diff --git a/openssl-ibmca-2.3.1-fixes.patch b/openssl-ibmca-2.3.1-fixes.patch deleted file mode 100644 index 5e63b2e..0000000 --- a/openssl-ibmca-2.3.1-fixes.patch +++ /dev/null @@ -1,827 +0,0 @@ -From ec926d577754babce01db22274a582988c5c4e44 Mon Sep 17 00:00:00 2001 -From: Ingo Franzki -Date: Wed, 12 Oct 2022 09:40:27 +0200 -Subject: [PATCH 1/4] provider: Support EC parameter generation with named - curve - -In general the IBMCA provider does not support EC parameter generation, -because libica only supports certain named curves. However, one can -also use EC parameter generation with a named curve, and then use such -parameter key object as template for generating other keys. One example -for this is the openssl speed utility. - -Like for EC key generation, EC parameter generation only supports -parameters 'group', 'point-format', 'encoding', and 'use-cofactor-flag', -where the only accepted value for parameter 'encoding' is 'named_curve', -and the only accepted value for parameter 'use-cofactor-flag' is '0'. - -Signed-off-by: Ingo Franzki ---- - src/provider/ec_keymgmt.c | 10 ++++++++-- - src/provider/p_ibmca.h | 1 + - 2 files changed, 9 insertions(+), 2 deletions(-) - -diff --git a/src/provider/ec_keymgmt.c b/src/provider/ec_keymgmt.c -index d39b1e2..97516f1 100644 ---- a/src/provider/ec_keymgmt.c -+++ b/src/provider/ec_keymgmt.c -@@ -928,9 +928,10 @@ static void *ibmca_keymgmt_ec_gen_init(void *vprovctx, int selection, - for (p = params; p != NULL && p->key != NULL; p++) - ibmca_debug_ctx(provctx, "param: %s", p->key); - -- if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) { -+ if ((selection & (OSSL_KEYMGMT_SELECT_KEYPAIR | -+ OSSL_KEYMGMT_SELECT_ALL_PARAMETERS)) == 0) { - put_error_ctx(provctx, IBMCA_ERR_INVALID_PARAM, -- "selection is not KEYPAIR"); -+ "selection is not KEYPAIR and/or parameters"); - return NULL; - } - -@@ -943,6 +944,7 @@ static void *ibmca_keymgmt_ec_gen_init(void *vprovctx, int selection, - } - - /* set defaults */ -+ ctx->ec.gen.selection = selection; - ctx->ec.gen.curve_nid = NID_undef; - ctx->ec.gen.format = POINT_CONVERSION_UNCOMPRESSED; - -@@ -1223,6 +1225,9 @@ static void *ibmca_keymgmt_ec_gen(void *vgenctx, OSSL_CALLBACK *osslcb, - - ibmca_debug_op_ctx(genctx, "prime_size: %lu", key->ec.prime_size); - -+ if ((genctx->ec.gen.selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) -+ goto out; -+ - key->ec.key = ica_ec_key_new(key->ec.curve_nid, &privlen); - if (key->ec.key == NULL || key->ec.prime_size != privlen) { - ibmca_debug_op_ctx(genctx, "ica_ec_key_new failed"); -@@ -1267,6 +1272,7 @@ static void *ibmca_keymgmt_ec_gen(void *vgenctx, OSSL_CALLBACK *osslcb, - return NULL; - } - -+out: - ibmca_debug_op_ctx(genctx, "key: %p", key); - - return key; -diff --git a/src/provider/p_ibmca.h b/src/provider/p_ibmca.h -index fa0e1ee..2b4ff8e 100644 ---- a/src/provider/p_ibmca.h -+++ b/src/provider/p_ibmca.h -@@ -216,6 +216,7 @@ struct ibmca_op_ctx { - } rsa; /* For type EVP_PKEY_RSA and EVP_PKEY_RSA_PSS */ - union { - struct { -+ int selection; - int curve_nid; - point_conversion_form_t format; - } gen; /* For operation EVP_PKEY_OP_KEYGEN */ --- -2.39.0 - - -From a462093d2478b287cb9a7a25131788eba16b7640 Mon Sep 17 00:00:00 2001 -From: Ingo Franzki -Date: Fri, 14 Oct 2022 11:31:16 +0200 -Subject: [PATCH 2/4] engine: EC: Cache ICA key in EC_KEY object - -Creating a new ICA EC key via ica_ec_key_init() is time consuming, because -libica performs EC key checks on the key components. - -Currently every sign, verify or derive operation creates a new ICA key, and -thus suffers from the long taking EC key checks with every operation. - -Change this to create an ICA key on the first usage of an EC key, and attach -the ICA key to the EC_KEY object as ex-data. That way, subsequent operations -using the same key will reuse the attached ICA key and do not have to create -a new ICA key again. - -Signed-off-by: Ingo Franzki ---- - src/engine/e_ibmca.c | 5 + - src/engine/ibmca.h | 1 + - src/engine/ibmca_ec.c | 411 ++++++++++++++++++++++++++++++------------ - 3 files changed, 306 insertions(+), 111 deletions(-) - -diff --git a/src/engine/e_ibmca.c b/src/engine/e_ibmca.c -index d045828..fe21897 100644 ---- a/src/engine/e_ibmca.c -+++ b/src/engine/e_ibmca.c -@@ -833,6 +833,11 @@ static int ibmca_init(ENGINE *e) - goto err; - } - -+#ifndef NO_EC -+ if (!ibmca_ec_init()) -+ goto err; -+#endif -+ - if (!set_supported_meths(e)) - goto err; - -diff --git a/src/engine/ibmca.h b/src/engine/ibmca.h -index 37bdfd8..7281a5b 100644 ---- a/src/engine/ibmca.h -+++ b/src/engine/ibmca.h -@@ -298,6 +298,7 @@ void ibmca_dh_destroy(void); - #define IBMCA_EC_MAX_Z_LEN IBMCA_EC_MAX_D_LEN - - #ifndef OPENSSL_NO_EC -+int ibmca_ec_init(void); - void ibmca_ec_destroy(void); - - int ibmca_ecdh_compute_key(unsigned char **pout, size_t *poutlen, -diff --git a/src/engine/ibmca_ec.c b/src/engine/ibmca_ec.c -index 8bc6cbf..5206ae3 100644 ---- a/src/engine/ibmca_ec.c -+++ b/src/engine/ibmca_ec.c -@@ -16,6 +16,7 @@ - */ - - #include -+#include - #include "ibmca.h" - #include "e_ibmca_err.h" - -@@ -31,6 +32,251 @@ ica_ec_key_get_public_key_t p_ica_ec_key_get_public_key; - ica_ec_key_get_private_key_t p_ica_ec_key_get_private_key; - ica_ec_key_free_t p_ica_ec_key_free; - -+int ec_ex_data_index = -1; -+pthread_mutex_t ec_ex_data_mutex = PTHREAD_MUTEX_INITIALIZER; -+ -+struct ibmca_ec_ex_data { -+ ICA_EC_KEY *ica_key; -+ int nid; -+ unsigned int privlen; -+}; -+ -+void ibmca_ec_ex_data_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -+ int idx, long argl, void *argp) -+{ -+ struct ibmca_ec_ex_data *data = ptr; -+ -+ if (data == NULL) -+ return; -+ -+ p_ica_ec_key_free(data->ica_key); -+ OPENSSL_free(data); -+} -+ -+int ibmca_ec_ex_data_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, -+#ifdef OPENSSL_VERSION_PREREQ -+ void **pptr, int idx, long argl, void *argp) -+#else -+ void *from_d, int idx, long argl, void *argp) -+#endif -+{ -+#ifndef OPENSSL_VERSION_PREREQ -+ void **pptr = (void **)from_d; -+#endif -+ struct ibmca_ec_ex_data *from_data; -+ struct ibmca_ec_ex_data *to_data; -+ unsigned char Q[2 * IBMCA_EC_MAX_D_LEN]; -+ unsigned char D[IBMCA_EC_MAX_D_LEN]; -+ unsigned int len; -+ int rc; -+ -+ if (pptr == NULL) -+ return 0; -+ -+ from_data = (struct ibmca_ec_ex_data *)*pptr; -+ if (from_data == NULL) -+ return 0; -+ -+ to_data = OPENSSL_zalloc(sizeof(*to_data)); -+ if (to_data == NULL) { -+ return 0; -+ } -+ -+ to_data->nid = from_data->nid; -+ to_data->ica_key = p_ica_ec_key_new(to_data->nid, &to_data->privlen); -+ if (to_data->ica_key == NULL) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_ICA_EC_KEY_INIT); -+ goto error; -+ } -+ -+ if (p_ica_ec_key_get_private_key(from_data->ica_key, D, &len) == 0) { -+ rc = p_ica_ec_key_init(NULL, NULL, D, to_data->ica_key); -+ if (rc != 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -+ goto error; -+ } -+ } -+ -+ if (p_ica_ec_key_get_public_key(from_data->ica_key, Q, &len) == 0) { -+ rc = p_ica_ec_key_init(Q, Q + to_data->privlen, NULL, to_data->ica_key); -+ if (rc != 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -+ goto error; -+ } -+ } -+ -+ *pptr = to_data; -+ -+ return 1; -+ -+error: -+ if (to_data->ica_key != NULL) -+ p_ica_ec_key_free(to_data->ica_key); -+ OPENSSL_free(to_data); -+ -+ return 0; -+} -+ -+static ICA_EC_KEY *ibmca_ec_make_ica_key(EC_KEY *ec_key, int *nid, -+ unsigned int *privlen) -+{ -+ ICA_EC_KEY *icakey; -+ const EC_GROUP *group; -+ const EC_POINT *q; -+ const BIGNUM *bn_d; -+ BIGNUM *bn_x = NULL, *bn_y = NULL; -+ unsigned char D[IBMCA_EC_MAX_D_LEN]; -+ unsigned char X[IBMCA_EC_MAX_D_LEN]; -+ unsigned char Y[IBMCA_EC_MAX_D_LEN]; -+ int rc, n; -+ -+ /* Get group */ -+ if ((group = EC_KEY_get0_group(ec_key)) == NULL) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_INVALID_PARM); -+ return NULL; -+ } -+ -+ /* Get curve nid */ -+ *nid = EC_GROUP_get_curve_name(group); -+ if (*nid <= 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_UNSUPPORTED_CURVE); -+ return NULL; -+ } -+ -+ /* Create ICA_EC_KEY object */ -+ icakey = p_ica_ec_key_new(*nid, privlen); -+ if (icakey == NULL) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_ICA_EC_KEY_INIT); -+ return NULL; -+ } -+ -+ /* Get private (D) value from EC_KEY (if available) */ -+ bn_d = EC_KEY_get0_private_key(ec_key); -+ if (bn_d != NULL) { -+ /* Format (D) as char array, with leading zeros if necessary */ -+ n = *privlen - BN_num_bytes(bn_d); -+ memset(D, 0, n); -+ BN_bn2bin(bn_d, &(D[n])); -+ -+ /* Initialize private ICA_EC_KEY */ -+ rc = p_ica_ec_key_init(NULL, NULL, D, icakey); -+ if (rc != 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -+ goto error; -+ } -+ } -+ -+ /* Get public (X and Y) values from EC_KEY (if available) */ -+ q = EC_KEY_get0_public_key(ec_key); -+ if (q != NULL) { -+ /* Provide public key (X,Y) */ -+ bn_x = BN_new(); -+ bn_y = BN_new(); -+ if (!EC_POINT_get_affine_coordinates_GFp(group, q, bn_x, bn_y, NULL)) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_INTERNAL_ERROR); -+ goto error; -+ } -+ -+ /* Format (X) as char array with leading nulls if necessary */ -+ n = *privlen - BN_num_bytes(bn_x); -+ memset(X, 0, n); -+ BN_bn2bin(bn_x, &X[n]); -+ -+ /* Format (Y) as char array with leading nulls if necessary */ -+ n = *privlen - BN_num_bytes(bn_y); -+ memset(Y, 0, n); -+ BN_bn2bin(bn_y, &Y[n]); -+ -+ /* Initialize public ICA_EC_KEY */ -+ rc = p_ica_ec_key_init(X, Y, NULL, icakey); -+ if (rc != 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -+ goto error; -+ } -+ } -+ -+out: -+ BN_clear_free(bn_x); -+ BN_clear_free(bn_y); -+ -+ return icakey; -+ -+error: -+ p_ica_ec_key_free(icakey); -+ icakey = NULL; -+ goto out; -+} -+ -+static ICA_EC_KEY *ibmca_ec_make_and_cache_ica_key(EC_KEY *ec_key, -+ unsigned int *privlen) -+{ -+ struct ibmca_ec_ex_data *data, *data2; -+ -+ data = OPENSSL_zalloc(sizeof(*data)); -+ if (data == NULL) -+ return NULL; -+ -+ data->ica_key = ibmca_ec_make_ica_key(ec_key, &data->nid, &data->privlen); -+ if (data->ica_key == NULL) { -+ OPENSSL_free(data); -+ return NULL; -+ } -+ -+ /* -+ * Note that another thread could have allocated and set the ex_data for -+ * that key after the caller of this function has checked if there is -+ * already ex_data available for the key. So once we have the lock, we -+ * check again, and if there now is ex_data available, we return the -+ * ICA key from the ex_data, and free the one just created. -+ */ -+ if (pthread_mutex_lock(&ec_ex_data_mutex) != 0) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_INTERNAL_ERROR); -+ return NULL; -+ } -+ -+ data2 = EC_KEY_get_ex_data(ec_key, ec_ex_data_index); -+ if (data2 != NULL) { -+ pthread_mutex_unlock(&ec_ex_data_mutex); -+ -+ p_ica_ec_key_free(data->ica_key); -+ OPENSSL_free(data); -+ -+ *privlen = data2->privlen; -+ -+ return data2->ica_key; -+ } -+ -+ if (EC_KEY_set_ex_data(ec_key, ec_ex_data_index, data) != 1) { -+ IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_INTERNAL_ERROR); -+ pthread_mutex_unlock(&ec_ex_data_mutex); -+ OPENSSL_free(data); -+ return NULL; -+ } -+ -+ pthread_mutex_unlock(&ec_ex_data_mutex); -+ -+ *privlen = data->privlen; -+ -+ return data->ica_key; -+} -+ -+int ibmca_ec_init(void) -+{ -+#ifdef OLDER_OPENSSL -+ return 0; -+#else -+ ec_ex_data_index = EC_KEY_get_ex_new_index(0, NULL, NULL, -+ ibmca_ec_ex_data_dup, -+ ibmca_ec_ex_data_free); -+ if (ec_ex_data_index < 0) { -+ IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_EC_INTERNAL_ERROR); -+ return 0; -+ } -+ -+ return 1; -+#endif -+} -+ - void ibmca_ec_destroy(void) - { - #ifdef OLDER_OPENSSL -@@ -39,6 +285,10 @@ void ibmca_ec_destroy(void) - if (ibmca_ecdh) - ECDSA_METHOD_free(ibmca_ecdsa); - #else -+ if (ec_ex_data_index >= 0) { -+ CRYPTO_free_ex_index(CRYPTO_EX_INDEX_EC_KEY, ec_ex_data_index); -+ ec_ex_data_index = -1; -+ } - if (ibmca_ec) - EC_KEY_METHOD_free(ibmca_ec); - #endif -@@ -55,17 +305,17 @@ int ibmca_ecdh_compute_key(unsigned char **pout, size_t *poutlen, - { - ICA_EC_KEY *ica_pubkey = NULL, *ica_privkey = NULL; - const EC_GROUP *group; -- BIGNUM *bn_d, *bn_x, *bn_y; -+ BIGNUM *bn_x = NULL, *bn_y = NULL; - unsigned int n, privlen; - unsigned char X[IBMCA_EC_MAX_D_LEN]; - unsigned char Y[IBMCA_EC_MAX_D_LEN]; -- unsigned char D[IBMCA_EC_MAX_D_LEN]; - unsigned char *z_buf = NULL; - int rc, ret = 0, nid; - #ifndef OLDER_OPENSSL - int (*compute_key_sw)(unsigned char **pout, size_t *poutlen, - const EC_POINT *pub_key, const EC_KEY *ecdh) = NULL; - #endif -+ struct ibmca_ec_ex_data *data = EC_KEY_get_ex_data(ecdh, ec_ex_data_index); - - /* Get group from EC_KEY */ - if ((group = EC_KEY_get0_group(ecdh)) == NULL) { -@@ -76,10 +326,40 @@ int ibmca_ecdh_compute_key(unsigned char **pout, size_t *poutlen, - /* Determine curve nid */ - nid = EC_GROUP_get_curve_name(group); - if (nid <= 0) { -- IBMCAerr(IBMCA_F_IBMCA_ECDH_COMPUTE_KEY, IBMCA_R_EC_INTERNAL_ERROR); -+ IBMCAerr(IBMCA_F_IBMCA_ECDH_COMPUTE_KEY, IBMCA_R_EC_UNSUPPORTED_CURVE); -+ return 0; -+ } -+ -+ if (data != NULL) { -+ ica_privkey = data->ica_key; -+ privlen = data->privlen; -+ goto do_derive; -+ } -+ -+ /* Create ICA_EC_KEY object for private key */ -+ ica_privkey = ibmca_ec_make_and_cache_ica_key((EC_KEY*)ecdh, &privlen); -+ if (ica_privkey == NULL) { -+ /* This curve is not supported by libica. */ -+ #ifdef OLDER_OPENSSL - return 0; -+ #else -+ /* -+ * EC_KEY_METHOD_get_compute_key misses the const-qualifier of the -+ * parameter in some openssl versions. -+ */ -+ EC_KEY_METHOD_get_compute_key((EC_KEY_METHOD *)ossl_ec, -+ &compute_key_sw); -+ if (compute_key_sw == NULL) { -+ IBMCAerr(IBMCA_F_IBMCA_ECDH_COMPUTE_KEY, -+ IBMCA_R_EC_INTERNAL_ERROR); -+ return 0; -+ } -+ -+ return compute_key_sw(pout, poutlen, pub_key, ecdh); -+ #endif - } - -+do_derive: - /* Create ICA_EC_KEY object for public key */ - ica_pubkey = p_ica_ec_key_new(nid, &privlen); - if (ica_pubkey == NULL) { -@@ -128,32 +408,6 @@ int ibmca_ecdh_compute_key(unsigned char **pout, size_t *poutlen, - goto end; - } - -- /* Create ICA_EC_KEY object for private key */ -- ica_privkey = p_ica_ec_key_new(nid, &privlen); -- if (!ica_privkey) { -- IBMCAerr(IBMCA_F_ICA_EC_KEY_NEW, IBMCA_R_EC_INTERNAL_ERROR); -- goto end; -- } -- -- /* Get private (D) value from EC_KEY */ -- bn_d = (BIGNUM*)EC_KEY_get0_private_key((EC_KEY*)ecdh); -- if (bn_d == NULL) { -- IBMCAerr(IBMCA_F_IBMCA_ECDH_COMPUTE_KEY, IBMCA_R_EC_INTERNAL_ERROR); -- goto end; -- } -- -- /* Format (D) as char array, with leading zeros if necessary */ -- n = privlen - BN_num_bytes(bn_d); -- memset(D, 0, n); -- BN_bn2bin(bn_d, &(D[n])); -- -- /* Initialize private ICA_EC_KEY with (D) */ -- rc = p_ica_ec_key_init(NULL, NULL, D, ica_privkey); -- if (rc != 0) { -- IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -- goto end; -- } -- - /* Allocate memory for shared secret z, will be freed by caller */ - if ((z_buf = OPENSSL_malloc(privlen)) == NULL) { - IBMCAerr(IBMCA_F_IBMCA_ECDH_COMPUTE_KEY, IBMCA_R_EC_INTERNAL_ERROR); -@@ -193,7 +447,6 @@ int ibmca_ecdh_compute_key(unsigned char **pout, size_t *poutlen, - - end: - p_ica_ec_key_free(ica_pubkey); -- p_ica_ec_key_free(ica_privkey); - BN_clear_free(bn_x); - BN_clear_free(bn_y); - return ret; -@@ -210,12 +463,10 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - { - ECDSA_SIG *sig = NULL; - ICA_EC_KEY *icakey = NULL; -- const EC_GROUP *group; - unsigned int privlen; -- BIGNUM *r, *s, *bn_d, *kinv; -- unsigned char D[IBMCA_EC_MAX_D_LEN]; -+ BIGNUM *r, *s, *kinv; - unsigned char sigret[IBMCA_EC_MAX_SIG_LEN]; -- int n, nid, rc; -+ int rc; - #ifndef OLDER_OPENSSL - int (*sign_sw)(int type, const unsigned char *dgst, int dlen, - unsigned char *sig, unsigned int *siglen, -@@ -227,6 +478,7 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey) = NULL; - BN_CTX *ctx; -+ struct ibmca_ec_ex_data *data = EC_KEY_get_ex_data(eckey, ec_ex_data_index); - - /* Check parms: precomputed (k,r) are not supported by ibmca */ - if (in_kinv != NULL || in_r != NULL) { -@@ -234,12 +486,6 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - return NULL; - } - -- /* Get group */ -- if ((group = EC_KEY_get0_group(eckey)) == NULL) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_SIGN_SIG, IBMCA_R_EC_INVALID_PARM); -- return NULL; -- } -- - /* Check if key usable */ - #ifndef OLDER_OPENSSL - if (!EC_KEY_can_sign(eckey)) { -@@ -249,15 +495,14 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - } - #endif - -- /* Get curve nid */ -- nid = EC_GROUP_get_curve_name(group); -- if (nid <= 0) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_SIGN_SIG, IBMCA_R_EC_UNSUPPORTED_CURVE); -- return NULL; -+ if (data != NULL) { -+ icakey = data->ica_key; -+ privlen = data->privlen; -+ goto do_sign; - } - - /* Create ICA_EC_KEY object */ -- icakey = p_ica_ec_key_new(nid, &privlen); -+ icakey = ibmca_ec_make_and_cache_ica_key(eckey, &privlen); - if (icakey == NULL) { - /* This curve is not supported by libica. */ - #ifdef OLDER_OPENSSL -@@ -287,25 +532,7 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - return sig; - } - -- /* Get private (D) value from EC_KEY */ -- bn_d = (BIGNUM*)EC_KEY_get0_private_key(eckey); -- if (bn_d == NULL) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_SIGN_SIG, IBMCA_R_EC_INTERNAL_ERROR); -- goto end; -- } -- -- /* Format (D) as char array, with leading zeros if necessary */ -- n = privlen - BN_num_bytes(bn_d); -- memset(D, 0, n); -- BN_bn2bin(bn_d, &(D[n])); -- -- /* Initialize private ICA_EC_KEY */ -- rc = p_ica_ec_key_init(NULL, NULL, D, icakey); -- if (rc != 0) { -- IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -- goto end; -- } -- -+do_sign: - /* Call libica signing routine */ - rc = p_ica_ecdsa_sign(ibmca_handle, icakey, dgst, dgst_len, sigret, - sizeof(sigret)); -@@ -343,7 +570,6 @@ ECDSA_SIG *ibmca_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, - s = BN_bin2bn(sigret + privlen, privlen, NULL); - sig = ECDSA_SIG_new(); - --end: - #ifndef OLDER_OPENSSL - if (sig) - ECDSA_SIG_set0(sig, r, s); -@@ -357,7 +583,6 @@ end: - #endif - - end2: -- p_ica_ec_key_free(icakey); - return sig; - } - -@@ -372,16 +597,12 @@ end2: - int ibmca_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey) - { -- const EC_GROUP *group; -- const EC_POINT *q; -- unsigned char x_array[IBMCA_EC_MAX_D_LEN]; -- unsigned char y_array[IBMCA_EC_MAX_D_LEN]; - unsigned char sig_array[IBMCA_EC_MAX_Q_LEN]; - BIGNUM *bn_x = NULL, *bn_y = NULL; - const BIGNUM *bn_r, *bn_s; - unsigned int privlen; - ICA_EC_KEY *icakey = NULL; -- int rc, n, nid; -+ int rc, n; - int ret = -1; - #ifndef OLDER_OPENSSL - int (*verify_sw)(int type, const unsigned char *dgst, int dgst_len, -@@ -389,6 +610,7 @@ int ibmca_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - #endif - int (*verify_sig_sw)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey) = NULL; -+ struct ibmca_ec_ex_data *data = EC_KEY_get_ex_data(eckey, ec_ex_data_index); - - /* Check parms */ - if (eckey == NULL || sig == NULL) { -@@ -404,21 +626,14 @@ int ibmca_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - } - #endif - -- /* Get group */ -- if ((group = EC_KEY_get0_group(eckey)) == NULL) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_VERIFY_SIG, IBMCA_R_EC_INTERNAL_ERROR); -- return ret; -- } -- -- /* Get curve nid */ -- nid = EC_GROUP_get_curve_name(group); -- if (nid <= 0) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_VERIFY_SIG, IBMCA_R_EC_UNSUPPORTED_CURVE); -- return ret; -+ if (data != NULL) { -+ icakey = data->ica_key; -+ privlen = data->privlen; -+ goto do_verify; - } - - /* Create ICA_EC_KEY object */ -- icakey = p_ica_ec_key_new(nid, &privlen); -+ icakey = ibmca_ec_make_and_cache_ica_key(eckey, &privlen); - if (icakey == NULL) { - /* This curve is not supported by libica. */ - #ifdef OLDER_OPENSSL -@@ -440,32 +655,7 @@ int ibmca_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - return verify_sig_sw(dgst, dgst_len, sig, eckey); - } - -- /* Provide public key (X,Y) */ -- bn_x = BN_new(); -- bn_y = BN_new(); -- q = EC_KEY_get0_public_key(eckey); -- if (!EC_POINT_get_affine_coordinates_GFp(group, q, bn_x, bn_y, NULL)) { -- IBMCAerr(IBMCA_F_IBMCA_ECDSA_VERIFY_SIG, IBMCA_R_EC_INTERNAL_ERROR); -- goto end; -- } -- -- /* Format (X) as char array with leading nulls if necessary */ -- n = privlen - BN_num_bytes(bn_x); -- memset(x_array, 0, n); -- BN_bn2bin(bn_x, &(x_array[n])); -- -- /* Format (Y) as char array with leading nulls if necessary */ -- n = privlen - BN_num_bytes(bn_y); -- memset(y_array, 0, n); -- BN_bn2bin(bn_y, &(y_array[n])); -- -- /* Initialize ICA_EC_KEY */ -- rc = p_ica_ec_key_init(x_array, y_array, NULL, icakey); -- if (rc != 0) { -- IBMCAerr(IBMCA_F_ICA_EC_KEY_INIT, rc); -- goto end; -- } -- -+do_verify: - /* Get (r,s) from ECDSA_SIG */ - #ifdef OLDER_OPENSSL - bn_r = sig->r; -@@ -517,7 +707,6 @@ int ibmca_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - } - - end: -- p_ica_ec_key_free(icakey); - BN_clear_free(bn_x); - BN_clear_free(bn_y); - --- -2.39.0 - - -From 072e32bb199ff772148f1cbe0b2faadf9ab33c12 Mon Sep 17 00:00:00 2001 -From: Juergen Christ -Date: Thu, 27 Oct 2022 16:13:01 +0200 -Subject: [PATCH 3/4] provider: Fix configuration script - -Small typo in the configuration script created an invalid configuration. - -Signed-off-by: Juergen Christ ---- - src/provider/ibmca-provider-opensslconfig | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/provider/ibmca-provider-opensslconfig b/src/provider/ibmca-provider-opensslconfig -index 21ed6f6..d45428e 100755 ---- a/src/provider/ibmca-provider-opensslconfig -+++ b/src/provider/ibmca-provider-opensslconfig -@@ -83,7 +83,7 @@ sub generate() - } - if ($providersect && $line =~ /\[\s*$providersect\s*\]/) { - print $oh "ibmca_provider = ibmca_provider_section\n"; -- print $oh # Make sure that you have configured and activated at least one other provider!\n"; -+ print $oh "# Make sure that you have configured and activated at least one other provider!\n"; - print "WARNING: The IBMCA provider was added to section [$providersect].\n"; - print "Make sure that you have configured and activated at least one other provider, e.g. the default provider!\n"; - } --- -2.39.0 - - -From e90203dbc9bf0d9a4488af470adf11852860991a Mon Sep 17 00:00:00 2001 -From: Juergen Christ -Date: Wed, 2 Nov 2022 14:29:35 +0100 -Subject: [PATCH 4/4] provider: Fix order of providers in configuration - -Since libica requires a provider that supports HMAC to be loaded and -available, fix the order of providers loaded by our sample configuration -generator. The "default" provider has to come first such that libica can do -the file integrity test with a HMAC provided by this provider when being -loaded via the ibmca provider. - -Signed-off-by: Juergen Christ ---- - src/provider/ibmca-provider-opensslconfig | 23 +++++++++++++++-------- - 1 file changed, 15 insertions(+), 8 deletions(-) - -diff --git a/src/provider/ibmca-provider-opensslconfig b/src/provider/ibmca-provider-opensslconfig -index d45428e..d87fa8e 100755 ---- a/src/provider/ibmca-provider-opensslconfig -+++ b/src/provider/ibmca-provider-opensslconfig -@@ -30,7 +30,7 @@ use warnings; - sub generate() - { - my ($osslconfpath); -- my ($ih, $line, $oh, $defaultcnfsect, $indefaultsect, $providersect); -+ my ($ih, $line, $oh, $defaultcnfsect, $indefaultsect, $providersect, $inprovidersect); - my ($inalgsect, $algsection); - - $osslconfpath = `openssl version -d` || die "Please install openssl binary"; -@@ -43,6 +43,7 @@ sub generate() - $defaultcnfsect = undef; - $indefaultsect = 0; - $providersect = undef; -+ $inprovidersect = 0; - while ($line = <$ih>) { - if ($line =~ /openssl_conf\s*=\s*(.*)/) { - $defaultcnfsect = $1; -@@ -67,13 +68,22 @@ sub generate() - } elsif ($inalgsect) { - if ($line =~ /\[\s*\w+\s*\]/) { - print $oh "default_properties = ?provider=ibmca\n"; -+ $inalgsect = 0; - } elsif ($line =~ /^\s*default_properties\s*=\s*(\w+)\s*/) { - print $oh "default_properties = ?provider=ibmca\n"; - print $oh "# The following was commented out by ibmca-provider-opensslconfig script\n"; - print "WARNING: The default_properties in $algsection was modified by this script.\n"; - $line = "# $line"; - } -- } -+ } elsif ($inprovidersect) { -+ if ($line =~ /\[\s*\w+\s*\]/) { -+ $inprovidersect = 0; -+ print $oh "ibmca_provider = ibmca_provider_section\n"; -+ print $oh "# Make sure that you have configured and activated at least one other provider!\n"; -+ print "WARNING: The IBMCA provider was added to section [$providersect].\n"; -+ print "Make sure that you have configured and activated at least one other provider, e.g. the default provider!\n"; -+ } -+ } - print $oh "$line"; - if ($defaultcnfsect && $line =~ /\[\s*$defaultcnfsect\s*\]/) { - $indefaultsect = 1; -@@ -81,11 +91,8 @@ sub generate() - if ($algsection && $line =~ /\[\s*$algsection\s*\]/) { - $inalgsect = 1; - } -- if ($providersect && $line =~ /\[\s*$providersect\s*\]/) { -- print $oh "ibmca_provider = ibmca_provider_section\n"; -- print $oh "# Make sure that you have configured and activated at least one other provider!\n"; -- print "WARNING: The IBMCA provider was added to section [$providersect].\n"; -- print "Make sure that you have configured and activated at least one other provider, e.g. the default provider!\n"; -+ if ($providersect && $line =~ /\[\s*$providersect\s*\]/) { -+ $inprovidersect = 1; - } - } - -@@ -100,8 +107,8 @@ providers = provider_section - if (!$providersect) { - print $oh qq| - [provider_section] --ibmca_provider = ibmca_provider_section - default = default_sect -+ibmca_provider = ibmca_provider_section - - [default_sect] - activate = 1 --- -2.39.0 - diff --git a/openssl-ibmca.spec b/openssl-ibmca.spec index 3e669f2..560b7e9 100644 --- a/openssl-ibmca.spec +++ b/openssl-ibmca.spec @@ -2,13 +2,13 @@ Summary: A dynamic OpenSSL provider for IBMCA Name: openssl-ibmca -Version: 2.3.1 -Release: 5%{?dist} -License: ASL 2.0 +Version: 2.4.0 +Release: 1%{?dist} +License: Apache-2.0 URL: https://github.com/opencryptoki Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz # post GA fixes -Patch0: %{name}-%{version}-fixes.patch +#Patch0: %%{name}-%%{version}-fixes.patch Requires: libica >= 4.0.0 BuildRequires: make BuildRequires: gcc @@ -55,6 +55,9 @@ make check %changelog +* Tue Apr 04 2023 Dan HorĂ¡k - 2.4.0-1 +- updated to 2.4.0 + * Thu Jan 19 2023 Fedora Release Engineering - 2.3.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild diff --git a/sources b/sources index 6fdab29..eee921f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-ibmca-2.3.1.tar.gz) = 16a1fae7ddc71caa40f60f803991e32227badeee22db33080bcefc7a01fb79b714eb007ebd5d61e97534d5779d765ac65fd79be496a46f160a4f321c9f836942 +SHA512 (openssl-ibmca-2.4.0.tar.gz) = ec886a89e6537bcda5f40c96dd66a6b3e19563c006434e65e5da7b3bdf7526a1cca7b454d3da1df2455625ffd970a9093ca4a0c7deb5e32e69bed9575f20f811