[20.10 FEAT] openCryptoki: PIN conversion tool

Bug #1854944 reported by bugproxy
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
Medium
Canonical Foundations Team
opencryptoki (Ubuntu)
Fix Released
Medium
Skipper Bug Screeners

Bug Description

Provide a tool to convert all token data including PINs from using PINs encrypted with the method of v3.11 and earlier to being encrypted with a FIPS compliant method.

The below patches/commits are needed on top of opencryptoki 3.14 ...

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-182654 severity-high targetmilestone-inin2004
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → opencryptoki (Ubuntu)
Revision history for this message
Frank Heimes (fheimes) wrote :

Changing to incomplete until a version > 3.12.1 is released.

Changed in opencryptoki (Ubuntu):
status: New → Incomplete
importance: Undecided → Medium
Changed in ubuntu-z-systems:
importance: Undecided → Medium
status: New → Incomplete
assignee: nobody → Canonical Foundations Team (canonical-foundations)
summary: - [20.04 FEAT] openCryptoki: PIN conversion tool
+ [20.10 FEAT] openCryptoki: PIN conversion tool
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2020-01-23 08:32 EDT-------
Feature will not make it into 20.04 -> new target 20.10

tags: added: targetmilestone-inin2010
removed: targetmilestone-inin2004
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2020-06-23 08:00 EDT-------
The following commits on top of openCryptoki 3.14.0 are required to implement this feature:

dc1143891b54170ceba9cac209eee4de0058b10c "Fix segfault when non-existing token object is deleted"
https://github.com/opencryptoki/opencryptoki/commit/dc1143891b54170ceba9cac209eee4de0058b10c

bf0ea2aa8a595b7322d432693e46a217979769de "Fix usage of EVP_CipherUpdate and EVP_CipherFinal"
https://github.com/opencryptoki/opencryptoki/commit/bf0ea2aa8a595b7322d432693e46a217979769de

46643e6573dd9b6ca5da68eb3fb5f631eebc0e06 "Add utility to migrate token repository to FIPS compliant encryption."
https://github.com/opencryptoki/opencryptoki/commit/46643e6573dd9b6ca5da68eb3fb5f631eebc0e06

Revision history for this message
Frank Heimes (fheimes) wrote :

adjusting bug description to fit current versioning ...

description: updated
Changed in opencryptoki (Ubuntu):
status: Incomplete → Triaged
Changed in ubuntu-z-systems:
status: Incomplete → Triaged
tags: added: id-5ef51895c801816f3b6e8fc8
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package opencryptoki - 3.14.0+dfsg-0ubuntu2

---------------
opencryptoki (3.14.0+dfsg-0ubuntu2) groovy; urgency=medium

  * Cherrypick fixes from master LP: #1854944

 -- Dimitri John Ledkov <email address hidden> Thu, 09 Jul 2020 15:36:36 +0100

Changed in opencryptoki (Ubuntu):
status: Triaged → Fix Released
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Triaged → Fix Released
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2020-07-10 04:35 EDT-------
IBM Bugzilla status-> closed, Fix Released with groovy

information type: Private → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.