rpms/libica
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import libica-4.0.0-1.el9

Browse Source
This commit is contained in:
CentOS Sources 2022-05-17 06:33:11 -04:00 committed by Stepan Oksanichenko
commit 4b8a1ffdfb
5 changed files with 1067 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/libica-4.0.0.tar.gz

1
.libica.metadata Normal file
View File

@ -0,0 +1 @@
9c18c8b990f8e21162364006cb60a3c9104eae19 SOURCES/libica-4.0.0.tar.gz

83
SOURCES/libica-4.0.0-annotate.patch Normal file
View File

@ -0,0 +1,83 @@
From daad2a867cff48a7c4322716917d63538b083284 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Tue, 25 Sep 2018 13:44:32 +0200
Subject: [libica PATCH] add build note to assembler sources
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When distros use the annobin compiler plugin [1], they have complete overview
what compiler flags were used for compilation and they are able to perform
security checks on the produced binaries. Compiling assembler source can't
provide this kind of information by default, so we need the explicit
-Wa,--generate-missing-build-notes=yes option during build. When the option is
missing, then the annocheck tool reports "GAPS" in the resulting binary.
binutils >= 2.31 or older with backport is needed
[1] https://fedoraproject.org/wiki/Changes/Annobin
Signed-off-by: Dan Horák <dan@danny.cz>
---
configure.ac | 4 ++++
libica.spec | 2 +-
src/Makefile.am | 4 ++--
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 958371c..b8d0e42 100644
--- a/configure.ac
+++ b/configure.ac
@@ -113,12 +113,16 @@ if test "x$enable_coverage" = xno && test "x$enable_debug" = xno && test "x$enab
FLAGS="$FLAGS -O3 -D_FORTIFY_SOURCE=2"
fi
+# check if assembler can generate missing build notes, binutils >= 2.31 or older with backport is needed
+AX_CHECK_COMPILE_FLAG([-Wa,--generate-missing-build-notes=yes], [ICA_ASFLAGS="-Wa,--generate-missing-build-notes=yes"])
+
# restore cmdline flags (ignore PROG_AS/PROG_CC defaults)
CFLAGS="$cmdline_CFLAGS"
CCASFLAGS="$cmdline_CFLAGS"
AC_SUBST([FLAGS], $FLAGS)
AC_SUBST([LIBS], $LIBS)
+AC_SUBST([ICA_ASFLAGS], $ICA_ASFLAGS)
AC_CONFIG_FILES([Makefile doc/Makefile include/Makefile src/Makefile test/Makefile])
AC_OUTPUT
diff --git a/libica.spec b/libica.spec
index d71890a..e51430e 100644
--- a/libica.spec
+++ b/libica.spec
@@ -9,7 +9,7 @@ URL: https://github.com/opencryptoki/libica
Source0: %{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: autoconf automake libtool openssl-devel
+BuildRequires: autoconf automake libtool openssl-devel autoconf-archive
%description
Interface library on Linux for IBM System z to utilize CPACF
diff --git a/src/Makefile.am b/src/Makefile.am
index c630048..1b5ec71 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -31,13 +31,13 @@ SOURCES_common = ica_api.c init.c icastats_shared.c s390_rsa.c \
include/rng.h
libica_la_CFLAGS = ${CFLAGS_common} -DLIBNAME=\"libica\"
-libica_la_CCASFLAGS = ${AM_CFLAGS}
+libica_la_CCASFLAGS = ${AM_CFLAGS} ${ICA_ASFLAGS}
libica_la_LIBADD = ${LIBS_common}
libica_la_LDFLAGS = ${LDFLAGS_common}
libica_la_SOURCES = ${SOURCES_common}
libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DLIBNAME=\"libica-cex\"
-libica_cex_la_CCASFLAGS = ${AM_CFLAGS}
+libica_cex_la_CCASFLAGS = ${AM_CFLAGS} ${ICA_ASFLAGS}
libica_cex_la_LIBADD = ${LIBS_common}
libica_cex_la_LDFLAGS = ${LDFLAGS_common}
libica_cex_la_SOURCES = ${SOURCES_common}
--
2.31.1

646
SOURCES/libica-4.0.0-fixes.patch Normal file
View File

@ -0,0 +1,646 @@
From 977fe8ac713f9ff3101ce9882e23d0183fb46ec8 Mon Sep 17 00:00:00 2001
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
Date: Wed, 15 Dec 2021 16:29:57 +0100
Subject: [libica PATCH 01/10] RSA: limit RSA key length to 4096
CEX adapters support RSA up to 4096 bits. Although RSA key generation
in libica is done via openssl, and therefore even greater key lengths
would be supported, such keys could not be processed on CEX adapters
afterwards. With the removal of sw fallbacks this is now a hard
restriction.
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
---
include/ica_api.h | 4 ++++
src/ica_api.c | 13 ++++++++++++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/include/ica_api.h b/include/ica_api.h
index ce27261..6137c4a 100644
--- a/include/ica_api.h
+++ b/include/ica_api.h
@@ -1291,6 +1291,7 @@ int ica_ed448_ctx_del(ICA_ED448_CTX **ctx);
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction).
* EFAULT if OpenSSL key generation should fail.
*/
ICA_EXPORT
@@ -1319,6 +1320,7 @@ unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction).
* EFAULT if OpenSSL key generation should fail.
*/
ICA_EXPORT
@@ -1346,6 +1348,7 @@ unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if key bit length is greater than 4096 (CEX adapter restriction).
* ENOMEM if memory allocation fails.
* EIO if the operation fails. This should never happen.
*/
@@ -1375,6 +1378,7 @@ unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if key bit length is greater than 4096 (CEX adapter restriction).
* ENOMEM if memory allocation fails.
* EIO if the operation fails. This should never happen.
*/
diff --git a/src/ica_api.c b/src/ica_api.c
index 445b0ab..a412052 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -52,6 +52,8 @@
#define MAX_VERSION_LENGTH 16
+#define MAX_RSA_KEY_BITS 4096
+
#ifndef NO_SW_FALLBACKS
int ica_fallbacks_enabled = 1;
#else
@@ -1071,9 +1073,12 @@ unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle,
/* Keys should comply with modulus_bit_length */
if ((modulus_bit_length + 7) / 8 != public_key->key_length)
return EINVAL;
- /* Minimum length for public exponent is sizeof(unsigned long) */
+ /* Minimum key length is sizeof(unsigned long) */
if (public_key->key_length < sizeof(unsigned long))
return EINVAL;
+ /* Max key bit length is 4096 because of CEX adapter restriction */
+ if (modulus_bit_length > MAX_RSA_KEY_BITS)
+ return EPERM;
/* OpenSSL takes only exponents of type unsigned long, so we have to
* be sure that we give a value of the right size to OpenSSL.
@@ -1111,6 +1116,8 @@ unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle,
return EINVAL;
if (public_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (modulus_bit_length > MAX_RSA_KEY_BITS)
+ return EPERM;
num_ignored_bytes = public_key->key_length - sizeof(unsigned long);
public_exponent = public_key->exponent;
@@ -1145,6 +1152,8 @@ unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle,
if (rsa_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS)
+ return EPERM;
/* fill driver structure */
rb.inputdata = (unsigned char *)input_data;
@@ -1264,6 +1273,8 @@ unsigned int ica_rsa_crt(ica_adapter_handle_t adapter_handle,
if (rsa_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS)
+ return EPERM;
/* fill driver structure */
rb.inputdata = (unsigned char *)input_data;
--
2.34.1
From 553977ef505b43c7d17056369ed518a971d43d68 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:07:51 +0100
Subject: [libica PATCH 02/10] ECC: fix memory leaks in make_eckey()
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_ecc.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index bb13944..af121b0 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -146,12 +146,12 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
EC_GROUP *group = NULL;
EC_POINT *point = NULL;
BIGNUM *bn_priv = NULL;
- unsigned char *pub_key = NULL;
- unsigned int pub_key_len;
- point_conversion_form_t form;
#if !OPENSSL_VERSION_PREREQ(3, 0)
EC_KEY *ec_key;
#else
+ unsigned char *pub_key = NULL;
+ unsigned int pub_key_len;
+ point_conversion_form_t form;
OSSL_PARAM_BLD *tmpl = NULL;
int rc;
#endif
@@ -175,18 +175,13 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
goto err;
}
- form = EC_GROUP_get_point_conversion_form(group);
- pub_key_len = EC_POINT_point2buf(group, point, form, &pub_key, NULL);
- if (pub_key_len == 0) {
- goto err;
- }
-
#if !OPENSSL_VERSION_PREREQ(3, 0)
ec_key = EC_KEY_new_by_curve_name(nid);
if (ec_key == NULL) {
goto err;
}
+ EC_POINT_free(point);
point = EC_POINT_new(EC_KEY_get0_group(ec_key));
if (point == NULL) {
goto err;
@@ -209,6 +204,11 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
}
#else
+ form = EC_GROUP_get_point_conversion_form(group);
+ pub_key_len = EC_POINT_point2buf(group, point, form, &pub_key, NULL);
+ if (pub_key_len == 0) {
+ goto err;
+ }
tmpl = OSSL_PARAM_BLD_new();
if (tmpl == NULL) {
@@ -243,6 +243,8 @@ err:
#else
if (tmpl)
OSSL_PARAM_BLD_free(tmpl);
+ if (pub_key)
+ OPENSSL_free(pub_key);
#endif
if (ok)
--
2.34.1
From b41addd200c0938c6c10202da08ad5f7df940e18 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:15:58 +0100
Subject: [libica PATCH 03/10] ECC: Avoid recursive loop in ec_key_check() with
OpenSSL 3.0
Use libica's OpenSSL library context in ec_key_check(), otherwise
calling EVP_PKEY_fromdata() in build_pkey_from_params() may cause
a recursive loop, when a provider is used that calls ica_ec_key_init()
(and thus ec_key_check()) within its key import function.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_ecc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index af121b0..c0c1549 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -2458,6 +2458,8 @@ int ec_key_check(ICA_EC_KEY *ica_key)
BIGNUM *d = NULL, *x = NULL, *y = NULL;
int privlen, rc = EINVAL;
+ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc);
+
if (!ica_key)
goto done;
@@ -2489,6 +2491,7 @@ done:
if (privkey)
EVP_PKEY_free(privkey);
+ END_OPENSSL_LIBCTX(rc);
return rc;
}
--
2.34.1
From 6031ec80a5ada52609822fed4a6bd2cccafe5563 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:26:26 +0100
Subject: [libica PATCH 04/10] RSA: Fix memory leaks in
rsa_key_generate_mod_expo()/crt()
Also fix a compiler warning in rsa_key_generate().
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_rsa.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/s390_rsa.c b/src/s390_rsa.c
index 360c374..cea2ba2 100644
--- a/src/s390_rsa.c
+++ b/src/s390_rsa.c
@@ -128,7 +128,8 @@ EVP_PKEY* rsa_key_generate(unsigned int modulus_bit_length,
} while (*public_exponent <= 2 || !(*public_exponent % 2));
}
- e = BN_bin2bn(public_exponent, sizeof(unsigned long), NULL);
+ e = BN_bin2bn((const unsigned char *)public_exponent,
+ sizeof(unsigned long), NULL);
if (e == NULL) {
goto done;
}
@@ -259,6 +260,8 @@ err:
#if !OPENSSL_VERSION_PREREQ(3, 0)
RSA_free(rsa);
#else
+ BN_free(n);
+ BN_free(d);
EVP_PKEY_free(pkey);
#endif
@@ -410,6 +413,12 @@ err:
#if !OPENSSL_VERSION_PREREQ(3, 0)
RSA_free(rsa);
#else
+ BN_free(n);
+ BN_free(p);
+ BN_free(q);
+ BN_free(dmp1);
+ BN_free(dmq1);
+ BN_free(iqmp);
EVP_PKEY_free(pkey);
#endif
--
2.34.1
From b49cf457659a4baf382b3828d89823497bb00f6e Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Thu, 13 Jan 2022 10:42:02 +0100
Subject: [libica PATCH 05/10] EC: Handle unsupported EC curve in
ica_ec_key_new()
In case of an unsupported curve nid, privlen_from_nid() returns -1.
The subsequent calloc() will fail with a size of -3 (0xfffffffffffffffd).
Also free the already allocated key in case of an error to avoid a
memory leak.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/ica_api.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/ica_api.c b/src/ica_api.c
index a412052..0a885e2 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -1336,9 +1336,15 @@ ICA_EC_KEY* ica_ec_key_new(unsigned int nid, unsigned int *privlen)
/* allocate clear memory for the 3 key parts */
len = privlen_from_nid(nid);
+ if (len <= 0) {
+ free(key);
+ return NULL;
+ }
key->X = calloc(1, 3*len);
- if (!key->X)
+ if (!key->X) {
+ free(key);
return NULL;
+ }
key->nid = nid;
key->Y = key->X + len;
--
2.34.1
From 7e6e303e6aef019047eb6dfcdedbfe7da2a88526 Mon Sep 17 00:00:00 2001
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
Date: Tue, 11 Jan 2022 16:04:15 +0100
Subject: [libica PATCH 06/10] Compute HMAC from installed library
The HMAC hash was computed from the libica in the build tree, but
the runtime check is run against the installed libica and those 2
files may be different. E.g. if the runtime one has debuginfo stripped
(and placed into a separate file), the hashes are different.
This commit introduces a new make target: fipsinstall, which creates
the HMAC files in the install directory.
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
---
Makefile.am | 9 ++++-----
src/Makefile.am | 8 +++++++-
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 2d8ab9e..e14abb5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,11 +17,8 @@ coverage: check
cd ${top_builddir}/src && gcov .libs/*.gcda
if ICA_FIPS
-install-data-hook:
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica.so.$(VERSION).hmac $(DESTDIR)$(libdir)
- cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION).hmac .libica.so.$(MAJOR).hmac
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION).hmac $(DESTDIR)$(libdir)
- cd $(DESTDIR)$(libdir) && ln -sf .libica-cex.so.$(VERSION).hmac .libica-cex.so.$(MAJOR).hmac
+fipsinstall:
+ $(AM_V_GEN)$(MAKE) -C src fipsinstall
if ICA_OPENSSL3
test -f $(DESTDIR)$(sysconfdir)/libica || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/libica
test -f $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || $(INSTALL) -m 644 ${top_builddir}/src/openssl3-fips.cnf $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || true
@@ -38,3 +35,5 @@ if ICA_OPENSSL3
endif
endif
+.PHONY: fipsinstall
+
diff --git a/src/Makefile.am b/src/Makefile.am
index c630048..4c92c96 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -47,6 +47,12 @@ mp.S : mp.pl
./mp.pl mp.S
if ICA_FIPS
+fipsinstall:
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
+
hmac-file-lnk: hmac-file
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
@@ -110,4 +116,4 @@ internal_tests_ec_internal_test_SOURCES = \
include/rng.h ../test/testcase.h
endif
-.PHONY: hmac-file hmac-file-lnk
+.PHONY: hmac-file hmac-file-lnk fipsinstall
--
2.34.1
From 28fa931bed9e6847137829952a3e7cc6091bd071 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 10:24:44 +0100
Subject: [libica PATCH 07/10] Fix compile warnings
... like potentially uninitialized variables or unused functions.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/fips.c | 4 ++--
src/ica_api.c | 2 +-
src/s390_ecc.c | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/fips.c b/src/fips.c
index 934f6f7..505dd0b 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -1304,8 +1304,8 @@ rsa_kat(void)
ica_adapter_handle_t ah;
const struct rsa_tv *tv;
size_t i, keylen, crtparamlen;
- unsigned char *out;
- libica_func_list_element* libica_func_list;
+ unsigned char *out = NULL;
+ libica_func_list_element* libica_func_list = NULL;
unsigned int count;
if (ica_open_adapter(&ah))
diff --git a/src/ica_api.c b/src/ica_api.c
index 0a885e2..a10e139 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -90,6 +90,7 @@ void ica_set_stats_mode(int stats_mode)
ica_stats_enabled = stats_mode ? 1 : 0;
}
+#ifndef NO_CPACF
#ifdef ICA_FIPS
static unsigned int fips_check_3des_key(const ica_des_key_triple_t *key) {
if (!CRYPTO_memcmp(key->key1, key->key2, DES_KEY_LEN64)
@@ -101,7 +102,6 @@ static unsigned int fips_check_3des_key(const ica_des_key_triple_t *key) {
}
#endif
-#ifndef NO_CPACF
static unsigned int check_des_parms(unsigned int mode,
unsigned long data_length,
const unsigned char *in_data,
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index c0c1549..211db01 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -147,7 +147,7 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
EC_POINT *point = NULL;
BIGNUM *bn_priv = NULL;
#if !OPENSSL_VERSION_PREREQ(3, 0)
- EC_KEY *ec_key;
+ EC_KEY *ec_key = NULL;
#else
unsigned char *pub_key = NULL;
unsigned int pub_key_len;
@@ -262,7 +262,7 @@ static EVP_PKEY *make_public_eckey(int nid, unsigned char *pubkey, size_t publen
{
int ok = 0;
#if !OPENSSL_VERSION_PREREQ(3, 0)
- EC_KEY *ec_key;
+ EC_KEY *ec_key = NULL;
#else
OSSL_PARAM_BLD *tmpl = NULL;
int rc;
--
2.34.1
From cc44f18383ec6dc01a05abd6c25a1dec8efe84cb Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 10:32:47 +0100
Subject: [libica PATCH 08/10] Fix memory leaks in test programs
When configured with --enable-sanitizer some tests fail because
the address sanitizer reports memory leaks.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
test/ec_keygen_test.c | 6 +++++-
test/ecdh_test.c | 13 ++++++++++++-
test/ecdsa_test.c | 3 +++
test/icastats_test.c.in | 1 +
4 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/test/ec_keygen_test.c b/test/ec_keygen_test.c
index 43c6092..0445c41 100644
--- a/test/ec_keygen_test.c
+++ b/test/ec_keygen_test.c
@@ -115,6 +115,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_generate(adapter_handle, eckey);
if (rc) {
+ ica_ec_key_free(eckey);
+ eckey = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", eckeygen_tests[i].nid));
continue;
@@ -156,12 +158,14 @@ int main(int argc, char **argv)
}
}
}
+
+ ica_ec_key_free(eckey);
+ eckey = NULL;
}
if (test_failed)
errors++;
- ica_ec_key_free(eckey);
unset_env_icapath();
}
diff --git a/test/ecdh_test.c b/test/ecdh_test.c
index 9a81036..e1191d0 100644
--- a/test/ecdh_test.c
+++ b/test/ecdh_test.c
@@ -339,6 +339,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_init(ecdh_kats[i].xa, ecdh_kats[i].ya, ecdh_kats[i].da, eckey_A);
if (rc != 0) {
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid));
continue;
@@ -350,11 +352,18 @@ int main(int argc, char **argv)
}
eckey_B = ica_ec_key_new(ecdh_kats[i].nid, &privlen);
- if (!eckey_B)
+ if (!eckey_B) {
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
continue;
+ }
rc = ica_ec_key_init(ecdh_kats[i].xb, ecdh_kats[i].yb, ecdh_kats[i].db, eckey_B);
if (rc != 0) {
+ ica_ec_key_free(eckey_B);
+ eckey_B = NULL;
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid));
continue;
@@ -415,7 +424,9 @@ int main(int argc, char **argv)
errors++;
ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
ica_ec_key_free(eckey_B);
+ eckey_B = NULL;
unset_env_icapath();
}
diff --git a/test/ecdsa_test.c b/test/ecdsa_test.c
index 3b6bda3..2393882 100644
--- a/test/ecdsa_test.c
+++ b/test/ecdsa_test.c
@@ -225,6 +225,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_init(ecdsa_kats[i].x, ecdsa_kats[i].y, ecdsa_kats[i].d, eckey);
if (rc != 0) {
+ ica_ec_key_free(eckey);
+ eckey = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdsa_kats[i].nid));
continue;
@@ -274,6 +276,7 @@ int main(int argc, char **argv)
errors++;
ica_ec_key_free(eckey);
+ eckey = NULL;
unset_env_icapath();
}
diff --git a/test/icastats_test.c.in b/test/icastats_test.c.in
index 98905a9..f0d1212 100644
--- a/test/icastats_test.c.in
+++ b/test/icastats_test.c.in
@@ -186,6 +186,7 @@ int is_crypto_card_loaded()
}
if((c = fgetc(file)) == '1'){
fclose(file);
+ closedir(sysDir);
return 1;
}
fclose(file);
--
2.34.1
From 9c6431f49a9fe0d574722954e018b4cba6ab085b Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 14:33:57 +0100
Subject: [libica PATCH 09/10] FIPS: Calculation of library HMAC may fail
Initialize length variable before calling EVP_DigestSignFinal().
If hlen is uninitialized it may cause EVP_DigestSignFinal() to fail.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/fips.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/fips.c b/src/fips.c
index 505dd0b..129a1a7 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -333,6 +333,7 @@ static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
}
}
+ hlen = sizeof(rbuf);
if (EVP_DigestSignFinal(mdctx, rbuf, &hlen) <= 0)
goto end;
--
2.34.1
From 5aa9366c236a6d17570403ef81c65e4f5f91a8af Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 26 Jan 2022 09:29:27 +0100
Subject: [libica PATCH 10/10] MAKEFILE: Do not install ec_internal_test
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 4c92c96..d6f5c52 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -90,7 +90,7 @@ icastats_SOURCES = icastats.c icastats_shared.c include/icastats.h
# internal tests
if ICA_INTERNAL_TESTS
-bin_PROGRAMS += internal_tests/ec_internal_test
+noinst_PROGRAMS = internal_tests/ec_internal_test
internal_tests_ec_internal_test_CFLAGS = ${AM_CFLAGS} -I${srcdir}/include \
-I${srcdir}/../include \
--
2.34.1

336
SPECS/libica.spec Normal file
View File

@ -0,0 +1,336 @@
%global with_fips 1
Summary: Library for accessing ICA hardware crypto on IBM z Systems
Name: libica
Version: 4.0.0
Release: 1%{?dist}
License: CPL
URL: https://github.com/opencryptoki/
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
# annotate assembler source
# https://bugzilla.redhat.com/show_bug.cgi?id=1630582
# https://github.com/opencryptoki/libica/pull/24
Patch0: %{name}-4.0.0-annotate.patch
# post GA fixes, includes HMAC calculation
Patch1: %{name}-4.0.0-fixes.patch
BuildRequires: gcc
BuildRequires: openssl-devel
BuildRequires: openssl
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: autoconf-archive
BuildRequires: perl(FindBin)
BuildRequires: perl(lib)
BuildRequires: make
ExclusiveArch: s390 s390x
%description
A library of functions and utilities for accessing ICA hardware crypto on
IBM z Systems.
%package devel
Summary: Development tools for programs to access ICA hardware crypto on IBM z Systems
Requires: %{name} = %{version}-%{release}
Requires: openssl-devel
%description devel
The libica-devel package contains the header files and static
libraries necessary for developing programs accessing ICA hardware crypto on
IBM z Systems.
%prep
%autosetup -p1
sh ./bootstrap.sh
%build
%configure --disable-static \
%if %{with_fips}
--enable-fips
%else
--disable-fips
%endif
%make_build
%install
%make_install
rm %{buildroot}%{_libdir}/libica*.la
rm %{buildroot}%{_pkgdocdir}/{INSTALL,README.md}
%check
# mock doesn't provide the device, so check here
# https://github.com/rpm-software-management/mock/issues/33
if [ -c /dev/hwrng -o -c /dev/prandom ]; then
make check
fi
%if %{with_fips}
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
make fipsinstall DESTDIR=%{buildroot}
%{nil}
%endif
%files
%doc AUTHORS LICENSE ChangeLog
%{_bindir}/icainfo
%{_bindir}/icainfo-cex
%{_bindir}/icastats
%if %{with_fips}
%if 0%{?fedora} >= 36 || 0%{?rhel} >= 9
# openssl 3.0 is available since Fedora 36 and RHEL 9
%dir %{_sysconfdir}/libica
%{_sysconfdir}/libica/openssl3-fips.cnf
%endif
%{_libdir}/.libica.*.hmac
%{_libdir}/.libica-cex.*.hmac
%endif
%{_libdir}/libica.so.*
%{_libdir}/libica-cex.so.*
%{_mandir}/man1/icainfo.1*
%{_mandir}/man1/icainfo-cex.1*
%{_mandir}/man1/icastats.1*
%files devel
%{_includedir}/*
%{_libdir}/libica.so
%{_libdir}/libica-cex.so
%changelog
* Tue Feb 01 2022 Dan Horák <dan[at]danny.cz> - 4.0.0-1
- updated to 4.0.0 (#2040237)
- Resolves: #2040237
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.8.0-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jun 16 2021 Florian Weimer <fweimer@redhat.com> - 3.8.0-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Fri May 21 2021 Dan Horák <dan[at]danny.cz> - 3.8.0-1
- updated to 3.8.0 (#1869532)
- eliminate SW fallback functions (#1924119)
- updated for OpenSSL 3.0 (#1952946)
- disable FIPS support (broken)
- Resolves: #1869532 #1924119 #1952946
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.0-6
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 22 2020 Dan Horák <dan[at]danny.cz> - 3.7.0-3
- Use make macros (taken from PR#1 by <tstellar at redhat.com>)
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Wed Jul 15 2020 Dan Horák <dan[at]danny.cz> - 3.7.0-2
- fix FIPS integrity validation (#1857130)
* Fri May 15 2020 Dan Horák <dan[at]danny.cz> - 3.7.0-1
- updated to 3.7.0
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Nov 26 2019 Dan Horák <dan[at]danny.cz> - 3.6.1-1
- updated to 3.6.1
* Mon Sep 02 2019 Dan Horák <dan[at]danny.cz> - 3.6.0-1
- updated to 3.6.0
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Apr 24 2019 Dan Horák <dan[at]danny.cz> - 3.5.0-1
- updated to 3.5.0
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Nov 16 2018 Dan Horák <dan[at]danny.cz> - 3.4.0-1
- updated to 3.4.0
* Fri Sep 21 2018 Dan Horák <dan[at]danny.cz> - 3.3.3-4
- annotate assembler file (#1630582)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jun 13 2018 Dan Horák <dan[at]danny.cz> - 3.3.3-2
- fix executable stack in assembler code
* Tue Jun 12 2018 Dan Horák <dan[at]danny.cz> - 3.3.3-1
- updated to 3.3.3
* Tue Apr 17 2018 Dan Horák <dan[at]danny.cz> - 3.3.2-1
- updated to 3.3.2
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Sep 25 2017 Dan Horák <dan[at]danny.cz> - 3.2.0-1
- updated to 3.2.0
* Mon Sep 11 2017 Dan Horák <dan[at]danny.cz> - 3.1.1-1
- updated to 3.1.1
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Apr 18 2017 Dan Horák <dan[at]danny.cz> - 3.0.2-3
- update BR
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Jan 18 2017 Dan Horák <dan[at]danny.cz> - 3.0.2-1
- updated to 3.0.2
* Fri Jan 13 2017 Dan Horák <dan[at]danny.cz> - 3.0.1-2
- check for /dev/prandom before running the test-suite
* Fri Jan 13 2017 Dan Horák <dan[at]danny.cz> - 3.0.1-1
- updated to 3.0.1
* Tue Apr 12 2016 Dan Horák <dan[at]danny.cz> - 2.6.2-1
- updated to 2.6.2
* Thu Mar 17 2016 Dan Horák <dan[at]danny.cz> - 2.6.1-1
- updated to 2.6.1
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Sep 01 2014 Dan Horák <dan[at]danny.cz> - 2.4.2-1
- updated to 2.4.2
* Wed Jun 11 2014 Dan Horák <dan[at]danny.cz> - 2.3.0-5
- fix build with recent kernels
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Mar 14 2014 Dan Horák <dan[at]danny.cz> - 2.3.0-3
- add post release fix (#1066014)
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri May 03 2013 Dan Horák <dan[at]danny.cz> - 2.3.0-1
- updated to 2.3.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Aug 17 2012 Dan Horák <dan[at]danny.cz> - 2.2.0-1
- updated to 2.2.0
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jan 16 2012 Dan Horák <dan[at]danny.cz> - 2.1.1-1
- updated to 2.1.1
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Jul 07 2011 Dan Horák <dan[at]danny.cz> - 2.1.0-1
- updated to 2.1.0 with soname set back to 2.0
* Mon Apr 11 2011 Dan Horák <dan[at]danny.cz> - 2.0.6-1
- updated to 2.0.6
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 12 2011 Dan Horák <dan[at]danny.cz> - 2.0.4-1
- Do not use sigill to wrap all HW instructions (#665401)
- updated to 2.0.4
* Tue Nov 9 2010 Dan Horák <dhorak@redhat.com> - 2.0.3-3
- Fix the return value of old_api_sha_test() in libica_sha1_test (#624005)
- Use the right buffer length when operating in 32-bit mode (#640035)
- Resolves: #624005, #640035
* Fri May 21 2010 Dan Horák <dan[at]danny.cz> - 2.0.3-2
- rebuilt with -fno-strict-aliasing (#593779)
- Resolves: #593779
* Thu Apr 22 2010 Dan Horák <dan[at]danny.cz> - 2.0.3-1
- updated to 2.0.3 (#582607)
- Resolves: #582607
* Mon Apr 12 2010 Dan Horák <dan[at]danny.cz> - 2.0.2-3
- add SIGILL handler for add_entropy (#581520)
- Resolves: #581520
* Tue Feb 16 2010 Dan Horák <dan[at]danny.cz> - 2.0.2-2
- dropped the utils sub-package
- Related: #543948
* Tue Dec 08 2009 Dennis Gregorovic <dgregor@redhat.com> - 2.0.2-1.1
- Rebuilt for RHEL 6
* Mon Aug 17 2009 Dan Horák <dan[at]danny.cz> - 2.0.2-1
- update to 2.0.2
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Apr 1 2009 Dan Horák <dan[at]danny.cz> - 2.0.1-1
- update to 2.0.1
* Mon Mar 23 2009 Dan Horák <dan[at]danny.cz> - 2.0-1
- update to 2.0
- spec file cleanup before submitting to Fedora
* Sun Sep 14 2008 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-8.el5
- Added the icainfo tool to libica (#439484)
* Tue Apr 01 2008 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-7.el5
- Fixed build of libica with latest AES & SHA feature (#439390)
* Tue Jan 15 2008 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-6.el5
- Added Software Support for CP Assist Instructions AES & SHA (#318971)
* Thu Nov 23 2006 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-5.el5
- Fixed requires bug where devel packages would get wrong arch lib (#215908)
* Fri Oct 13 2006 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-4
- Fixed bug where libica fails to initialize when no crypto hardware is
available (#210504)
- Only build libica for s390(x), really only needed there.
* Fri Sep 08 2006 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-3
- Build for other archs as well due to openCryptoki requirement (#184631)
* Fri Jul 14 2006 Tim Powers <timp@redhat.com> - 1.3.7-2
- rebuild
* Tue Jun 13 2006 Phil Knirsch <pknirsch@redhat.com> - 1.3.7-1
- Update to libica-1.3.7 final
- Fixed build on latest devel tree
* Tue Apr 04 2006 Phil Knirsch <pknirsch@redhat.com> - 1.3.6-rc3-1
- Initial package.