Ubuntu
opencryptoki package

[23.04 FEAT] openCryptoki ep11 token: PKCS #11 3.0 - support AES_XTS

Bug #2003632 reported by bugproxy
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
High
Skipper Bug Screeners
opencryptoki (Ubuntu)
Fix Released
High
Skipper Bug Screeners

Bug Description

Feature Description

Extended support of openCryptoki for PKCS #11 version 3.0
- in ep11 token, support XTS-AES :
CKM_AES_XTS
CKM_AES_XTS_KEY_GEN

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-201333 severity-high targetmilestone-inin2304
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Frank Heimes (fheimes)
affects: linux (Ubuntu) → opencryptoki (Ubuntu)
Changed in ubuntu-z-systems:
status: New → Incomplete
Changed in opencryptoki (Ubuntu):
status: New → Incomplete
Changed in ubuntu-z-systems:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
importance: Undecided → High
Changed in opencryptoki (Ubuntu):
importance: Undecided → High
Revision history for this message
Frank Heimes (fheimes) wrote (last edit ):

Since I couldn't find this feature in
https://github.com/opencryptoki/opencryptoki/blob/master/ChangeLog
yet, I'm setting the status to Incomplete for now.

Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2023-01-27 08:22 EDT-------
We are planning to have an OpenCryptoki 3.20.0 release ready in time for lunar which covers / includes this feature.

Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2023-02-13 03:54 EDT-------
openCryptoki version 3.20.0 is now available at
https://github.com/opencryptoki/opencryptoki/releases/tag/v3.20.0

Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Incomplete → Triaged
Changed in opencryptoki (Ubuntu):
status: Incomplete → Triaged
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Triaged → Fix Committed
Changed in opencryptoki (Ubuntu):
status: Triaged → Fix Committed
information type: Private → Public
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package opencryptoki - 3.20.0+dfsg-0ubuntu1

---------------
opencryptoki (3.20.0+dfsg-0ubuntu1) lunar; urgency=medium

  * New upstream release (LP: #2003847), includes support for:
    - ep11 token: master key consistency (LP: #2003629)
    - ica and soft tokens: PKCS #11 3.0 - support AES_XTS (LP: #2003630)
    - ep11 token: PKCS #11 3.0 - support AES_XTS (LP: #2003632)
    - Support of ep11 token for new IBM Z Hardware (IBM z16) (LP: #2003635)
    - ep11 token: vendor specific key derivation (LP: #2003638)
    - key gen. with expected MKVP only on CCA and EP11 tokens (LP: #2003639)
    - p11sak support Dilithium and Kyber keys (LP: #2003669)
  * Remove patch
    d/p/lp-1982842-EP11-Fix-C_GetMechanismList-returning-CKR_BUFFER_TOO.patch
    since it's included in 3.19 and newer.
  * Remove patch
    d/p/lp-1989558-common-fix-memory-leak-in-save_private_token_object.patch
    since it's included in 3.19 and newer.
  * Adjust patch d/p/01-disable-testcases.patch due to minor change in context.
  * Refresh patch d/p/03-dlopen-soname.patch to fix 'fuzz'.
  * Modified patch
    d/p/lp-1982842-move-pkcs11-group-assigment-from-makefile-to-postinst.patch
    due to change in context, refresh it to fix 'fuzz' and remove addgroup
    from Makefile.am, since this is handled in d/opencryptoki.postinst.
  * Add opencryptoki.pc to d/libopencryptoki-dev.install.
  * Add new config file ccatok.conf to d/opencryptoki.install.s390x.
  * Consolidate multiple /etc/opencryptoki/*.conf entries in
    d/opencryptoki.install to one line and make it more generic.
  * Migrate in d/rules from 'dh_install --fail-missing --sourcedir=debian/tmp'
    to 'dh_install --sourcedir=debian/tmp' and 'dh_missing --fail-missing'.
  * Update 'Standards-Version' field in d/control to latest version 4.6.1.0.
  * Expand the copyright year range in d/copyright relfecting the latest code.

 -- Frank Heimes <email address hidden> Mon, 13 Feb 2023 10:10:45 +0100

Changed in opencryptoki (Ubuntu):
status: Fix Committed → Fix Released
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.