upstream/oracle/userland-gate: components/openssl/common/patches/042-default_fips

4774 dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	1	#
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	2	# This patch came from the upstream to use x9.31 keygen by default in
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	3	# the FIPS mode. This will be available in the next release.
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	4	#
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	5	--- openssl-1.0.1p/crypto/rsa/rsa_gen.c.orig Tue Aug 11 10:47:51 2015
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	6	+++ openssl-1.0.1p/crypto/rsa/rsa_gen.c Tue Aug 11 10:56:07 2015
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	7	@@ -69,6 +69,8 @@
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	8	#include <openssl/rsa.h>
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	9	#ifdef OPENSSL_FIPS
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	10	# include <openssl/fips.h>
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	11	+extern int FIPS_rsa_x931_generate_key_ex(RSA rsa, int bits, BIGNUM e,
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	12	+ BN_GENCB *cb);
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	13	#endif
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	14
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	15	static int rsa_builtin_keygen(RSA rsa, int bits, BIGNUM e_value,
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	16	@@ -93,8 +95,9 @@
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	17	if (rsa->meth->rsa_keygen)
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	18	return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	19	#ifdef OPENSSL_FIPS
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	20	- if (FIPS_mode())
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	21	- return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	22	+ if (FIPS_mode()) {
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	23	+ return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb);
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	24	+ }
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	25	#endif
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	26	return rsa_builtin_keygen(rsa, bits, e_value, cb);
dbddfc4fa8f1 21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	27	}

author	Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
	Thu, 13 Aug 2015 09:08:19 -0700
changeset 4774	dbddfc4fa8f1
permissions	-rw-r--r--