author | Misaki Miyashita <Misaki.Miyashita@Oracle.COM> |
Thu, 13 Aug 2015 09:08:19 -0700 | |
changeset 4774 | dbddfc4fa8f1 |
permissions | -rw-r--r-- |
4774
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
1 |
# |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
2 |
# This patch came from the upstream to use x9.31 keygen by default in |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
3 |
# the FIPS mode. This will be available in the next release. |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
4 |
# |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
5 |
--- openssl-1.0.1p/crypto/rsa/rsa_gen.c.orig Tue Aug 11 10:47:51 2015 |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
6 |
+++ openssl-1.0.1p/crypto/rsa/rsa_gen.c Tue Aug 11 10:56:07 2015 |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
7 |
@@ -69,6 +69,8 @@ |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
8 |
#include <openssl/rsa.h> |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
9 |
#ifdef OPENSSL_FIPS |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
10 |
# include <openssl/fips.h> |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
11 |
+extern int FIPS_rsa_x931_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
12 |
+ BN_GENCB *cb); |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
13 |
#endif |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
14 |
|
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
15 |
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
16 |
@@ -93,8 +95,9 @@ |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
17 |
if (rsa->meth->rsa_keygen) |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
18 |
return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
19 |
#ifdef OPENSSL_FIPS |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
20 |
- if (FIPS_mode()) |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
21 |
- return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb); |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
22 |
+ if (FIPS_mode()) { |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
23 |
+ return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb); |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
24 |
+ } |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
25 |
#endif |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
26 |
return rsa_builtin_keygen(rsa, bits, e_value, cb); |
dbddfc4fa8f1
21615321 FIPS validated RSA keygen should be called by default when FIPS mode is enabled
Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
parents:
diff
changeset
|
27 |
} |