File libgcrypt-binary_integrity_in_non-FIPS.patch of Package libgcrypt.14348

Overview Repositories Revisions Requests Users Attributes Meta

File libgcrypt-binary_integrity_in_non-FIPS.patch of Package libgcrypt.14348

Index: libgcrypt-1.8.2/src/fips.c
===================================================================
--- libgcrypt-1.8.2.orig/src/fips.c	2019-03-27 13:15:14.190987624 +0100
+++ libgcrypt-1.8.2/src/fips.c	2019-03-27 13:18:07.047986428 +0100
@@ -115,6 +115,50 @@ _gcry_initialize_fsm_lock (void)
       abort ();
     }
 }
+
+/* Checks whether the library will enter the FIPS mode.
+   Uses the same logic as _gcry_initialize_fips_mode */
+static int
+will_enter_fips (void)
+{
+  /* for convenience, so that a process can run fips-enabled, but
+     not necessarily all of them, enable FIPS mode via environment
+     variable LIBGCRYPT_FORCE_FIPS_MODE.	 */
+  if (getenv("LIBGCRYPT_FORCE_FIPS_MODE") != NULL)
+      return 1;
+
+  /* For testing the system it is useful to override the system
+     provided detection of the FIPS mode and force FIPS mode using a
+     file.  The filename is hardwired so that there won't be any
+     confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is
+     actually used.  The file itself may be empty.  */
+  if ( !access (FIPS_FORCE_FILE, F_OK) )
+    return 1;
+
+  /* Checking based on /proc file properties.  */
+  {
+    static const char procfname[] = "/proc/sys/crypto/fips_enabled";
+    FILE *fp;
+
+    fp = fopen (procfname, "r");
+    if (fp)
+      {
+        char line[256];
+
+        if (fgets (line, sizeof line, fp) && atoi (line))
+          {
+            /* System is in fips mode.  */
+            fclose (fp);
+            return 1;
+          }
+        fclose (fp);
+      }
+  }
+
+  return 0;
+}
+
+
 
 /* Check whether the OS is in FIPS mode and record that in a module
    local variable.  If FORCE is passed as true, fips mode will be
@@ -631,10 +675,10 @@ get_library_path(const char *libname, co
 
 /* Run an integrity check on the binary.  Returns 0 on success.  */
 static int
-check_binary_integrity (void)
+check_binary_integrity ()
 {
 #ifdef ENABLE_HMAC_BINARY_CHECK
-  gpg_error_t err;
+  gpg_error_t err = 0;
   char libpath[4096];
   unsigned char digest[32];
   int dlen;
@@ -675,7 +719,14 @@ check_binary_integrity (void)
               /* Open the file.  */
               fp = fopen (fname, "r");
               if (!fp)
-                err = gpg_error_from_syserror ();
+                {
+                  /* Missing checksum is a problem only in FIPS mode.
+                     As the integrity check was moved to the POWERON state,
+                     we no longer can rely on fips_mode(). Because at the point,
+                     the library is not yet initialized. */
+                  if (will_enter_fips() || errno != ENOENT)
+                    err = gpg_error_from_syserror ();
+                }
               else
                 {
                   /* A buffer of 64 bytes plus one for a LF and one to

Places

File libgcrypt-binary_integrity_in_non-FIPS.patch of Package libgcrypt.14348

Places