[PATCH 2/2] cipher: Differentiate use of label K in the SLI
Lucas Mulling
lucas.mulling at suse.com
Wed Feb 26 16:29:54 CET 2025
* cipher/ecc.c (ecc_sign, ecc_verify): Use of label K is not allowed in
fips mode, differentiate with the GCRY_FIPS_FLAG_REJECT_PK_ECC_K flag.
* src/gcrypt.h.in: New GCRY_FIPS_FLAG_REJECT_PK_ECC_K.
* tests/t-fips-service-ind.c (check_pk_hash_sign_verify): Mark non
compliant use of label.
Signed-off-by: Lucas Mulling <lucas.mulling at suse.com>
---
cipher/ecc.c | 26 +++++++++++++++++++++++++-
src/gcrypt.h.in | 1 +
tests/t-fips-service-ind.c | 10 +++++-----
3 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/cipher/ecc.c b/cipher/ecc.c
index 82630dac..5c6b609f 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -960,7 +960,16 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
log_mpidump ("ecc_sign data", data);
if (ctx.label)
- rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, ctx.label, ctx.labellen, NULL);
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
+ {
+ rc = GPG_ERR_INV_DATA;
+ goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, ctx.label, ctx.labellen, NULL);
+ }
if (rc)
goto leave;
@@ -1117,6 +1126,21 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
rc = _gcry_pk_util_data_to_mpi (s_data, &data, &ctx);
if (rc)
goto leave;
+
+ if(ctx.label)
+ {
+ if (fips_mode ())
+ {
+ if(fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
+ {
+ rc = GPG_ERR_INV_DATA;
+ goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
+ }
+
if (DBG_CIPHER)
log_mpidump ("ecc_verify data", data);
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index 3a7acb13..ce1b729d 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -1990,6 +1990,7 @@ char *gcry_get_config (int mode, const char *what);
#define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2 (1 << 7)
#define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE (1 << 8)
#define GCRY_FIPS_FLAG_REJECT_MD_SHA1 (1 << 9)
+#define GCRY_FIPS_FLAG_REJECT_PK_ECC_K (1 << 10)
#define GCRY_FIPS_FLAG_REJECT_MD \
(GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
index f8485176..d866b9d8 100644
--- a/tests/t-fips-service-ind.c
+++ b/tests/t-fips-service-ind.c
@@ -437,7 +437,7 @@ check_pk_hash_sign_verify (void)
"ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
"(data(flags raw)(hash %s %b)(label %b))",
"94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
- 0, 0
+ 1, 0,
}
};
int tvidx;
@@ -536,7 +536,7 @@ check_pk_hash_sign_verify (void)
if (ec == GPG_ERR_INV_OP)
{
/* libgcrypt is old, no support of the FIPS service indicator. */
- fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
+ fail ("gcry_pk_hash_sign test %d unexpectedly failed to check the FIPS service indicator.\n",
tvidx);
goto next;
}
@@ -544,7 +544,7 @@ check_pk_hash_sign_verify (void)
if (in_fips_mode && !tv[tvidx].expect_failure && ec)
{
/* Success with the FIPS service indicator == 0 expected, but != 0. */
- fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
+ fail ("gcry_pk_hash_sign test %d unexpectedly set the indicator in FIPS mode.\n",
tvidx);
goto next;
}
@@ -568,7 +568,7 @@ check_pk_hash_sign_verify (void)
if (ec == GPG_ERR_INV_OP)
{
/* libgcrypt is old, no support of the FIPS service indicator. */
- fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
+ fail ("gcry_pk_hash_verify test %d unexpectedly failed to check the FIPS service indicator.\n",
tvidx);
goto next;
}
@@ -576,7 +576,7 @@ check_pk_hash_sign_verify (void)
if (in_fips_mode && !tv[tvidx].expect_failure && ec)
{
/* Success with the FIPS service indicator == 0 expected, but != 0. */
- fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
+ fail ("gcry_pk_hash_verify test %d unexpectedly set the indicator in FIPS mode.\n",
tvidx);
goto next;
}
--
2.48.1
More information about the Gcrypt-devel
mailing list