From 227ffdba6b919e18b03fed59b07e2c0212b40303 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Thu, 2 Aug 2018 14:48:47 +0200
Subject: [PATCH 1/2] Fix bug with master key encryption with FIPS enabled
 libica

When running with a FIPS enabled libica, the ICA token fails to
initialize, because the 3DES key derived from the user or SO pin is
considered invalid because the first and the third part of the
3DES key is the same.

For clear key tokens, the token specific 3DES-CBC function is
used for the master key encryption. In case of the ICA token,
the ICA token specific 3DES-CBC function fails, because libica
rejects the key when compiled with FIPS support. This leads to
an error during token initialization.

Instead of using the token specific 3DES-CBC function, the code
now always falls back to the (OpenSSL) based software encryption
function, as it is also done for secure key tokens.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 usr/lib/pkcs11/common/loadsave.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/usr/lib/pkcs11/common/loadsave.c b/usr/lib/pkcs11/common/loadsave.c
index a593b932..a5532c9d 100644
--- a/usr/lib/pkcs11/common/loadsave.c
+++ b/usr/lib/pkcs11/common/loadsave.c
@@ -206,12 +206,14 @@ static CK_RV encrypt_data_with_clear_key(STDLL_TokData_t * tokdata,
 	/* If token doesn't have a specific key size that means that it uses a
 	 * clear key.
 	 */
-	if (token_specific.token_keysize == 0) {
+    if (token_specific.token_keysize == 0 &&
+        token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) {
 		return encrypt_data(tokdata, key, keylen, iv, clear, clear_len,
 				    cipher, p_cipher_len);
 	}
 
-	/* Fall back to a software alternative if key is secure. */
+    /* Fall back to a software alternative if key is secure, or
+     * if token's data store encryption algorithm is 3DES_CBC */
 	initial_vector = duplicate_initial_vector(iv);
 	if (initial_vector == NULL) {
 		TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));
@@ -322,12 +324,14 @@ static CK_RV decrypt_data_with_clear_key(STDLL_TokData_t *tokdata,
 	/* If token doesn't have a specific key size that means that it uses a
 	 * clear key.
 	 */
-	if (token_specific.token_keysize == 0) {
+    if (token_specific.token_keysize == 0 &&
+        token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) {
 		return decrypt_data(tokdata, key, keylen, iv, cipher,
 				    cipher_len, clear, p_clear_len);
 	}
 
-	/* Fall back to a software alternative if key is secure. */
+    /* Fall back to a software alternative if key is secure, or
+     * if token's data store encryption algorithm is 3DES_CBC */
 	initial_vector = duplicate_initial_vector(iv);
 	if (initial_vector == NULL) {
 		TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));
-- 
2.17.1


From 3e091d7ff34a56eac0b9a5e8eaf92e5a7cf11b7f Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Tue, 7 Aug 2018 14:45:05 +0200
Subject: [PATCH 2/2] TESTCASE: Disable 3DES test vectors with non-FIPS
 compliant keys

The 3DES test vectors contain keys that are considered invalid
by a FIPS enabled libica because the first, middle and/and third
part of the 3DES key are the same.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 testcases/crypto/des3.h | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/testcases/crypto/des3.h b/testcases/crypto/des3.h
index e1bb1038..1860778e 100644
--- a/testcases/crypto/des3.h
+++ b/testcases/crypto/des3.h
@@ -850,7 +850,16 @@ static struct des3_test_vector des3_ofb64_tv[] = {
 	}
 };
 
+/*
+ * All above test vectors use keys that are not FIPS compliant.
+ * This will cause the testcase to fail when the token performs FIPS key
+ * checks.
+ */
+#ifdef NON_FIPS_COMPLIANT_TEST_VECTORS
 # define NUM_OF_PUBLISHED_TESTSUITES	5
+#else
+# define NUM_OF_PUBLISHED_TESTSUITES    0
+#endif
 
 struct published_test_suite_info published_test_suites[] = {
 	{
-- 
2.17.1