Blame SOURCES/libgcrypt-1.8.5-kdf-selftest.patch

44dab0
diff -up libgcrypt-1.8.5/cipher/kdf.c.kdf-selftest libgcrypt-1.8.5/cipher/kdf.c
44dab0
--- libgcrypt-1.8.5/cipher/kdf.c.kdf-selftest	2017-11-23 19:16:58.000000000 +0100
44dab0
+++ libgcrypt-1.8.5/cipher/kdf.c	2020-06-15 18:14:26.494995669 +0200
44dab0
@@ -305,3 +305,99 @@ _gcry_kdf_derive (const void *passphrase
44dab0
  leave:
44dab0
   return ec;
44dab0
 }
44dab0
+
44dab0
+
44dab0
+/* PBKDF2 selftests.
44dab0
+ * Copyright (C) 2008 Free Software Foundation, Inc.
44dab0
+ * Copyright (C) 2019, 2020 Red Hat, Inc.
44dab0
+ */
44dab0
+
44dab0
+/* Check one PBKDF2 call with HASH ALGO using the regular KDF
44dab0
+ * API. (passphrase,passphraselen) is the password to be derived,
44dab0
+ * (salt,saltlen) the salt for the key derivation,
44dab0
+ * iterations is the number of the kdf iterations,
44dab0
+ * and (expect,expectlen) the expected result. Returns NULL on
44dab0
+ * success or a string describing the failure.  */
44dab0
+
44dab0
+static const char *
44dab0
+check_one (int algo,
44dab0
+           const void *passphrase, size_t passphraselen,
44dab0
+           const void *salt, size_t saltlen,
44dab0
+           unsigned long iterations,
44dab0
+           const void *expect, size_t expectlen)
44dab0
+{
44dab0
+  unsigned char key[512]; /* hardcoded to avoid allocation */
44dab0
+  size_t keysize = expectlen;
44dab0
+
44dab0
+  if (keysize > sizeof(key))
44dab0
+    return "invalid tests data";
44dab0
+
44dab0
+  if (_gcry_kdf_derive (passphrase, passphraselen, GCRY_KDF_PBKDF2,
44dab0
+                        algo, salt, saltlen, iterations,
44dab0
+                         keysize, key))
44dab0
+    return "gcry_kdf_derive failed";
44dab0
+
44dab0
+  if (memcmp (key, expect, expectlen))
44dab0
+    return "does not match";
44dab0
+
44dab0
+  return NULL;
44dab0
+}
44dab0
+
44dab0
+static gpg_err_code_t
44dab0
+run_pbkdf2_selftest (int extended, selftest_report_func_t report)
44dab0
+{
44dab0
+  const char *what;
44dab0
+  const char *errtxt;
44dab0
+
44dab0
+  what = "Basic PBKDF2 SHA256";
44dab0
+  errtxt = check_one (GCRY_MD_SHA256,
44dab0
+        "password", 8,
44dab0
+        "salt", 4,
44dab0
+        2,
44dab0
+        "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0"
44dab0
+        "\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32);
44dab0
+  if (errtxt)
44dab0
+    goto failed;
44dab0
+
44dab0
+  if (extended)
44dab0
+    {
44dab0
+      what = "Extended PBKDF2 SHA256";
44dab0
+      errtxt = check_one (GCRY_MD_SHA256,
44dab0
+        "passwordPASSWORDpassword", 24,
44dab0
+        "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
44dab0
+        4096,
44dab0
+        "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8\x14\xb8\x11\x6e\x84\xcf"
44dab0
+        "\x2b\x17\x34\x7e\xbc\x18\x00\x18\x1c\x4e\x2a\x1f\xb8\xdd\x53\xe1"
44dab0
+        "\xc6\x35\x51\x8c\x7d\xac\x47\xe9", 40);
44dab0
+      if (errtxt)
44dab0
+        goto failed;
44dab0
+    }
44dab0
+
44dab0
+  return 0; /* Succeeded. */
44dab0
+
44dab0
+ failed:
44dab0
+  if (report)
44dab0
+    report ("kdf", GCRY_KDF_PBKDF2, what, errtxt);
44dab0
+  return GPG_ERR_SELFTEST_FAILED;
44dab0
+}
44dab0
+
44dab0
+
44dab0
+/* Run the selftests for KDF with KDF algorithm ALGO with optional
44dab0
+   reporting function REPORT.  */
44dab0
+gpg_error_t
44dab0
+_gcry_kdf_selftest (int algo, int extended, selftest_report_func_t report)
44dab0
+{
44dab0
+  gcry_err_code_t ec = 0;
44dab0
+
44dab0
+  if (algo == GCRY_KDF_PBKDF2)
44dab0
+    {
44dab0
+      ec = run_pbkdf2_selftest (extended, report);
44dab0
+    }
44dab0
+  else
44dab0
+    {
44dab0
+      ec = GPG_ERR_UNSUPPORTED_ALGORITHM;
44dab0
+      if (report)
44dab0
+        report ("kdf", algo, "module", "algorithm not available");
44dab0
+    }
44dab0
+  return gpg_error (ec);
44dab0
+}
44dab0
diff -up libgcrypt-1.8.5/src/cipher-proto.h.kdf-selftest libgcrypt-1.8.5/src/cipher-proto.h
44dab0
--- libgcrypt-1.8.5/src/cipher-proto.h.kdf-selftest	2020-06-15 18:03:25.785353036 +0200
44dab0
+++ libgcrypt-1.8.5/src/cipher-proto.h	2020-06-15 18:03:25.788353061 +0200
44dab0
@@ -259,6 +259,8 @@ gcry_error_t _gcry_hmac_selftest (int al
44dab0
                                   selftest_report_func_t report);
44dab0
 gcry_error_t _gcry_cmac_selftest (int algo, int extended,
44dab0
                                   selftest_report_func_t report);
44dab0
+gcry_error_t _gcry_kdf_selftest (int algo, int extended,
44dab0
+                                  selftest_report_func_t report);
44dab0
 
44dab0
 gcry_error_t _gcry_random_selftest (selftest_report_func_t report);
44dab0
 
44dab0
diff -up libgcrypt-1.8.5/src/fips.c.kdf-selftest libgcrypt-1.8.5/src/fips.c
44dab0
--- libgcrypt-1.8.5/src/fips.c.kdf-selftest	2020-06-15 18:03:25.777352968 +0200
44dab0
+++ libgcrypt-1.8.5/src/fips.c	2020-06-15 18:08:40.651028096 +0200
44dab0
@@ -490,6 +490,29 @@ run_mac_selftests (int extended)
44dab0
   return anyerr;
44dab0
 }
44dab0
 
44dab0
+/* Run self-tests for all KDF algorithms.  Return 0 on success. */
44dab0
+static int
44dab0
+run_kdf_selftests (int extended)
44dab0
+{
44dab0
+  static int algos[] =
44dab0
+    {
44dab0
+      GCRY_KDF_PBKDF2,
44dab0
+      0
44dab0
+    };
44dab0
+  int idx;
44dab0
+  gpg_error_t err;
44dab0
+  int anyerr = 0;
44dab0
+
44dab0
+  for (idx=0; algos[idx]; idx++)
44dab0
+    {
44dab0
+      err = _gcry_kdf_selftest (algos[idx], extended, reporter);
44dab0
+      reporter ("kdf", algos[idx], NULL, err? gpg_strerror (err):NULL);
44dab0
+      if (err)
44dab0
+        anyerr = 1;
44dab0
+    }
44dab0
+  return anyerr;
44dab0
+}
44dab0
+
44dab0
 
44dab0
 /* Run self-tests for all required public key algorithms.  Return 0 on
44dab0
    success. */
44dab0
@@ -673,6 +696,9 @@ _gcry_fips_run_selftests (int extended)
44dab0
   if (run_mac_selftests (extended))
44dab0
     goto leave;
44dab0
 
44dab0
+  if (run_kdf_selftests (extended))
44dab0
+    goto leave;
44dab0
+
44dab0
   /* Run random tests before the pubkey tests because the latter
44dab0
      require random.  */
44dab0
   if (run_random_selftests ())