SOURCES/3.22-CCA-Adjust-CCA-host-library-version-detection-for-ne.patch

@@ -1,55 +0,0 @@
-From 742463a3c5a25313ab7ceb578d81b9998db65f67 Mon Sep 17 00:00:00 2001
-From: Ingo Franzki <ifranzki@linux.ibm.com>
-Date: Wed, 2 Apr 2025 16:36:45 +0200
-Subject: [PATCH] CCA: Adjust CCA host library version detection for newer CCA
- versions
-
-Newer CCA versions might report the version string with CSUACFV or CSUACFQ
-with keyword STATCCA using a different indicator character after the version
-information. Ignore the indication character and the remaining data entirely.
-Only the version information as such is of interest.
-
-Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
----
- usr/lib/cca_stdll/cca_specific.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/usr/lib/cca_stdll/cca_specific.c b/usr/lib/cca_stdll/cca_specific.c
-index 80369248..08e794d0 100644
---- a/usr/lib/cca_stdll/cca_specific.c
-+++ b/usr/lib/cca_stdll/cca_specific.c
-@@ -751,7 +751,6 @@ static CK_RV cca_get_version(STDLL_TokData_t *tokdata)
-     long return_code, reason_code;
-     long version_data_length;
-     long exit_data_len = 0;
--    char date[20];
- 
-     /* Get CCA host library version */
-     version_data_length = sizeof(version_data);
-@@ -767,10 +766,10 @@ static CK_RV cca_get_version(STDLL_TokData_t *tokdata)
-     version_data[sizeof(version_data) - 1] = '\0';
-     TRACE_DEVEL("CCA Version string: %s\n", version_data);
- 
--    if (sscanf((char *)version_data, "%u.%u.%uz%s",
-+    if (sscanf((char *)version_data, "%u.%u.%u",
-                &cca_private->cca_lib_version.ver,
-                &cca_private->cca_lib_version.rel,
--               &cca_private->cca_lib_version.mod, date) != 4) {
-+               &cca_private->cca_lib_version.mod) != 3) {
-         TRACE_ERROR("CCA library version is invalid: %s\n", version_data);
-         return CKR_FUNCTION_FAILED;
-     }
-@@ -3431,8 +3430,8 @@ static CK_RV cca_get_adapter_version(cca_min_card_version_t *data)
-     memcpy(ccaversion, &rule_array[CCA_STATCCA_CCA_VERSION_OFFSET],
-            CCA_STATCCA_CCA_VERSION_LENGTH);
- 
--    if (sscanf(ccaversion, "%d.%d.%02d*", (int *)&adapter_version.ver,
--               (int *)&adapter_version.rel, (int *)&adapter_version.mod) != 3) {
-+    if (sscanf(ccaversion, "%u.%u.%u", &adapter_version.ver,
-+               &adapter_version.rel, &adapter_version.mod) != 3) {
-         TRACE_ERROR("sscanf of string %s failed, cannot determine CCA card version\n",
-                     ccaversion);
-         return CKR_FUNCTION_FAILED;
--- 
-2.16.2.windows.1
-

SPECS/opencryptoki.spec

@@ -1,7 +1,7 @@
 Name: opencryptoki
 Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0
 Version: 3.22.0
-Release: 3%{?dist}.1
+Release: 3%{?dist}
 License: CPL
 Group: System Environment/Base
 URL: https://github.com/opencryptoki/opencryptoki
@@ -21,8 +21,6 @@ Patch21: opencryptoki-CVE-2024-0914-part2.patch
 Patch22: opencryptoki-CVE-2024-0914-part3.patch
 Patch23: opencryptoki-CVE-2024-0914-part4.patch
 Patch24: opencryptoki-CVE-2024-0914-part5.patch
-# supporting CCA 8.4
-Patch25: 3.22-CCA-Adjust-CCA-host-library-version-detection-for-ne.patch
 
 Requires(pre): coreutils diffutils
 Requires: (selinux-policy >= 3.14.3-121 if selinux-policy-targeted)
@@ -383,9 +381,6 @@ fi
 
 
 %changelog
-* Mon Aug 11 2025 Than Ngo <than@redhat.com> - 3.22.0-3.1
-- Resolves: RHEL-105918, fix for supporting CCA 8.4
-
 * Fri Feb 16 2024 Than Ngo <than@redhat.com> - 3.22.0-3
 - Fix implicit rejection with RSA keys with empty CKA_PRIVATE_EXPONENT
 Related: RHEL-22791