forked from pool/libica
943bbccb27
- Added the following patches for FIPS certification (bsc#1162533)
* libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
* libica-sles15sp2-FIPS-hmac-key.patch
- Added a BuildRequires for the fipscheck package.
- Made a couple of changes to the spec file based upon recommendations
by spec-cleaner.
- Added the following patches for FIPS certification.
* libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
(bsc#1166071) Although a DES key has only 56 effective bits,
all 64 bits must be considered, because the parity bits are
spread over all 8 bytes of the key.
* libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
(bsc#1166210) FIPS tests require the output iv to be the iv
resulting from decrypting the last block with a zero iv as input.
* libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
(bsc#1166224) The output from icainfo never shows 'yes' for
RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
due to the missing ICA_FLAG_SW flag in the icaList.
OBS-URL: https://build.opensuse.org/request/show/801383
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=42
13 lines
440 B
Diff
13 lines
440 B
Diff
--- libica-3.6.0/src/fips.c 2020-05-04 17:01:23.238805001 -0400
|
|
+++ libica-3.6.0/src/fips.c 2020-05-04 16:58:51.352241763 -0400
|
|
@@ -45,8 +45,7 @@
|
|
* libica.so.MAJOR.hmac in the same directory as the .so module.
|
|
*/
|
|
static const char hmackey[] =
|
|
- "0000000000000000000000000000000000000000000000000000000000000000"
|
|
- "0000000000000000000000000000000000000000000000000000000000000000";
|
|
+ "orboDeJITITejsirpADONivirpUkvarP";
|
|
|
|
int fips;
|
|
|