Revisions of libgcrypt
buildservice-autocommit
accepted
request 819169
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 139)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 139)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 819163
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 138)
- Update to 1.8.6
* mpi: Consider +0 and -0 the same in mpi_cmp
* mpi: Fix flags in mpi_copy for opaque MPI
* mpi: Fix the return value of mpi_invm_generic
* mpi: DSA,ECDSA: Fix use of mpi_invm
- Call mpi_invm before _gcry_dsa_modify_k
- Call mpi_invm before _gcry_ecc_ecdsa_sign
* mpi: Constant time mpi_inv with some conditions
- mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond)
- New: mpih_abs_cond, mpi_invm_odd
- Rename from _gcry_mpi_invm: mpi_invm_generic
- Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm
* mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr
* Fix wrong code execution in Poly1305 ARM/NEON implementation
- Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext)
* Set vZZ.16b register to zero before use in armv8 gcm implementation
* random: Fix include of config.h
* Fix declaration of internal function _gcry_mpi_get_ui: Don't use ulong
* ecc: Fix wrong handling of shorten PK bytes
- Zeros are already recovered: (_gcry_ecc_mont_decodepoint)
- Update libgcrypt-ecc-ecdsa-no-blinding.patch
buildservice-autocommit
accepted
request 807319
from
Vítězslav Čížek (vitezslav_cizek)
(revision 137)
Vítězslav Čížek (vitezslav_cizek)
(revision 137)
baserev update by copy to link target
buildservice-autocommit
accepted
request 805629
from
Vítězslav Čížek (vitezslav_cizek)
(revision 136)
Vítězslav Čížek (vitezslav_cizek)
(revision 136)
baserev update by copy to link target
Vítězslav Čížek (vitezslav_cizek)
accepted
request 807298
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 135)
- FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872] * Print the debug messages in test_keys() only in debug mode. - Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch libgcrypt-PCT-ECC.patch
Vítězslav Čížek (vitezslav_cizek)
accepted
request 805624
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 134)
- FIPS: libgcrypt: Double free in test_keys() on failed signature
verification [bsc#1169944]
* Use safer gcry_mpi_release() instead of mpi_free()
- Update patches:
* libgcrypt-PCT-DSA.patch
* libgcrypt-PCT-RSA.patch
* libgcrypt-PCT-ECC.patch
- Ship the FIPS checksum file in the shared library package and
create a separate trigger file for the FIPS selftests (bsc#1169569)
* add libgcrypt-fips_selftest_trigger_file.patch
* refresh libgcrypt-global_init-constructor.patch
- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted
by libgcrypt-global_init-constructor.patch
- FIPS: Verify that the generated signature and the original input
differ in test_keys function for RSA, DSA and ECC: [bsc#1165539]
- Add zero-padding when qx and qy have different lengths when
assembling the Q point from affine coordinates.
- Refreshed patches:
* libgcrypt-PCT-DSA.patch
* libgcrypt-PCT-RSA.patch
* libgcrypt-PCT-ECC.patch
- FIPS: Switch the PCT to use the new signature operation [bsc#1165539]
* Patches for DSA, RSA and ECDSA test_keys functions:
- libgcrypt-PCT-DSA.patch
- libgcrypt-PCT-RSA.patch
- libgcrypt-PCT-ECC.patch
- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch
buildservice-autocommit
accepted
request 766879
from
Tomáš Chvátal (scarabeus_iv)
(revision 133)
Tomáš Chvátal (scarabeus_iv)
(revision 133)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 766877
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 132)
- FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219]
- FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215]
- FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220]
* Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch
- FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337]
* Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch
- Fix tests in FIPS mode:
* Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem
* Add patch libgcrypt-fix-tests-fipsmode.patch
- Fix test dsa-rfc6979 in FIPS mode:
* Disable tests in elliptic curves with 192 bits which are not
recommended in FIPS mode
* Add patch libgcrypt-dsa-rfc6979-test-fix.patch
- CMAC AES and TDES FIPS self-tests:
* CMAC AES self test missing [bsc#1155339]
* CMAC TDES self test missing [bsc#1155338]
- Add libgcrypt-CMAC-AES-TDES-selftest.patch
buildservice-autocommit
accepted
request 727334
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 131)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 131)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 727257
from
Andreas Stieger (AndreasStieger)
(revision 130)
libgcrypt 1.8.5 CVE-2019-13627 boo#1148987
buildservice-autocommit
accepted
request 712272
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 129)
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 129)
baserev update by copy to link target
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 712076
from
Jason Sikes (jsikes)
(revision 128)
This fixes bsc#1133808. Hope it doesn't break anything else. Enjoy!
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 711377
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 127)
- Fixed env-script-interpreter in cavs_driver.pl
- Security fix: [bsc#1138939, CVE-2019-12904]
* The C implementation of AES is vulnerable to a flush-and-reload
side-channel attack because physical addresses are available to
other processes. (The C implementation is used on platforms where
an assembly-language implementation is unavailable.)
* Added patches:
- libgcrypt-CVE-2019-12904-GCM-Prefetch.patch
- libgcrypt-CVE-2019-12904-GCM.patch
- libgcrypt-CVE-2019-12904-AES.patch
buildservice-autocommit
accepted
request 698628
from
Tomáš Chvátal (scarabeus_iv)
(revision 126)
Tomáš Chvátal (scarabeus_iv)
(revision 126)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 698242
from
Jason Sikes (jsikes)
(revision 125)
Hopefully this fixes bsc#1131369. Hopefully.
Tomáš Chvátal (scarabeus_iv)
accepted
request 697283
from
Jason Sikes (jsikes)
(revision 124)
Fixed a few bugs. Enjoy!
Tomáš Chvátal (scarabeus_iv)
accepted
request 692407
from
Jason Sikes (jsikes)
(revision 123)
Fixed a little oops. Enjoy.
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 689095
from
Vítězslav Čížek (vitezslav_cizek)
(revision 122)
- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests are invoked as well as the state transition, adjust the code so a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) * update libgcrypt-binary_integrity_in_non-FIPS.patch - Enforce the minimal RSA keygen size in fips mode (bsc#1125740) * add libgcrypt-fips_rsa_no_enforced_mode.patch
Tomáš Chvátal (scarabeus_iv)
accepted
request 688356
from
Vítězslav Čížek (vitezslav_cizek)
(revision 121)
- Don't run full self-tests from constructor (bsc#1097073)
* Don't call global_init() from the constructor, _gcry_global_constructor()
from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary
integrity check instead.
* Only the binary checksum will be verified, the remaining
self-tests will be run upon the library initialization
- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch
- Drop libgcrypt-init-at-elf-load-fips.patch and
libgcrypt-fips_run_selftest_at_constructor.patch obsoleted
by libgcrypt-1.8.3-fips-ctor.patch
- Skip all the self-tests except for binary integrity when called
from the constructor (bsc#1097073)
* Added libgcrypt-1.8.3-fips-ctor.patch from Fedora
buildservice-autocommit
accepted
request 652051
from
Tomáš Chvátal (scarabeus_iv)
(revision 120)
Tomáš Chvátal (scarabeus_iv)
(revision 120)
baserev update by copy to link target
Displaying revisions 41 - 60 of 179
