|
|
|
|
@ -89,6 +89,15 @@ diff -up openssl-3.0.0/providers/fips/fipsprov.c.fipsmin openssl-3.0.0/providers
|
|
|
|
|
{ PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions },
|
|
|
|
|
#endif
|
|
|
|
|
{ PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES,
|
|
|
|
|
@@ -407,7 +407,7 @@ static const OSSL_ALGORITHM fips_signatu
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const OSSL_ALGORITHM fips_asym_cipher[] = {
|
|
|
|
|
- { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_asym_cipher_functions },
|
|
|
|
|
+ { PROV_NAMES_RSA, FIPS_UNAPPROVED_PROPERTIES, ossl_rsa_asym_cipher_functions },
|
|
|
|
|
{ NULL, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
@@ -421,7 +424,7 @@ static const OSSL_ALGORITHM fips_keymgmt
|
|
|
|
|
PROV_DESCS_DHX },
|
|
|
|
|
#endif
|
|
|
|
|
@ -119,6 +128,18 @@ diff -up openssl-3.0.0/providers/fips/fipsprov.c.fipsmin openssl-3.0.0/providers
|
|
|
|
|
diff -up openssl-3.0.0/test/acvp_test.c.fipsmin openssl-3.0.0/test/acvp_test.c
|
|
|
|
|
--- openssl-3.0.0/test/acvp_test.c.fipsmin 2022-01-12 18:34:17.283654119 +0100
|
|
|
|
|
+++ openssl-3.0.0/test/acvp_test.c 2022-01-12 18:35:46.270430676 +0100
|
|
|
|
|
@@ -1466,8 +1466,9 @@ int setup_tests(void)
|
|
|
|
|
ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data));
|
|
|
|
|
ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data));
|
|
|
|
|
ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data));
|
|
|
|
|
- ADD_ALL_TESTS(rsa_decryption_primitive_test,
|
|
|
|
|
- OSSL_NELEM(rsa_decrypt_prim_data));
|
|
|
|
|
+/* Red Hat FIPS provider doesn't have fips=yes property on RSA encryption */
|
|
|
|
|
+/* ADD_ALL_TESTS(rsa_decryption_primitive_test,
|
|
|
|
|
+ OSSL_NELEM(rsa_decrypt_prim_data)); */
|
|
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_DH
|
|
|
|
|
ADD_ALL_TESTS(dh_safe_prime_keygen_test,
|
|
|
|
|
@@ -1473,6 +1473,7 @@ int setup_tests(void)
|
|
|
|
|
OSSL_NELEM(dh_safe_prime_keyver_data));
|
|
|
|
|
#endif /* OPENSSL_NO_DH */
|
|
|
|
|
|
Dmitry Belyavskiy
3 years ago