Red Hat Bugzilla – Bug 1172568
Update CAVS driver in the package to cover current FIPS revalidation needs
Last modified: 2017-08-01 16:53:09 EDT
Description of problem: CAVS test driver in libgcrypt as follows: # ./cavs_tests.sh Running test file cavs/DSA2/req/PQGVer.req Too many arguments for main::rsa_keygen_kat_driver at ./cavs_driver.pl line 2632, near "$qrandom)" Execution of ./cavs_driver.pl aborted due to compilation errors. failed test: cavs/DSA2/req/PQGVer.req rc=255 Error encountered - not packing up response file Version-Release number of selected component (if applicable): libgcrypt-1.5.3-10.el7 How reproducible: 100% Steps to Reproduce: 1. Run cavs_driver.pl in tests directory. Actual results: See above.
This is nothing critical, the cavs_driver is not part of shipped binary rpms and it will probably need additional updates for new algorithms anyway.
Successfully reproduced and verified in FIPS mode. OLD (libgcrypt-1.5.3-13.el7_3.1) ================================ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Test :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Command 'rm -rf /root/rpmbuild/BUILD/libgcrypt-*' (Expected 0-255, got 0) :: [ PASS ] :: Command 'rpmbuild -vv -bc /root/rpmbuild/SPECS/libgcrypt.spec' (Expected 0, got 0) :: [ PASS ] :: Command 'fipshmac /root/rpmbuild/BUILD/libgcrypt-*/src/.libs/libgcrypt.so.??' (Expected 0, got 0) :: [ PASS ] :: Command 'cp -r cavs /root/rpmbuild/BUILD/libgcrypt-*/tests/' (Expected 0, got 0) :: [ PASS ] :: Command 'pushd /root/rpmbuild/BUILD/libgcrypt-*/tests' (Expected 0, got 0) :: [ FAIL ] :: Command './cavs_tests.sh' (Expected 0, got 1) :: [ PASS ] :: Command 'popd' (Expected 0, got 0) :: [ FAIL ] :: Command 'mkdir results && cp /root/rpmbuild/BUILD/libgcrypt-*/tests/cavs/*.zip results/' (Expected 0, got 1) :: [ PASS ] :: Command 'pushd results' (Expected 0, got 0) :: [ FAIL ] :: Command 'unzip *.zip' (Expected 0, got 9) :: [ PASS ] :: Command 'popd' (Expected 0, got 0) :: [ FAIL ] :: rlAssertNotDiffer: file results/DSA2/resp/SigVer.rsp was not found :: [ ERROR ] :: reference-results/DSA2/resp/SigVer.rsp differs from reference! :: [ FAIL ] :: rlAssertNotDiffer: file results/DSA2/resp/PQGVer.rsp was not found :: [ ERROR ] :: reference-results/DSA2/resp/PQGVer.rsp differs from reference! :: [ LOG ] :: Duration: 17s :: [ LOG ] :: Assertions: 8 good, 5 bad :: [ FAIL ] :: RESULT: Test NEW (libgcrypt-1.5.3-14.el7) ============================ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Test :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Command 'rm -rf /root/rpmbuild/BUILD/libgcrypt-*' (Expected 0-255, got 0) :: [ PASS ] :: Command 'rpmbuild -vv -bc /root/rpmbuild/SPECS/libgcrypt.spec' (Expected 0, got 0) :: [ PASS ] :: Command 'fipshmac /root/rpmbuild/BUILD/libgcrypt-*/src/.libs/libgcrypt.so.??' (Expected 0, got 0) :: [ PASS ] :: Command 'cp -r cavs /root/rpmbuild/BUILD/libgcrypt-*/tests/' (Expected 0, got 0) :: [ PASS ] :: Command 'pushd /root/rpmbuild/BUILD/libgcrypt-*/tests' (Expected 0, got 0) :: [ PASS ] :: Command './cavs_tests.sh' (Expected 0, got 0) :: [ PASS ] :: Command 'popd' (Expected 0, got 0) :: [ PASS ] :: Command 'mkdir results && cp /root/rpmbuild/BUILD/libgcrypt-*/tests/cavs/*.zip results/' (Expected 0, got 0) :: [ PASS ] :: Command 'pushd results' (Expected 0, got 0) :: [ PASS ] :: Command 'unzip *.zip' (Expected 0, got 0) :: [ PASS ] :: Command 'popd' (Expected 0, got 0) :: [ PASS ] :: Files reference-results/DSA2/resp/SigVer.rsp and results/DSA2/resp/SigVer.rsp should not differ :: [ PASS ] :: Files reference-results/DSA2/resp/PQGVer.rsp and results/DSA2/resp/PQGVer.rsp should not differ :: [ LOG ] :: Duration: 2m 34s :: [ LOG ] :: Assertions: 13 good, 0 bad :: [ PASS ] :: RESULT: Test See TJ#1880199 for more details.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2006