Updated OCKC code to match release_8.9.22, Openssl and pkcs11 tar pac…

icc/Makefile

@@ -942,6 +942,7 @@ TRNG_OBJS = timer_entropy$(OBJSUFX) timer_fips$(OBJSUFX) \
 LIBOBJS1 = fips$(OBJSUFX) \
 	platform$(OBJSUFX) \
 	iccerr$(OBJSUFX) status$(OBJSUFX) \
+	iccsecurezero$(OBJSUFX) \
 	fips-prng-RAND$(OBJSUFX) fips-prng-err$(OBJSUFX) \
 	SP800-90$(OBJSUFX) \
 	SP800-90HashData$(OBJSUFX) \
@@ -1242,6 +1243,9 @@ platform$(OBJSUFX): platform.c platform.h
 platfsl$(OBJSUFX): platfsl.c platfsl.h platform.h
 	$(CC) $(CFLAGS) -I$(OSSLINC_DIR) -I$(OSSL_DIR) -I./ -I$(SDK_DIR)/ platfsl.c
 
+iccsecurezero$(OBJSUFX): iccsecurezero.c platform.h
+	$(CC) $(CFLAGS) iccsecurezero.c
+
 # ICCLIB_LINK is never defined.
 
 #- Build ICC static library stub

icc/SP800_38F/SP80038F.c

@@ -15,6 +15,7 @@
 #include <openssl/evp.h>
 #include <string.h>
 #include "icc.h"
+#include "platform.h"
 #include "fips-prng/utils.h"
 
 extern void * CRYPTO_calloc(int nmemb,int size,const char *file, int line);
@@ -466,7 +467,7 @@ static int KU(unsigned char *in, int inl, unsigned char *out, int *outl, unsigne
 	  } 
 	  for(  ; i < 8; i++) { /* And check that the padding WAS 0's */
 	    if(R[j].F[i] != 0) {
-	      memset(out,0,*outl); /* On a padding error Scrub what was decrypted so far */
+	      ICC_securezero(out,*outl); /* On a padding error Scrub what was decrypted so far */
 	      (*outl) = 0;
 	      rv = SP800_38F_MAC; /* Padding error in final block */
 	    }
@@ -586,10 +587,7 @@ void Add_BE(unsigned char *dest,
 void *CRYPTO_calloc(int nmemb, int size,const char *file,int line)
 {
   void *ptr = NULL;
-  ptr = CRYPTO_malloc(nmemb*size,file,line);
-  if(NULL != ptr) {
-    memset(ptr,0,nmemb*size);
-  }
+  ptr = CRYPTO_zalloc(nmemb*size,file,line);
   return ptr;
 }
 int main(int argc, char *argv[])

icc/TRNG/ICC_NRBG.c

@@ -201,7 +201,7 @@ TRNG_ERRORS SetRNGError(const char *msg, const char *file, int line)
 
 const char * GetTRNGNameR(TRNG_TYPE trng) {
   const char *rv = "Invalid";
-  if(trng >= 0 && trng <= NTRNGS) {
+  if(trng >= 0 && trng < NTRNGS) {
     rv = (const char *)TRNG_ARRAY[trng].name;
   }
   return rv;
@@ -265,26 +265,26 @@ void checkTRNGAlias(char **trngname) {
 extern unsigned icc_failure; /*!< Trigger for induced failure tests */
 int SetTRNGName(char *trngname)
 {
+  int rv = 0;
   if (NULL != trngname) {
     MARK("Request to set TRNG to", trngname);
+    int i = 0;
+    checkTRNGAlias(&trngname);
+    for (i = 0; i < TRNG_count(); i++)
+    {
+       if (0 == strcasecmp(trngname, TRNG_ARRAY[i].name))
+       {
+          SetDefaultTrng(TRNG_ARRAY[i].type);
+          if (TRNG_ARRAY[i].type == (int)GetDefaultTrng()) {
+             rv = 1;
+          }
+          break;
+       }
+    }
   }
   else {
     MARK("Request to set NULL TRNG", "");
   }
-  int rv = 0;
-  int i = 0;
-  checkTRNGAlias(&trngname);
-  for (i = 0; i < TRNG_count(); i++)
-  {
-    if (0 == strcasecmp(trngname,TRNG_ARRAY[i].name))
-    {
-      SetDefaultTrng(TRNG_ARRAY[i].type);
-      if (TRNG_ARRAY[i].type == (int)GetDefaultTrng()) {
-         rv = 1;
-      }
-      break;
-    }
-  }
 
   return rv;
 }
@@ -359,7 +359,7 @@ static TRNG_ERRORS TRNG_ESourceInit(E_SOURCE *es,int e_exp)
 {
   TRNG_ERRORS rv = TRNG_OK;
   if(NULL != es) {
-    memset(es->nbuf,0,sizeof(es->nbuf));
+    ICC_securezero(es->nbuf,sizeof(es->nbuf));
     es->cnt = 0;
     if(NULL != es->impl.avail) {
       if( 0 == (es->impl.avail())) {
@@ -408,7 +408,7 @@ static void TRNG_ESourceCleanup(E_SOURCE *es)
     if(NULL != es->impl.cleanup) {
       (es->impl.cleanup)(es);
     }
-    memset(es,0,sizeof(E_SOURCE));
+    ICC_securezero(es,sizeof(E_SOURCE));
   }
 }
 /*! @brief return the NRBG type that's the default within ICC and OpenSSL
@@ -511,7 +511,7 @@ void TRNG_LocalCleanup(TRNG *T)
     /* Clean up the long term test on the TRNG health */
     CleanupEntropyEstimator(T);
     /* Erase it all */
-    memset(T, 0, sizeof(TRNG));
+    ICC_securezero(T, sizeof(TRNG));
   }
 }
 /*!
@@ -539,7 +539,7 @@ TRNG_ERRORS TRNG_TRNG_Init(TRNG *T, TRNG_TYPE type) {
 
   unsigned int e_exp = 0; /* % entropy in the noise at the INPUT of the TRNG core, calced from the bits/byte in TRNG_TYPE */
 
-  if( (type < 0 ) || (type > NTRNGS) ){
+  if( (type < 0 ) || (type >= NTRNGS) ){
     type = global_trng_type;
   }
 
@@ -574,7 +574,7 @@ TRNG_ERRORS TRNG_TRNG_Init(TRNG *T, TRNG_TYPE type) {
     rv = TRNG_INIT;
   }
   if (TRNG_OK == rv) {
-    memset(T->lastdigest,0,sizeof(T->lastdigest));
+    ICC_securezero(T->lastdigest,sizeof(T->lastdigest));
     if (NULL == T->md) {
       T->md = EVP_get_digestbyname(TRNG_DIGEST);
     }
@@ -598,7 +598,7 @@ TRNG_ERRORS TRNG_TRNG_Init(TRNG *T, TRNG_TYPE type) {
     are initializing.
   */
   if (TRNG_OK == rv) {
-    memset(T->cond.key, 0, sizeof(T->cond.key));
+    ICC_securezero(T->cond.key, sizeof(T->cond.key));
   }
   if(TRNG_OK == rv) {
     /* Initialize the TRNG compressor */
@@ -617,7 +617,7 @@ TRNG_ERRORS TRNG_TRNG_Init(TRNG *T, TRNG_TYPE type) {
     /* TRNG retained data */
     Personalize(tmp);
     xcompress(T, T->cond.rdata, tmp, tmpl);
-    memset(tmp, 0, tmpl);
+    ICC_securezero(tmp, tmpl);
     ICC_Free(tmp);
     tmp = NULL;
   }

icc/TRNG/entropy_to_NRBG.c

@@ -70,7 +70,7 @@ int conditioner(TRNG *T, unsigned char* outbuf, unsigned len)
         if(TRNG_OK != rv) {
           HMAC_CTX_cleanup(T->cond.hctx);
           return rv;
-        }          
+        }
       }
       HMAC_Update(T->cond.hctx,tbuf,sizeof(tbuf));
     }

icc/TRNG/nist_algs.c

@@ -126,7 +126,11 @@ unsigned int pmaxLGetEnt(unsigned char *data, int len)
       minimum and evenly distributed is 2 (max entropy)
       Table lookup here because it's simpler.
      */
-    est = etabB[ilog2p];
+    if (ilog2p < sizeof(etabB) / sizeof(etabB[0])) {
+      est = etabB[ilog2p];
+    } else {
+      est = 200; /* Max entropy */
+    }
 
 #if defined(TEST_DOUBLE)
     printf("k = %d ", k);

icc/TRNG/personalise.c

@@ -103,7 +103,7 @@ unsigned int Personalize(unsigned char *buffer)
     tmp += sizeof(pid);
 
     memcpy(tmp,&tid,sizeof(tid));
-    tmp += sizeof(pid);
+    tmp += sizeof(tid);
 
     strncpy((char *)tmp,name,sizeof(name)-1);
 

icc/TRNG/timer_fips.c

@@ -108,7 +108,7 @@ void T_FILTER_Init(T_FILTER *TF)
 */
 static void sorter_in(ICC_INT64 diff, ICC_UINT64 value,T_FILTER *tf)
 {
-    int i,freq;
+    unsigned int i,freq;
     DIST *dist;
 
     dist=tf->dist;

icc/fips-prng/SP800-90.c

@@ -259,15 +259,14 @@ static int matchstr(char *one, char *two, char delim) {
 */
 const char **get_SP800_90FIPS(void) {
   static int initialized = 0;
-  static char *FIPS_rng_list[sizeof(PRNG_list) / sizeof(SP800_90PRNG_t *)];
+  static char* FIPS_rng_list[sizeof(PRNG_list) / sizeof(SP800_90PRNG_t*)] = { NULL };
 
   int i = 0;
   int j = 0;
   int exclude = 0;
   char *ptr = NULL;
 
   if (!initialized) {
-    memset(FIPS_rng_list, 0, sizeof(FIPS_rng_list));
     for (i = 0; NULL != PRNG_list[i]; i++) {
       exclude = 0;
       if (NULL != exclude_list) {
@@ -747,7 +746,7 @@ void Gen(PRNG_CTX *ctx,
   uint32_t t = 0;
   unsigned char tmp[CNT_SZ];
 
-  memset(tmp,0,CNT_SZ);
+  ICC_securezero(tmp,CNT_SZ);
 
   switch(ictx->state) {
   case SP800_90RESEED:
@@ -840,7 +839,7 @@ void Cln(PRNG_CTX *ctx)
   TRNG *trng = ictx->trng;
   ictx->trng = NULL;
   prng->Cleanup(ctx);
-  memset(ictx,0,sizeof(SP800_90PRNG_Data_t));
+  ICC_securezero(ictx,sizeof(SP800_90PRNG_Data_t));
   ictx->prng = prng;
   ictx->trng = trng;
   ictx->state = SP800_90UNINIT;
@@ -880,7 +879,7 @@ void PRNG_self_test(PRNG_CTX *ctx, PRNG *alg)
       ictx->TestMode = 1;
       for (i = 0; i < 4; i++)
       {
-        memset(out, 0, TEST_OUT_SIZE);
+        ICC_securezero(out, TEST_OUT_SIZE);
         data = &prng->TestData[i];
         if (NULL == data->InitEin)
           break;
@@ -919,7 +918,7 @@ void PRNG_self_test(PRNG_CTX *ctx, PRNG *alg)
         }
         else
         {
-          memset(out, 0, 1024);
+          ICC_securezero(out, TEST_OUT_SIZE);
           ictx->prng->Gen(ctx, out, data->GenRes->len,
                           (unsigned char *)data->GenAAD->buf, data->GenAAD->len);
         }
@@ -1355,7 +1354,7 @@ SP800_90STATE RNG_ReSeed(PRNG_CTX *ctx, unsigned char *adata,
           else
           {
             ictx->prng->Res(ctx, ictx->eBuf, einl, adata, adatal);
-            memset(ictx->eBuf, 0, einl);
+            ICC_securezero(ictx->eBuf, einl);
           }
         }
         break;
@@ -1369,15 +1368,15 @@ SP800_90STATE RNG_ReSeed(PRNG_CTX *ctx, unsigned char *adata,
         break;
       }
     }
+    state = ictx->state;
   }
-  else
+  else if (NULL != ictx)
   {
     ictx->state = SP800_90ERROR;
     ictx->error_reason = ERRAT(SP800_90_NOT_INIT);
+    state = ictx->state;
   }
 
-  state = ictx->state;
-
   return state;
 }
 
@@ -1751,7 +1750,7 @@ void RNG_CTX_free(PRNG_CTX *ctx)
       ictx->prng->Cln(ctx);
       ictx->prng = NULL;
     }
-    memset(ictx,0,sizeof(SP800_90PRNG_Data_t));
+    ICC_securezero(ictx,sizeof(SP800_90PRNG_Data_t));
     ICC_Free(ictx);
   }
 }

icc/fips-prng/SP800-90Cipher.c

@@ -124,7 +124,7 @@ static void Update(SP800_90PRNG_Data_t *pctx)
   xor(pctx->T,pctx->T,pctx->C,pctx->prng->seedlen);
   /* Copy K & V from pctx->T and setup the new key */
   SetKV(pctx);  
-  memset(pctx->T,0,pctx->prng->seedlen);
+  ICC_securezero(pctx->T,pctx->prng->seedlen);
 }
 /*!
   @brief SP800-90 Cipher derivation function
@@ -222,7 +222,7 @@ static void Cipher_df(SP800_90PRNG_Data_t *pctx,DS *dsin)
     outl -= k;
   }
   /* And clear our scratch area */
-  memset(pctx->T,0,pctx->prng->OBL);
+  ICC_securezero(pctx->T,pctx->prng->OBL);
   EVP_CIPHER_CTX_cleanup(ctx);
   EVP_CIPHER_CTX_free(ctx);
 }
@@ -280,7 +280,7 @@ SP800_90STATE CIPHER_Instantiate(PRNG_CTX *ctx,
   /* Run "Update" with the provided seed */
   Update(pctx);
   /* And clean up the supplied AAD */
-  memset(pctx->C,0,pctx->prng->seedlen);
+  ICC_securezero(pctx->C,pctx->prng->seedlen);
   return pctx->state;
 }
 /*!
@@ -304,7 +304,7 @@ SP800_90STATE CIPHER_ReSeed(PRNG_CTX *ctx,
   Cipher_df(pctx,&ds);
   Update(pctx);
   /* And clean up the supplied data */
-  memset(pctx->C,0,pctx->prng->seedlen);
+  ICC_securezero(pctx->C,pctx->prng->seedlen);
   return pctx->state;
 
 }
@@ -368,9 +368,9 @@ SP800_90STATE CIPHER_Generate(PRNG_CTX *ctx,
   /* 
      Clear our temporary output buffer, 
   */
-  memset(pctx->T,0,pctx->prng->OBL);
+  ICC_securezero(pctx->T,pctx->prng->OBL);
   /* And clean up the supplied data */
-  memset(pctx->C,0,pctx->prng->seedlen); 
+  ICC_securezero(pctx->C,pctx->prng->seedlen);
   return pctx->state;
 }
 /*!

icc/fips-prng/SP800-90HashData.c

@@ -91,7 +91,7 @@ static void Hash_df(SP800_90PRNG_Data_t *pctx,DS *in, unsigned char *out, unsign
   /* Debugging aid as much as anything, 
      T should be zero if not being used 
   */
-  memset(pctx->T,0,digestL);  
+  ICC_securezero(pctx->T,digestL);
   return;
 }