diff --git a/NEWS b/NEWS index 745dd5b4..a06199e7 100644 --- a/NEWS +++ b/NEWS @@ -397,7 +397,7 @@ Noteworthy changes in version 1.9.3 (2021-04-19) [C23/A3/R3] - Make keygrip computation work for compressed points. [#4961] - * Performance: +* Performance: - Add x86_64 VAES/AVX2 accelerated implementation of Camellia. [0e7e60241a] diff --git a/SMP/SMP.patch b/SMP/SMP.patch index 84d45bec..05c57e80 100644 --- a/SMP/SMP.patch +++ b/SMP/SMP.patch @@ -1,3 +1,16 @@ +diff --git a/NEWS b/NEWS +index a06199e7..745dd5b4 100644 +--- a/NEWS ++++ b/NEWS +@@ -397,7 +397,7 @@ Noteworthy changes in version 1.9.3 (2021-04-19) [C23/A3/R3] + + - Make keygrip computation work for compressed points. [#4961] + +-* Performance: ++ * Performance: + + - Add x86_64 VAES/AVX2 accelerated implementation of Camellia. + [0e7e60241a] diff --git a/autogen.sh b/autogen.sh index 9b361581..8aaa998b 100755 --- a/autogen.sh @@ -13,6 +26,21 @@ index 9b361581..8aaa998b 100755 info "Running autoconf${FORCE} ..." $AUTOCONF${FORCE} +diff --git a/build-aux/ltmain.sh b/build-aux/ltmain.sh +index 859599aa..bafa8fbb 100644 +--- a/build-aux/ltmain.sh ++++ b/build-aux/ltmain.sh +@@ -5686,8 +5686,8 @@ func_mode_link () + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) + # The PATH hackery in wrapper scripts is required on Windows + # and Darwin in order for the loader to find any dlls it needs. +- func_warning "\`-no-install' is ignored for $host" +- func_warning "assuming \`-no-fast-install' instead" ++ # func_warning "\`-no-install' is ignored for $host" ++ # func_warning "assuming \`-no-fast-install' instead" + fast_install=no + ;; + *) no_install=yes ;; diff --git a/cipher/bithelp.h b/cipher/bithelp.h index 7793ce7c..78578768 100644 --- a/cipher/bithelp.h @@ -63,21 +91,8 @@ index 7793ce7c..78578768 100644 #else if ((x & 0xffffffff)) return _gcry_ctz (x); -diff --git a/cipher/cipher-ccm.c b/cipher/cipher-ccm.c -index dcb268d0..2ee202ac 100644 ---- a/cipher/cipher-ccm.c -+++ b/cipher/cipher-ccm.c -@@ -38,7 +38,7 @@ static unsigned int - do_cbc_mac (gcry_cipher_hd_t c, const unsigned char *inbuf, size_t inlen, - int do_padding) - { -- const unsigned int blocksize = 16; -+#define blocksize 16 - gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; - unsigned char tmp[blocksize]; - unsigned int burn = 0; diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h -index c8a1097a..4b2eccf3 100644 +index cd8ff788..dac54ec1 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -66,7 +66,7 @@ @@ -90,7 +105,7 @@ index c8a1097a..4b2eccf3 100644 # endif # endif diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c -index 9abd8b0c..3d136b88 100644 +index c76dd9a4..0c28e652 100644 --- a/cipher/cipher-poly1305.c +++ b/cipher/cipher-poly1305.c @@ -71,7 +71,7 @@ poly1305_fill_bytecounts (gcry_cipher_hd_t c) @@ -103,10 +118,10 @@ index 9abd8b0c..3d136b88 100644 /* Padding to 16 byte boundary. */ diff --git a/cipher/des.c b/cipher/des.c -index 51116fcf..d3e3b739 100644 +index 4b3f9a1e..fc17c8af 100644 --- a/cipher/des.c +++ b/cipher/des.c -@@ -140,7 +140,7 @@ +@@ -139,7 +139,7 @@ # define ATTR_ALIGNED_16 #endif @@ -115,6 +130,86 @@ index 51116fcf..d3e3b739 100644 # define working_memcmp memcmp #else /* +diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c +index 68defea6..244dd5d4 100644 +--- a/cipher/pubkey-util.c ++++ b/cipher/pubkey-util.c +@@ -957,7 +957,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, + void *random_override = NULL; + size_t random_override_len = 0; + +- if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) ++ /* The RSA PKCS#1.5 encryption is no longer supported by FIPS */ ++ if (fips_mode ()) ++ rc = GPG_ERR_INV_FLAG; ++ else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + rc = GPG_ERR_INV_OBJ; + else + { +@@ -1089,7 +1092,10 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, + const void * value; + size_t valuelen; + +- if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) ++ /* The RSA OAEP encryption requires some more assurances in FIPS */ ++ if (fips_mode ()) ++ rc = GPG_ERR_INV_FLAG; ++ else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + rc = GPG_ERR_INV_OBJ; + else + { +diff --git a/cipher/pubkey.c b/cipher/pubkey.c +index 214bd611..f4c17d2d 100644 +--- a/cipher/pubkey.c ++++ b/cipher/pubkey.c +@@ -672,6 +672,30 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, const char *tmpl, gcry_md_hd_t hd_orig, + gcry_sexp_t s_data = NULL; + gcry_error_t err; + gcry_md_hd_t hd; ++ const char *s; ++ char *hash_name; ++ ++ /* Check if it has fixed hash name or %s */ ++ s = strstr (tmpl, "(hash "); ++ if (s == NULL) ++ return GPG_ERR_DIGEST_ALGO; ++ ++ s += 6; ++ if (!strncmp (s, "%s", 2)) ++ hash_name = NULL; ++ else ++ { ++ const char *p; ++ ++ for (p = s; *p && *p != ' '; p++) ++ ; ++ ++ hash_name = xtrymalloc (p - s + 1); ++ if (!hash_name) ++ return gpg_error_from_syserror (); ++ memcpy (hash_name, s, p - s); ++ hash_name[p - s] = 0; ++ } + + if (!hd_orig) + hd = NULL; +diff --git a/cipher/rsa.c b/cipher/rsa.c +index c7a809f4..bbf7eaed 100644 +--- a/cipher/rsa.c ++++ b/cipher/rsa.c +@@ -1468,6 +1468,12 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) + rc = GPG_ERR_INV_DATA; + goto leave; + } ++ if (fips_mode () && (ctx.encoding == PUBKEY_ENC_PKCS1 || ++ ctx.encoding == PUBKEY_ENC_OAEP)) ++ { ++ rc = GPG_ERR_INV_FLAG; ++ goto leave; ++ } + + /* Extract the key. */ + rc = sexp_extract_param (keyparms, NULL, "nedp?q?u?", diff --git a/cipher/stribog.c b/cipher/stribog.c index 21e385ae..f894bcf6 100644 --- a/cipher/stribog.c @@ -128,88 +223,35 @@ index 21e385ae..f894bcf6 100644 int i; /* PAD. It does not count towards message length */ -diff --git a/mpi/ec-nist.c b/mpi/ec-nist.c -index f792405c..6766e382 100644 ---- a/mpi/ec-nist.c -+++ b/mpi/ec-nist.c -@@ -89,8 +89,13 @@ _gcry_mpi_ec_nist192_mod (gcry_mpi_t w, mpi_ec_t ctx) - const mpi_limb64_t zero = LIMB_TO64(0); - mpi_ptr_t wp; - mpi_size_t wsize = 192 / BITS_PER_MPI_LIMB64; -+#if defined(_MSC_VER) -+ mpi_limb64_t* s = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* o = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+#else - mpi_limb64_t s[wsize + 1]; - mpi_limb64_t o[wsize + 1]; -+#endif - mpi_limb_t mask1; - mpi_limb_t mask2; - mpi_limb_t s_is_negative; -@@ -182,8 +187,13 @@ _gcry_mpi_ec_nist224_mod (gcry_mpi_t w, mpi_ec_t ctx) - mpi_ptr_t wp; - mpi_size_t wsize = (224 + BITS_PER_MPI_LIMB64 - 1) / BITS_PER_MPI_LIMB64; - mpi_size_t psize = ctx->p->nlimbs; -+#if defined(_MSC_VER) -+ mpi_limb64_t* s = (mpi_limb64_t*)_alloca((wsize) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* d = (mpi_limb64_t*)_alloca((wsize) * sizeof(mpi_limb64_t)); -+#else - mpi_limb64_t s[wsize]; - mpi_limb64_t d[wsize]; -+#endif - mpi_limb_t mask1; - mpi_limb_t mask2; - mpi_limb_t s_is_negative; -@@ -341,10 +351,17 @@ _gcry_mpi_ec_nist256_mod (gcry_mpi_t w, mpi_ec_t ctx) - mpi_ptr_t wp; - mpi_size_t wsize = (256 + BITS_PER_MPI_LIMB64 - 1) / BITS_PER_MPI_LIMB64; - mpi_size_t psize = ctx->p->nlimbs; -+#if defined(_MSC_VER) -+ mpi_limb64_t* s = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* t = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* d = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* e = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+#else - mpi_limb64_t s[wsize + 1]; - mpi_limb64_t t[wsize + 1]; - mpi_limb64_t d[wsize + 1]; - mpi_limb64_t e[wsize + 1]; -+#endif - mpi_limb_t mask1; - mpi_limb_t mask2; - mpi_limb_t mask3; -@@ -594,10 +611,17 @@ _gcry_mpi_ec_nist384_mod (gcry_mpi_t w, mpi_ec_t ctx) - #if (BITS_PER_MPI_LIMB64 == BITS_PER_MPI_LIMB) && defined(WORDS_BIGENDIAN) - mpi_limb_t wp_shr32[wsize * LIMBS_PER_LIMB64]; - #endif -+#if defined(_MSC_VER) -+ mpi_limb64_t* s = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* t = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* d = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+ mpi_limb64_t* x = (mpi_limb64_t*)_alloca((wsize + 1) * sizeof(mpi_limb64_t)); -+#else - mpi_limb64_t s[wsize + 1]; - mpi_limb64_t t[wsize + 1]; - mpi_limb64_t d[wsize + 1]; - mpi_limb64_t x[wsize + 1]; -+#endif - mpi_limb_t mask1; - mpi_limb_t mask2; - mpi_limb_t s_is_negative; -@@ -786,7 +810,11 @@ void - _gcry_mpi_ec_nist521_mod (gcry_mpi_t w, mpi_ec_t ctx) - { - mpi_size_t wsize = (521 + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB; -+#if defined(_MSC_VER) -+ mpi_limb_t* s = (mpi_limb_t*)_alloca((wsize) * sizeof(mpi_limb_t)); -+#else - mpi_limb_t s[wsize]; -+#endif - mpi_limb_t cy; - mpi_ptr_t wp; - +diff --git a/compat/compat.c b/compat/compat.c +index 7684e4f3..86745fc6 100644 +--- a/compat/compat.c ++++ b/compat/compat.c +@@ -30,6 +30,8 @@ _gcry_compat_identification (void) + static const char blurb[] = + "\n\n" + "This is Libgcrypt " PACKAGE_VERSION " - The GNU Crypto Library\n" ++ "Copyright (C) 2012-2022 g10 Code GmbH\n" ++ "Copyright (C) 2013-2022 Jussi Kivilinna\n" + "Copyright (C) 2000-2018 Free Software Foundation, Inc.\n" + "Copyright (C) 2012-2024 g10 Code GmbH\n" + "Copyright (C) 2013-2024 Jussi Kivilinna\n" +diff --git a/configure.ac b/configure.ac +index 1d06ca3b..43ad0712 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1281,7 +1281,8 @@ AC_CACHE_CHECK([whether GCC assembler supports for CFI directives], + ".cfi_restore_state\n\t" + ".long 0\n\t" + ".cfi_endproc\n\t" +- );]])], ++ ); ++ void asmfunc(void)]])], + [gcry_cv_gcc_asm_cfi_directives=yes])]) + if test "$gcry_cv_gcc_asm_cfi_directives" = "yes" ; then + AC_DEFINE(HAVE_GCC_ASM_CFI_DIRECTIVES,1, diff --git a/mpi/ec.c b/mpi/ec.c -index e8233ae8..c9081e9d 100644 +index 2f8a25a4..11100fa4 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -30,6 +30,12 @@ @@ -225,20 +267,6 @@ index e8233ae8..c9081e9d 100644 extern void reverse_buffer (unsigned char *buffer, unsigned int length); #define point_init(a) _gcry_mpi_point_init ((a)) -@@ -582,8 +588,13 @@ static void - ec_secp256k1_mod (gcry_mpi_t w, mpi_ec_t ctx) - { - mpi_size_t wsize = (256 + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB; -+#if defined(_MSC_VER) -+ mpi_limb_t* n = (mpi_limb_t*)_alloca((wsize + 1) * sizeof(mpi_limb_t)); -+ mpi_limb_t* s = (mpi_limb_t*)_alloca((wsize + 1) * sizeof(mpi_limb_t)); -+#else - mpi_limb_t n[wsize + 1]; - mpi_limb_t s[wsize + 1]; -+#endif - mpi_limb_t cy, borrow; - mpi_ptr_t wp; - diff --git a/mpi/generic/mpi-asm-defs.h b/mpi/generic/mpi-asm-defs.h index e607806e..111859c3 100644 --- a/mpi/generic/mpi-asm-defs.h @@ -253,10 +281,10 @@ index e607806e..111859c3 100644 #else #define BYTES_PER_MPI_LIMB (SIZEOF_UNSIGNED_LONG) diff --git a/mpi/longlong.h b/mpi/longlong.h -index c299534c..32e05ad1 100644 +index 21bd1a7e..ceed070d 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h -@@ -98,7 +98,7 @@ MA 02111-1307, USA. */ +@@ -108,7 +108,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later #ifdef __riscos__ #pragma continue_after_hash_error #else /* !__riscos__ */ @@ -265,7 +293,7 @@ index c299534c..32e05ad1 100644 /* We sometimes need to clobber "cc" with gcc2, but that would not be understood by gcc1. Use cpp to avoid major code duplication. */ -@@ -1736,6 +1736,14 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); +@@ -1745,6 +1745,14 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); # elif defined (HAVE_BUILTIN_CLZ) && SIZEOF_UNSIGNED_INT * 8 == W_TYPE_SIZE # define count_leading_zeros(count, x) (count = __builtin_clz(x)) # undef COUNT_LEADING_ZEROS_0 /* Input X=0 is undefined for the builtin. */ @@ -280,7 +308,7 @@ index c299534c..32e05ad1 100644 # endif #endif -@@ -1746,6 +1754,12 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); +@@ -1755,6 +1763,12 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); # elif defined (HAVE_BUILTIN_CTZ) && SIZEOF_UNSIGNED_INT * 8 == W_TYPE_SIZE # define count_trailing_zeros(count, x) (count = __builtin_ctz(x)) # undef COUNT_LEADING_ZEROS_0 /* Input X=0 is undefined for the builtin. */ @@ -294,7 +322,7 @@ index c299534c..32e05ad1 100644 #endif diff --git a/random/rand-internal.h b/random/rand-internal.h -index 2d2b8909..eef6dc27 100644 +index 3d7a582f..3bfa695c 100644 --- a/random/rand-internal.h +++ b/random/rand-internal.h @@ -129,6 +129,15 @@ int _gcry_rndw32ce_gather_random (void (*add) (const void *, size_t, @@ -314,7 +342,7 @@ index 2d2b8909..eef6dc27 100644 /*-- rndjent.c --*/ size_t _gcry_rndjent_poll (void (*add)(const void*, diff --git a/random/random-csprng.c b/random/random-csprng.c -index 85d11789..12cf6409 100644 +index 4f34acc0..6c3e2a08 100644 --- a/random/random-csprng.c +++ b/random/random-csprng.c @@ -37,10 +37,14 @@ @@ -381,7 +409,7 @@ index 85d11789..12cf6409 100644 #if USE_RNDW32CE return _gcry_rndw32ce_gather_random_fast; diff --git a/random/random-drbg.c b/random/random-drbg.c -index af49a5a5..028e3000 100644 +index cad364ab..7ed75682 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -149,7 +149,9 @@ @@ -513,7 +541,7 @@ index 0468c7cb..09413425 100644 #ifndef EOPNOTSUPP # define EOPNOTSUPP ENOSYS diff --git a/random/rndw32.c b/random/rndw32.c -index b3f63d20..9407306b 100644 +index fd979ab9..81fec61d 100644 --- a/random/rndw32.c +++ b/random/rndw32.c @@ -141,8 +141,8 @@ typedef DWORD (WINAPI *NTPOWERINFORMATION) @@ -674,7 +702,7 @@ index 00000000..4741a13f +} \ No newline at end of file diff --git a/src/context.c b/src/context.c -index da9948a6..257578d0 100644 +index de0a183d..f95c8e6d 100644 --- a/src/context.c +++ b/src/context.c @@ -22,7 +22,9 @@ @@ -689,7 +717,7 @@ index da9948a6..257578d0 100644 #include "g10lib.h" #include "mpi.h" diff --git a/src/fips.c b/src/fips.c -index 5d71b208..deab6d76 100644 +index cf91baa8..2271e374 100644 --- a/src/fips.c +++ b/src/fips.c @@ -21,7 +21,9 @@ @@ -716,11 +744,26 @@ index 5d71b208..deab6d76 100644 /* The name of the file used to force libgcrypt into fips mode. */ #define FIPS_FORCE_FILE "/etc/gcrypt/fips_enabled" +@@ -365,7 +373,6 @@ _gcry_fips_indicator_cipher (va_list arg_ptr) + case GCRY_CIPHER_MODE_OFB: + case GCRY_CIPHER_MODE_CTR: + case GCRY_CIPHER_MODE_CCM: +- case GCRY_CIPHER_MODE_GCM: + case GCRY_CIPHER_MODE_XTS: + case GCRY_CIPHER_MODE_AESWRAP: + return GPG_ERR_NO_ERROR; diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in -index 58581daa..8d3b43c0 100644 +index 9cad7a46..0e96998b 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in -@@ -34,7 +34,8 @@ +@@ -1,4 +1,6 @@ + /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- ++ * Copyright (C) 2012-2023 g10 Code GmbH ++ * Copyright (C) 2013-2023 Jussi Kivilinna + * Copyright (C) 1998-2018 Free Software Foundation, Inc. + * Copyright (C) 2012-2024 g10 Code GmbH + * +@@ -34,7 +36,8 @@ #if defined _WIN32 || defined __WIN32__ # ifndef __GNUC__ @@ -731,7 +774,7 @@ index 58581daa..8d3b43c0 100644 # endif /*!__GNUC__*/ #endif /*_WIN32*/ diff --git a/src/global.c b/src/global.c -index 9a356a04..d54c122f 100644 +index 593ea406..bd5055ae 100644 --- a/src/global.c +++ b/src/global.c @@ -29,7 +29,9 @@ @@ -746,7 +789,7 @@ index 9a356a04..d54c122f 100644 # include #endif /*HAVE_SYSLOG*/ diff --git a/src/hwf-x86.c b/src/hwf-x86.c -index a1aa02e7..54a6b611 100644 +index bda14d9d..04137c5f 100644 --- a/src/hwf-x86.c +++ b/src/hwf-x86.c @@ -23,7 +23,9 @@ @@ -768,10 +811,10 @@ index a1aa02e7..54a6b611 100644 +#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && ( defined (__GNUC__) || defined(__INTEL_COMPILER) ) # define HAS_X86_CPUID 1 - #if _GCRY_GCC_VERSION >= 40700 /* 4.7 */ -@@ -65,9 +67,9 @@ is_cpuid_available(void) - "pushl %%ecx\n\t" /* Restore flags from ECX. */ + #ifdef HAVE_GCC_ASM_CFI_DIRECTIVES +@@ -76,9 +78,9 @@ is_cpuid_available(void) "popf\n\t" + CFI_POP4 "xorl %%eax, %%ecx\n\t" /* Compare flags against saved flags. */ - "jz .Lno_cpuid%=\n\t" /* Toggling did not work, thus no CPUID. */ + "jz 1f\n\t" /* Toggling did not work, thus no CPUID. */ @@ -781,7 +824,7 @@ index a1aa02e7..54a6b611 100644 : "+r" (has_cpuid) : : "%eax", "%ecx", "cc", "memory" -@@ -120,7 +122,7 @@ get_xgetbv(void) +@@ -131,7 +133,7 @@ get_xgetbv(void) #endif /* i386 && GNUC */ @@ -791,7 +834,7 @@ index a1aa02e7..54a6b611 100644 static int diff --git a/src/hwfeatures.c b/src/hwfeatures.c -index 97e67b3c..dbc581ee 100644 +index b11cadef..2afa6168 100644 --- a/src/hwfeatures.c +++ b/src/hwfeatures.c @@ -24,7 +24,9 @@ @@ -806,7 +849,7 @@ index 97e67b3c..dbc581ee 100644 # include #endif /*HAVE_SYSLOG*/ diff --git a/src/misc.c b/src/misc.c -index 4db2d9a4..a8eb41b7 100644 +index b1e8eb1c..5cc4ae20 100644 --- a/src/misc.c +++ b/src/misc.c @@ -24,7 +24,12 @@ @@ -823,8 +866,105 @@ index 4db2d9a4..a8eb41b7 100644 #include "g10lib.h" #include "secmem.h" +diff --git a/src/mpicalc.c b/src/mpicalc.c +index 0903e0a4..ca413cf4 100644 +--- a/src/mpicalc.c ++++ b/src/mpicalc.c +@@ -85,26 +85,40 @@ print_mpi (gcry_mpi_t a) + + + static void +-do_add (void) ++do_add (int usemod) + { +- if (stackidx < 2) ++ if (stackidx < (usemod?3:2)) + { + fputs ("stack underflow\n", stderr); + return; + } +- mpi_add (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); ++ if (usemod) ++ { ++ mpi_addm (stack[stackidx - 3], stack[stackidx - 3], ++ stack[stackidx - 2], stack[stackidx - 1]); ++ stackidx--; ++ } ++ else ++ mpi_add (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; + } + + static void +-do_sub (void) ++do_sub (int usemod) + { +- if (stackidx < 2) ++ if (stackidx < (usemod?3:2)) + { + fputs ("stack underflow\n", stderr); + return; + } +- mpi_sub (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); ++ if (usemod) ++ { ++ mpi_subm (stack[stackidx - 3], stack[stackidx - 3], ++ stack[stackidx - 2], stack[stackidx - 1]); ++ stackidx--; ++ } ++ else ++ mpi_sub (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; + } + +@@ -328,6 +342,7 @@ print_help (void) + "r reverse [0] := [1], [1] := [0] {0}\n" + "b # of bits [0] := nbits([0]) {0}\n" + "P prime check [0] := is_prime([0])?1:0 {0}\n" ++ "M use mod for next '+' and '-'\n" + "c clear stack\n" + "p print top item\n" + "f print the stack\n" +@@ -348,6 +363,7 @@ main (int argc, char **argv) + int state = 0; + char strbuf[4096]; + int stridx = 0; ++ int usemod = 0; + + if (argc) + { +@@ -460,7 +476,8 @@ main (int argc, char **argv) + else + { + ungetc (c, stdin); +- do_add (); ++ do_add (usemod); ++ usemod = 0; + } + break; + case '-': +@@ -480,7 +497,8 @@ main (int argc, char **argv) + else + { + ungetc (c, stdin); +- do_sub (); ++ do_sub (usemod); ++ usemod = 0; + } + break; + case '*': +@@ -547,6 +565,9 @@ main (int argc, char **argv) + case 'P': + do_primecheck (); + break; ++ case 'M': ++ usemod = 1; ++ break; + case 'c': + for (i = 0; i < stackidx; i++) + { diff --git a/src/secmem.c b/src/secmem.c -index b36c44f6..fa6bfab4 100644 +index 4e1d2991..b7232a22 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -25,7 +25,9 @@ @@ -838,3 +978,205 @@ index b36c44f6..fa6bfab4 100644 #include #if defined(HAVE_MLOCK) || defined(HAVE_MMAP) +diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in +index f87d0d05..929f9ccc 100644 +--- a/src/versioninfo.rc.in ++++ b/src/versioninfo.rc.in +@@ -39,7 +39,7 @@ BEGIN + VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" + VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0" + VALUE "InternalName", "libgcrypt\0" +- VALUE "LegalCopyright", "Copyright © 2021 g10 Code GmbH\0" ++ VALUE "LegalCopyright", "Copyright © 2023 g10 Code GmbH\0" + VALUE "LegalTrademarks", "\0" + VALUE "OriginalFilename", "libgcrypt.dll\0" + VALUE "PrivateBuild", "\0" +diff --git a/tests/basic.c b/tests/basic.c +index 72c65b58..999d5001 100644 +--- a/tests/basic.c ++++ b/tests/basic.c +@@ -17441,35 +17441,40 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, + NULL, + 0, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { GCRY_PK_RSA, + "(data\n (flags pkcs1)\n" + " (value #11223344556677889900AA#))\n", + "(flags pkcs1)", + 1, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { GCRY_PK_RSA, + "(data\n (flags oaep)\n" + " (value #11223344556677889900AA#))\n", + "(flags oaep)", + 1, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { GCRY_PK_RSA, + "(data\n (flags oaep)\n (hash-algo sha1)\n" + " (value #11223344556677889900AA#))\n", + "(flags oaep)(hash-algo sha1)", + 1, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { GCRY_PK_RSA, + "(data\n (flags oaep)\n (hash-algo sha1)\n (label \"test\")\n" + " (value #11223344556677889900AA#))\n", + "(flags oaep)(hash-algo sha1)(label \"test\")", + 1, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { GCRY_PK_RSA, + "(data\n (flags oaep)\n (hash-algo sha1)\n (label \"test\")\n" + " (value #11223344556677889900AA#)\n" +@@ -17477,7 +17482,8 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, + "(flags oaep)(hash-algo sha1)(label \"test\")", + 1, + 0, +- 0 }, ++ 0, ++ FLAG_NOFIPS }, + { 0, + "(data\n (flags )\n" " (value #11223344556677889900AA#))\n", + NULL, +@@ -17550,7 +17556,8 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, + die ("converting data failed: %s\n", gpg_strerror (rc)); + + rc = gcry_pk_encrypt (&ciph, data, pkey); +- if (in_fips_mode && (flags & FLAG_NOFIPS)) ++ if (in_fips_mode && ((flags & FLAG_NOFIPS) || ++ (datas[dataidx].flags & FLAG_NOFIPS))) + { + if (!rc) + fail ("gcry_pk_encrypt did not fail as expected in FIPS mode\n"); +diff --git a/tests/pkcs1v2.c b/tests/pkcs1v2.c +index f26e779b..2fd495d5 100644 +--- a/tests/pkcs1v2.c ++++ b/tests/pkcs1v2.c +@@ -186,11 +186,24 @@ check_oaep (void) + err = gcry_pk_encrypt (&ciph, plain, pub_key); + if (err) + { ++ if (in_fips_mode) ++ { ++ gcry_sexp_release (plain); ++ plain = NULL; ++ continue; ++ } + show_sexp ("plain:\n", ciph); + fail ("gcry_pk_encrypt failed: %s\n", gpg_strerror (err)); + } + else + { ++ if (in_fips_mode) ++ { ++ fail ("The OAEP encryption unexpectedly worked in FIPS mode\n"); ++ gcry_sexp_release (plain); ++ plain = NULL; ++ continue; ++ } + if (extract_cmp_data (ciph, "a", tbl[tno].m[mno].encr, + tbl[tno].m[mno].desc)) + { +@@ -454,7 +467,19 @@ check_v15crypt (void) + gcry_free (seed); + + err = gcry_pk_encrypt (&ciph, plain, pub_key); +- if (err) ++ if (in_fips_mode) ++ { ++ if (!err) ++ { ++ fail ("gcry_pk_encrypt should have failed in FIPS mode:\n"); ++ } ++ gcry_sexp_release (plain); ++ plain = NULL; ++ gcry_sexp_release (ciph); ++ ciph = NULL; ++ continue; ++ } ++ else if (err) + { + show_sexp ("plain:\n", ciph); + fail ("gcry_pk_encrypt failed: %s\n", gpg_strerror (err)); +diff --git a/tests/t-kdf.c b/tests/t-kdf.c +index 10f64a7c..a6df57e1 100644 +--- a/tests/t-kdf.c ++++ b/tests/t-kdf.c +@@ -1927,6 +1927,64 @@ check_fips_indicators (void) + } + + ++static void ++check_fips_indicators (void) ++{ ++ enum gcry_kdf_algos fips_kdf_algos[] = { ++ GCRY_KDF_PBKDF2, ++ }; ++ enum gcry_kdf_algos kdf_algos[] = { ++ GCRY_KDF_SIMPLE_S2K, ++ GCRY_KDF_SALTED_S2K, ++ GCRY_KDF_ITERSALTED_S2K, ++ GCRY_KDF_PBKDF1, ++ GCRY_KDF_PBKDF2, ++ GCRY_KDF_SCRYPT, ++ GCRY_KDF_ARGON2 ++ }; ++ size_t i, j; ++ ++ for (i = 0; i < sizeof(kdf_algos) / sizeof(*kdf_algos); i++) ++ { ++ int is_fips_kdf_algo = 0; ++ gcry_error_t err = gcry_control (GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, kdf_algos[i]); ++ ++ if (verbose) ++ fprintf (stderr, "checking FIPS indicator for KDF %d: %s\n", ++ kdf_algos[i], gcry_strerror (err)); ++ ++ for (j = 0; j < sizeof(fips_kdf_algos) / sizeof(*fips_kdf_algos); j++) ++ { ++ if (kdf_algos[i] == fips_kdf_algos[j]) ++ { ++ is_fips_kdf_algo = 1; ++ break; ++ } ++ } ++ ++ switch (err & GPG_ERR_CODE_MASK) ++ { ++ case GPG_ERR_NO_ERROR: ++ if (!is_fips_kdf_algo) ++ fail ("KDF algorithm %d is marked as approved by" ++ " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, but only PBKDF2 should" ++ " be marked as approved.", kdf_algos[i]); ++ break; ++ case GPG_ERR_NOT_SUPPORTED: ++ if (is_fips_kdf_algo) ++ fail ("KDF algorithm %d is marked as not approved by" ++ " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, but it should be" ++ " approved", kdf_algos[i]); ++ break; ++ default: ++ fail ("Unexpected error '%s' (%d) returned by" ++ " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF for KDF algorithm %d", ++ gcry_strerror (err), err, kdf_algos[i]); ++ } ++ } ++} ++ ++ + int + main (int argc, char **argv) + { diff --git a/SMP/config.h b/SMP/config.h index 6f94a3fc..cb7d556e 100644 --- a/SMP/config.h +++ b/SMP/config.h @@ -14,6 +14,9 @@ /* Enable support for Intel AES-NI instructions. */ #define ENABLE_AESNI_SUPPORT 1 +/* Enable support for Intel AVX512 instructions. */ +#define ENABLE_AVX512_SUPPORT 1 + /* Enable support for Intel AVX2 instructions. */ #define ENABLE_AVX2_SUPPORT 1 @@ -47,6 +50,9 @@ /* Disable support for the Intel SHAEXT instructions. */ #define ENABLE_SHAEXT_SUPPORT 1 +/* Disable support for the Intel GFNI instructions. */ +#define ENABLE_GFNI_SUPPORT 1 + /* Define to use the GNU C visibility attribute. */ /* #undef GCRY_USE_VISIBILITY */ @@ -100,6 +106,9 @@ implementations */ #define HAVE_COMPATIBLE_GCC_WIN64_PLATFORM_AS 1 #endif +/* Defined if underlying compiler supports x86/AVX512 intrinsics */ +/* #undef HAVE_COMPATIBLE_CC_X86_AVX512_INTRINSICS */ + /* Defined for Alpha platforms */ /* #undef HAVE_CPU_ARCH_ALPHA */ @@ -387,7 +396,7 @@ implementations */ /* #undef IS_DEVELOPMENT_VERSION */ /* List of available cipher algorithms */ -#define LIBGCRYPT_CIPHERS "arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:sm4" +#define LIBGCRYPT_CIPHERS "arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:sm4:aria" /* List of available digest algorithms */ #define LIBGCRYPT_DIGESTS "crc:gostr3411-94::md4:md5:rmd160:sha1:sha256:sha512:sha3:tiger:whirlpool:stribog:blake2:sm3" diff --git a/SMP/gcrypt.h b/SMP/gcrypt.h index 5087e8df..0b35a41a 100644 --- a/SMP/gcrypt.h +++ b/SMP/gcrypt.h @@ -2,6 +2,7 @@ * Copyright (C) 2012-2023 g10 Code GmbH * Copyright (C) 2013-2023 Jussi Kivilinna * Copyright (C) 1998-2018 Free Software Foundation, Inc. + * Copyright (C) 2012-2024 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -16,7 +17,8 @@ * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later * * File: gcrypt.h */ @@ -55,11 +57,11 @@ extern "C" { return the same version. The purpose of this macro is to let autoconf (using the AM_PATH_GCRYPT macro) check that this header matches the installed library. */ -#define GCRYPT_VERSION "1.10.3" +#define GCRYPT_VERSION "1.11.0" /* The version number of this header. It may be used to handle minor API incompatibilities. */ -#define GCRYPT_VERSION_NUMBER 0x010a03 +#define GCRYPT_VERSION_NUMBER 0x010b00 /* Internal: We can't use the convenience macros for the multi @@ -208,7 +210,7 @@ struct gcry_thread_cbs Bits 7 - 0 are used for the thread model Bits 15 - 8 are used for the version number. */ unsigned int option; -} _GCRY_ATTR_INTERNAL; +} _GCRY_GCC_ATTR_DEPRECATED; #define GCRY_THREAD_OPTION_PTH_IMPL \ static struct gcry_thread_cbs gcry_threads_pth = { \ @@ -335,7 +337,8 @@ enum gcry_ctl_cmds GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION = 84, GCRYCTL_FIPS_SERVICE_INDICATOR_MAC = 85, GCRYCTL_FIPS_SERVICE_INDICATOR_MD = 86, - GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS = 87 + GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS = 87, + GCRYCTL_MD_CUSTOMIZE = 88 }; /* Perform various operations defined by CMD. */ @@ -948,7 +951,10 @@ enum gcry_cipher_algos GCRY_CIPHER_GOST28147 = 315, GCRY_CIPHER_CHACHA20 = 316, GCRY_CIPHER_GOST28147_MESH = 317, /* With CryptoPro key meshing. */ - GCRY_CIPHER_SM4 = 318 + GCRY_CIPHER_SM4 = 318, + GCRY_CIPHER_ARIA128 = 319, + GCRY_CIPHER_ARIA192 = 320, + GCRY_CIPHER_ARIA256 = 321 }; /* The Rijndael algorithm is basically AES, so provide some macros. */ @@ -991,6 +997,13 @@ enum gcry_cipher_flags GCRY_CIPHER_EXTENDED = 16 /* Enable extended AES-WRAP. */ }; +/* Methods used for AEAD IV generation. */ +enum gcry_cipher_geniv_methods + { + GCRY_CIPHER_GENIV_METHOD_CONCAT = 1, + GCRY_CIPHER_GENIV_METHOD_XOR = 2 + }; + /* GCM works only with blocks of 128 bits */ #define GCRY_GCM_BLOCK_LEN (128 / 8) @@ -1062,6 +1075,15 @@ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd, gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen); +/* Initialization vector generation setup for AEAD modes/ciphers. */ +gcry_error_t gcry_cipher_setup_geniv (gcry_cipher_hd_t hd, int method, + const void *fixed_iv, size_t fixed_ivlen, + const void *dyn_iv, size_t dyn_ivlen); + +/* Initialization vector generation for AEAD modes/ciphers. */ +gcry_error_t gcry_cipher_geniv (gcry_cipher_hd_t hd, + void *iv, size_t ivlen); + /* Provide additional authentication data for AEAD modes/ciphers. */ gcry_error_t gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf, size_t abuflen); @@ -1133,7 +1155,8 @@ enum gcry_pk_algos GCRY_PK_ELG = 20, /* Elgamal */ GCRY_PK_ECDSA = 301, /* (only for external use). */ GCRY_PK_ECDH = 302, /* (only for external use). */ - GCRY_PK_EDDSA = 303 /* (only for external use). */ + GCRY_PK_EDDSA = 303, /* (only for external use). */ + GCRY_PK_KEM = 333 /* Pseudo ID for KEM algos. */ }; /* Flags describing usage capabilities of a PK algorithm. */ @@ -1287,7 +1310,9 @@ enum gcry_md_algos GCRY_MD_BLAKE2S_128 = 325, GCRY_MD_SM3 = 326, GCRY_MD_SHA512_256 = 327, - GCRY_MD_SHA512_224 = 328 + GCRY_MD_SHA512_224 = 328, + GCRY_MD_CSHAKE128 = 329, + GCRY_MD_CSHAKE256 = 330 }; /* Flags used with the open function. */ @@ -1369,6 +1394,12 @@ void gcry_md_hash_buffer (int algo, void *digest, gpg_error_t gcry_md_hash_buffers (int algo, unsigned int flags, void *digest, const gcry_buffer_t *iov, int iovcnt); +/* Convenience function to hash multiple buffers. + Algorithm can be 'expendable-output function'. */ +gpg_error_t gcry_md_hash_buffers_ext (int algo, unsigned int flags, + void *digest, int digestlen, + const gcry_buffer_t *iov, int iovcnt); + /* Retrieve the algorithm used with HD. This does not work reliable if more than one algorithm is enabled in HD. */ int gcry_md_get_algo (gcry_md_hd_t hd); @@ -1437,6 +1468,14 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); #define gcry_md_get_asnoid(a,b,n) \ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) +struct gcry_cshake_customization +{ + const void *n; + unsigned int n_len; + const void *s; + unsigned int s_len; +}; + /********************************************** @@ -1499,19 +1538,24 @@ enum gcry_mac_algos GCRY_MAC_CMAC_IDEA = 210, GCRY_MAC_CMAC_GOST28147 = 211, GCRY_MAC_CMAC_SM4 = 212, + GCRY_MAC_CMAC_ARIA = 213, GCRY_MAC_GMAC_AES = 401, GCRY_MAC_GMAC_CAMELLIA = 402, GCRY_MAC_GMAC_TWOFISH = 403, GCRY_MAC_GMAC_SERPENT = 404, GCRY_MAC_GMAC_SEED = 405, + GCRY_MAC_GMAC_SM4 = 406, + GCRY_MAC_GMAC_ARIA = 407, GCRY_MAC_POLY1305 = 501, GCRY_MAC_POLY1305_AES = 502, GCRY_MAC_POLY1305_CAMELLIA = 503, GCRY_MAC_POLY1305_TWOFISH = 504, GCRY_MAC_POLY1305_SERPENT = 505, - GCRY_MAC_POLY1305_SEED = 506 + GCRY_MAC_POLY1305_SEED = 506, + GCRY_MAC_POLY1305_SM4 = 507, + GCRY_MAC_POLY1305_ARIA = 508 }; /* Flags used with the open function. */ @@ -1599,8 +1643,22 @@ enum gcry_kdf_algos GCRY_KDF_PBKDF1 = 33, GCRY_KDF_PBKDF2 = 34, GCRY_KDF_SCRYPT = 48, + /**/ GCRY_KDF_ARGON2 = 64, - GCRY_KDF_BALLOON = 65 + GCRY_KDF_BALLOON = 65, + /**/ + /* In the original SP 800-56A, it's called + * "Concatenation Key Derivation Function". + * Now (as of 2022), it's defined in SP 800-56C rev.2, as + * "One-Step Key Derivation". + */ + GCRY_KDF_ONESTEP_KDF = 96, /* One-Step Key Derivation with hash */ + GCRY_KDF_ONESTEP_KDF_MAC = 97, /* One-Step Key Derivation with MAC */ + GCRY_KDF_HKDF = 98, + /* Two-Step Key Derivation with HMAC */ + /* Two-Step Key Derivation with CMAC */ + /* KDF PRF in SP 800-108r1 */ + GCRY_KDF_X963_KDF = 101 }; enum gcry_kdf_subalgo_argon2 @@ -1644,6 +1702,124 @@ gcry_error_t gcry_kdf_compute (gcry_kdf_hd_t h, const gcry_kdf_thread_ops_t *ops); gcry_error_t gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen, void *result); void gcry_kdf_close (gcry_kdf_hd_t h); + + +/********************************** + * * + * Key Encapsulation Mechanisms * + * * + **********************************/ + +/* Algorithm IDs for the KEMs. */ +enum gcry_kem_algos + { + GCRY_KEM_NONE = 0, + GCRY_KEM_SNTRUP761 = 1, + GCRY_KEM_CM6688128F = 2, /* Classic McEliece */ + GCRY_KEM_MLKEM512 = 3, /* aka Kyber512 */ + GCRY_KEM_MLKEM768 = 4, /* aka Kyber768 */ + GCRY_KEM_MLKEM1024 = 5, /* aka Kyber1024 */ + /* From here, ECC KEMs */ + GCRY_KEM_RAW_X25519 =31, /* Using X25519 with Identity KDF */ + GCRY_KEM_RAW_X448 =32, /* Using X448 with Identity KDF */ + GCRY_KEM_RAW_BP256 =33, + GCRY_KEM_RAW_BP384 =34, + GCRY_KEM_RAW_BP512 =35, + GCRY_KEM_RAW_P256R1 =36, + GCRY_KEM_RAW_P384R1 =37, + GCRY_KEM_RAW_P521R1 =38, + GCRY_KEM_DHKEM25519 =41, /* DHKEM with X25519, HKDF, and SHA256 */ + GCRY_KEM_DHKEM448 = 42, /* DHKEM with X448, HKDF, and SHA512 */ + GCRY_KEM_DHKEMP256R1=43, + GCRY_KEM_DHKEMP384R1=44, + GCRY_KEM_DHKEMP521R1=45 + }; + +/* + * Before C99, limitation is 31 significant initial characters in a + * macro name + * + * 1 ... 31 + * | | + * v v + * _______________________________ + */ +#define GCRY_KEM_SNTRUP761_SECKEY_LEN 1763 +#define GCRY_KEM_SNTRUP761_PUBKEY_LEN 1158 +#define GCRY_KEM_SNTRUP761_ENCAPS_LEN 1039 +#define GCRY_KEM_SNTRUP761_CIPHER_LEN GCRY_KEM_SNTRUP761_ENCAPS_LEN +#define GCRY_KEM_SNTRUP761_SHARED_LEN 32 + +#define GCRY_KEM_CM6688128F_SECKEY_LEN 13932 +#define GCRY_KEM_CM6688128F_PUBKEY_LEN 1044992 +#define GCRY_KEM_CM6688128F_ENCAPS_LEN 208 +#define GCRY_KEM_CM6688128F_CIPHER_LEN GCRY_KEM_CM6688128F_ENCAPS_LEN +#define GCRY_KEM_CM6688128F_SHARED_LEN 32 + +#define GCRY_KEM_MLKEM512_SECKEY_LEN (2*384+2*384+32+2*32) /* 1632 */ +#define GCRY_KEM_MLKEM512_PUBKEY_LEN (2*384+32) /* 800 */ +#define GCRY_KEM_MLKEM512_ENCAPS_LEN (128+2*320) /* 768 */ +#define GCRY_KEM_MLKEM512_CIPHER_LEN GCRY_KEM_MLKEM512_ENCAPS_LEN +#define GCRY_KEM_MLKEM512_SHARED_LEN 32 + +#define GCRY_KEM_MLKEM768_SECKEY_LEN (3*384+3*384+32+2*32) /* 2400 */ +#define GCRY_KEM_MLKEM768_PUBKEY_LEN (3*384+32) /* 1184 */ +#define GCRY_KEM_MLKEM768_ENCAPS_LEN (128+3*320) /* 1088 */ +#define GCRY_KEM_MLKEM768_CIPHER_LEN GCRY_KEM_MLKEM768_ENCAPS_LEN +#define GCRY_KEM_MLKEM768_SHARED_LEN 32 + +#define GCRY_KEM_MLKEM1024_SECKEY_LEN (4*384+4*384+32+2*32) /* 3168 */ +#define GCRY_KEM_MLKEM1024_PUBKEY_LEN (4*384+32) /* 1568 */ +#define GCRY_KEM_MLKEM1024_ENCAPS_LEN (160+4*352) /* 1568 */ +#define GCRY_KEM_MLKEM1024_CIPHER_LEN GCRY_KEM_MLKEM1024_ENCAPS_LEN +#define GCRY_KEM_MLKEM1024_SHARED_LEN 32 + +/* For ECC, seckey, pubkey, and ciphertext is defined by the curve. */ +#define GCRY_KEM_ECC_X25519_SECKEY_LEN 32 +#define GCRY_KEM_ECC_X25519_PUBKEY_LEN 32 +#define GCRY_KEM_ECC_X25519_ENCAPS_LEN 32 +#define GCRY_KEM_ECC_X25519_CIPHER_LEN GCRY_KEM_ECC_X25519_ENCAPS_LEN +/* And shared secret is specific to the protocol. */ +#define GCRY_KEM_RAW_X25519_SHARED_LEN 32 + +#define GCRY_KEM_DHKEM25519_SECKEY_LEN GCRY_KEM_ECC_X25519_SECKEY_LEN +#define GCRY_KEM_DHKEM25519_PUBKEY_LEN GCRY_KEM_ECC_X25519_PUBKEY_LEN +#define GCRY_KEM_DHKEM25519_ENCAPS_LEN GCRY_KEM_ECC_X25519_ENCAPS_LEN +#define GCRY_KEM_DHKEM25519_CIPHER_LEN GCRY_KEM_DHKEM25519_ENCAPS_LEN +#define GCRY_KEM_DHKEM25519_SHARED_LEN 32 + +#define GCRY_KEM_ECC_BP256_SECKEY_LEN 32 +#define GCRY_KEM_ECC_BP256_PUBKEY_LEN (1+32+32) +#define GCRY_KEM_ECC_BP256_ENCAPS_LEN (1+32+32) +#define GCRY_KEM_ECC_BP256_CIPHER_LEN GCRY_KEM_ECC_BP256_ENCAPS_LEN +#define GCRY_KEM_RAW_BP256_SHARED_LEN (1+32+32) + +#define GCRY_KEM_ECC_BP384_SECKEY_LEN 48 +#define GCRY_KEM_ECC_BP384_PUBKEY_LEN (1+48+48) +#define GCRY_KEM_ECC_BP384_ENCAPS_LEN (1+48+48) +#define GCRY_KEM_ECC_BP384_CIPHER_LEN GCRY_KEM_ECC_BP384_ENCAPS_LEN +#define GCRY_KEM_RAW_BP384_SHARED_LEN (1+48+48) + +/* Generate a new key pair with ALGO. */ +gcry_error_t gcry_kem_keypair (int algo, + void *pubkey, size_t pubkey_len, + void *seckey, size_t seckey_len); + +/* With ALGO, for a PUBKEY, generate SHARED secret and encapsulate + it into CIPHERTEXT. */ +gcry_error_t gcry_kem_encap (int algo, + const void *pubkey, size_t pubkey_len, + void *ciphertext, size_t ciphertext_len, + void *shared, size_t shared_len, + const void *optional, size_t optional_len); + +/* With ALGO, for a SECKEY and CIPHERTEXT, compute its SHARED secret. */ +gcry_error_t gcry_kem_decap (int algo, + const void *seckey, size_t seckey_len, + const void *ciphertext, size_t ciphertext_len, + void *shared, size_t shared_len, + const void *optional, size_t optional_len); + /************************************ * * @@ -1824,7 +2000,7 @@ typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int); /* Type for fatal error handlers. */ typedef void (*gcry_handler_error_t) (void *, int, const char *); -/* Type for logging handlers. */ +/* Type for the deprecated log handler. */ typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list); /* Certain operations can provide progress information. This function @@ -1848,9 +2024,9 @@ void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque); handler. */ void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque); -/* Register a function used instead of the internal logging - facility. */ -void gcry_set_log_handler (gcry_handler_log_t f, void *opaque); +/* This function has no more effect. */ +void gcry_set_log_handler (gcry_handler_log_t f, + void *opaque) _GCRY_ATTR_INTERNAL; /* Reserved for future use. */ void gcry_set_gettext_handler (const char *(*f)(const char*)); @@ -1903,6 +2079,7 @@ gcry_error_t gcry_pk_hash_verify (gcry_sexp_t sigval, gcry_error_t gcry_pk_random_override_new (gcry_ctx_t *r_ctx, const unsigned char *p, size_t len); +#define gcry_pk_input_data_push gcry_pk_random_override_new #if 0 /* (Keep Emacsens' auto-indent happy.) */ { diff --git a/SMP/libgcrypt.vcxproj b/SMP/libgcrypt.vcxproj index bbf3f4cb..a17e8c8a 100644 --- a/SMP/libgcrypt.vcxproj +++ b/SMP/libgcrypt.vcxproj @@ -10,7 +10,7 @@ - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -65,7 +65,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -120,7 +120,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -176,7 +176,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -232,7 +232,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -287,7 +287,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -342,7 +342,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -398,7 +398,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -454,7 +454,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -510,7 +510,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) diff --git a/SMP/libgcrypt.vcxproj.filters b/SMP/libgcrypt.vcxproj.filters index f03252cb..2f59bcc4 100644 --- a/SMP/libgcrypt.vcxproj.filters +++ b/SMP/libgcrypt.vcxproj.filters @@ -93,9 +93,6 @@ Header Files\cipher - - Header Files\cipher - Header Files\cipher @@ -183,6 +180,21 @@ Header Files\src + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + @@ -254,9 +266,6 @@ Source Files\cipher - - Source Files\cipher - Source Files\cipher @@ -572,6 +581,30 @@ Source Files\src + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + diff --git a/SMP/libgcrypt_files.props b/SMP/libgcrypt_files.props index 2e378216..fdc45739 100644 --- a/SMP/libgcrypt_files.props +++ b/SMP/libgcrypt_files.props @@ -3,21 +3,25 @@ + - + + + + @@ -51,6 +55,7 @@ + @@ -70,7 +75,6 @@ - @@ -94,11 +98,15 @@ + + + + @@ -112,6 +120,7 @@ + @@ -120,11 +129,13 @@ + + diff --git a/SMP/libgcrypt_winrt.vcxproj b/SMP/libgcrypt_winrt.vcxproj index 5e6a5b14..633e0e97 100644 --- a/SMP/libgcrypt_winrt.vcxproj +++ b/SMP/libgcrypt_winrt.vcxproj @@ -10,7 +10,7 @@ - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -65,7 +65,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -120,7 +120,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -176,7 +176,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -232,7 +232,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -287,7 +287,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -342,7 +342,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -398,7 +398,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__i386__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__i386__;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -454,7 +454,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) @@ -510,7 +510,7 @@ del /f /q $(OutDir)\licenses\libgcrypt.txt - HAVE_CONFIG_H;asm=__asm__;__x86_64__;%(PreprocessorDefinitions) + HAVE_CONFIG_H;asm=__asm__;__i386;__x86_64__;__x86_64;%(PreprocessorDefinitions) .\;..\src;.\mpi;..\mpi;.\cipher;..\random;%(AdditionalIncludeDirectories) 4146;4018;4028;4244;4267;4715;4334;4996;4703;4090;%(DisableSpecificWarnings) diff --git a/SMP/libgcrypt_winrt.vcxproj.filters b/SMP/libgcrypt_winrt.vcxproj.filters index 94447915..69aabe8d 100644 --- a/SMP/libgcrypt_winrt.vcxproj.filters +++ b/SMP/libgcrypt_winrt.vcxproj.filters @@ -93,9 +93,6 @@ Header Files\cipher - - Header Files\cipher - Header Files\cipher @@ -183,6 +180,21 @@ Header Files\src + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + + + Header Files\cipher + @@ -254,9 +266,6 @@ Source Files\cipher - - Source Files\cipher - Source Files\cipher @@ -572,6 +581,30 @@ Source Files\src + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + + + Source Files\cipher + diff --git a/SMP/version.h b/SMP/version.h index 8b771b2c..8f572540 100644 --- a/SMP/version.h +++ b/SMP/version.h @@ -1,11 +1,11 @@ /* Define to the version of this package. */ -#define PACKAGE_VERSION "1.10.3" +#define PACKAGE_VERSION "1.11.0" /* Version of this package */ -#define VERSION "1.10.3" +#define VERSION "1.11.0" /* GIT commit id revision used to build this package */ -#define BUILD_REVISION "aa16108" +#define BUILD_REVISION "9d94d78" /* The time this package was configured for a build */ -#define BUILD_TIMESTAMP "2023-12-23T13:00+0000" +#define BUILD_TIMESTAMP "2024-06-29T11:20+0000" diff --git a/SMP/versioninfo.rc b/SMP/versioninfo.rc index b0b2ffc1..690fa229 100644 --- a/SMP/versioninfo.rc +++ b/SMP/versioninfo.rc @@ -18,8 +18,8 @@ VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,10,3,43542 - PRODUCTVERSION 1,10,3,43542 + FILEVERSION 1,11,0,40340 + PRODUCTVERSION 1,11,0,40340 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x21L @@ -37,15 +37,15 @@ BEGIN VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License (LGPLv2.1+).\0" VALUE "CompanyName", "g10 Code GmbH\0" VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" - VALUE "FileVersion", "24.4.3.aa16108\0" + VALUE "FileVersion", "25.5.0.9d94d78\0" VALUE "InternalName", "libgcrypt\0" VALUE "LegalCopyright", "Copyright © 2023 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libgcrypt.dll\0" VALUE "PrivateBuild", "\0" VALUE "ProductName", "libgcrypt\0" - VALUE "ProductVersion", "1.10.3\0" - VALUE "SpecialBuild", "2023-12-23T13:00+0000\0" + VALUE "ProductVersion", "1.11.0\0" + VALUE "SpecialBuild", "2024-06-29T11:20+0000\0" END END END diff --git a/build-aux/ltmain.sh b/build-aux/ltmain.sh index bafa8fbb..859599aa 100644 --- a/build-aux/ltmain.sh +++ b/build-aux/ltmain.sh @@ -5686,8 +5686,8 @@ func_mode_link () *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) # The PATH hackery in wrapper scripts is required on Windows # and Darwin in order for the loader to find any dlls it needs. - # func_warning "\`-no-install' is ignored for $host" - # func_warning "assuming \`-no-fast-install' instead" + func_warning "\`-no-install' is ignored for $host" + func_warning "assuming \`-no-fast-install' instead" fast_install=no ;; *) no_install=yes ;; diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 244dd5d4..68defea6 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -957,10 +957,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, void *random_override = NULL; size_t random_override_len = 0; - /* The RSA PKCS#1.5 encryption is no longer supported by FIPS */ - if (fips_mode ()) - rc = GPG_ERR_INV_FLAG; - else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) rc = GPG_ERR_INV_OBJ; else { @@ -1092,10 +1089,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, const void * value; size_t valuelen; - /* The RSA OAEP encryption requires some more assurances in FIPS */ - if (fips_mode ()) - rc = GPG_ERR_INV_FLAG; - else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) + if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen ) rc = GPG_ERR_INV_OBJ; else { diff --git a/cipher/pubkey.c b/cipher/pubkey.c index f4c17d2d..214bd611 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -672,30 +672,6 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, const char *tmpl, gcry_md_hd_t hd_orig, gcry_sexp_t s_data = NULL; gcry_error_t err; gcry_md_hd_t hd; - const char *s; - char *hash_name; - - /* Check if it has fixed hash name or %s */ - s = strstr (tmpl, "(hash "); - if (s == NULL) - return GPG_ERR_DIGEST_ALGO; - - s += 6; - if (!strncmp (s, "%s", 2)) - hash_name = NULL; - else - { - const char *p; - - for (p = s; *p && *p != ' '; p++) - ; - - hash_name = xtrymalloc (p - s + 1); - if (!hash_name) - return gpg_error_from_syserror (); - memcpy (hash_name, s, p - s); - hash_name[p - s] = 0; - } if (!hd_orig) hd = NULL; diff --git a/cipher/rsa.c b/cipher/rsa.c index bbf7eaed..c7a809f4 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -1468,12 +1468,6 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) rc = GPG_ERR_INV_DATA; goto leave; } - if (fips_mode () && (ctx.encoding == PUBKEY_ENC_PKCS1 || - ctx.encoding == PUBKEY_ENC_OAEP)) - { - rc = GPG_ERR_INV_FLAG; - goto leave; - } /* Extract the key. */ rc = sexp_extract_param (keyparms, NULL, "nedp?q?u?", diff --git a/compat/compat.c b/compat/compat.c index 86745fc6..7684e4f3 100644 --- a/compat/compat.c +++ b/compat/compat.c @@ -30,8 +30,6 @@ _gcry_compat_identification (void) static const char blurb[] = "\n\n" "This is Libgcrypt " PACKAGE_VERSION " - The GNU Crypto Library\n" - "Copyright (C) 2012-2022 g10 Code GmbH\n" - "Copyright (C) 2013-2022 Jussi Kivilinna\n" "Copyright (C) 2000-2018 Free Software Foundation, Inc.\n" "Copyright (C) 2012-2024 g10 Code GmbH\n" "Copyright (C) 2013-2024 Jussi Kivilinna\n" diff --git a/configure.ac b/configure.ac index 43ad0712..1d06ca3b 100644 --- a/configure.ac +++ b/configure.ac @@ -1281,8 +1281,7 @@ AC_CACHE_CHECK([whether GCC assembler supports for CFI directives], ".cfi_restore_state\n\t" ".long 0\n\t" ".cfi_endproc\n\t" - ); - void asmfunc(void)]])], + );]])], [gcry_cv_gcc_asm_cfi_directives=yes])]) if test "$gcry_cv_gcc_asm_cfi_directives" = "yes" ; then AC_DEFINE(HAVE_GCC_ASM_CFI_DIRECTIVES,1, diff --git a/src/fips.c b/src/fips.c index 2271e374..f40ed2b8 100644 --- a/src/fips.c +++ b/src/fips.c @@ -373,6 +373,7 @@ _gcry_fips_indicator_cipher (va_list arg_ptr) case GCRY_CIPHER_MODE_OFB: case GCRY_CIPHER_MODE_CTR: case GCRY_CIPHER_MODE_CCM: + case GCRY_CIPHER_MODE_GCM: case GCRY_CIPHER_MODE_XTS: case GCRY_CIPHER_MODE_AESWRAP: return GPG_ERR_NO_ERROR; diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 0e96998b..b5a804a9 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1,6 +1,4 @@ /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- - * Copyright (C) 2012-2023 g10 Code GmbH - * Copyright (C) 2013-2023 Jussi Kivilinna * Copyright (C) 1998-2018 Free Software Foundation, Inc. * Copyright (C) 2012-2024 g10 Code GmbH * diff --git a/src/mpicalc.c b/src/mpicalc.c index ca413cf4..0903e0a4 100644 --- a/src/mpicalc.c +++ b/src/mpicalc.c @@ -85,40 +85,26 @@ print_mpi (gcry_mpi_t a) static void -do_add (int usemod) +do_add (void) { - if (stackidx < (usemod?3:2)) + if (stackidx < 2) { fputs ("stack underflow\n", stderr); return; } - if (usemod) - { - mpi_addm (stack[stackidx - 3], stack[stackidx - 3], - stack[stackidx - 2], stack[stackidx - 1]); - stackidx--; - } - else - mpi_add (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + mpi_add (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); stackidx--; } static void -do_sub (int usemod) +do_sub (void) { - if (stackidx < (usemod?3:2)) + if (stackidx < 2) { fputs ("stack underflow\n", stderr); return; } - if (usemod) - { - mpi_subm (stack[stackidx - 3], stack[stackidx - 3], - stack[stackidx - 2], stack[stackidx - 1]); - stackidx--; - } - else - mpi_sub (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + mpi_sub (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); stackidx--; } @@ -342,7 +328,6 @@ print_help (void) "r reverse [0] := [1], [1] := [0] {0}\n" "b # of bits [0] := nbits([0]) {0}\n" "P prime check [0] := is_prime([0])?1:0 {0}\n" - "M use mod for next '+' and '-'\n" "c clear stack\n" "p print top item\n" "f print the stack\n" @@ -363,7 +348,6 @@ main (int argc, char **argv) int state = 0; char strbuf[4096]; int stridx = 0; - int usemod = 0; if (argc) { @@ -476,8 +460,7 @@ main (int argc, char **argv) else { ungetc (c, stdin); - do_add (usemod); - usemod = 0; + do_add (); } break; case '-': @@ -497,8 +480,7 @@ main (int argc, char **argv) else { ungetc (c, stdin); - do_sub (usemod); - usemod = 0; + do_sub (); } break; case '*': @@ -565,9 +547,6 @@ main (int argc, char **argv) case 'P': do_primecheck (); break; - case 'M': - usemod = 1; - break; case 'c': for (i = 0; i < stackidx; i++) { diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in index 929f9ccc..f87d0d05 100644 --- a/src/versioninfo.rc.in +++ b/src/versioninfo.rc.in @@ -39,7 +39,7 @@ BEGIN VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0" VALUE "InternalName", "libgcrypt\0" - VALUE "LegalCopyright", "Copyright © 2023 g10 Code GmbH\0" + VALUE "LegalCopyright", "Copyright © 2021 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libgcrypt.dll\0" VALUE "PrivateBuild", "\0" diff --git a/tests/basic.c b/tests/basic.c index 999d5001..72c65b58 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -17441,40 +17441,35 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, NULL, 0, 0, - 0, - FLAG_NOFIPS }, + 0 }, { GCRY_PK_RSA, "(data\n (flags pkcs1)\n" " (value #11223344556677889900AA#))\n", "(flags pkcs1)", 1, 0, - 0, - FLAG_NOFIPS }, + 0 }, { GCRY_PK_RSA, "(data\n (flags oaep)\n" " (value #11223344556677889900AA#))\n", "(flags oaep)", 1, 0, - 0, - FLAG_NOFIPS }, + 0 }, { GCRY_PK_RSA, "(data\n (flags oaep)\n (hash-algo sha1)\n" " (value #11223344556677889900AA#))\n", "(flags oaep)(hash-algo sha1)", 1, 0, - 0, - FLAG_NOFIPS }, + 0 }, { GCRY_PK_RSA, "(data\n (flags oaep)\n (hash-algo sha1)\n (label \"test\")\n" " (value #11223344556677889900AA#))\n", "(flags oaep)(hash-algo sha1)(label \"test\")", 1, 0, - 0, - FLAG_NOFIPS }, + 0 }, { GCRY_PK_RSA, "(data\n (flags oaep)\n (hash-algo sha1)\n (label \"test\")\n" " (value #11223344556677889900AA#)\n" @@ -17482,8 +17477,7 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, "(flags oaep)(hash-algo sha1)(label \"test\")", 1, 0, - 0, - FLAG_NOFIPS }, + 0 }, { 0, "(data\n (flags )\n" " (value #11223344556677889900AA#))\n", NULL, @@ -17556,8 +17550,7 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo, die ("converting data failed: %s\n", gpg_strerror (rc)); rc = gcry_pk_encrypt (&ciph, data, pkey); - if (in_fips_mode && ((flags & FLAG_NOFIPS) || - (datas[dataidx].flags & FLAG_NOFIPS))) + if (in_fips_mode && (flags & FLAG_NOFIPS)) { if (!rc) fail ("gcry_pk_encrypt did not fail as expected in FIPS mode\n"); diff --git a/tests/pkcs1v2.c b/tests/pkcs1v2.c index 2fd495d5..f26e779b 100644 --- a/tests/pkcs1v2.c +++ b/tests/pkcs1v2.c @@ -186,24 +186,11 @@ check_oaep (void) err = gcry_pk_encrypt (&ciph, plain, pub_key); if (err) { - if (in_fips_mode) - { - gcry_sexp_release (plain); - plain = NULL; - continue; - } show_sexp ("plain:\n", ciph); fail ("gcry_pk_encrypt failed: %s\n", gpg_strerror (err)); } else { - if (in_fips_mode) - { - fail ("The OAEP encryption unexpectedly worked in FIPS mode\n"); - gcry_sexp_release (plain); - plain = NULL; - continue; - } if (extract_cmp_data (ciph, "a", tbl[tno].m[mno].encr, tbl[tno].m[mno].desc)) { @@ -467,19 +454,7 @@ check_v15crypt (void) gcry_free (seed); err = gcry_pk_encrypt (&ciph, plain, pub_key); - if (in_fips_mode) - { - if (!err) - { - fail ("gcry_pk_encrypt should have failed in FIPS mode:\n"); - } - gcry_sexp_release (plain); - plain = NULL; - gcry_sexp_release (ciph); - ciph = NULL; - continue; - } - else if (err) + if (err) { show_sexp ("plain:\n", ciph); fail ("gcry_pk_encrypt failed: %s\n", gpg_strerror (err)); diff --git a/tests/t-kdf.c b/tests/t-kdf.c index a6df57e1..10f64a7c 100644 --- a/tests/t-kdf.c +++ b/tests/t-kdf.c @@ -1927,64 +1927,6 @@ check_fips_indicators (void) } -static void -check_fips_indicators (void) -{ - enum gcry_kdf_algos fips_kdf_algos[] = { - GCRY_KDF_PBKDF2, - }; - enum gcry_kdf_algos kdf_algos[] = { - GCRY_KDF_SIMPLE_S2K, - GCRY_KDF_SALTED_S2K, - GCRY_KDF_ITERSALTED_S2K, - GCRY_KDF_PBKDF1, - GCRY_KDF_PBKDF2, - GCRY_KDF_SCRYPT, - GCRY_KDF_ARGON2 - }; - size_t i, j; - - for (i = 0; i < sizeof(kdf_algos) / sizeof(*kdf_algos); i++) - { - int is_fips_kdf_algo = 0; - gcry_error_t err = gcry_control (GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, kdf_algos[i]); - - if (verbose) - fprintf (stderr, "checking FIPS indicator for KDF %d: %s\n", - kdf_algos[i], gcry_strerror (err)); - - for (j = 0; j < sizeof(fips_kdf_algos) / sizeof(*fips_kdf_algos); j++) - { - if (kdf_algos[i] == fips_kdf_algos[j]) - { - is_fips_kdf_algo = 1; - break; - } - } - - switch (err & GPG_ERR_CODE_MASK) - { - case GPG_ERR_NO_ERROR: - if (!is_fips_kdf_algo) - fail ("KDF algorithm %d is marked as approved by" - " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, but only PBKDF2 should" - " be marked as approved.", kdf_algos[i]); - break; - case GPG_ERR_NOT_SUPPORTED: - if (is_fips_kdf_algo) - fail ("KDF algorithm %d is marked as not approved by" - " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF, but it should be" - " approved", kdf_algos[i]); - break; - default: - fail ("Unexpected error '%s' (%d) returned by" - " GCRYCTL_FIPS_SERVICE_INDICATOR_KDF for KDF algorithm %d", - gcry_strerror (err), err, kdf_algos[i]); - } - } -} - - int main (int argc, char **argv) {