rpms / libgcrypt

Clone
Source Code
GIT

Blame SOURCES/libgcrypt-1.10.0-fips-indicator.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9
  2.   SOURCES
  3.   libgcrypt-1.10.0-fips-indicator.patch
Blob History Raw
e35e9c 
From c34c9e70055ee43e5ef257384fa15941f064e5a4 Mon Sep 17 00:00:00 2001
e35e9c 
From: Jakub Jelen <jjelen@redhat.com>
e35e9c 
Date: Tue, 15 Nov 2022 10:47:18 +0100
e35e9c 
Subject: [PATCH] fips: Mark AES key wrapping as approved.
e35e9c
e35e9c 
* src/fips.c (_gcry_fips_indicator_cipher): Add key wrapping mode as
e35e9c 
approved.
e35e9c
e35e9c 
--
e35e9c
e35e9c 
GnuPG-bug-id: 5512
e35e9c 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
e35e9c 
---
e35e9c 
 src/fips.c | 1 +
e35e9c 
 1 file changed, 1 insertion(+)
e35e9c
e35e9c 
diff --git a/src/fips.c b/src/fips.c
e35e9c 
index 6599121c..272aabae 100644
e35e9c 
--- a/src/fips.c
e35e9c 
+++ b/src/fips.c
e35e9c 
@@ -367,6 +367,7 @@ _gcry_fips_indicator_cipher (va_list arg_ptr)
e35e9c 
         case GCRY_CIPHER_MODE_CCM:
e35e9c 
         case GCRY_CIPHER_MODE_GCM:
e35e9c 
         case GCRY_CIPHER_MODE_XTS:
e35e9c 
+        case GCRY_CIPHER_MODE_AESWRAP:
e35e9c 
           return GPG_ERR_NO_ERROR;
e35e9c 
         default:
e35e9c 
           return GPG_ERR_NOT_SUPPORTED;
e35e9c 
--
e35e9c
e35e9c 
commit d6117b04e0e4d5d68df8fb731f618b0d5126ee14
e35e9c 
Author: Jakub Jelen <jjelen@redhat.com>
e35e9c 
Date:   Tue Jan 17 14:39:34 2023 +0100
e35e9c
e35e9c 
    fips: Remove GCM mode from the allowed FIPS indicators
e35e9c
e35e9c 
    * src/fips.c (_gcry_fips_indicator_cipher): Do not mark GCM mode as FIPS
e35e9c 
      approved.
e35e9c 
    ---
e35e9c
e35e9c 
    Signed-off-by: Jakub Jelen <jjelen@redhat.com>
e35e9c
e35e9c 
diff --git a/src/fips.c b/src/fips.c
e35e9c 
index 272aabae..774e7b4c 100644
e35e9c 
--- a/src/fips.c
e35e9c 
+++ b/src/fips.c
e35e9c 
@@ -365,7 +365,6 @@ _gcry_fips_indicator_cipher (va_list arg_ptr)
e35e9c 
         case GCRY_CIPHER_MODE_OFB:
e35e9c 
         case GCRY_CIPHER_MODE_CTR:
e35e9c 
         case GCRY_CIPHER_MODE_CCM:
e35e9c 
-        case GCRY_CIPHER_MODE_GCM:
e35e9c 
         case GCRY_CIPHER_MODE_XTS:
e35e9c 
         case GCRY_CIPHER_MODE_AESWRAP:
e35e9c 
           return GPG_ERR_NO_ERROR;
e35e9c 
--

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation