Cherry-pick upstream patch to stop reseeding global DRBG instance on every call. LP: #1608954

4 files changed, 52 insertions, 5 deletions

diff --git a/debian/changelog b/debian/changelog
index 346a5d7..666cc88 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+libica (2.6.1-3) unstable; urgency=medium
+
+  * Cherry-pick upstream patch to stop reseeding global DRBG instance on
+    every call. LP: #1608954
+
+ -- Dimitri John Ledkov <xnox@ubuntu.com>  Mon, 22 Aug 2016 10:59:18 +0100
+
 libica (2.6.1-2) unstable; urgency=medium
 
   * Cherry pick upstream patch to fix symbol visibility and thus
diff --git a/debian/patches/libica_v2.6.1_performance_fix.patch b/debian/patches/libica_v2.6.1_performance_fix.patch
new file mode 100644
index 0000000..cf4df2b
--- /dev/null
+++ b/debian/patches/libica_v2.6.1_performance_fix.patch
@@ -0,0 +1,40 @@
+Description: ica_random_number_generate performance improvement
+ Changed the ica_random_number_generate function that asks the
+ global DRBG instance for random bytes to not reseed the
+ instance on every call.
+Origin: https://sourceforge.net/p/opencryptoki/libica/ci/3bcd3efb0aff364515ab9b3c39dd68fbbb1534d0/
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libica/+bug/1608954
+
+--- a/src/s390_prng.c	
++++ b/src/s390_prng.c	
+@@ -76,10 +76,9 @@ int s390_prng_init(void)
+ 	// available. However, the old prng is still initialized but
+ 	// only used as a fallback.
+ 	if(sha512_switch || sha512_drng_switch){
+-		const char *pers = "ica_drbg_global";
+ 		ica_drbg_instantiate(&ica_drbg_global, 256, true,
+-				     ICA_DRBG_SHA512, (unsigned char *)pers,
+-				     strlen(pers));
++				     ICA_DRBG_SHA512,
++				     (unsigned char *)"GLOBAL INSTANCE", 15);
+ 	}
+ 
+ 	// The old prng code starts here:
+@@ -181,7 +180,7 @@ int s390_prng(unsigned char *output_data
+ 		unsigned char *ptr = output_data;
+ 		size_t i = 0;
+ 		for(; i < q; i++){
+-			status = ica_drbg_generate(ica_drbg_global, 256, true,
++			status = ica_drbg_generate(ica_drbg_global, 256, false,
+ 						   NULL, 0, ptr,
+ 						   ICA_DRBG_SHA512
+ 						   ->max_no_of_bytes_per_req);
+@@ -191,7 +190,7 @@ int s390_prng(unsigned char *output_data
+ 			ptr += ICA_DRBG_SHA512->max_no_of_bytes_per_req;
+ 		}
+ 		if(!status){
+-			status = ica_drbg_generate(ica_drbg_global, 256, true,
++			status = ica_drbg_generate(ica_drbg_global, 256, false,
+ 						   NULL, 0, ptr, r);
+ 			if(!status)
+ 				return 0;
diff --git a/debian/patches/series b/debian/patches/series
index 08f0fde..aa4897c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 0004-Make-test-suite-bail-out-upon-errors.patch
 0005-ubuntu-skip-generating-suite.out-report-to-stdout.patch
 0001-Fix-initialization-of-s390-hardware-switches.patch
+libica_v2.6.1_performance_fix.patch
diff --git a/src/s390_prng.c b/src/s390_prng.c
index 6a7b1f0..a6f8cfb 100644
--- a/src/s390_prng.c
+++ b/src/s390_prng.c
@@ -76,10 +76,9 @@ int s390_prng_init(void)
 	// available. However, the old prng is still initialized but
 	// only used as a fallback.
 	if(sha512_switch || sha512_drng_switch){
-		const char *pers = "ica_drbg_global";
 		ica_drbg_instantiate(&ica_drbg_global, 256, true,
-				     ICA_DRBG_SHA512, (unsigned char *)pers,
-				     strlen(pers));
+				     ICA_DRBG_SHA512,
+				     (unsigned char *)"GLOBAL INSTANCE", 15);
 	}
 
 	// The old prng code starts here:
@@ -181,7 +180,7 @@ int s390_prng(unsigned char *output_data, unsigned int output_length)
 		unsigned char *ptr = output_data;
 		size_t i = 0;
 		for(; i < q; i++){
-			status = ica_drbg_generate(ica_drbg_global, 256, true,
+			status = ica_drbg_generate(ica_drbg_global, 256, false,
 						   NULL, 0, ptr,
 						   ICA_DRBG_SHA512
 						   ->max_no_of_bytes_per_req);
@@ -191,7 +190,7 @@ int s390_prng(unsigned char *output_data, unsigned int output_length)
 			ptr += ICA_DRBG_SHA512->max_no_of_bytes_per_req;
 		}
 		if(!status){
-			status = ica_drbg_generate(ica_drbg_global, 256, true,
+			status = ica_drbg_generate(ica_drbg_global, 256, false,
 						   NULL, 0, ptr, r);
 			if(!status)
 				return 0;