forked from pool/libica
943bbccb27
- Added the following patches for FIPS certification (bsc#1162533)
* libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
* libica-sles15sp2-FIPS-hmac-key.patch
- Added a BuildRequires for the fipscheck package.
- Made a couple of changes to the spec file based upon recommendations
by spec-cleaner.
- Added the following patches for FIPS certification.
* libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
(bsc#1166071) Although a DES key has only 56 effective bits,
all 64 bits must be considered, because the parity bits are
spread over all 8 bytes of the key.
* libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
(bsc#1166210) FIPS tests require the output iv to be the iv
resulting from decrypting the last block with a zero iv as input.
* libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
(bsc#1166224) The output from icainfo never shows 'yes' for
RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
due to the missing ICA_FLAG_SW flag in the icaList.
OBS-URL: https://build.opensuse.org/request/show/801383
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=42
42 lines
1.4 KiB
Diff
42 lines
1.4 KiB
Diff
From b687f1514b3d371cdc44b5b3b02d5ddd9ac4eb54 Mon Sep 17 00:00:00 2001
|
|
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
|
Date: Wed, 25 Mar 2020 10:07:10 +0100
|
|
Subject: [PATCH] FIPS: provide output iv as required by FIPS tests
|
|
|
|
This fix is introduced to satisfy FIPS tests. They require the
|
|
output iv to be the iv resulting from decrypting the last block
|
|
with a zero iv as input. But note that this is not described
|
|
in the NIST standard for CBC-CS. According to the standard,
|
|
the output iv is simply undefined.
|
|
|
|
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
|
---
|
|
src/include/s390_cbccs.h | 11 +++++++++++
|
|
1 file changed, 11 insertions(+)
|
|
|
|
diff --git a/src/include/s390_cbccs.h b/src/include/s390_cbccs.h
|
|
index aa29bff..f6626dc 100644
|
|
--- a/src/include/s390_cbccs.h
|
|
+++ b/src/include/s390_cbccs.h
|
|
@@ -287,6 +287,17 @@ s390_aes_cbccs_dec(unsigned int fc, const unsigned char *in_data,
|
|
block_xor(out_data + tmp_data_length + AES_BLOCK_SIZE,
|
|
tmp_in_data, tmp_out_data, rest_data_length);
|
|
|
|
+ /*
|
|
+ * This fix was introduced to satisfy FIPS tests. They require the
|
|
+ * output iv to be the iv resulting from decrypting the last block
|
|
+ * with a zero iv as input, which is tmp_iv here. But note that this
|
|
+ * is not described in the NIST standard for CBC-CS. According to the
|
|
+ * standard, the output iv is simply undefined.
|
|
+ */
|
|
+#ifdef ICA_FIPS
|
|
+ memcpy(iv, tmp_iv, AES_BLOCK_SIZE);
|
|
+#endif /* ICA_FIPS */
|
|
+
|
|
return 0;
|
|
}
|
|
|
|
--
|
|
2.16.4
|
|
|