diff options
Diffstat (limited to 'debian/patches/libica_v2.6.1_performance_fix.patch')
-rw-r--r-- | debian/patches/libica_v2.6.1_performance_fix.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/debian/patches/libica_v2.6.1_performance_fix.patch b/debian/patches/libica_v2.6.1_performance_fix.patch new file mode 100644 index 0000000..cf4df2b --- /dev/null +++ b/debian/patches/libica_v2.6.1_performance_fix.patch @@ -0,0 +1,40 @@ +Description: ica_random_number_generate performance improvement + Changed the ica_random_number_generate function that asks the + global DRBG instance for random bytes to not reseed the + instance on every call. +Origin: https://sourceforge.net/p/opencryptoki/libica/ci/3bcd3efb0aff364515ab9b3c39dd68fbbb1534d0/ +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libica/+bug/1608954 + +--- a/src/s390_prng.c ++++ b/src/s390_prng.c +@@ -76,10 +76,9 @@ int s390_prng_init(void) + // available. However, the old prng is still initialized but + // only used as a fallback. + if(sha512_switch || sha512_drng_switch){ +- const char *pers = "ica_drbg_global"; + ica_drbg_instantiate(&ica_drbg_global, 256, true, +- ICA_DRBG_SHA512, (unsigned char *)pers, +- strlen(pers)); ++ ICA_DRBG_SHA512, ++ (unsigned char *)"GLOBAL INSTANCE", 15); + } + + // The old prng code starts here: +@@ -181,7 +180,7 @@ int s390_prng(unsigned char *output_data + unsigned char *ptr = output_data; + size_t i = 0; + for(; i < q; i++){ +- status = ica_drbg_generate(ica_drbg_global, 256, true, ++ status = ica_drbg_generate(ica_drbg_global, 256, false, + NULL, 0, ptr, + ICA_DRBG_SHA512 + ->max_no_of_bytes_per_req); +@@ -191,7 +190,7 @@ int s390_prng(unsigned char *output_data + ptr += ICA_DRBG_SHA512->max_no_of_bytes_per_req; + } + if(!status){ +- status = ica_drbg_generate(ica_drbg_global, 256, true, ++ status = ica_drbg_generate(ica_drbg_global, 256, false, + NULL, 0, ptr, r); + if(!status) + return 0; |