry_ecc_curve_free (&pk.E); -@@ -317,6 +474,16 @@ test_keys (ECC_secret_key *sk, unsigned +@@ -317,6 +503,16 @@ test_keys (ECC_secret_key *sk, unsigned mpi_free (out); mpi_free (c); mpi_free (test); ++++++ libgcrypt-PCT-RSA.patch ++++++ --- /var/tmp/diff_new_pack.WQipT2/_old 2020-05-26 18:32:22.621575355 +0200 +++ /var/tmp/diff_new_pack.WQipT2/_new 2020-05-26 18:32:22.621575355 +0200 @@ -2,7 +2,7 @@ =================================================================== --- libgcrypt-1.8.2.orig/cipher/rsa.c +++ libgcrypt-1.8.2/cipher/rsa.c -@@ -159,27 +159,93 @@ test_keys (RSA_secret_key *sk, unsigned +@@ -159,27 +159,103 @@ test_keys (RSA_secret_key *sk, unsigned /* Create another random plaintext as data for signature checking. */ _gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM); @@ -32,7 +32,8 @@ - goto leave; /* Signature matches but should not. */ + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) + { -+ log_debug ("gcry_pk_sign failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_sign/open failed\n"); + goto leave_hash; + } + @@ -40,6 +41,7 @@ + _gcry_md_write (hd, buf, buflen); + + xfree (buf); ++ buf = NULL; + + /* build RSA private key sexp in s_skey */ + sexp_build (&s_skey, NULL, @@ -50,20 +52,23 @@ + + if (_gcry_pk_sign_md (&r_sig, hd, s_hash, s_skey)) + { -+ log_debug ("gcry_pk_sign failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_sign failed\n"); + goto leave_hash; + } + + /* Check that the signature and the original plaintext differ. */ + if (_gcry_sexp_extract_param (r_sig, "sig-val!rsa", "s", &r_sig_mpi, NULL)) + { -+ log_debug ("extracting signature data failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("extracting signature data failed\n"); + goto leave_hash; + } + + if (!mpi_cmp (r_sig_mpi, plaintext)) + { -+ log_debug ("Signature failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("Signature failed\n"); + goto leave_hash; /* Signature and plaintext match but should not. */ + } + @@ -75,17 +80,22 @@ + sexp_build (&s_hash, NULL, "(data (flags pkcs1)(hash-algo sha256))"); + + if (_gcry_md_open (&hd, GCRY_MD_SHA256, 0)) -+ log_debug ("gcry_md_open failed\n"); ++ { ++ if (DBG_CIPHER) ++ log_debug ("gcry_md_open failed\n"); ++ } + + _gcry_mpi_aprint (GCRYMPI_FMT_STD, &buf, &buflen, plaintext); + _gcry_md_write (hd, buf, buflen); + + xfree (buf); ++ buf = NULL; + + /* verify the signature */ + if (_gcry_pk_verify_md (r_sig, hd, s_hash, s_pkey)) + { -+ log_debug ("gcry_pk_verify failed\n"); ++ if (DBG_CIPHER) ++ log_debug ("gcry_pk_verify failed\n"); + goto leave_hash; /* Signature does not match. */ + } @@ -108,7 +118,7 @@ return result; } -@@ -1903,7 +1969,7 @@ selftest_encr_2048 (gcry_sexp_t pkey, gc +@@ -1903,7 +1979,7 @@ selftest_encr_2048 (gcry_sexp_t pkey, gc /* This sexp trickery is to prevent the use of blinding. * The flag doesn't get inherited by encr, so we have to * derive a new sexp from the ciphertext */ @@ -117,3 +127,11 @@ memset(buf, 0, sizeof(buf)); err = _gcry_mpi_print (GCRYMPI_FMT_STD, buf, sizeof buf, NULL, ciphertext); if (err) +@@ -2012,6 +2088,7 @@ selftests_rsa (selftest_report_func_t re + sexp_release (skey); + if (report) + report ("pubkey", GCRY_PK_RSA, what, errtxt); ++ + return GPG_ERR_SELFTEST_FAILED; + } +
