From 227ffdba6b919e18b03fed59b07e2c0212b40303 Mon Sep 17 00:00:00 2001 From: Ingo Franzki Date: Thu, 2 Aug 2018 14:48:47 +0200 Subject: [PATCH 1/2] Fix bug with master key encryption with FIPS enabled libica When running with a FIPS enabled libica, the ICA token fails to initialize, because the 3DES key derived from the user or SO pin is considered invalid because the first and the third part of the 3DES key is the same. For clear key tokens, the token specific 3DES-CBC function is used for the master key encryption. In case of the ICA token, the ICA token specific 3DES-CBC function fails, because libica rejects the key when compiled with FIPS support. This leads to an error during token initialization. Instead of using the token specific 3DES-CBC function, the code now always falls back to the (OpenSSL) based software encryption function, as it is also done for secure key tokens. Signed-off-by: Ingo Franzki --- usr/lib/pkcs11/common/loadsave.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/usr/lib/pkcs11/common/loadsave.c b/usr/lib/pkcs11/common/loadsave.c index a593b932..a5532c9d 100644 --- a/usr/lib/pkcs11/common/loadsave.c +++ b/usr/lib/pkcs11/common/loadsave.c @@ -206,12 +206,14 @@ static CK_RV encrypt_data_with_clear_key(STDLL_TokData_t * tokdata, /* If token doesn't have a specific key size that means that it uses a * clear key. */ - if (token_specific.token_keysize == 0) { + if (token_specific.token_keysize == 0 && + token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) { return encrypt_data(tokdata, key, keylen, iv, clear, clear_len, cipher, p_cipher_len); } - /* Fall back to a software alternative if key is secure. */ + /* Fall back to a software alternative if key is secure, or + * if token's data store encryption algorithm is 3DES_CBC */ initial_vector = duplicate_initial_vector(iv); if (initial_vector == NULL) { TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY)); @@ -322,12 +324,14 @@ static CK_RV decrypt_data_with_clear_key(STDLL_TokData_t *tokdata, /* If token doesn't have a specific key size that means that it uses a * clear key. */ - if (token_specific.token_keysize == 0) { + if (token_specific.token_keysize == 0 && + token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) { return decrypt_data(tokdata, key, keylen, iv, cipher, cipher_len, clear, p_clear_len); } - /* Fall back to a software alternative if key is secure. */ + /* Fall back to a software alternative if key is secure, or + * if token's data store encryption algorithm is 3DES_CBC */ initial_vector = duplicate_initial_vector(iv); if (initial_vector == NULL) { TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY)); -- 2.17.1 From 3e091d7ff34a56eac0b9a5e8eaf92e5a7cf11b7f Mon Sep 17 00:00:00 2001 From: Ingo Franzki Date: Tue, 7 Aug 2018 14:45:05 +0200 Subject: [PATCH 2/2] TESTCASE: Disable 3DES test vectors with non-FIPS compliant keys The 3DES test vectors contain keys that are considered invalid by a FIPS enabled libica because the first, middle and/and third part of the 3DES key are the same. Signed-off-by: Ingo Franzki --- testcases/crypto/des3.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/testcases/crypto/des3.h b/testcases/crypto/des3.h index e1bb1038..1860778e 100644 --- a/testcases/crypto/des3.h +++ b/testcases/crypto/des3.h @@ -850,7 +850,16 @@ static struct des3_test_vector des3_ofb64_tv[] = { } }; +/* + * All above test vectors use keys that are not FIPS compliant. + * This will cause the testcase to fail when the token performs FIPS key + * checks. + */ +#ifdef NON_FIPS_COMPLIANT_TEST_VECTORS # define NUM_OF_PUBLISHED_TESTSUITES 5 +#else +# define NUM_OF_PUBLISHED_TESTSUITES 0 +#endif struct published_test_suite_info published_test_suites[] = { { -- 2.17.1