Merge pull request #6 from IBM/ICC_merge

Update with some ICC 8.9.6 updates

Author: smcmahonibm

.github/workflows/.workflowTest.yml

@@ -6,9 +6,9 @@ name: CI
 on:
   # Triggers the workflow on push or pull request events but only for the "main" branch
   push:
-    branches: [ "main" ]
+    branches: [ "*" ]
   pull_request:
-    branches: [ "main" ]
+    branches: [ "*" ]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -25,14 +25,12 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: 64-bit Linux debug compile
+#          export LD_LIBRARY_PATH=/home/runner/work/OpenCryptographyKitC/OpenCryptographyKitC/openssl-1.1.1/
         run: |
-          cd icc
-          make OPSYS=AMD64_LINUX CONFIG=debug create_all
-          export LD_LIBRARY_PATH=/home/runner/work/OpenCryptographyKitC/OpenCryptographyKitC/openssl-1.1.1/
-          make -k OPSYS=AMD64_LINUX CONFIG=debug all
-          make -k OPSYS=AMD64_LINUX CONFIG=debug tests
-          make -k OPSYS=AMD64_LINUX CONFIG=debug show_config
-          cd ..
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=debug create_all
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=debug all
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=debug tests
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=debug show_config
 
   ICC-Compile:
     # a compile only -no test -quick check
@@ -42,14 +40,10 @@ jobs:
 
       - name: 64-bit Linux release compile
         run: |
-          cd icc
-          make -k OPSYS=AMD64_LINUX CONFIG=release create_all
-          make -k OPSYS=AMD64_LINUX CONFIG=release all
-          make -k OPSYS=AMD64_LINUX CONFIG=release iccpkg
-          make -k OPSYS=AMD64_LINUX CONFIG=release show_config
-          cd ..
-          cd iccpkg
-          make -k OPSYS=AMD64_LINUX CONFIG=release all
-          cd ..
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=release create_all
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=release all
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=release iccpkg
+          make -C icc -k OPSYS=AMD64_LINUX CONFIG=release show_config
+          make -C iccpkg -k OPSYS=AMD64_LINUX CONFIG=release all
 
  

README.md

@@ -26,6 +26,7 @@ make -k -C icc OPSYS=LINUX all
 make -k -C icc OPSYS=WIN64_VS2022 create_all
 make -k -C icc OPSYS=WIN64_VS2022 all
 ```
+
 This build is not constrained to MS VS 2022 but is tested on that platform.  
 #### Requirements
 Visual studio build tools are required, including mfc.  

icc/Makefile

@@ -43,8 +43,6 @@ OSSL_RTE_DIR   = $(RTE_DIR)/osslib
 ICC_RTE_DIR    = $(RTE_DIR)/icclib
 NOSHIP_ICC_RTE_DIR = $(NOSHIP_RTE_DIR)/icclib
 ICCPKG_DIR     = ../iccpkg
-# placeholder for a FIPS/non-FIPS hack job where the object name
-# needs to be changed for z/OS
 
 
 #- Default targets, before the makefile stubs below (some of which
@@ -79,7 +77,6 @@ PRNGTST2 = fips-prng-testprg2$(EXESUFX)
 ICCSDK   = $(PACKAGE_DIR)/iccsdk.tar
 ICCRTE   = $(PACKAGE_DIR)/iccrte.tar
 
-
 MYOPENSSL  = $(SDK_DIR)/openssl$(EXESUFX)
 DOXYFILE   = $(SDK_DIR)/ICC_API_htm.tar
 ICCREAD    = iccread$(EXESUFX)
@@ -116,7 +113,7 @@ include ../iccpkg/muppet.mk
 # different object names on this platform
 # Since the FIPS ICC was already built, change ONLY the name of the object used in non-FIPS mode
 
-ifeq ($($strip $(IS_FIPS)),)
+ifeq ($(strip $(IS_FIPS)),)
    MYICC = newicc
 else
    MYICC = icc
@@ -170,6 +167,7 @@ create_openssl: ../openssl_source/$(OPENSSL_VER)-icc.tar.gz
 	   rm -r $(OPENSSL_VER) openssl ; \
 	   rm -rf x; mkdir x; cd x; \
 	   tar xzf ../openssl_source/$(OPENSSL_VER)-icc.tar.gz ; \
+	   sleep 1; \
 	   mv openssl ../$(OPENSSL_VER) ; \
 	   chmod +x ../$(OPENSSL_VER)/Configure ; \
 	   cd ..; \
@@ -327,7 +325,7 @@ clean_iccpkg:
 	( if [ -d ../iccpkg/ ] ; then \
 		cd ../iccpkg; \
 		unset MAKEOVERRIDES MAKELEVEL MAKEFILES ; \
-		"$(MAKE)" clean; \
+		$(MAKE) clean; \
 	  fi; \
 	)
 
@@ -600,8 +598,10 @@ privkey.rsa:
 pubkey.h: privkey.rsa
 	$(OPENSSL_PATH_SETUP) $(MYOPENSSL) rsa -in privkey.rsa -outform DER -RSAPublicKey_out > rsa_pub_key.der
 	echo "/*This is an auto generated code please DO NOT modify*/" > pubkey.h
-	perl bin2hex.pl rsa_pub_key.der temp.h
+	perl $(ICC_ROOT)/icc/bin2hex.pl rsa_pub_key.der temp.h
 	cat temp.h >> pubkey.h
+	echo pubkey.h
+	cat pubkey.h
 	rm temp.h rsa_pub_key.der
 
 signer$(OBJSUFX): extsig.c

icc/TRNG/ICC_NRBG.c

@@ -68,23 +68,29 @@ typedef struct NRBG_type_t {
   int initialized;  /*!< Flag to say it was used */
 } NRBG_type;
 
+
+/*  In non-FIPS, all platforms default to TRNG_OS and upgrade to TRNG_HW at runtime if available.
+    This is done to prioritise compatibility on the unpredictable range and age of the virtualisatised systems we might run on,
+    while still upgrading and using TRNG_HW in most cases.
+*/
+
 #if (NON_FIPS_ICC == 1) /* Built as non-FIPS */
 
-/* These definitions match the availability of OPENSSL_HW_rand */
+/* These definitions try mirror the availability of OPENSSL_HW_rand to avoid a mismatch (not relevant when we use TRNG_OS) */
 /* X86 Linux and Windows, Solaris x86 */
 #if     (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
          defined(__INTEL__) ||                                          \
          defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) ) && ( !(defined(__SunOS) && !defined(__amd64)) \
          )
-
-  static TRNG_TYPE global_trng_type = TRNG_HW;
+  static int global_trng_type_attempted_upgrade = 0;
+  static TRNG_TYPE global_trng_type = TRNG_OS;
 
 #elif defined(__s390__) || defined(__MVS__)
+  static int global_trng_type_attempted_upgrade = 0;
+  static TRNG_TYPE global_trng_type = TRNG_OS;
 
-  static TRNG_TYPE global_trng_type = TRNG_HW;
-
-/* We will do a runtime check for cpu support for darn, present since ISA3.0, and update to TRNG_HW if so */
 #elif defined(__ppc__) || defined(__powerpc__) || defined(_AIX)
+  /* We will do a runtime check for cpu support for darn, present since ISA3.0, and update to TRNG_HW if so */
   static int global_trng_type_attempted_upgrade = 0;
   static TRNG_TYPE global_trng_type = TRNG_OS;
 
@@ -97,7 +103,7 @@ typedef struct NRBG_type_t {
   static TRNG_TYPE global_trng_type = TRNG_FIPS;
 #endif
 
-/* If a user sets TRNG_OS on power, we don't want to upgrade even if HW is available */
+/* If a user explicitly sets a TRNG, we don't want to upgrade even if HW is available */
 int global_trng_type_user_set = 0;
 
 static void TRNG_LocalCleanup(TRNG *T);
@@ -247,6 +253,7 @@ void checkTRNGAlias(char **trngname) {
            *trngname = "TRNG_OS";
         }
       }
+      MARK("TRNG aliased to", *trngname);
     }
   }
 }
@@ -258,6 +265,12 @@ void checkTRNGAlias(char **trngname) {
 extern unsigned icc_failure; /*!< Trigger for induced failure tests */
 int SetTRNGName(char *trngname)
 {
+  if (NULL != trngname) {
+    MARK("Request to set TRNG to", trngname);
+  }
+  else {
+    MARK("Request to set NULL TRNG", "");
+  }
   int rv = 0;
   int i = 0;
   checkTRNGAlias(&trngname);
@@ -288,8 +301,11 @@ TRNG_TYPE SetDefaultTrng(TRNG_TYPE trng) {
   case TRNG_HW:
   case TRNG_FIPS:
     if(TRNG_ARRAY[trng].avail()) {
+      MARK("TRNG set to", TRNG_ARRAY[trng].name);
       global_trng_type = trng;
       global_trng_type_user_set = 1;
+    } else {
+      MARK("TRNG attempted to be set to", TRNG_ARRAY[trng].name);
     }
     break;
   default:
@@ -397,12 +413,39 @@ static void TRNG_ESourceCleanup(E_SOURCE *es)
 
 TRNG_TYPE GetDefaultTrng()
 {
-#if defined(__ppc__) || defined(__powerpc__) || defined(_AIX)
-  if(!global_trng_type_attempted_upgrade && 0 == global_trng_type_user_set && 0 == strcasecmp("TRNG_OS", *trngname) && ALT4_Avail()) {
+#if (NON_FIPS_ICC == 1)
+
+#if     (\
+          (( defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
+            defined(__INTEL__) || \
+            defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)) && (!(defined(__SunOS) && !defined(__amd64)))) \
+          || \
+          ( defined(__s390__) || defined(__MVS__)) \
+          || \
+          ( defined(__ppc__) || defined(__powerpc__) || defined(_AIX)) \
+        )
+  if(!global_trng_type_attempted_upgrade) {
+    MARK("Testing the availability of TRNG_HW", "");
+
+    if(0 == global_trng_type_user_set) {
+      if (TRNG_FIPS != global_trng_type) {
+        if (ALT4_Avail()) {
+          MARK("Found, switching to TRNG_HW", "");
     global_trng_type = TRNG_HW;
+        } else {
+          MARK("TRNG_HW not available, remaining with", TRNG_ARRAY[global_trng_type].name);  
+        }
+      } else {
+        MARK("TRNG_FIPS set, remaining with", TRNG_ARRAY[global_trng_type].name);
+      }
+    } else {
+      MARK("User TRNG set, remaining with", TRNG_ARRAY[global_trng_type].name);
   }
   global_trng_type_attempted_upgrade = 1;
-#endif
+  }
+
+#endif /*x86_64, z/architecture, power */
+#endif /*non-FIPS*/
   return global_trng_type;
 }
 /*!

icc/TRNG/TRNG_ALT.c

@@ -40,7 +40,9 @@
 
 
 static int fd_alt = -1;
-
+#if defined(_WIN32)
+static BCRYPT_ALG_HANDLE hProvider = NULL;
+#endif
 /*! Pre-init function for TRNG_ALT
 
 */
@@ -89,10 +91,12 @@ static int alt_read(unsigned char *buffer,int n)
     break;
   case -3:
 #if defined(_WIN32)
+  {
     NTSTATUS status = 0;
-    status = BCryptGenRandom(BCRYPT_RNG_ALG_HANDLE, (PUCHAR)buffer, n, 0);
-    if(status != STATUS_SUCCESS) {
-      rv = TRNG_REQ_SIZE; /* One of the parameters was likely not correct */
+    status = BCryptGenRandom(hProvider, (PUCHAR)buffer, n, 0);
+    if(!BCRYPT_SUCCESS(status)) {
+      rv = TRNG_REQ_SIZE; /* One of the parameters was likely not correct, or bad provider */
+    }
     }
 #endif
     break;
@@ -124,18 +128,17 @@ TRNG_ERRORS ALT_Init(E_SOURCE *E, unsigned char *pers, int perl)
   /* Else probe for something else */
   if(-1 == fd_alt) {
 #if defined(_WIN32)
+  {
     #define SIZE 8
     /* ON Windows ..... */
     /* If no HW RNG, OS RNG source */
     NTSTATUS status = 0;
-    int tmpSize = SIZE; /* 64 bits, small test of availability */
-    unsigned char tmp[SIZE];
-    status = BCryptGenRandom(BCRYPT_RNG_ALG_HANDLE, (PUCHAR)&tmp, tmpSize, 0); /* Using a pseudo-handle */
-
-    if(status == STATUS_SUCCESS) {
+    status = BCryptOpenAlgorithmProvider(&hProvider, BCRYPT_RNG_ALGORITHM, NULL, 0);
+    if(BCRYPT_SUCCESS(status)) {
       fd_alt = -3;
     } else {
-      rv = TRNG_INIT;
+      rv = TRNG_INIT; /*error*/
+    }
     }
 #else
     /* On Unix .... */
@@ -209,11 +212,15 @@ TRNG_ERRORS ALT_Cleanup(E_SOURCE *E)
 
 void ALT_Final()
 {
-#if !defined(_WIN32)
+#if defined(_WIN32)
+ if((-3 == fd_alt) && (0 != hProvider)) {
+   BCryptCloseAlgorithmProvider(hProvider, 0);
+   hProvider = 0;
+ }
+#else 
   if(fd_alt >= 0) {
     close(fd_alt);
     fd_alt = -1;
   }
 #endif
-
 }

icc/TRNG/entropy_to_NRBG.c

@@ -68,16 +68,13 @@ int conditioner(TRNG *T, unsigned char* outbuf, unsigned len)
       if( 0 != trng_raw(&(T->econd),tbuf,SHA_DIGEST_SIZE) ) {
         rv = SetRNGError("Insufficient entropy",__FILE__,__LINE__);
         if(TRNG_OK != rv) {
-          break;
+          HMAC_CTX_cleanup(T->cond.hctx);
+          return rv;
         }          
       }
       HMAC_Update(T->cond.hctx,tbuf,sizeof(tbuf));
     }
-    if(TRNG_RESTART == rv) {
-      TRNG_TRNG_Init(T,-1);
-      rv = TRNG_OK;
-      continue;
-    }
+
     HMAC_Final(T->cond.hctx,tbuf,&mlen);
 
     for(i = 0; (i < mlen) && (n < len); ) {
@@ -120,7 +117,10 @@ TRNG_ERRORS Entropy_to_TRNG(TRNG *T, unsigned char *data, unsigned int len)
     {
       for (l = 0; l < len; l += SHA_DIGEST_SIZE)
       {
-        conditioner(T, buffer, SHA_DIGEST_SIZE);
+        rv = conditioner(T, buffer, SHA_DIGEST_SIZE);
+        if (TRNG_OK != rv) {
+          return rv;
+        }
         e = pmax4(buffer,SHA_DIGEST_SIZE);
         if(e < 50) {
           break;
@@ -137,9 +137,8 @@ TRNG_ERRORS Entropy_to_TRNG(TRNG *T, unsigned char *data, unsigned int len)
     if (j >= TRNG_RETRIES)
     {
       rv = SetRNGError("Unable to obtain sufficient entropy", __FILE__, __LINE__);
-      if(TRNG_OK == rv) {
-        j = 0;
-        continue;
+      if(TRNG_OK != rv) {
+        return rv;
       }
     }
     /* Final sanity check, we got out, is our overall entropy good with a compression function 
@@ -149,7 +148,9 @@ TRNG_ERRORS Entropy_to_TRNG(TRNG *T, unsigned char *data, unsigned int len)
     if (!EntropyOK(T))
     {
       rv = SetRNGError("Long term entropy is below acceptable limits", __FILE__, __LINE__);
-      if(TRNG_OK == rv) continue;
+      if (TRNG_OK != rv) {
+        return rv;
+      }
     }
     /*!
     \FIPS
@@ -171,10 +172,10 @@ TRNG_ERRORS Entropy_to_TRNG(TRNG *T, unsigned char *data, unsigned int len)
       m++;
       if(m > 5) {
         rv = SetRNGError("Repeated duplicate seeds from TRNG", __FILE__, __LINE__);
-        if(TRNG_OK == rv) {
-          continue;
+        if (TRNG_OK != rv) {
+          EVP_MD_CTX_reset(T->md_ctx);
+          return rv;
         }
-        break;
       }
       continue;
     }

icc/TRNG/noise_to_entropy.c

@@ -90,6 +90,9 @@ int trng_raw(E_SOURCE *E,
     /* 201 is a transient failure, 202 persistent */
     if((icc_failure == 201) || (icc_failure == 202)) {
       failcount = MAX_HT_FAIL +1;
+      /* Pretend to clear the buffer so we goto error */
+      k = 0;
+      E->cnt = 0;
     }
     if(0 == k) {
       E->impl.gb(E,&(E->nbuf[0]), E_ESTB_BUFLEN);

icc/TRNG/timer_entropy.c

@@ -131,9 +131,9 @@ ICC_UINT64 RdCTR_raw() {
 #elif defined(__sun__) && defined(__i386__) && defined(__GNUC__)
 
 ICC_UINT64 RdCTR_raw() {
-    ICC_UINT64 lo;
+    ICC_UINT32 lo;
     __asm__ __volatile__("rdtsc\n" : "=a" (lo) : : "edx");
-    return lo;
+    return (ICC_UINT64)lo;
 }
 
 /* End  Solaris x86 */