[PATCH 2/4] cipher: Differentiate no-blinding flag in the SLI
Lucas Mulling
lucas.mulling at suse.com
Wed Feb 26 21:19:23 CET 2025
* cipher/rsa.c (rsa_decrypt, rsa_encrypt): Differentiate use of flag
no-blinding in the service level indicator.
Signed-off-by: Lucas Mulling <lucas.mulling at suse.com>
---
cipher/rsa.c | 30 ++++++++++++++++++++++++++++--
1 file changed, 28 insertions(+), 2 deletions(-)
diff --git a/cipher/rsa.c b/cipher/rsa.c
index c7a809f4..bee40b37 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1501,7 +1501,19 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
be practically mounted over the network as shown by Brumley and
Boney in 2003. */
if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
- secret (plain, data, &sk);
+ {
+ if (fips_mode ())
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+ {
+ rc = GPG_ERR_INV_FLAG;
+ goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
+ secret (plain, data, &sk);
+ }
else
secret_blinded (plain, data, &sk, nbits);
@@ -1615,8 +1627,22 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
/* Do RSA computation. */
sig = mpi_new (0);
+
if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
- secret (sig, data, &sk);
+ {
+ if (fips_mode ())
+ {
+ if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
+ {
+ rc = GPG_ERR_INV_FLAG;
+ goto leave;
+ }
+ else
+ fips_service_indicator_mark_non_compliant ();
+ }
+
+ secret (sig, data, &sk);
+ }
else
secret_blinded (sig, data, &sk, nbits);
if (DBG_CIPHER)
--
2.48.1
More information about the Gcrypt-devel
mailing list