rpms / libgcrypt

Clone
Source Code
GIT

Blame SOURCES/libgcrypt-1.10.0-fips-kdf.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   ff8b6ab7c606a85431dbaaed448000615f387d4a
  2.   SOURCES
  3.   libgcrypt-1.10.0-fips-kdf.patch
Blob History Raw
ff8b6a 
From 3c04b692de1e7b45b764ff8d66bf84609b012e3a Mon Sep 17 00:00:00 2001
ff8b6a 
From: Tobias Heider <tobias.heider@canonical.com>
ff8b6a 
Date: Tue, 27 Sep 2022 13:31:05 +0900
ff8b6a 
Subject: [PATCH] kdf:pkdf2: Check minimum allowed key size when running in
ff8b6a 
 FIPS mode.
ff8b6a
ff8b6a 
* cipher/kdf.c (_gcry_kdf_pkdf2): Add output length check.
ff8b6a
ff8b6a 
--
ff8b6a
ff8b6a 
GnuPG-bug-id: 6219
ff8b6a 
---
ff8b6a 
 cipher/kdf.c | 4 ++++
ff8b6a 
 1 file changed, 4 insertions(+)
ff8b6a
ff8b6a 
diff --git a/cipher/kdf.c b/cipher/kdf.c
ff8b6a 
index 81523320..67c60df8 100644
ff8b6a 
--- a/cipher/kdf.c
ff8b6a 
+++ b/cipher/kdf.c
ff8b6a 
@@ -160,6 +160,10 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
ff8b6a 
     return GPG_ERR_INV_VALUE;
ff8b6a 
 #endif
ff8b6a
ff8b6a 
+  /* Check minimum key size */
ff8b6a 
+  if (fips_mode () && dklen < 14)
ff8b6a 
+    return GPG_ERR_INV_VALUE;
ff8b6a 
+
ff8b6a
ff8b6a 
   /* Step 2 */
ff8b6a 
   l = ((dklen - 1)/ hlen) + 1;
ff8b6a 
--
ff8b6a 
2.37.3
ff8b6a 
From e5a5e847b66eb6b80e60a2dffa347268f059aee3 Mon Sep 17 00:00:00 2001
ff8b6a 
From: Jakub Jelen <jjelen@redhat.com>
ff8b6a 
Date: Tue, 4 Oct 2022 12:44:54 +0200
ff8b6a 
Subject: [PATCH] tests: Reproducer for short dklen in FIPS mode
ff8b6a
ff8b6a 
* tests/t-kdf.c (check_pbkdf2): Add test vector with short dklen and
ff8b6a 
  verify it fails in FIPS mode
ff8b6a 
--
ff8b6a
ff8b6a 
GnuPG-bug-id: 6219
ff8b6a 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
ff8b6a 
---
ff8b6a 
 tests/t-kdf.c | 12 ++++++++++--
ff8b6a 
 1 file changed, 10 insertions(+), 2 deletions(-)
ff8b6a
ff8b6a 
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
ff8b6a 
index c0192d7b..716fb53e 100644
ff8b6a 
--- a/tests/t-kdf.c
ff8b6a 
+++ b/tests/t-kdf.c
ff8b6a 
@@ -909,6 +909,14 @@ check_pbkdf2 (void)
ff8b6a 
       "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9"
ff8b6a 
       "\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6"
ff8b6a 
     },
ff8b6a 
+    {
ff8b6a 
+      "password", 8,
ff8b6a 
+      "salt", 4,
ff8b6a 
+      GCRY_MD_SHA1,
ff8b6a 
+      1,
ff8b6a 
+      10, /* too short dklen for FIPS */
ff8b6a 
+      "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9"
ff8b6a 
+    },
ff8b6a 
     {
ff8b6a 
       "password", 8,
ff8b6a 
       "salt", 4,
ff8b6a 
@@ -1109,7 +1117,7 @@ check_pbkdf2 (void)
ff8b6a 
                              GCRY_KDF_PBKDF2, tv[tvidx].hashalgo,
ff8b6a 
                              tv[tvidx].salt, tv[tvidx].saltlen,
ff8b6a 
                              tv[tvidx].c, tv[tvidx].dklen, outbuf);
ff8b6a 
-      if (in_fips_mode && tvidx > 6)
ff8b6a 
+      if (in_fips_mode && tvidx > 7)
ff8b6a 
         {
ff8b6a 
           if (!err)
ff8b6a 
             fail ("pbkdf2 test %d unexpectedly passed in FIPS mode: %s\n",
ff8b6a 
@@ -1118,7 +1126,7 @@ check_pbkdf2 (void)
ff8b6a 
         }
ff8b6a 
       if (err)
ff8b6a 
         {
ff8b6a 
-          if (in_fips_mode && tv[tvidx].plen < 14)
ff8b6a 
+          if (in_fips_mode && (tv[tvidx].plen < 14 || tv[tvidx].dklen < 14))
ff8b6a 
             {
ff8b6a 
               if (verbose)
ff8b6a 
                 fprintf (stderr,
ff8b6a 
--
ff8b6a 
2.37.3
ff8b6a

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation