gpg,sm: Check compliance of the RNG.

* common/compliance.c (gnupg_rng_is_compliant): New. * g10/call-agent.c (start_agent) [W32]: Check rng compliance. * sm/call-agent.c (start_agent) [W32]: Ditto. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is compliant. * sm/encrypt.c (gpgsm_encrypt): Ditto. * g10/sign.c (do_sign): Ditto. * sm/sign.c (gpgsm_sign): Ditto. -- Under Windows we need to check that the Jitter RNG is active in de-vs mode. Under Linux this is not necessary because /dev/random can be scrutinized and is believed to provide enough entropy. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2017-07-17 15:52:26 +02:00 · 2017-07-17 15:52:26 +02:00 · a149afe338
commit a149afe338
parent bbbd0db34b
8 changed files with 131 additions and 0 deletions
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@ -281,6 +281,24 @@ start_agent (ctrl_t ctrl, int flag_for_card)
                  write_status_error ("set_pinentry_mode", rc);
                }
            }
+
+          /* In DE_VS mode under Windows we require that the JENT RNG
+           * is active.  */
+#ifdef HAVE_W32_SYSTEM
+          if (!rc && opt.compliance == CO_DE_VS)
+            {
+              if (assuan_transact (agent_ctx, "GETINFO jent_active",
+                                   NULL, NULL, NULL, NULL, NULL, NULL))
+                {
+                  rc = gpg_error (GPG_ERR_FORBIDDEN);
+                  log_error (_("%s is not compliant with %s mode\n"),
+                             GPG_AGENT_NAME,
+                             gnupg_compliance_option_string (opt.compliance));
+                  write_status_error ("random-compliance", rc);
+                }
+            }
+#endif /*HAVE_W32_SYSTEM*/
+
        }
    }

--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@ -185,6 +185,16 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
  progress_filter_context_t *pfx;
  int do_compress = !!default_compress_algo();

+  if (!gnupg_rng_is_compliant (opt.compliance))
+    {
+      rc = gpg_error (GPG_ERR_FORBIDDEN);
+      log_error (_("%s is not compliant with %s mode\n"),
+                 "RNG",
+                 gnupg_compliance_option_string (opt.compliance));
+      write_status_error ("random-compliance", rc);
+      return rc;
+    }
+
  pfx = new_progress_context ();
  memset( &cfx, 0, sizeof cfx);
  memset( &zfx, 0, sizeof zfx);
@ -626,6 +636,16 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
      goto leave;
    }

+  if (!gnupg_rng_is_compliant (opt.compliance))
+    {
+      rc = gpg_error (GPG_ERR_FORBIDDEN);
+      log_error (_("%s is not compliant with %s mode\n"),
+                 "RNG",
+                 gnupg_compliance_option_string (opt.compliance));
+      write_status_error ("random-compliance", rc);
+      goto leave;
+    }
+
  compliant = gnupg_cipher_is_compliant (CO_DE_VS, cfx.dek->algo,
                                         GCRY_CIPHER_MODE_CFB);

--- a/g10/sign.c
+++ b/g10/sign.c
@ -299,6 +299,16 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
      goto leave;
    }

+  if (!gnupg_rng_is_compliant (opt.compliance))
+    {
+      err = gpg_error (GPG_ERR_FORBIDDEN);
+      log_error (_("%s is not compliant with %s mode\n"),
+                 "RNG",
+                 gnupg_compliance_option_string (opt.compliance));
+      write_status_error ("random-compliance", err);
+      goto leave;
+    }
+
  print_digest_algo_note (mdalgo);
  dp = gcry_md_read  (md, mdalgo);
  sig->digest_algo = mdalgo;