[20.10 FEAT] openCryptoki: PIN conversion tool

Bug #1854944 reported by bugproxy
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
Medium
Canonical Foundations Team
opencryptoki (Ubuntu)
Fix Released
Medium
Skipper Bug Screeners

Bug Description

Provide a tool to convert all token data including PINs from using PINs encrypted with the method of v3.11 and earlier to being encrypted with a FIPS compliant method.

The below patches/commits are needed on top of opencryptoki 3.14 ...

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-182654 severity-high targetmilestone-inin2004
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → opencryptoki (Ubuntu)
Revision history for this message
Frank Heimes (fheimes) wrote :

Changing to incomplete until a version > 3.12.1 is released.

Changed in opencryptoki (Ubuntu):
status: New → Incomplete
importance: Undecided → Medium
Changed in ubuntu-z-systems:
importance: Undecided → Medium
status: New → Incomplete
assignee: nobody → Canonical Foundations Team (canonical-foundations)
summary: - [20.04 FEAT] openCryptoki: PIN conversion tool
+ [20.10 FEAT] openCryptoki: PIN conversion tool
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2020-01-23 08:32 EDT-------
Feature will not make it into 20.04 -> new target 20.10

tags: added: targetmilestone-inin2010
removed: targetmilestone-inin2004
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2020-06-23 08:00 EDT-------
The following commits on top of openCryptoki 3.14.0 are required to implement this feature:

dc1143891b54170ceba9cac209eee4de0058b10c "Fix segfault when non-existing token object is deleted"
https://github.com/opencryptoki/opencryptoki/commit/dc1143891b54170ceba9cac209eee4de0058b10c

bf0ea2aa8a595b7322d432693e46a217979769de "Fix usage of EVP_CipherUpdate and EVP_CipherFinal"
https://github.com/opencryptoki/opencryptoki/commit/bf0ea2aa8a595b7322d432693e46a217979769de

46643e6573dd9b6ca5da68eb3fb5f631eebc0e06 "Add utility to migrate token repository to FIPS compliant encryption."
https://github.com/opencryptoki/opencryptoki/commit/46643e6573dd9b6ca5da68eb3fb5f631eebc0e06

Revision history for this message
Frank Heimes (fheimes) wrote :

adjusting bug description to fit current versioning ...

description: updated
Changed in opencryptoki (Ubuntu):
status: Incomplete → Triaged
Changed in ubuntu-z-systems:
status: Incomplete → Triaged
tags: added: id-5ef51895c801816f3b6e8fc8
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package opencryptoki - 3.14.0+dfsg-0ubuntu2

---------------
opencryptoki (3.14.0+dfsg-0ubuntu2) groovy; urgency=medium

  * Cherrypick fixes from master LP: #1854944

 -- Dimitri John Ledkov <email address hidden> Thu, 09 Jul 2020 15:36:36 +0100

Changed in opencryptoki (Ubuntu):
status: Triaged → Fix Released
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Triaged → Fix Released
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2020-07-10 04:35 EDT-------
IBM Bugzilla status-> closed, Fix Released with groovy

information type: Private → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers