- updated to 4.0.0 (#2040237)

- Resolves: #2040237
This commit is contained in:
Dan Horák 2022-02-01 20:40:26 +01:00
parent 9d5081a37b
commit 7aa958eb58
6 changed files with 678 additions and 112 deletions

View File

@ -1,67 +0,0 @@
From a70dfe13b7dd2914ad29175ae026284bd5461e0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Mon, 24 May 2021 12:21:55 +0000
Subject: [PATCH] fix handling of --disable-foo options
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Currently passing eg. --disable-debug actually enables the debug build
as one would expect from --enable-debug. The fix is to omit setting the
enable_foo variable as the "action-if-given" parameter of AC_ARG_ENABLE,
because it handles both the --enable and --disable forms.
Signed-off-by: Dan Horák <dan@danny.cz>
---
configure.ac | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/configure.ac b/configure.ac
index ae6370c..9dc4786 100644
--- a/configure.ac
+++ b/configure.ac
@@ -35,7 +35,7 @@ FLAGS="-Wall -Wextra -mzarch"
dnl --- enable_debug
AC_ARG_ENABLE(debug,
[ --enable-debug turn on debugging flags],
- [enable_debug="yes"],[enable_debug="no"])
+ [],[enable_debug="no"])
AM_CONDITIONAL(DEBUG, test x$enable_debug = xyes)
if test "x$enable_debug" = xyes; then
@@ -46,7 +46,7 @@ fi
dnl --- enable_coverage
AC_ARG_ENABLE(coverage,
[ --enable-coverage turn on coverage testing],
- [enable_coverage="yes"],[enable_coverage="no"])
+ [],[enable_coverage="no"])
AM_CONDITIONAL(COVERAGE, test x$enable_coverage = xyes)
if test "x$enable_coverage" = xyes; then
@@ -57,7 +57,7 @@ fi
dnl --- enable_fips
AC_ARG_ENABLE(fips,
[ --enable-fips built with FIPS mode support],
- [enable_fips="yes"],[enable_fips="no"])
+ [],[enable_fips="no"])
AM_CONDITIONAL(ICA_FIPS, test x$enable_fips = xyes)
if test "x$enable_fips" = xyes; then
@@ -74,7 +74,7 @@ fi
dnl --- enable_sanitizer
AC_ARG_ENABLE(sanitizer,
[ --enable-sanitizer turn on sanitizer (may not work on all systems)],
- [enable_sanitizer="yes"],[enable_sanitizer="no"])
+ [],[enable_sanitizer="no"])
AM_CONDITIONAL(SANITIZER, test x$enable_sanitizer = xyes)
if test "x$enable_sanitizer" = xyes; then
@@ -86,7 +86,7 @@ fi
dnl --- enable_internal tests
AC_ARG_ENABLE(internal_tests,
[ --enable-internal-tests built internal tests],
- [enable_internal_tests="yes"],[enable_internal_tests="no"])
+ [],[enable_internal_tests="no"])
AM_CONDITIONAL(ICA_INTERNAL_TESTS, test x$enable_internal_tests = xyes)
if test "x$enable_internal_tests" = xyes; then

View File

@ -1,24 +0,0 @@
From 83909cdc63550b3151e76d727fe161a9ef71ab6c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Mon, 31 May 2021 19:01:01 +0200
Subject: [libica PATCH] disable eddsa test - broken with OpenSSL 3.0
---
test/Makefile.am | 1 -
1 file changed, 1 deletion(-)
diff --git a/test/Makefile.am b/test/Makefile.am
index f889a97..428982d 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -54,7 +54,6 @@ ecdsa1_test.sh \
ec_keygen2_test.sh \
ecdh2_test.sh \
ecdsa2_test.sh \
-eddsa_test \
x_test \
mp_test
--
2.26.3

View File

@ -1,4 +1,4 @@
From 0e4592f46c6c4a94eef66257af423d57c73af134 Mon Sep 17 00:00:00 2001
From daad2a867cff48a7c4322716917d63538b083284 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Tue, 25 Sep 2018 13:44:32 +0200
Subject: [libica PATCH] add build note to assembler sources
@ -25,10 +25,10 @@ Signed-off-by: Dan Horák <dan@danny.cz>
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index ae6370c..bc2fff4 100644
index 958371c..b8d0e42 100644
--- a/configure.ac
+++ b/configure.ac
@@ -99,12 +99,16 @@ if test "x$enable_coverage" = xno && test "x$enable_debug" = xno && test "x$enab
@@ -113,12 +113,16 @@ if test "x$enable_coverage" = xno && test "x$enable_debug" = xno && test "x$enab
FLAGS="$FLAGS -O3 -D_FORTIFY_SOURCE=2"
fi
@ -46,7 +46,7 @@ index ae6370c..bc2fff4 100644
AC_OUTPUT
diff --git a/libica.spec b/libica.spec
index 812b73d..3461b65 100644
index d71890a..e51430e 100644
--- a/libica.spec
+++ b/libica.spec
@@ -9,7 +9,7 @@ URL: https://github.com/opencryptoki/libica
@ -59,10 +59,10 @@ index 812b73d..3461b65 100644
%description
Interface library on Linux for IBM System z to utilize CPACF
diff --git a/src/Makefile.am b/src/Makefile.am
index 4a1ef14..d6f7f7f 100644
index c630048..1b5ec71 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -30,13 +30,13 @@ SOURCES_common = ica_api.c init.c icastats_shared.c s390_rsa.c \
@@ -31,13 +31,13 @@ SOURCES_common = ica_api.c init.c icastats_shared.c s390_rsa.c \
include/rng.h
libica_la_CFLAGS = ${CFLAGS_common} -DLIBNAME=\"libica\"
@ -72,12 +72,12 @@ index 4a1ef14..d6f7f7f 100644
libica_la_LDFLAGS = ${LDFLAGS_common}
libica_la_SOURCES = ${SOURCES_common}
libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DNO_SW_FALLBACKS -DLIBNAME=\"libica-cex\"
libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DLIBNAME=\"libica-cex\"
-libica_cex_la_CCASFLAGS = ${AM_CFLAGS}
+libica_cex_la_CCASFLAGS = ${AM_CFLAGS} ${ICA_ASFLAGS}
libica_cex_la_LIBADD = ${LIBS_common}
libica_cex_la_LDFLAGS = ${LDFLAGS_common}
libica_cex_la_SOURCES = ${SOURCES_common}
--
2.26.3
2.31.1

646
libica-4.0.0-fixes.patch Normal file
View File

@ -0,0 +1,646 @@
From 977fe8ac713f9ff3101ce9882e23d0183fb46ec8 Mon Sep 17 00:00:00 2001
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
Date: Wed, 15 Dec 2021 16:29:57 +0100
Subject: [libica PATCH 01/10] RSA: limit RSA key length to 4096
CEX adapters support RSA up to 4096 bits. Although RSA key generation
in libica is done via openssl, and therefore even greater key lengths
would be supported, such keys could not be processed on CEX adapters
afterwards. With the removal of sw fallbacks this is now a hard
restriction.
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
---
include/ica_api.h | 4 ++++
src/ica_api.c | 13 ++++++++++++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/include/ica_api.h b/include/ica_api.h
index ce27261..6137c4a 100644
--- a/include/ica_api.h
+++ b/include/ica_api.h
@@ -1291,6 +1291,7 @@ int ica_ed448_ctx_del(ICA_ED448_CTX **ctx);
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction).
* EFAULT if OpenSSL key generation should fail.
*/
ICA_EXPORT
@@ -1319,6 +1320,7 @@ unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if modulus bit length is greater than 4096 (CEX adapter restriction).
* EFAULT if OpenSSL key generation should fail.
*/
ICA_EXPORT
@@ -1346,6 +1348,7 @@ unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if key bit length is greater than 4096 (CEX adapter restriction).
* ENOMEM if memory allocation fails.
* EIO if the operation fails. This should never happen.
*/
@@ -1375,6 +1378,7 @@ unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle,
*
* @return 0 if successful.
* EINVAL if at least one invalid parameter is given.
+ * EPERM if key bit length is greater than 4096 (CEX adapter restriction).
* ENOMEM if memory allocation fails.
* EIO if the operation fails. This should never happen.
*/
diff --git a/src/ica_api.c b/src/ica_api.c
index 445b0ab..a412052 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -52,6 +52,8 @@
#define MAX_VERSION_LENGTH 16
+#define MAX_RSA_KEY_BITS 4096
+
#ifndef NO_SW_FALLBACKS
int ica_fallbacks_enabled = 1;
#else
@@ -1071,9 +1073,12 @@ unsigned int ica_rsa_key_generate_mod_expo(ica_adapter_handle_t adapter_handle,
/* Keys should comply with modulus_bit_length */
if ((modulus_bit_length + 7) / 8 != public_key->key_length)
return EINVAL;
- /* Minimum length for public exponent is sizeof(unsigned long) */
+ /* Minimum key length is sizeof(unsigned long) */
if (public_key->key_length < sizeof(unsigned long))
return EINVAL;
+ /* Max key bit length is 4096 because of CEX adapter restriction */
+ if (modulus_bit_length > MAX_RSA_KEY_BITS)
+ return EPERM;
/* OpenSSL takes only exponents of type unsigned long, so we have to
* be sure that we give a value of the right size to OpenSSL.
@@ -1111,6 +1116,8 @@ unsigned int ica_rsa_key_generate_crt(ica_adapter_handle_t adapter_handle,
return EINVAL;
if (public_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (modulus_bit_length > MAX_RSA_KEY_BITS)
+ return EPERM;
num_ignored_bytes = public_key->key_length - sizeof(unsigned long);
public_exponent = public_key->exponent;
@@ -1145,6 +1152,8 @@ unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle,
if (rsa_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS)
+ return EPERM;
/* fill driver structure */
rb.inputdata = (unsigned char *)input_data;
@@ -1264,6 +1273,8 @@ unsigned int ica_rsa_crt(ica_adapter_handle_t adapter_handle,
if (rsa_key->key_length < sizeof(unsigned long))
return EINVAL;
+ if (rsa_key->key_length * 8 > MAX_RSA_KEY_BITS)
+ return EPERM;
/* fill driver structure */
rb.inputdata = (unsigned char *)input_data;
--
2.34.1
From 553977ef505b43c7d17056369ed518a971d43d68 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:07:51 +0100
Subject: [libica PATCH 02/10] ECC: fix memory leaks in make_eckey()
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_ecc.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index bb13944..af121b0 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -146,12 +146,12 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
EC_GROUP *group = NULL;
EC_POINT *point = NULL;
BIGNUM *bn_priv = NULL;
- unsigned char *pub_key = NULL;
- unsigned int pub_key_len;
- point_conversion_form_t form;
#if !OPENSSL_VERSION_PREREQ(3, 0)
EC_KEY *ec_key;
#else
+ unsigned char *pub_key = NULL;
+ unsigned int pub_key_len;
+ point_conversion_form_t form;
OSSL_PARAM_BLD *tmpl = NULL;
int rc;
#endif
@@ -175,18 +175,13 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
goto err;
}
- form = EC_GROUP_get_point_conversion_form(group);
- pub_key_len = EC_POINT_point2buf(group, point, form, &pub_key, NULL);
- if (pub_key_len == 0) {
- goto err;
- }
-
#if !OPENSSL_VERSION_PREREQ(3, 0)
ec_key = EC_KEY_new_by_curve_name(nid);
if (ec_key == NULL) {
goto err;
}
+ EC_POINT_free(point);
point = EC_POINT_new(EC_KEY_get0_group(ec_key));
if (point == NULL) {
goto err;
@@ -209,6 +204,11 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
}
#else
+ form = EC_GROUP_get_point_conversion_form(group);
+ pub_key_len = EC_POINT_point2buf(group, point, form, &pub_key, NULL);
+ if (pub_key_len == 0) {
+ goto err;
+ }
tmpl = OSSL_PARAM_BLD_new();
if (tmpl == NULL) {
@@ -243,6 +243,8 @@ err:
#else
if (tmpl)
OSSL_PARAM_BLD_free(tmpl);
+ if (pub_key)
+ OPENSSL_free(pub_key);
#endif
if (ok)
--
2.34.1
From b41addd200c0938c6c10202da08ad5f7df940e18 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:15:58 +0100
Subject: [libica PATCH 03/10] ECC: Avoid recursive loop in ec_key_check() with
OpenSSL 3.0
Use libica's OpenSSL library context in ec_key_check(), otherwise
calling EVP_PKEY_fromdata() in build_pkey_from_params() may cause
a recursive loop, when a provider is used that calls ica_ec_key_init()
(and thus ec_key_check()) within its key import function.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_ecc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index af121b0..c0c1549 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -2458,6 +2458,8 @@ int ec_key_check(ICA_EC_KEY *ica_key)
BIGNUM *d = NULL, *x = NULL, *y = NULL;
int privlen, rc = EINVAL;
+ BEGIN_OPENSSL_LIBCTX(openssl_libctx, rc);
+
if (!ica_key)
goto done;
@@ -2489,6 +2491,7 @@ done:
if (privkey)
EVP_PKEY_free(privkey);
+ END_OPENSSL_LIBCTX(rc);
return rc;
}
--
2.34.1
From 6031ec80a5ada52609822fed4a6bd2cccafe5563 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 5 Jan 2022 09:26:26 +0100
Subject: [libica PATCH 04/10] RSA: Fix memory leaks in
rsa_key_generate_mod_expo()/crt()
Also fix a compiler warning in rsa_key_generate().
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/s390_rsa.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/s390_rsa.c b/src/s390_rsa.c
index 360c374..cea2ba2 100644
--- a/src/s390_rsa.c
+++ b/src/s390_rsa.c
@@ -128,7 +128,8 @@ EVP_PKEY* rsa_key_generate(unsigned int modulus_bit_length,
} while (*public_exponent <= 2 || !(*public_exponent % 2));
}
- e = BN_bin2bn(public_exponent, sizeof(unsigned long), NULL);
+ e = BN_bin2bn((const unsigned char *)public_exponent,
+ sizeof(unsigned long), NULL);
if (e == NULL) {
goto done;
}
@@ -259,6 +260,8 @@ err:
#if !OPENSSL_VERSION_PREREQ(3, 0)
RSA_free(rsa);
#else
+ BN_free(n);
+ BN_free(d);
EVP_PKEY_free(pkey);
#endif
@@ -410,6 +413,12 @@ err:
#if !OPENSSL_VERSION_PREREQ(3, 0)
RSA_free(rsa);
#else
+ BN_free(n);
+ BN_free(p);
+ BN_free(q);
+ BN_free(dmp1);
+ BN_free(dmq1);
+ BN_free(iqmp);
EVP_PKEY_free(pkey);
#endif
--
2.34.1
From b49cf457659a4baf382b3828d89823497bb00f6e Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Thu, 13 Jan 2022 10:42:02 +0100
Subject: [libica PATCH 05/10] EC: Handle unsupported EC curve in
ica_ec_key_new()
In case of an unsupported curve nid, privlen_from_nid() returns -1.
The subsequent calloc() will fail with a size of -3 (0xfffffffffffffffd).
Also free the already allocated key in case of an error to avoid a
memory leak.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/ica_api.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/ica_api.c b/src/ica_api.c
index a412052..0a885e2 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -1336,9 +1336,15 @@ ICA_EC_KEY* ica_ec_key_new(unsigned int nid, unsigned int *privlen)
/* allocate clear memory for the 3 key parts */
len = privlen_from_nid(nid);
+ if (len <= 0) {
+ free(key);
+ return NULL;
+ }
key->X = calloc(1, 3*len);
- if (!key->X)
+ if (!key->X) {
+ free(key);
return NULL;
+ }
key->nid = nid;
key->Y = key->X + len;
--
2.34.1
From 7e6e303e6aef019047eb6dfcdedbfe7da2a88526 Mon Sep 17 00:00:00 2001
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
Date: Tue, 11 Jan 2022 16:04:15 +0100
Subject: [libica PATCH 06/10] Compute HMAC from installed library
The HMAC hash was computed from the libica in the build tree, but
the runtime check is run against the installed libica and those 2
files may be different. E.g. if the runtime one has debuginfo stripped
(and placed into a separate file), the hashes are different.
This commit introduces a new make target: fipsinstall, which creates
the HMAC files in the install directory.
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
---
Makefile.am | 9 ++++-----
src/Makefile.am | 8 +++++++-
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 2d8ab9e..e14abb5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,11 +17,8 @@ coverage: check
cd ${top_builddir}/src && gcov .libs/*.gcda
if ICA_FIPS
-install-data-hook:
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica.so.$(VERSION).hmac $(DESTDIR)$(libdir)
- cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION).hmac .libica.so.$(MAJOR).hmac
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION).hmac $(DESTDIR)$(libdir)
- cd $(DESTDIR)$(libdir) && ln -sf .libica-cex.so.$(VERSION).hmac .libica-cex.so.$(MAJOR).hmac
+fipsinstall:
+ $(AM_V_GEN)$(MAKE) -C src fipsinstall
if ICA_OPENSSL3
test -f $(DESTDIR)$(sysconfdir)/libica || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/libica
test -f $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || $(INSTALL) -m 644 ${top_builddir}/src/openssl3-fips.cnf $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || true
@@ -38,3 +35,5 @@ if ICA_OPENSSL3
endif
endif
+.PHONY: fipsinstall
+
diff --git a/src/Makefile.am b/src/Makefile.am
index c630048..4c92c96 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -47,6 +47,12 @@ mp.S : mp.pl
./mp.pl mp.S
if ICA_FIPS
+fipsinstall:
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
+
hmac-file-lnk: hmac-file
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
@@ -110,4 +116,4 @@ internal_tests_ec_internal_test_SOURCES = \
include/rng.h ../test/testcase.h
endif
-.PHONY: hmac-file hmac-file-lnk
+.PHONY: hmac-file hmac-file-lnk fipsinstall
--
2.34.1
From 28fa931bed9e6847137829952a3e7cc6091bd071 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 10:24:44 +0100
Subject: [libica PATCH 07/10] Fix compile warnings
... like potentially uninitialized variables or unused functions.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/fips.c | 4 ++--
src/ica_api.c | 2 +-
src/s390_ecc.c | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/fips.c b/src/fips.c
index 934f6f7..505dd0b 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -1304,8 +1304,8 @@ rsa_kat(void)
ica_adapter_handle_t ah;
const struct rsa_tv *tv;
size_t i, keylen, crtparamlen;
- unsigned char *out;
- libica_func_list_element* libica_func_list;
+ unsigned char *out = NULL;
+ libica_func_list_element* libica_func_list = NULL;
unsigned int count;
if (ica_open_adapter(&ah))
diff --git a/src/ica_api.c b/src/ica_api.c
index 0a885e2..a10e139 100644
--- a/src/ica_api.c
+++ b/src/ica_api.c
@@ -90,6 +90,7 @@ void ica_set_stats_mode(int stats_mode)
ica_stats_enabled = stats_mode ? 1 : 0;
}
+#ifndef NO_CPACF
#ifdef ICA_FIPS
static unsigned int fips_check_3des_key(const ica_des_key_triple_t *key) {
if (!CRYPTO_memcmp(key->key1, key->key2, DES_KEY_LEN64)
@@ -101,7 +102,6 @@ static unsigned int fips_check_3des_key(const ica_des_key_triple_t *key) {
}
#endif
-#ifndef NO_CPACF
static unsigned int check_des_parms(unsigned int mode,
unsigned long data_length,
const unsigned char *in_data,
diff --git a/src/s390_ecc.c b/src/s390_ecc.c
index c0c1549..211db01 100644
--- a/src/s390_ecc.c
+++ b/src/s390_ecc.c
@@ -147,7 +147,7 @@ static EVP_PKEY *make_eckey(int nid, const unsigned char *p, size_t plen)
EC_POINT *point = NULL;
BIGNUM *bn_priv = NULL;
#if !OPENSSL_VERSION_PREREQ(3, 0)
- EC_KEY *ec_key;
+ EC_KEY *ec_key = NULL;
#else
unsigned char *pub_key = NULL;
unsigned int pub_key_len;
@@ -262,7 +262,7 @@ static EVP_PKEY *make_public_eckey(int nid, unsigned char *pubkey, size_t publen
{
int ok = 0;
#if !OPENSSL_VERSION_PREREQ(3, 0)
- EC_KEY *ec_key;
+ EC_KEY *ec_key = NULL;
#else
OSSL_PARAM_BLD *tmpl = NULL;
int rc;
--
2.34.1
From cc44f18383ec6dc01a05abd6c25a1dec8efe84cb Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 10:32:47 +0100
Subject: [libica PATCH 08/10] Fix memory leaks in test programs
When configured with --enable-sanitizer some tests fail because
the address sanitizer reports memory leaks.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
test/ec_keygen_test.c | 6 +++++-
test/ecdh_test.c | 13 ++++++++++++-
test/ecdsa_test.c | 3 +++
test/icastats_test.c.in | 1 +
4 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/test/ec_keygen_test.c b/test/ec_keygen_test.c
index 43c6092..0445c41 100644
--- a/test/ec_keygen_test.c
+++ b/test/ec_keygen_test.c
@@ -115,6 +115,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_generate(adapter_handle, eckey);
if (rc) {
+ ica_ec_key_free(eckey);
+ eckey = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", eckeygen_tests[i].nid));
continue;
@@ -156,12 +158,14 @@ int main(int argc, char **argv)
}
}
}
+
+ ica_ec_key_free(eckey);
+ eckey = NULL;
}
if (test_failed)
errors++;
- ica_ec_key_free(eckey);
unset_env_icapath();
}
diff --git a/test/ecdh_test.c b/test/ecdh_test.c
index 9a81036..e1191d0 100644
--- a/test/ecdh_test.c
+++ b/test/ecdh_test.c
@@ -339,6 +339,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_init(ecdh_kats[i].xa, ecdh_kats[i].ya, ecdh_kats[i].da, eckey_A);
if (rc != 0) {
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid));
continue;
@@ -350,11 +352,18 @@ int main(int argc, char **argv)
}
eckey_B = ica_ec_key_new(ecdh_kats[i].nid, &privlen);
- if (!eckey_B)
+ if (!eckey_B) {
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
continue;
+ }
rc = ica_ec_key_init(ecdh_kats[i].xb, ecdh_kats[i].yb, ecdh_kats[i].db, eckey_B);
if (rc != 0) {
+ ica_ec_key_free(eckey_B);
+ eckey_B = NULL;
+ ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdh_kats[i].nid));
continue;
@@ -415,7 +424,9 @@ int main(int argc, char **argv)
errors++;
ica_ec_key_free(eckey_A);
+ eckey_A = NULL;
ica_ec_key_free(eckey_B);
+ eckey_B = NULL;
unset_env_icapath();
}
diff --git a/test/ecdsa_test.c b/test/ecdsa_test.c
index 3b6bda3..2393882 100644
--- a/test/ecdsa_test.c
+++ b/test/ecdsa_test.c
@@ -225,6 +225,8 @@ int main(int argc, char **argv)
rc = ica_ec_key_init(ecdsa_kats[i].x, ecdsa_kats[i].y, ecdsa_kats[i].d, eckey);
if (rc != 0) {
+ ica_ec_key_free(eckey);
+ eckey = NULL;
if (rc == EPERM) {
V_(printf("Curve %d not supported on this system, skipping ...\n", ecdsa_kats[i].nid));
continue;
@@ -274,6 +276,7 @@ int main(int argc, char **argv)
errors++;
ica_ec_key_free(eckey);
+ eckey = NULL;
unset_env_icapath();
}
diff --git a/test/icastats_test.c.in b/test/icastats_test.c.in
index 98905a9..f0d1212 100644
--- a/test/icastats_test.c.in
+++ b/test/icastats_test.c.in
@@ -186,6 +186,7 @@ int is_crypto_card_loaded()
}
if((c = fgetc(file)) == '1'){
fclose(file);
+ closedir(sysDir);
return 1;
}
fclose(file);
--
2.34.1
From 9c6431f49a9fe0d574722954e018b4cba6ab085b Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 24 Jan 2022 14:33:57 +0100
Subject: [libica PATCH 09/10] FIPS: Calculation of library HMAC may fail
Initialize length variable before calling EVP_DigestSignFinal().
If hlen is uninitialized it may cause EVP_DigestSignFinal() to fail.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/fips.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/fips.c b/src/fips.c
index 505dd0b..129a1a7 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -333,6 +333,7 @@ static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
}
}
+ hlen = sizeof(rbuf);
if (EVP_DigestSignFinal(mdctx, rbuf, &hlen) <= 0)
goto end;
--
2.34.1
From 5aa9366c236a6d17570403ef81c65e4f5f91a8af Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 26 Jan 2022 09:29:27 +0100
Subject: [libica PATCH 10/10] MAKEFILE: Do not install ec_internal_test
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
src/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 4c92c96..d6f5c52 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -90,7 +90,7 @@ icastats_SOURCES = icastats.c icastats_shared.c include/icastats.h
# internal tests
if ICA_INTERNAL_TESTS
-bin_PROGRAMS += internal_tests/ec_internal_test
+noinst_PROGRAMS = internal_tests/ec_internal_test
internal_tests_ec_internal_test_CFLAGS = ${AM_CFLAGS} -I${srcdir}/include \
-I${srcdir}/../include \
--
2.34.1

View File

@ -1,24 +1,18 @@
# generally broken in 3.8.0 and also not ready for OpenSSL 3.0
# https://github.com/opencryptoki/libica/issues/58
# https://github.com/opencryptoki/libica/issues/62
%global with_fips 0
%global with_fips 1
Summary: Library for accessing ICA hardware crypto on IBM z Systems
Name: libica
Version: 3.8.0
Release: 3%{?dist}
Version: 4.0.0
Release: 1%{?dist}
License: CPL
URL: https://github.com/opencryptoki/
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
# annotate assembler source
# https://bugzilla.redhat.com/show_bug.cgi?id=1630582
# https://github.com/opencryptoki/libica/pull/24
Patch0: %{name}-3.8.0-annotate.patch
# https://github.com/opencryptoki/libica/commit/a70dfe13b7dd2914ad29175ae026284bd5461e0e
Patch1: %{name}-3.8.0-configure.patch
# https://github.com/opencryptoki/libica/issues/61
# temporarily disable (OpenSSL 3.0)
Patch2: %{name}-3.8.0-no-eddsa-test.patch
Patch0: %{name}-4.0.0-annotate.patch
# post GA fixes, includes HMAC calculation
Patch1: %{name}-4.0.0-fixes.patch
BuildRequires: gcc
BuildRequires: openssl-devel
BuildRequires: openssl
@ -76,6 +70,14 @@ if [ -c /dev/hwrng -o -c /dev/prandom ]; then
make check
fi
%if %{with_fips}
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
make fipsinstall DESTDIR=%{buildroot}
%{nil}
%endif
%files
%doc AUTHORS LICENSE ChangeLog
@ -83,6 +85,11 @@ fi
%{_bindir}/icainfo-cex
%{_bindir}/icastats
%if %{with_fips}
%if 0%{?fedora} >= 36 || 0%{?rhel} >= 9
# openssl 3.0 is available since Fedora 36 and RHEL 9
%dir %{_sysconfdir}/libica
%{_sysconfdir}/libica/openssl3-fips.cnf
%endif
%{_libdir}/.libica.*.hmac
%{_libdir}/.libica-cex.*.hmac
%endif
@ -99,6 +106,10 @@ fi
%changelog
* Tue Feb 01 2022 Dan Horák <dan[at]danny.cz> - 4.0.0-1
- updated to 4.0.0 (#2040237)
- Resolves: #2040237
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.8.0-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

View File

@ -1 +1 @@
SHA512 (libica-3.8.0.tar.gz) = 18441420c5a8a6b79151146c982f6fac4b346f8dfd60c17aee488fc982509281754ae8e81636a653cc094f4e34c007dab2e764f16b6fef022a584ce9110c6994
SHA512 (libica-4.0.0.tar.gz) = ce950ce591d023b93bf8acbec4ef9eefbf2e3f4fc22a289ebb8d93d180655bb79e433c245d00d4a94828deaefd586bfd96907c55a88fcec86aef3eddfb0687b9