From b03a087fcb0203a2ec80f00b15fae0a3ed08d397 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Mar 12 2019 16:33:31 +0000
Subject: import gnutls-3.3.29-9.el7_6


---

diff --git a/SOURCES/gnutls-3.3.29-fips140-fix-ecdsa-kat-selftest.patch b/SOURCES/gnutls-3.3.29-fips140-fix-ecdsa-kat-selftest.patch
new file mode 100644
index 0000000..02be442
--- /dev/null
+++ b/SOURCES/gnutls-3.3.29-fips140-fix-ecdsa-kat-selftest.patch
@@ -0,0 +1,70 @@
+--- a/lib/crypto-selftests-pk.c	2019-02-06 14:49:44.807422315 +0100
++++ b/lib/crypto-selftests-pk.c	2019-02-06 14:56:40.311049707 +0100
+@@ -731,30 +731,9 @@
+ 			goto cleanup;
+ 		}
+ 
+-		if (all == 0)
+-			return 0;
+ #endif
+ 
+ 		/* Test ECDSA */
+-#ifdef ENABLE_NON_SUITEB_CURVES
+-		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+-			      GNUTLS_CURVE_TO_BITS
+-			      (GNUTLS_ECC_CURVE_SECP192R1),
+-			      GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
+-			      ecdsa_secp192r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1),
+-			GNUTLS_DIG_SHA256);
+-
+-		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+-			      GNUTLS_CURVE_TO_BITS
+-			      (GNUTLS_ECC_CURVE_SECP224R1),
+-			      GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
+-			      ecdsa_secp224r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1),
+-			GNUTLS_DIG_SHA256);
+-#endif
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+ 			      GNUTLS_CURVE_TO_BITS
+ 			      (GNUTLS_ECC_CURVE_SECP256R1),
+@@ -764,6 +743,9 @@
+ 			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),
+ 			GNUTLS_DIG_SHA256);
+ 
++		if (all == 0)
++			return 0;
++
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+ 			      GNUTLS_CURVE_TO_BITS
+ 			      (GNUTLS_ECC_CURVE_SECP384R1),
+@@ -782,6 +764,26 @@
+ 			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1),
+ 			GNUTLS_DIG_SHA512);
+ 
++#ifdef ENABLE_NON_SUITEB_CURVES
++		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
++			      GNUTLS_CURVE_TO_BITS
++			      (GNUTLS_ECC_CURVE_SECP192R1),
++			      GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
++			      ecdsa_secp192r1_sig);
++		PK_TEST(GNUTLS_PK_EC, test_sig,
++			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1),
++			GNUTLS_DIG_SHA256);
++
++		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
++			      GNUTLS_CURVE_TO_BITS
++			      (GNUTLS_ECC_CURVE_SECP224R1),
++			      GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
++			      ecdsa_secp224r1_sig);
++		PK_TEST(GNUTLS_PK_EC, test_sig,
++			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1),
++			GNUTLS_DIG_SHA256);
++#endif
++
+ 		break;
+ 
+ 	default:
diff --git a/SPECS/gnutls.spec b/SPECS/gnutls.spec
index a2a8f61..bf614f1 100644
--- a/SPECS/gnutls.spec
+++ b/SPECS/gnutls.spec
@@ -3,7 +3,7 @@
 Summary: A TLS protocol implementation
 Name: gnutls
 Version: 3.3.29
-Release: 8%{?dist}
+Release: 9%{?dist}
 # The libraries are LGPLv2.1+, utilities are GPLv3+
 License: GPLv3+ and LGPLv2+
 Group: System Environment/Libraries
@@ -79,6 +79,8 @@ Patch23: gnutls-3.3.29-serv-large-key-resumption.patch
 # HMAC-SHA-256 cipher suites brought back downstream for compatibility
 # The priority was set below AEAD
 Patch24: gnutls-3.3.29-bring-back-hmac-sha256.patch
+# Run KAT startup test for ECDSA (using secp256r1 curve) (rhbz#1673919)
+Patch25: gnutls-3.3.29-fips140-fix-ecdsa-kat-selftest.patch
 # Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
 Provides: bundled(gnulib) = 20130424
 
@@ -201,6 +203,7 @@ This package contains Guile bindings for the library.
 %patch22 -p1
 %patch23 -p1
 %patch24 -p1
+%patch25 -p1
 
 sed 's/gnutls_srp.c//g' -i lib/Makefile.in
 sed 's/gnutls_srp.lo//g' -i lib/Makefile.in
@@ -359,6 +362,9 @@ fi
 %endif
 
 %changelog
+* Tue Feb 12 2019 Anderson Sasaki <ansasaki@redhat.com> 3.3.29-9
+- Make sure the FIPS startup KAT selftest run for ECDSA (#1673919)
+
 * Fri Jul 20 2018 Anderson Sasaki <ansasaki@redhat.com> 3.3.29-8
 - Backported --sni-hostname option which allows overriding the hostname
   advertised to the peer (#1444792)