From a6fc88507bf1101254b7a32c4e36596abcca14495bbf6363722b41812d037fb5 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:20:10 +0000 Subject: [PATCH 01/10] Accepting request 1009943 from home:markkp:branches:devel:openSUSE:Factory - Upgrade to version 4.1.1 (jsc#PED-581, bsc#1202365). v4.1.1 - [PATCH] Fix aes-xts multi-part operations [PATCH] Fix make dist v4.1.0 - [FEATURE] FIPS: make libica FIPS 140-3 compliant [FEATURE] New API function ica_ecdsa_sign_ex() [FEATURE] New icainfo output option -r - [PATCH] Various bug fixes - Removed the following obsolete files: baselibs.conf icaioctl.h OBS-URL: https://build.opensuse.org/request/show/1009943 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=71 --- libica-4.1.1.tar.gz | 3 +++ libica.changes | 16 ++++++++++++++++ libica.spec | 26 ++++++++++---------------- 3 files changed, 29 insertions(+), 16 deletions(-) create mode 100644 libica-4.1.1.tar.gz diff --git a/libica-4.1.1.tar.gz b/libica-4.1.1.tar.gz new file mode 100644 index 0000000..a935b30 --- /dev/null +++ b/libica-4.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1abb8a2d0dd061dc7741f02a26b07ec897309e60a3866d20c4f1bf6c094d4706 +size 559797 diff --git a/libica.changes b/libica.changes index 24a66d0..0d97e1f 100644 --- a/libica.changes +++ b/libica.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Tue Oct 11 20:32:12 UTC 2022 - Mark Post + +- Upgrade to version 4.1.1 (jsc#PED-581, bsc#1202365). + v4.1.1 + - [PATCH] Fix aes-xts multi-part operations + [PATCH] Fix make dist + v4.1.0 + - [FEATURE] FIPS: make libica FIPS 140-3 compliant + [FEATURE] New API function ica_ecdsa_sign_ex() + [FEATURE] New icainfo output option -r + - [PATCH] Various bug fixes +- Removed the following obsolete files: + baselibs.conf + icaioctl.h + ------------------------------------------------------------------- Mon Sep 12 19:09:59 UTC 2022 - Mark Post diff --git a/libica.spec b/libica.spec index 625a0c3..ff08ccd 100644 --- a/libica.spec +++ b/libica.spec @@ -22,21 +22,18 @@ %endif Name: libica -Version: 4.0.3 +Version: 4.1.1 Release: 0 Summary: Library interface for the IBM Cryptographic Accelerator device driver License: CPL-1.0 Group: Hardware/Other URL: https://github.com/opencryptoki/libica Source: https://github.com/opencryptoki/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -# The icaioctl.h file came from https://sourceforge.net/p/opencryptoki/icadd/ci/master/tree/ -Source1: icaioctl.h -Source2: README.SUSE -Source3: sysconfig.z90crypt -Source4: z90crypt -Source5: z90crypt.service -Source6: baselibs.conf -Source7: %{name}-rpmlintrc +Source1: README.SUSE +Source2: sysconfig.z90crypt +Source3: z90crypt +Source4: z90crypt.service +Source5: %{name}-rpmlintrc Patch01: libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch Patch99: libica-sles15sp5-FIPS-hmac-key.patch @@ -116,9 +113,6 @@ the libica library. %autosetup -p 1 %build -mkdir -p include/linux/ -cp %{SOURCE1} include/linux/ - autoreconf --force --install %configure CPPFLAGS="-Iinclude -fPIC" CFLAGS="%{optflags} -fPIC" \ --enable-fips @@ -136,15 +130,15 @@ mkdir -p %{buildroot}%{_includedir} cp -p include/ica_api.h %{buildroot}%{_includedir} mkdir -p %{buildroot}%{_sbindir} ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcz90crypt -install -D %{SOURCE3} %{buildroot}%{_fillupdir}/sysconfig.z90crypt -install -D %{SOURCE4} %{buildroot}%{_prefix}/lib/systemd/scripts/z90crypt -install -D -m 644 %{SOURCE5} %{buildroot}%{_prefix}/lib/systemd/system/z90crypt.service +install -D %{SOURCE2} %{buildroot}%{_fillupdir}/sysconfig.z90crypt +install -D %{SOURCE3} %{buildroot}%{_prefix}/lib/systemd/scripts/z90crypt +install -D -m 644 %{SOURCE4} %{buildroot}%{_prefix}/lib/systemd/system/z90crypt.service # It is installed 444 and then the __os_install_post cannot update it once the debuginfo is stripped # We need it early because there is %{buildroot}/%{_libdir}/.*.so.%{major}.hmac symlink pointing at it # and the dangling symlink test would fail chmod 644 %{buildroot}/%{_libdir}/.*.so.%{version}.hmac -cp -a %{SOURCE2} . +cp -a %{SOURCE1} . rm -vf %{buildroot}%{_libdir}/libica*.la rm -f %{buildroot}%{_datadir}/doc/libica/* rmdir %{buildroot}%{_datadir}/doc/libica From 5cdffa907b690e1fc759ad58f80fd1fb4eed4663a28eea2547a83e13f620953d Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:36:01 +0000 Subject: [PATCH 02/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=72 --- libica.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libica.spec b/libica.spec index ff08ccd..1a04ac2 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2018-2022 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From eb885c7177153010680317dbdd1a60bb9c7b2d8ad392da5f7e0f7d8289aadcac Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:37:14 +0000 Subject: [PATCH 03/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=73 --- libica.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libica.spec b/libica.spec index 1a04ac2..ff08ccd 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2018-2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From 2808cf7b8877c16676631896f9024b666c1d6216be8c4b9dfc2fdf2ad0ae345d Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:40:09 +0000 Subject: [PATCH 04/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=74 --- baselibs.conf | 1 - libica.spec | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/baselibs.conf b/baselibs.conf index 97c4a6e..473a0f4 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1 +0,0 @@ -libica4 diff --git a/libica.spec b/libica.spec index ff08ccd..1a04ac2 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2018-2022 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From c200870eac9ef68489aecd03a89dff07b6e8995d6e335b4bfa030a290760d6e7 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:40:32 +0000 Subject: [PATCH 05/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=75 --- baselibs.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/baselibs.conf b/baselibs.conf index 473a0f4..97c4a6e 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -0,0 +1 @@ +libica4 From 9ec2c60729328d49178436786d52d019353893631ade4420b62ee62badb24d77 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:42:09 +0000 Subject: [PATCH 06/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=76 --- libica-4.0.3.tar.gz | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libica-4.0.3.tar.gz b/libica-4.0.3.tar.gz index dcff85c..33e694d 100644 --- a/libica-4.0.3.tar.gz +++ b/libica-4.0.3.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:fe44e8b31f0d0f09da3f86ef46d6089fea7d7c453f5d196b88cee6ab4621a385 -size 553081 +oid sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +size 0 From 1b2b69b8aa095f3c7d26e70d5734be4eadab35e6c6a49712d5e66a4f11eeaaf1 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:42:29 +0000 Subject: [PATCH 07/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=77 --- libica-4.0.3.tar.gz | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libica-4.0.3.tar.gz b/libica-4.0.3.tar.gz index 33e694d..dcff85c 100644 --- a/libica-4.0.3.tar.gz +++ b/libica-4.0.3.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 -size 0 +oid sha256:fe44e8b31f0d0f09da3f86ef46d6089fea7d7c453f5d196b88cee6ab4621a385 +size 553081 From 0a7811427ae75268f2a991f9e47b9ba68628033790b7e7420c4cd2099d3f6b36 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Tue, 11 Oct 2022 21:43:30 +0000 Subject: [PATCH 08/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=78 --- libica.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libica.spec b/libica.spec index 1a04ac2..ff08ccd 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2018-2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From 4e07d6323f1b59efb194be58f3a375ead8a0bf5cc7f6c43377d2f9aa05334eb1 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Wed, 12 Oct 2022 17:07:40 +0000 Subject: [PATCH 09/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=80 --- baselibs.conf | 1 - icaioctl.h | 219 -------------------------------------------- libica-4.0.3.tar.gz | 3 - libica.spec | 2 +- 4 files changed, 1 insertion(+), 224 deletions(-) delete mode 100644 baselibs.conf delete mode 100644 icaioctl.h delete mode 100644 libica-4.0.3.tar.gz diff --git a/baselibs.conf b/baselibs.conf deleted file mode 100644 index 97c4a6e..0000000 --- a/baselibs.conf +++ /dev/null @@ -1 +0,0 @@ -libica4 diff --git a/icaioctl.h b/icaioctl.h deleted file mode 100644 index 4e602ba..0000000 --- a/icaioctl.h +++ /dev/null @@ -1,219 +0,0 @@ -/* Copyright (c) International Business Machines Corp., 2001 */ -/* - * linux/include/linux/icaioctl.h - * - */ - - - -#ifndef _LINUX_ICAIOCTL_H_ -#define _LINUX_ICAIOCTL_H_ - -enum _sizelimits { - ICA_DES_DATALENGTH_MIN = 8, - ICA_DES_DATALENGTH_MAX = 32 * 1024 * 1024 - 8, - ICA_SHA_DATALENGTH = 20, - ICA_SHA_BLOCKLENGTH = 64, - ICA_RSA_DATALENGTH_MIN = 256/8, - ICA_RSA_DATALENGTH_MAX = 2048/8 -}; - - -typedef struct _ica_rng_rec { - unsigned int nbytes; - char *buf; -} ica_rng_t; - - -// May have some porting issues here - -typedef struct _ica_rsa_modexpo { - char *inputdata; - unsigned int inputdatalength; - char *outputdata; - unsigned int outputdatalength; - char *b_key; - char *n_modulus; -} ica_rsa_modexpo_t; - -typedef ica_rsa_modexpo_t ica_rsa_modmult_t; - -typedef struct _ica_rsa_modexpo_crt { - char *inputdata; - unsigned int inputdatalength; - char *outputdata; - unsigned int outputdatalength; - char *bp_key; - char *bq_key; - char *np_prime; - char *nq_prime; - char *u_mult_inv; -} ica_rsa_modexpo_crt_t; - -typedef unsigned char ica_des_vector_t[8]; -typedef unsigned char ica_des_key_t[8]; -typedef ica_des_key_t ica_des_single_t[1]; -typedef ica_des_single_t ica_des_triple_t[3]; - -enum _ica_mode_des { - DEVICA_MODE_DES_CBC = 0, - DEVICA_MODE_DES_ECB = 1 -}; - -enum _ica_direction_des { - DEVICA_DIR_DES_ENCRYPT = 0, - DEVICA_DIR_DES_DECRYPT = 1 -}; - -typedef struct _ica_des { - unsigned int mode; - unsigned int direction; - unsigned char *inputdata; - unsigned int inputdatalength; - ica_des_vector_t *iv; - ica_des_key_t *keys; - unsigned char *outputdata; - int outputdatalength; -} ica_des_t; - -typedef struct _ica_desmac { - unsigned char *inputdata; - unsigned int inputdatalength; - ica_des_vector_t *iv; - ica_des_key_t *keys; - unsigned char *outputdata; - int outputdatalength; -} ica_desmac_t; - - -typedef unsigned char ica_sha1_result_t[ICA_SHA_DATALENGTH]; - - -typedef struct _ica_sha1 { - unsigned char *inputdata; - unsigned int inputdatalength; - ica_sha1_result_t *outputdata; - ica_sha1_result_t *initialh; -} ica_sha1_t; - -/* The following structs are used by conversion functions - on PowerPC 64 bit only. They should not be used by externel - applications. Should the non PPC specific structs change, these - structures may need to change as well. Also, new conversion - routines will need to be added to devica.c to deal with new - structs or structure members. -*/ -#ifdef CONFIG_PPC64 -typedef struct _ica_rng_rec_32 { - unsigned int nbytes; - unsigned int buf; -} ica_rng_t_32; - -typedef struct _ica_des_32 { - unsigned int mode; - unsigned int direction; - unsigned int inputdata; - unsigned int inputdatalength; - unsigned int iv; - unsigned int keys; - unsigned int outputdata; - unsigned int outputdatalength; -} ica_des_t_32; - -typedef struct _ica_sha1_32 { - unsigned int inputdata; - unsigned int inputdatalength; - unsigned int outputdata; - unsigned int initialh; -} ica_sha1_t_32; - -typedef struct _ica_desmac_32 { - unsigned int inputdata; - unsigned int inputdatalength; - unsigned int iv; - unsigned int keys; - unsigned int outputdata; - int outputdatalength; -} ica_desmac_t_32; - -typedef struct _ica_rsa_modexpo_crt_32 { - unsigned int inputdata; - unsigned int inputdatalength; - unsigned int outputdata; - unsigned int outputdatalength; - unsigned int bp_key; - unsigned int bq_key; - unsigned int np_prime; - unsigned int nq_prime; - unsigned int u_mult_inv; -} ica_rsa_modexpo_crt_t_32; - -typedef struct _ica_rsa_modexpo_32 { - unsigned int inputdata; - unsigned int inputdatalength; - unsigned int outputdata; - unsigned int outputdatalength; - unsigned int b_key; - unsigned int n_modulus; -} ica_rsa_modexpo_t_32; - -#endif - -#define ICA_IOCTL_MAGIC '?' // NOTE: Need to allocate from linux folks - -/* - * Note: Some platforms only use 8 bits to define the parameter size. As - * the macros in ioctl.h don't seem to mask off offending bits, they look - * a little unsafe. We should probably just not use the parameter size - * at all for these ioctls. I don't know if we'll ever run on any of those - * architectures, but seems easier just to not count on this feature. - */ - -#define ICASETBIND _IOW(ICA_IOCTL_MAGIC, 0x01, int) -#define ICAGETBIND _IOR(ICA_IOCTL_MAGIC, 0x02, int) -#define ICAGETCOUNT _IOR(ICA_IOCTL_MAGIC, 0x03, int) -#define ICAGETID _IOR(ICA_IOCTL_MAGIC, 0x04, int) -#define ICARSAMODEXPO _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x05, 0) -#define ICARSACRT _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x06, 0) -#define ICARSAMODMULT _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x07, 0) -#define ICADES _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x08, 0) -#define ICADESMAC _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x09, 0) -#define ICATDES _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x0a, 0) -#define ICATDESSHA _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x0b, 0) -#define ICATDESMAC _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x0c, 0) -#define ICASHA1 _IOC(_IOC_READ|_IOC_WRITE, ICA_IOCTL_MAGIC, 0x0d, 0) -#define ICARNG _IOC(_IOC_READ, ICA_IOCTL_MAGIC, 0x0e, 0) -#define ICAGETVPD _IOC(_IOC_READ, ICA_IOCTL_MAGIC, 0x0f, 0) - -#ifdef __KERNEL__ - -#ifndef assertk -#ifdef NDEBUG -# define assertk(expr) do {} while (0) -#else -# define assertk(expr) \ - if(!(expr)) { \ - printk( "Assertion failed! %s,%s,%s,line=%d\n", \ - #expr,__FILE__,__FUNCTION__,__LINE__); \ - } -#endif -#endif - - -struct ica_operations { - ssize_t (*read) (struct file *, char *, size_t, loff_t *, void *); - int (*ioctl) (struct inode *, struct file *, unsigned int, unsigned long, void *); -}; - -typedef struct ica_worker { - struct ica_operations *icaops; - void * private_data; -} ica_worker_t; - - -extern int ica_register_worker(int partitionnum, ica_worker_t *device); -extern int ica_unregister_worker(int partitionnum, ica_worker_t *device); - -#endif /* __KERNEL__ */ - -#endif /* _LINUX_ICAIOCTL_H_ */ diff --git a/libica-4.0.3.tar.gz b/libica-4.0.3.tar.gz deleted file mode 100644 index dcff85c..0000000 --- a/libica-4.0.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fe44e8b31f0d0f09da3f86ef46d6089fea7d7c453f5d196b88cee6ab4621a385 -size 553081 diff --git a/libica.spec b/libica.spec index ff08ccd..1a04ac2 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2018-2022 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From 1ca5af5a9a9176994900d89ed76c95050348d02ba59b2521c483ca63c084fab8 Mon Sep 17 00:00:00 2001 From: Mark Post Date: Wed, 12 Oct 2022 17:09:04 +0000 Subject: [PATCH 10/10] OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=81 --- libica.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libica.spec b/libica.spec index 1a04ac2..ff08ccd 100644 --- a/libica.spec +++ b/libica.spec @@ -1,7 +1,7 @@ # # spec file for package libica # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2018-2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed