From: Daiki Ueno <ueno@gnu.org>
Date: Mon, 19 Sep 2022 16:25:51 +0000 (+0900)
Subject: fips: mark gnutls_key_generate with short key sizes non-approved
X-Git-Tag: 3.8.0~47^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=49df693293d706f89a1efb84f0a75e9537619fe4;p=thirdparty%2Fgnutls.git

fips: mark gnutls_key_generate with short key sizes non-approved

Signed-off-by: Daiki Ueno <ueno@gnu.org>
---

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 9e246ce537..d3e601ab3a 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -1056,6 +1056,7 @@ gnutls_hash_hd_t gnutls_hash_copy(gnutls_hash_hd_t handle)
 int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size)
 {
 	int ret;
+	bool not_approved = false;
 
 	FAIL_IF_LIB_ERROR;
 
@@ -1072,17 +1073,31 @@ int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size)
 	key->data = gnutls_malloc(key->size);
 	if (!key->data) {
 		gnutls_assert();
-		return GNUTLS_E_MEMORY_ERROR;
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto error;
+	}
+
+	/* Key lengths of less than 112 bits are not approved */
+	if (key_size < 14) {
+		not_approved = true;
 	}
 
 	ret = gnutls_rnd(GNUTLS_RND_RANDOM, key->data, key->size);
 	if (ret < 0) {
 		gnutls_assert();
 		_gnutls_free_datum(key);
-		return ret;
+		goto error;
 	}
 
-	return 0;
+ error:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
 }
 
 /* AEAD API */
diff --git a/tests/fips-test.c b/tests/fips-test.c
index 704effeccb..f7556d7bbb 100644
--- a/tests/fips-test.c
+++ b/tests/fips-test.c
@@ -272,6 +272,7 @@ void doit(void)
 	uint8_t hash[64];
 	gnutls_datum_t hashed_data;
 	uint8_t pbkdf2[64];
+	gnutls_datum_t temp_key = { NULL, 0 };
 
 	fprintf(stderr,
 		"Please note that if in FIPS140 mode, you need to assure the library's integrity prior to running this test\n");
@@ -403,6 +404,24 @@ void doit(void)
 		fail("gnutls_rnd failed\n");
 	}
 
+	/* Symmetric key generation equal to or longer than 112 bits: approved */
+	FIPS_PUSH_CONTEXT();
+	ret = gnutls_key_generate(&temp_key, 14);
+	if (ret < 0) {
+		fail("gnutls_key_generate failed\n");
+	}
+	gnutls_free(temp_key.data);
+	FIPS_POP_CONTEXT(APPROVED);
+
+	/* Symmetric key generation shorter than 112 bits: not approved */
+	FIPS_PUSH_CONTEXT();
+	ret = gnutls_key_generate(&temp_key, 13);
+	if (ret < 0) {
+		fail("gnutls_key_generate failed\n");
+	}
+	gnutls_free(temp_key.data);
+	FIPS_POP_CONTEXT(NOT_APPROVED);
+
 	ret = gnutls_pubkey_init(&pubkey);
 	if (ret < 0) {
 		fail("gnutls_pubkey_init failed\n");