[svn] gcry - r1295 - in trunk: . cipher doc random src tests
svn author wk
cvs at cvs.gnupg.org
Tue Aug 19 17:55:53 CEST 2008
Author: wk
Date: 2008-08-19 17:55:46 +0200 (Tue, 19 Aug 2008)
New Revision: 1295
Added:
trunk/random/random-csprng.c
trunk/random/random-fips.c
trunk/random/random.c
trunk/src/cipher-proto.h
trunk/src/hmac256.c
trunk/src/hmac256.h
Removed:
trunk/BUGS
trunk/random/random.c
Modified:
trunk/ChangeLog
trunk/Makefile.am
trunk/NEWS
trunk/cipher/ChangeLog
trunk/cipher/Makefile.am
trunk/cipher/ac.c
trunk/cipher/cipher.c
trunk/cipher/des.c
trunk/cipher/dsa.c
trunk/cipher/ecc.c
trunk/cipher/md.c
trunk/cipher/pubkey.c
trunk/cipher/rijndael.c
trunk/cipher/rsa.c
trunk/cipher/sha1.c
trunk/cipher/sha256.c
trunk/cipher/sha512.c
trunk/configure.ac
trunk/doc/ChangeLog
trunk/doc/Makefile.am
trunk/doc/gcrypt.texi
trunk/random/ChangeLog
trunk/random/Makefile.am
trunk/random/rand-internal.h
trunk/random/random.h
trunk/src/ChangeLog
trunk/src/Makefile.am
trunk/src/ath.c
trunk/src/ath.h
trunk/src/cipher.h
trunk/src/g10lib.h
trunk/src/gcrypt-module.h
trunk/src/gcrypt.h.in
trunk/src/global.c
trunk/src/libgcrypt.def
trunk/src/libgcrypt.vers
trunk/src/misc.c
trunk/src/module.c
trunk/src/visibility.c
trunk/src/visibility.h
trunk/tests/ChangeLog
trunk/tests/basic.c
trunk/tests/benchmark.c
trunk/tests/register.c
Log:
A whole bunch of changes to eventually support
FIPS restricted mode. Also some documentation
improvements and other minor enhancements.
See the ChangeLogs. Stay tuned.
[The diff below has been truncated]
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,11 @@
+2008-08-18 Werner Koch <wk at g10code.com>
+
+ * Makefile.am (EXTRA_DIST): Remove the unused BUGS file.
+
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * configure.ac (AH_BOTTOM): Define GCRY_GPG_ERR_NOT_OPERATIONAL.
+
2008-07-05 Werner Koch <wk at g10code.com>
* random/: New.
Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/cipher/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,96 @@
+2008-08-19 Werner Koch <wk at g10code.com>
+
+ * pubkey.c (sexp_elements_extract_ecc) [!USE_ECC]: Do not allow
+ allow "curve" parameter.
+
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * pubkey.c (_gcry_pk_selftest): New.
+ * dsa.c (selftests_dsa, run_selftests): New.
+ * rsa.c (selftests_rsa, run_selftests): New.
+ * ecc.c (selftests_ecdsa, run_selftests): New.
+
+ * md.c (_gcry_md_selftest): New.
+ * sha1.c (run_selftests, selftests_sha1): New.
+ * sha256.c (selftests_sha224, selftests_sha256, run_selftests): New.
+ * sha512.c (selftests_sha384, selftests_sha512, run_selftests): New.
+
+ * des.c (selftest): Remove static variable form selftest.
+ (des_setkey): No on-the-fly self test in fips mode.
+ (tripledes_set3keys): Ditto.
+
+ * cipher.c (_gcry_cipher_setkey, _gcry_cipher_setiv):
+
+ * dsa.c (generate): Bail out in fips mode if NBITS is less than 1024.
+ * rsa.c (generate): Return an error code if the the requested size
+ is less than 1024 and we are in fpis mode.
+ (_gcry_rsa_generate): Take care of that error code.
+
+ * ecc.c (generate_curve): In fips mode enable only NIST curves.
+
+ * cipher.c (_gcry_cipher_selftest): New.
+
+ * sha512.c (_gcry_digest_extraspec_sha384)
+ (_gcry_digest_extraspec_sha512): New.
+ * sha256.c (_gcry_digest_extraspec_sha224)
+ (_gcry_digest_extraspec_sha256): New.
+ * sha1.c (_gcry_digest_extraspec_sha1): New.
+ * ecc.c (_gcry_pubkey_extraspec_ecdsa): New.
+ * dsa.c (_gcry_pubkey_extraspec_dsa): New.
+ * rsa.c (_gcry_pubkey_extraspec_rsa): New.
+ * rijndael.c (_gcry_cipher_extraspec_aes)
+ (_gcry_cipher_extraspec_aes192, _gcry_cipher_extraspec_aes256): New.
+ * des.c (_gcry_cipher_extraspec_tripledes): New.
+
+ * cipher.c (gcry_cipher_register): Rename to _gcry_cipher_register.
+ Add arg EXTRASPEC.
+ (dummy_extra_spec): New.
+ (cipher_table_entry): Add extraspec field.
+ * md.c (_gcry_md_register): Rename to _gcry_md_register. Add
+ arg EXTRASPEC.
+ (dummy_extra_spec): New.
+ (digest_table_entry): Add extraspec field.
+ * pubkey.c (gcry_pk_register): Rename to _gcry_pk_register. Add
+ arg EXTRASPEC.
+ (dummy_extra_spec): New.
+ (pubkey_table_entry): Add extraspec field.
+
+ * ac.c: Let most public functions return GPG_ERR_UNSUPPORTED in
+ fips mode.
+
+ * pubkey.c (pubkey_table_entry): Add field FIPS_ALLOWED and mark
+ appropriate algorithms.
+ (dummy_generate, dummy_check_secret_key, dummy_encrypt)
+ (dummy_decrypt, dummy_sign, dummy_verify, dummy_get_nbits): Signal
+ a fips error when used.
+ (gcry_pk_register): In fips mode do not allow to register new
+ algorithms.
+
+ * md.c (digest_table): Add field FIPS_ALLOWED and mark appropriate
+ algorithms.
+ (md_register_default): In fips mode register only fips algorithms.
+ (gcry_md_register): In fips mode do not allow to register new
+ algorithms.
+ (gcry_md_get): Signal a fips error if called.
+ (gcry_md_hash_buffer): Do not allow rmd160 when not in fips mode.
+ (md_start_debug): Disable in fips_mode.
+
+ * md.c (gcry_md_register_default): Rename to ..
+ (md_register_default): .. this.
+ (md_digest): Remove this commented fucntion.
+ * pubkey.c (gcry_pk_register_default): Rename to ..
+ (pk_register_default): .. this.
+
+ * cipher.c (cipher_table_entry): Add field FIPS_ALLOWED.
+ (gcry_cipher_register_default): Register only fips approved
+ algorithms.
+ (gcry_cipher_register): Do not allow to register new ciphers.
+ (cipher_setiv): Signal fips error.
+
+ * cipher (gcry_cipher_register_default): Rename to ..
+ (cipher_register_default): .. this.
+ (REGISTER_DEFAULT_CIPHERS): Adjust for that change.
+
2008-07-05 Werner Koch <wk at g10code.com>
* random-daemon.c, random.h, rndhw.c, rndunix.c, rand-internal.h
Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/doc/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,21 @@
+2008-08-18 Werner Koch <wk at g10code.com>
+
+ * gcrypt.texi (Top): Remove the detailmenu.
+ (Public Key Cryptographi (II)): Move into a section of the PK
+ interface description.
+ (Hashing): Move after the encryption chapters.
+
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * gcrypt.texi (Controlling the library): Remove
+ GCRYCTL_DUMP_CONFIG because it is not implemented.
+ (Initializing the library): Describe initialization steps with
+ regard to secure memory.
+
+ * gcrypt.texi (Working with cipher handles): Adjust for
+ implementation changes of gcry_cipher_setkey, gcry_cipher_setiv and
+ gcry_cipher_setctr.
+
2008-01-04 Werner Koch <wk at g10code.com>
* gcrypt.texi (Controlling the library): Add remark that the
Modified: trunk/random/ChangeLog
===================================================================
--- trunk/random/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/random/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,34 @@
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * random-fips.c: New.
+
+ * random-csprng.c (process-cb, progress_cb_data): Move to
+ random.c.
+ (_gcry_register_random_progress, _gcry_random_progress): Ditto.
+ (_gcry_random_initialize): Rename to _gcry_rngcsprng_initialize.
+ (_gcry_random_dump_stats): Rename to _gcry_rngcsprng_dump_stats.
+ (_gcry_secure_random_alloc): Rename to
+ _gcry_rngcsprng_secure_alloc.
+ (_gcry_enable_quick_random_gen): Rename to
+ _gcry_rngcsprng_enable_quick_gen.
+ (_gcry_set_random_daemon_socket): Rename to
+ _gcry_rngcsprng_set_daemon_socket.
+ (_gcry_use_random_daemon): Rename to _gcry_rngcsprng_use_daemon.
+ (_gcry_random_is_faked): Rename to _gcry_rngcsprng_is_faked.
+ (gcry_random_add_bytes): Rename to _gcry_rngcsprng_add_bytes.
+ (gcry_random_bytes): Remove
+ (gcry_random_bytes_secure): Remove.
+ (gcry_randomize): Rename to _gcry_rngcsprng_randomize.
+ (_gcry_set_random_seed_file): Rename to
+ _gcry_rngcsprng_set_seed_file.
+ (_gcry_update_random_seed_file): Rename to
+ _gcry_rngcsprng_update_seed_file.
+ (_gcry_fast_random_poll): Rename to _gcry_rngcsprng_fast_poll.
+ (gcry_create_nonce): Rename to _gcry_rngcsprng_create_nonce.
+
+ * random.c: Factor all code out to random-csprng.c and implement
+ wrapper functions.
+
2008-07-05 Werner Koch <wk at g10code.com>
* random-daemon.c, random.h, rndhw.c, rndunix.c, rand-internal.h *
Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/src/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,62 @@
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * gcrypt.h.in (gcry_cipher_setkey): Replace macro by function.
+ (gcry_cipher_setiv): Ditto.
+ (gcry_cipher_setctr): Ditto.
+ * visibility.c (gcry_cipher_setkey, gcry_cipher_setiv)
+ (gcry_cipher_setctr): New.
+ * visibility.h (gcry_cipher_setkey, gcry_cipher_setiv)
+ (gcry_cipher_setctr): New.
+ * libgcrypt.vers (gcry_cipher_setkey, gcry_cipher_setiv)
+ (gcry_cipher_setctr): New.
+ * libgcrypt.def (gcry_cipher_setkey, gcry_cipher_setiv)
+ (gcry_cipher_setctr): New.
+
+ * hmac256.h, hmac256.c: New.
+ * Makefile.am (hmac256_SOURCES): New.
+ * Makefile.am (bin_PROGRAMS): Add hmac256.
+
+ * gcrypt.h.in (struct gcry_thread_cbs): Change type of OPTION to
+ unsigned int. Although this is a type change it does not make a
+ difference.
+ * ath.c (ath_install): Take the version of the option field in
+ account.
+
+ * visibility.c (gcry_pk_encrypt, gcry_pk_decrypt, gcry_pk_sign)
+ (gcry_pk_verify, gcry_pk_testkey, gcry_pk_genkey)
+ (gcry_pk_get_nbits, gcry_pk_get_keygrip)
+ (gcry_md_open, gcry_md_copy, gcry_md_enable)
+ (gcry_md_write, md_final, gcry_md_ctl, gcry_md_setkey)
+ (gcry_md_hash_buffer, gcry_md_get_algo, gcry_md_info)
+ (gcry_md_is_enabled)
+ (gcry_cipher_open, gcry_cipher_encrypt)
+ (gcry_cipher_decrypt, gcry_cipher_ctl)
+ (gcry_cipher_algo_info): Check whether the library is operational.
+
+ * cipher-proto.h: New.
+ * cipher.h: Include cipher-proto.h.
+ * visibility.h: Remove duplicate macro definitions. Remove
+ gcry_cipher_register, gcry_md_register, gcry_pk_register macros.
+ * visibility.c: Include cipher-proto.h.
+ (gcry_cipher_register): Pass dummy extra args to the internal
+ register function.
+ (gcry_md_register, gcry_pk_register): Ditto.
+ * g10lib.h (struct gcry_module): Add field EXTRASPEC.
+ * module.c (_gcry_module_add): Add arg EXTRASPEC. Changed all
+ callers to pass NULL.
+
+ * fips.c: New.
+ * gcrypt.h.in (GCRYCTL_FIPS_MODE_P): New.
+ * global.c (global_init): Call fips initialization.
+ (_gcry_vcontrol): Add GCRYCTL_FIPS_MODE_P code.
+ (print_config): Add config item fips-mode.
+ (gcry_set_allocation_handler): Do not allow the use of custom
+ allocation handlers.
+ (gcry_set_outofcore_handler): Ditto.
+ (_gcry_get_debug_flag): Do not return any debug flags in fips mode.
+ * misc.c (_gcry_logv): Signal fips error on BUG or FATAL.
+ (_gcry_fatal_error): Ditto.
+
2008-07-05 Werner Koch <wk at g10code.com>
* Makefile.am: Include librandom.la.
Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/tests/ChangeLog 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,3 +1,17 @@
+2008-08-18 Werner Koch <wk at g10code.com>
+
+ * basic.c (main): Add option --fips.
+
+2008-08-15 Werner Koch <wk at g10code.com>
+
+ * register.c (main): Check for fips mode.
+ (check_run): Take care of fips mode.
+
+ * basic.c (check_cbc_mac_cipher, check_ciphers, check_digests)
+ (check_hmac, check_pubkey): Do not test unavalaible algorithms in
+ fips mode.
+ (main): Check for fips mode.
+
2008-04-22 Werner Koch <wk at g10code.com>
* basic.c (check_one_cipher): Also check in-place encryption.
Modified: trunk/Makefile.am
===================================================================
--- trunk/Makefile.am 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/Makefile.am 2008-08-19 15:55:46 UTC (rev 1295)
@@ -24,7 +24,7 @@
DIST_SUBDIRS = m4 mpi cipher random src doc tests
SUBDIRS = mpi cipher random src doc tests
-EXTRA_DIST = BUGS autogen.sh README.SVN
+EXTRA_DIST = autogen.sh README.SVN
DISTCLEANFILES =
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/NEWS 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,7 +1,26 @@
Noteworthy changes in version 1.4.2
------------------------------------------------
+ * The library may now be switched into a FIPS mode.
+ * More runtime selftests.
+
+ * A few macros have been replaced by functions for better type
+ checking.
+
+ * The thread initialiation structure now carries version information.
+
+ * Interface changes relative to the 1.3.0 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ GCRYCTL_OPERATIONAL_P NEW.
+ GCRYCTL_FIPS_MODE_P NEW.
+ GCRYCTL_FORCE_FIPS_MODE NEW.
+ gcry_cipher_setkey NEW: Replaces macro.
+ gcry_cipher_setiv NEW: Replaces macro.
+ gcry_cipher_setctr NEW: Replaces macro.
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
Noteworthy changes in version 1.4.1 (2008-04-25)
------------------------------------------------
Modified: trunk/cipher/Makefile.am
===================================================================
--- trunk/cipher/Makefile.am 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/cipher/Makefile.am 2008-08-19 15:55:46 UTC (rev 1295)
@@ -36,6 +36,7 @@
libcipher_la_SOURCES = \
cipher.c pubkey.c ac.c md.c \
+hmac-tests.c \
bithelp.h \
primegen.c \
rmd.h
@@ -65,6 +66,7 @@
rfc2268.c \
camellia.c camellia.h camellia-glue.c
+
# We need to lower the optimization for this module.
tiger.o: $(srcdir)/tiger.c
`echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9s]*/-O1/g' `
Modified: trunk/cipher/ac.c
===================================================================
--- trunk/cipher/ac.c 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/cipher/ac.c 2008-08-19 15:55:46 UTC (rev 1295)
@@ -127,6 +127,9 @@
gcry_ac_data_t data_new;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_new = gcry_malloc (sizeof (*data_new));
if (! data_new)
{
@@ -240,6 +243,9 @@
gcry_ac_data_t data_new;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
/* Allocate data set. */
data_new = gcry_malloc (sizeof (*data_new));
if (! data_new)
@@ -290,6 +296,9 @@
name_cp = NULL;
mpi_cp = NULL;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
if (flags & ~(GCRY_AC_FLAG_DEALLOC | GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
@@ -370,6 +379,9 @@
gcry_error_t err;
unsigned int i;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
if (flags & ~(GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
@@ -421,6 +433,9 @@
name_cp = NULL;
mpi_cp = NULL;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
if (flags & ~(GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
@@ -496,6 +511,9 @@
arg_list = NULL;
err = 0;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
/* Calculate size of S-expression representation. */
i = 0;
@@ -626,6 +644,9 @@
mpi = NULL;
err = 0;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
/* Process S-expression/identifiers. */
if (identifiers)
@@ -795,6 +816,9 @@
if (! data)
return;
+ if (fips_mode ())
+ return;
+
mpi_buffer = NULL;
data_n = _gcry_ac_data_length (data);
@@ -859,6 +883,9 @@
{
memset (ac_io, 0, sizeof (*ac_io));
+ if (fips_mode ())
+ return;
+
assert ((mode == GCRY_AC_IO_READABLE) || (mode == GCRY_AC_IO_WRITABLE));
assert ((type == GCRY_AC_IO_STRING) || (type == GCRY_AC_IO_STRING));
@@ -1362,6 +1389,9 @@
*handle = NULL;
module = NULL;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
/* Get name. */
algorithm_name = _gcry_pk_aliased_algo_name (algorithm);
if (! algorithm_name)
@@ -1431,6 +1461,9 @@
(void)handle;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
/* Allocate. */
key_new = gcry_malloc (sizeof (*key_new));
if (! key_new)
@@ -1488,6 +1521,9 @@
(void)misc_data;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
key_data_secret = NULL;
key_data_public = NULL;
key_secret = NULL;
@@ -1652,6 +1688,9 @@
{
gcry_ac_key_t key;
+ if (fips_mode ())
+ return NULL;
+
switch (which)
{
case GCRY_AC_KEY_SECRET:
@@ -1710,6 +1749,8 @@
gcry_ac_data_t
_gcry_ac_key_data_get (gcry_ac_key_t key)
{
+ if (fips_mode ())
+ return NULL;
return key->data;
}
@@ -1720,6 +1761,9 @@
gcry_sexp_t key_sexp;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &key_sexp);
@@ -1744,6 +1788,9 @@
gcry_error_t err;
unsigned int n;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type],
@@ -1777,6 +1824,9 @@
gcry_error_t err;
unsigned char *ret;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &key_sexp);
@@ -1823,6 +1873,9 @@
gcry_sexp_t sexp_key;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_encrypted_new = NULL;
sexp_request = NULL;
sexp_reply = NULL;
@@ -1897,6 +1950,9 @@
gcry_sexp_t sexp_key;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
sexp_request = NULL;
sexp_reply = NULL;
sexp_value = NULL;
@@ -1969,6 +2025,9 @@
gcry_sexp_t sexp_key;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_signed = NULL;
data_value = NULL;
sexp_request = NULL;
@@ -2039,6 +2098,9 @@
gcry_sexp_t sexp_key;
gcry_error_t err;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
sexp_signature = NULL;
data_value = NULL;
sexp_data = NULL;
@@ -2509,6 +2571,9 @@
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
return ac_data_dencode (method, DATA_ENCODE, flags, options,
ac_io_read, ac_io_write);
}
@@ -2522,6 +2587,9 @@
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
return ac_data_dencode (method, DATA_DECODE, flags, options,
ac_io_read, ac_io_write);
}
@@ -2537,6 +2605,9 @@
gcry_mpi_t m;
gcry_mpi_t d;
+ if (fips_mode ())
+ return;
+
base = gcry_mpi_new (0);
gcry_mpi_set_ui (base, 256);
@@ -2575,6 +2646,9 @@
gcry_error_t err;
unsigned int nbits;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
nbits = gcry_mpi_get_nbits (mpi);
buffer_n = (nbits + 7) / 8;
buffer = gcry_malloc (buffer_n);
@@ -2604,6 +2678,9 @@
gcry_mpi_t x;
gcry_mpi_t a;
+ if (fips_mode ())
+ return;
+
a = gcry_mpi_new (0);
gcry_mpi_set_ui (a, 1);
x = gcry_mpi_new (0);
@@ -2822,6 +2899,9 @@
(void)flags;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_encrypted = NULL;
mpi_encrypted = NULL;
mpi_plain = NULL;
@@ -2913,6 +2993,9 @@
(void)flags;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_encrypted = NULL;
mpi_encrypted = NULL;
mpi_decrypted = NULL;
@@ -3024,6 +3107,9 @@
(void)flags;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
data_signed = NULL;
mpi_signed = NULL;
opts_em = NULL;
@@ -3116,6 +3202,9 @@
(void)flags;
+ if (fips_mode ())
+ return gpg_error (GPG_ERR_NOT_SUPPORTED);
+
mpi_signature = NULL;
elements_sig = NULL;
data_signed = NULL;
@@ -3206,5 +3295,8 @@
gcry_err_code_t
_gcry_ac_init (void)
{
+ if (fips_mode ())
+ return GPG_ERR_NOT_SUPPORTED;
+
return 0;
}
Modified: trunk/cipher/cipher.c
===================================================================
--- trunk/cipher/cipher.c 2008-08-04 13:16:45 UTC (rev 1294)
+++ trunk/cipher/cipher.c 2008-08-19 15:55:46 UTC (rev 1295)
@@ -1,6 +1,6 @@
/* cipher.c - cipher dispatcher
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- * 2005, 2007 Free Software Foundation, Inc.
+ * 2005, 2007, 2008 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -38,51 +38,76 @@
#define NEED_16BYTE_ALIGNED_CONTEXT 1
#endif
+/* A dummy extraspec so that we do not need to tests the extraspec
+ field from the module specification against NULL and instead
+ directly test the respective fields of extraspecs. */
+static cipher_extra_spec_t dummy_extra_spec;
+
/* This is the list of the default ciphers, which are included in
libgcrypt. */
static struct cipher_table_entry
{
gcry_cipher_spec_t *cipher;
+ cipher_extra_spec_t *extraspec;
unsigned int algorithm;
+ int fips_allowed;
} cipher_table[] =
{
#if USE_BLOWFISH
- { &_gcry_cipher_spec_blowfish, GCRY_CIPHER_BLOWFISH },
+ { &_gcry_cipher_spec_blowfish,
+ &dummy_extra_spec, GCRY_CIPHER_BLOWFISH },
#endif
#if USE_DES
- { &_gcry_cipher_spec_des, GCRY_CIPHER_DES },
- { &_gcry_cipher_spec_tripledes, GCRY_CIPHER_3DES },
+ { &_gcry_cipher_spec_des,
+ &dummy_extra_spec, GCRY_CIPHER_DES },
+ { &_gcry_cipher_spec_tripledes,
+ &_gcry_cipher_extraspec_tripledes, GCRY_CIPHER_3DES, 1 },
#endif
#if USE_ARCFOUR
- { &_gcry_cipher_spec_arcfour, GCRY_CIPHER_ARCFOUR },
+ { &_gcry_cipher_spec_arcfour,
+ &dummy_extra_spec, GCRY_CIPHER_ARCFOUR },
#endif
#if USE_CAST5
- { &_gcry_cipher_spec_cast5, GCRY_CIPHER_CAST5 },
+ { &_gcry_cipher_spec_cast5,
+ &dummy_extra_spec, GCRY_CIPHER_CAST5 },
#endif
#if USE_AES
- { &_gcry_cipher_spec_aes, GCRY_CIPHER_AES},
- { &_gcry_cipher_spec_aes192, GCRY_CIPHER_AES192},
- { &_gcry_cipher_spec_aes256, GCRY_CIPHER_AES256},
+ { &_gcry_cipher_spec_aes,
+ &_gcry_cipher_extraspec_aes, GCRY_CIPHER_AES, 1 },
+ { &_gcry_cipher_spec_aes192,
+ &_gcry_cipher_extraspec_aes192, GCRY_CIPHER_AES192, 1 },
+ { &_gcry_cipher_spec_aes256,
+ &_gcry_cipher_extraspec_aes256, GCRY_CIPHER_AES256, 1 },
#endif
#if USE_TWOFISH
- { &_gcry_cipher_spec_twofish, GCRY_CIPHER_TWOFISH },
- { &_gcry_cipher_spec_twofish128, GCRY_CIPHER_TWOFISH128 },
+ { &_gcry_cipher_spec_twofish,
+ &dummy_extra_spec, GCRY_CIPHER_TWOFISH },
+ { &_gcry_cipher_spec_twofish128,
+ &dummy_extra_spec, GCRY_CIPHER_TWOFISH128 },
#endif
#if USE_SERPENT
- { &_gcry_cipher_spec_serpent128, GCRY_CIPHER_SERPENT128 },
- { &_gcry_cipher_spec_serpent192, GCRY_CIPHER_SERPENT192 },
- { &_gcry_cipher_spec_serpent256, GCRY_CIPHER_SERPENT256 },
+ { &_gcry_cipher_spec_serpent128,
+ &dummy_extra_spec, GCRY_CIPHER_SERPENT128 },
+ { &_gcry_cipher_spec_serpent192,
+ &dummy_extra_spec, GCRY_CIPHER_SERPENT192 },
+ { &_gcry_cipher_spec_serpent256,
+ &dummy_extra_spec, GCRY_CIPHER_SERPENT256 },
#endif
#if USE_RFC2268
- { &_gcry_cipher_spec_rfc2268_40, GCRY_CIPHER_RFC2268_40 },
+ { &_gcry_cipher_spec_rfc2268_40,
+ &dummy_extra_spec, GCRY_CIPHER_RFC2268_40 },
#endif
#if USE_SEED
- { &_gcry_cipher_spec_seed, GCRY_CIPHER_SEED },
+ { &_gcry_cipher_spec_seed,
+ &dummy_extra_spec, GCRY_CIPHER_SEED },
#endif
#if USE_CAMELLIA
- { &_gcry_cipher_spec_camellia128, GCRY_CIPHER_CAMELLIA128 },
- { &_gcry_cipher_spec_camellia192, GCRY_CIPHER_CAMELLIA192 },
- { &_gcry_cipher_spec_camellia256, GCRY_CIPHER_CAMELLIA256 },
+ { &_gcry_cipher_spec_camellia128,
+ &dummy_extra_spec, GCRY_CIPHER_CAMELLIA128 },
+ { &_gcry_cipher_spec_camellia192,
+ &dummy_extra_spec, GCRY_CIPHER_CAMELLIA192 },
+ { &_gcry_cipher_spec_camellia256,
+ &dummy_extra_spec, GCRY_CIPHER_CAMELLIA256 },
#endif
{ NULL }
};
@@ -104,7 +129,7 @@
ath_mutex_lock (&ciphers_registered_lock); \
if (! default_ciphers_registered) \
{ \
- gcry_cipher_register_default (); \
+ cipher_register_default (); \
default_ciphers_registered = 1; \
} \
ath_mutex_unlock (&ciphers_registered_lock); \
@@ -251,7 +276,7 @@
CIPHER_TABLE. Note, that this function gets only used by the macro
REGISTER_DEFAULT_CIPHERS which protects it using a mutex. */
static void
More information about the Gnupg-commits
mailing list