Ubuntu
opencryptoki package

[20.04] Fix failure of EP11 to import an ECC public key

Bug #1852089 reported by bugproxy
38
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
Medium
Canonical Foundations Team
opencryptoki (Ubuntu)
Fix Released
Undecided
Skipper Bug Screeners

Bug Description

Upgrade to openCryptoki 3.12.1

Available from https://github.com/opencryptoki/opencryptoki

See original description
bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-182109 severity-high targetmilestone-inin2004
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → opencryptoki (Ubuntu)
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: New → Triaged
importance: Undecided → Medium
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2019-11-22 07:55 EDT-------
Update to opencryptoki

We just released openCryptoki 3.12.1 to fix a bug in the pkcs11_migrate tool.
Change Log:
- Fix pkcsep11_migrate tool

https://github.com/opencryptoki/opencryptoki
https://github.com/opencryptoki/opencryptoki/releases/tag/v3.12.1

Please update the feature request to either..
- include the 3.12.1 bug-fix release ..
- .. or include the following commit on top of 3.12:
https://github.com/opencryptoki/opencryptoki/commit/316e35e55b1fe90d963186d54e7d8c4f77ce94ed

Frank Heimes (fheimes)
description: updated
summary: - [20.04 FEAT] Upgrade openCryptoki >= 3.12
+ [20.04 FEAT] Upgrade openCryptoki >= 3.12.1
Heinz-Werner Seeck (heinz-werner-seeck)
summary: - [20.04 FEAT] Upgrade openCryptoki >= 3.12.1
+ [20.04 FEAT] Upgrade openCryptoki >= 3.13
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-12-04 10:37 EDT-------
We are planning an upgrade version for End of January 3.13.
Therefore title changed.

Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-12-12 08:45 EDT-------
The current version of opencryptoki version 3.12.1 will be one for 20.04.

------- Comment From <email address hidden> 2019-12-12 08:49 EDT-------
When using Opencryptoki 3.12.0 or 3.12.1, the EP11 token may fail to import an ECC public key. Function C_CreateObject returns CKR_BUFFER_TOO_SMALL in this case.

The following upstream commit fixes this:
https://github.com/opencryptoki/opencryptoki/commit/50a8a8806059647a3e446fd129995af61ec54867
It applies fine on top of 3.12.0 or 3.12.1.

Distros that contain 3.11 or earlier do not require this fix. The problem is introduced with 3.12.0.

Revision history for this message
Frank Heimes (fheimes) wrote : Re: [20.04 FEAT] Upgrade openCryptoki >= 3.13

Adjusting (somewhat misleading) title, especially compared to bug description.
Fix failure of EP11 to import an ECC public key (due to EC-uncompress buffer length issue)

summary: - [20.04 FEAT] Upgrade openCryptoki >= 3.13
+ [20.04 FEAT] Fix failure of EP11 to import an ECC public key
Frank Heimes (fheimes)
summary: - [20.04 FEAT] Fix failure of EP11 to import an ECC public key
+ [20.04] Fix failure of EP11 to import an ECC public key
Dimitri John Ledkov (xnox)
information type: Private → Public
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package opencryptoki - 3.12.1+dfsg-0ubuntu1

---------------
opencryptoki (3.12.1+dfsg-0ubuntu1) focal; urgency=medium

  * New upstream release LP: #1854148, LP: #1852089, LP: #1850294

 -- Dimitri John Ledkov <email address hidden> Thu, 06 Feb 2020 14:59:50 +0000

Changed in opencryptoki (Ubuntu):
status: New → Fix Released
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Triaged → Fix Released
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2020-02-07 08:12 EDT-------
IBM Bugzilla status -> closed, Fix Released with focal

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.