Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/common/patches/042-default_fips_keygen.patch
changeset 5171 4e8b3c0ea78c
parent 5170 970e0f411b42
child 5172 2ac937ed383b
equal deleted inserted replaced
5170:970e0f411b42 5171:4e8b3c0ea78c 
     1 #
 
       
     2 # This patch came from the upstream to use x9.31 keygen by default in
 
       
     3 # the FIPS mode. This will be available in the next release.
 
       
     4 #
 
       
     5 --- openssl-1.0.1p/crypto/rsa/rsa_gen.c.orig    Tue Aug 11 10:47:51 2015
 
       
     6 +++ openssl-1.0.1p/crypto/rsa/rsa_gen.c Tue Aug 11 10:56:07 2015
 
       
     7 @@ -69,6 +69,8 @@
 
       
     8  #include <openssl/rsa.h>
 
       
     9  #ifdef OPENSSL_FIPS
 
       
    10  # include <openssl/fips.h>
 
       
    11 +extern int FIPS_rsa_x931_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
 
       
    12 +                                         BN_GENCB *cb);
 
       
    13  #endif
 
       
    14  
       
    15  static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
 
       
    16 @@ -93,8 +95,9 @@
 
       
    17      if (rsa->meth->rsa_keygen)
 
       
    18          return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
 
       
    19  #ifdef OPENSSL_FIPS
 
       
    20 -    if (FIPS_mode())
 
       
    21 -        return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
 
       
    22 +    if (FIPS_mode()) {
 
       
    23 +        return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb);
 
       
    24 +    }
 
       
    25  #endif
 
       
    26      return rsa_builtin_keygen(rsa, bits, e_value, cb);
 
       
    27  }
upstream/oracle/userland-gate