What were you trying to do that didn't work?

Package crypto-policies-20230731-1.git94f0e2c.el9.noarch brings small update for openssl policy in FIPS, it add the following file in FIPS policy:

/etc/crypto-policies/back-ends/openssl_fips.config -> /usr/share/crypto-policies/FIPS/openssl_fips.txt

However, when this file is present libica FIPS integrity test fails:

# icainfo
...
Built-in FIPS support: FIPS 140-3 mode active.
FIPS SELF-TEST FAILURE. CHECK THE SYSLOG.
Software fallbacks are disabled.

# journalctl -xe | grep 'Libica FIPS'
Sep 26 14:44:19 ibm-z-508.lab.eng.rdu2.redhat.com icainfo[28068]: Libica FIPS library integrity check failed. Module /lib64/libica.so.4 probably corrupted.

Selftest is not failing because hmac is wrong, it is perfectly fine:

# openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 /usr/lib64/libica.so.4
HMAC-SHA2-256(/usr/lib64/libica.so.4)= 4034f00b0684506c7f46e55cd8f85d01ef9af7699a16ac75c396a333be7065dd
# cat /usr/lib64/.libica.so.4.hmac 
4034f00b0684506c7f46e55cd8f85d01ef9af7699a16ac75c396a333be7065dd

It actually fails because libica is unable to internally compute it, it is because pkey = get_pkey() in compute_file_hmac() returns NULL. Function get_pkey() uses EVP_PKEY_new_mac_key() and that fails because EVP_PKEY_CTX_new_id() results NULL there. Unfortunately, I was not able to find the root cause.

Breakpoint 1, get_pkey () at fips.c:354
354	{
(gdb) n
357		EVP_PKEY *pkey = NULL;
(gdb) n
359		keybuf = OPENSSL_hexstr2buf(hmackey, &keylen);
(gdb) n
360		if (keybuf == NULL)
(gdb) n
363		pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, keybuf, (int)keylen);
(gdb) s
EVP_PKEY_new_mac_key (type=855, e=0x0, key=0x2aa0004d8f0 "", keylen=64) at crypto/evp/pmeth_gn.c:318
318	{
(gdb) n
320	    EVP_PKEY *mac_key = NULL;
(gdb) n
321	    mac_ctx = EVP_PKEY_CTX_new_id(type, e);
(gdb) s
EVP_PKEY_CTX_new_id (id=855, e=0x0) at crypto/evp/pmeth_lib.c:470
470	    return int_ctx_new(NULL, NULL, e, NULL, NULL, id);
(gdb) n
EVP_PKEY_new_mac_key (type=<optimized out>, e=<optimized out>, key=0x2aa0004d8f0 "", keylen=<optimized out>) at crypto/evp/pmeth_gn.c:322
322	    if (!mac_ctx)
(gdb) info locals
mac_ctx = 0x0
mac_key = 0x0
(gdb) quit

Once you get rid of this new openssl_fips.config file, everything works again. Also, the problem cannot be reproduced outside of libica. When running EVP_PKEY_new_mac_key() in a sample openssl code, it works fine even with the latest crypto-policy. Openssl folks confirmed that this new configuration file has only effect on TLS (it control use of EMS there), it should have no effect on anything else. If it does not exists openssl essentially creates it on its own.

It seems that perhaps libica FIPS codepath for openssl-3 needs to be revisited (fips_init rather than FIPSCHECK_verify).

Please notice that this essentially makes opencryptoki unusable in FIPS mode. The workaround is to remove openssl_fips.config but such workaround might have other negative effects.

Please provide the package NVR for which bug is seen:

libica-4.2.2-2.el9.s390x
crypto-policies-20230731-1.git94f0e2c.el9.noarch
openssl-3.0.7-24.el9.s390x

How reproducible:

100% on s390x

Steps to reproduce

1. Enable FIPS mode:
2. Run icainfo.

Expected results

See above.

Actual results

No HMAC inegrity failure.