Fips changes

include/ica_api.h

@@ -81,9 +81,18 @@ typedef ica_adapter_handle_t ICA_ADAPTER_HANDLE;
 #define ICA_PROPERTY_AES_128		0x00000001
 #define ICA_PROPERTY_AES_192		0x00000002
 #define ICA_PROPERTY_AES_256		0x00000004
-
-#define ICA_PROPERTY_RSA_ALL		0x0000000F /* All RSA key lengths */
-#define ICA_PROPERTY_RSA_FIPS		0x0000000C /* RSA 2k and higher */
+#define ICA_PROPERTY_RSA_512		0x00000001
+#define ICA_PROPERTY_RSA_1024		0x00000002
+#define ICA_PROPERTY_RSA_2048		0x00000004
+#define ICA_PROPERTY_RSA_4096		0x00000008
+#define ICA_PROPERTY_RSA_3072		0x00020000
+#define ICA_PROPERTY_RSA_ALL		(ICA_PROPERTY_RSA_512 | \
+									ICA_PROPERTY_RSA_1024 | \
+									ICA_PROPERTY_RSA_2048 | \
+									ICA_PROPERTY_RSA_3072 | \
+									ICA_PROPERTY_RSA_4096)
+#define ICA_PROPERTY_RSA_FIPS		(ICA_PROPERTY_RSA_3072 | \
+									ICA_PROPERTY_RSA_4096)
 #define ICA_PROPERTY_RSA_NO_SMALL_EXP	0x00010000 /* e >= 65537 */
 #define ICA_PROPERTY_EC_BP			0x00000001 /* Brainpool curves */
 #define ICA_PROPERTY_EC_NIST		0x00000002 /* NIST curves */

src/Makefile.am

@@ -52,18 +52,18 @@ mp.S	: mp.pl
 
 if ICA_FIPS
 fipsinstall:
-	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
+	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000000000000000000000000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
 	$(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
-	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac
+	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000000000000000000000000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac
 	$(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
 
 hmac-file-lnk: hmac-file
 	$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
 	$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
 
 hmac-file: libica.la libica-cex.la
-	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 ${top_builddir}/src/.libs/libica.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica.so.$(VERSION1).hmac
-	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 ${top_builddir}/src/.libs/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION1).hmac
+	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000000000000000000000000000 ${top_builddir}/src/.libs/libica.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica.so.$(VERSION1).hmac
+	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000000000000000000000000000 ${top_builddir}/src/.libs/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION1).hmac
 
 hmac_files = hmac-file hmac-file-lnk
 

src/fips.c

@@ -363,6 +363,9 @@ static EVP_PKEY *get_pkey(void)
 	if (keybuf == NULL)
 		goto end;
 
+	if (keylen < 16)
+		goto end;
+
 	pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, keybuf, (int)keylen);
 end:
 	if (keybuf) {
@@ -1299,6 +1302,11 @@ rsa_kat(void)
 	for (i = 0; i < RSA_TV_LEN; i++) {
 		tv = &RSA_TV[i];
 
+#ifdef ICA_FIPS
+		if ((fips & ICA_FIPS_MODE) && tv->mod < 3072)
+			continue;
+#endif
+
 		keylen = (tv->mod + 7) / 8;
 		crtparamlen = (keylen + 1) / 2;
 
@@ -1371,14 +1379,16 @@ int FIPS_BLACKLIST[] = {DES_ECB, DES_CBC, DES_CBC_CS, DES_OFB,
 	DES3_CBC, DES3_CBC_CS, DES3_OFB, DES3_CFB, DES3_CTR, DES3_CTRLST,
 	DES3_CBC_MAC, DES3_CMAC, ED25519_KEYGEN, ED25519_SIGN, ED25519_VERIFY,
 	ED448_KEYGEN, ED448_SIGN, ED448_VERIFY, X25519_KEYGEN, X25519_DERIVE,
-	X448_KEYGEN, X448_DERIVE, RSA_ME, RSA_CRT, SHA512_DRNG, SHA1, -1, -1 };
+	X448_KEYGEN, X448_DERIVE, RSA_ME, RSA_CRT, SHA512_DRNG, SHA1, AES_ECB,
+	SHA224, SHA512_224, SHA3_224, RSA_KEY_GEN_ME, RSA_KEY_GEN_CRT, -1, -1 };
 const size_t FIPS_BLACKLIST_LEN
 	= sizeof(FIPS_BLACKLIST) / sizeof(FIPS_BLACKLIST[0]);
 
 /*
  * FIPS service indicator: List of tolerated but non-approved algorithms.
  */
-int FIPS_OVERRIDE_LIST[] = { RSA_ME, RSA_CRT, SHA512_DRNG, -1, -1 };
+int FIPS_OVERRIDE_LIST[] = { RSA_ME, RSA_CRT, SHA512_DRNG, AES_ECB, SHA224,
+	SHA512_224, SHA3_224, RSA_KEY_GEN_ME, RSA_KEY_GEN_CRT, -1, -1 };
 const size_t FIPS_OVERRIDE_LIST_LEN
 	= sizeof(FIPS_OVERRIDE_LIST) / sizeof(FIPS_OVERRIDE_LIST[0]);
 

src/ica_api.c

@@ -1186,7 +1186,7 @@ unsigned int ica_rsa_mod_expo(ica_adapter_handle_t adapter_handle,
 		return EPERM;
 
 #ifdef ICA_FIPS
-	if ((fips & ICA_FIPS_MODE) && rsa_key->key_length * 8 < 2048)
+	if ((fips & ICA_FIPS_MODE) && rsa_key->key_length * 8 < 3072)
 		return EPERM;
 #endif
 
@@ -1342,7 +1342,7 @@ unsigned int ica_rsa_crt(ica_adapter_handle_t adapter_handle,
 		return EPERM;
 
 #ifdef ICA_FIPS
-	if ((fips & ICA_FIPS_MODE) && rsa_key->key_length * 8 < 2048)
+	if ((fips & ICA_FIPS_MODE) && rsa_key->key_length * 8 < 3072)
 		return EPERM;
 #endif
 

src/icainfo.c

@@ -176,13 +176,13 @@ int rsa_keylen_supported_by_openssl(unsigned int modulus_bitlength)
 
 int rsa_pubexp_supported_by_openssl(unsigned int pubexp)
 {
-	unsigned char modexpo_public_e[256] = { 0 };
-	unsigned char modexpo_public_n[256] = { 0 };
-	unsigned char crt_private_p[128] = { 0 };
-	unsigned char crt_private_q[128] = { 0 };
-	unsigned char crt_private_dp[128] = { 0 };
-	unsigned char crt_private_dq[128] = { 0 };
-	unsigned char crt_private_inv_q[128] = { 0 };
+	unsigned char modexpo_public_e[384] = { 0 };
+	unsigned char modexpo_public_n[384] = { 0 };
+	unsigned char crt_private_p[192] = { 0 };
+	unsigned char crt_private_q[192] = { 0 };
+	unsigned char crt_private_dp[192] = { 0 };
+	unsigned char crt_private_dq[192] = { 0 };
+	unsigned char crt_private_inv_q[192] = { 0 };
 	ica_adapter_handle_t ah;
 	ica_rsa_key_mod_expo_t public_key;
 	ica_rsa_key_crt_t private_key;
@@ -194,18 +194,18 @@ int rsa_pubexp_supported_by_openssl(unsigned int pubexp)
 
 	public_key.modulus = modexpo_public_n;
 	public_key.exponent = modexpo_public_e;
-	public_key.key_length = 256;
+	public_key.key_length = 384;
 
 	private_key.p = crt_private_p;
 	private_key.q = crt_private_q;
 	private_key.dp = crt_private_dp;
 	private_key.dq = crt_private_dq;
 	private_key.qInverse = crt_private_inv_q;
-	private_key.key_length = 256;
+	private_key.key_length = 384;
 
-	*(int*)((unsigned char *)public_key.exponent + 256 - sizeof(int)) = pubexp;
+	*(int*)((unsigned char *)public_key.exponent + 384 - sizeof(int)) = pubexp;
 
-	rc = ica_rsa_key_generate_crt(ah, 2048, &public_key, &private_key);
+	rc = ica_rsa_key_generate_crt(ah, 3072, &public_key, &private_key);
 
 	ica_close_adapter(ah);
 
@@ -214,7 +214,7 @@ int rsa_pubexp_supported_by_openssl(unsigned int pubexp)
 
 int get_rsa_minlen(void)
 {
-	int keylen_array[] = { 57, 512, 1024, 2048, 4096 };
+	int keylen_array[] = { 57, 512, 1024, 2048, 3072, 4096 };
 	size_t i;
 
 	for (i = 0; i < sizeof(keylen_array) / sizeof(int); i++) {

src/s390_crypto.c

@@ -724,7 +724,7 @@ int s390_get_functionlist(libica_func_list_element *pmech_list,
 	 * mode, but not on any hardware, with any openssl, not with any key
 	 * length, curve etc. */
 	if (fips & ICA_FIPS_MODE) {
-		/* RSA >= 2048 bits in FIPS 140-3 mode */
+		/* RSA >= 3072 bits in FIPS 140-3 mode */
 		switch (pmech_list[x].mech_mode_id) {
 		case RSA_KEY_GEN_ME:
 		case RSA_KEY_GEN_CRT:

src/s390_rsa.c

@@ -201,7 +201,7 @@ unsigned int rsa_key_generate_mod_expo(ica_adapter_handle_t deviceHandle,
 #ifdef ICA_FIPS
 	if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode()))
 		return EACCES;
-	if ((fips & ICA_FIPS_MODE) && (modulus_bit_length < 2048))
+	if ((fips & ICA_FIPS_MODE) && (modulus_bit_length < 3072))
 		return EPERM;
 #endif /* ICA_FIPS */
 
@@ -311,7 +311,7 @@ unsigned int rsa_key_generate_crt(ica_adapter_handle_t deviceHandle,
 #ifdef ICA_FIPS
 	if ((fips & ICA_FIPS_MODE) && (!openssl_in_fips_mode()))
 		return EACCES;
-	if ((fips & ICA_FIPS_MODE) && (modulus_bit_length < 2048))
+	if ((fips & ICA_FIPS_MODE) && (modulus_bit_length < 3072))
 		return EPERM;
 #endif /* ICA_FIPS */
 

test/rsa_keygen_test.c

@@ -62,9 +62,9 @@ int main(int argc, char **argv)
 	}
 
 #ifdef ICA_FIPS
-	if ((ica_fips_status() & ICA_FIPS_MODE) && key_bit_length < 2048) {
+	if ((ica_fips_status() & ICA_FIPS_MODE) && key_bit_length < 3072) {
 		printf("RSA-%d keygen test skipped."
-		    " (RSA key lengths smaller than 2048 bits not FIPS 140-3 compliant)\n",
+		    " (RSA key lengths smaller than 3072 bits not FIPS 140-3 compliant)\n",
 			key_bit_length);
 		return TEST_SKIP;
 	}

test/rsa_test.c

@@ -65,7 +65,7 @@ int main(int argc, char **argv)
 		memset(my_result2, 0, sizeof(my_result2));
 
 #ifdef ICA_FIPS
-		if ((ica_fips_status() & ICA_FIPS_MODE) && RSA_BYTE_LENGHT[i] < 256) {
+		if ((ica_fips_status() & ICA_FIPS_MODE) && RSA_BYTE_LENGHT[i] < 384) {
 			V_(printf("Skipping test for this modulus size: not FIPS 140-3 approved\n"));
 			continue;
 		}

test/rsa_test_x.c

@@ -77,7 +77,7 @@ int main(int argc, char **argv)
 		V_(printf("\nmodulus size = %d bytes (%d bits)\n", ms, 8 * ms));
 
 #ifdef ICA_FIPS
-		if ((ica_fips_status() & ICA_FIPS_MODE) && RSA_BYTE_LENGHT[i] < 256) {
+		if ((ica_fips_status() & ICA_FIPS_MODE) && RSA_BYTE_LENGHT[i] < 384) {
 			V_(printf("Skipping test for this modulus size: not FIPS 140-3 approved\n"));
 			continue;
 		}