/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-no-pairwise.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-no-pairwise.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Feb 18 03:03:10 2014 UTC (10 years, 8 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream
Initial import

1 Do not call pairwise tests in non-fips mode.
2 Some possible generated keys might be too small to pass.
3 diff -up openssl-fips-0.9.8e/fips/dsa/fips_dsa_key.c.no-pairwise openssl-fips-0.9.8e/fips/dsa/fips_dsa_key.c
4 --- openssl-fips-0.9.8e/fips/dsa/fips_dsa_key.c.no-pairwise 2007-09-12 19:46:04.000000000 +0200
5 +++ openssl-fips-0.9.8e/fips/dsa/fips_dsa_key.c 2009-04-15 11:21:07.000000000 +0200
6 @@ -154,7 +154,7 @@ static int dsa_builtin_keygen(DSA *dsa)
7 dsa->pub_key=pub_key;
8 if (fips_dsa_pairwise_fail)
9 BN_add_word(dsa->pub_key, 1);
10 - if(!fips_check_dsa(dsa))
11 + if(FIPS_mode() && !fips_check_dsa(dsa))
12 goto err;
13 ok=1;
14
15 diff -up openssl-fips-0.9.8e/fips/rsa/fips_rsa_gen.c.no-pairwise openssl-fips-0.9.8e/fips/rsa/fips_rsa_gen.c
16 --- openssl-fips-0.9.8e/fips/rsa/fips_rsa_gen.c.no-pairwise 2007-09-12 19:46:07.000000000 +0200
17 +++ openssl-fips-0.9.8e/fips/rsa/fips_rsa_gen.c 2009-04-15 11:21:31.000000000 +0200
18 @@ -288,7 +288,7 @@ static int rsa_builtin_keygen(RSA *rsa,
19 if (fips_rsa_pairwise_fail)
20 BN_add_word(rsa->n, 1);
21
22 - if(!fips_check_rsa(rsa))
23 + if(FIPS_mode() && !fips_check_rsa(rsa))
24 goto err;
25
26 ok=1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed