[openssl] Sign the test string in the pairwise check instead of empty data.
Tomáš Mráz
tmraz at fedoraproject.org
Fri Jul 4 15:10:13 UTC 2014
commit c66230af317d28fca45ff2e6723479d58d787bed
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Fri Jul 4 17:08:44 2014 +0200
Sign the test string in the pairwise check instead of empty data.
Author: Marcus Meissner <meissner at suse.de>
openssl-1.0.1e-fips-ec.patch | 2 +-
openssl-1.0.1g-fips.patch | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/openssl-1.0.1e-fips-ec.patch b/openssl-1.0.1e-fips-ec.patch
index 7287dae..e1f648c 100644
--- a/openssl-1.0.1e-fips-ec.patch
+++ b/openssl-1.0.1e-fips-ec.patch
@@ -241,7 +241,7 @@ diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_k
+
+ EVP_PKEY_set1_EC_KEY(pk, key);
+
-+ if (fips_pkey_signature_test(pk, tbs, 0, NULL, 0, NULL, 0, NULL))
++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL))
+ ret = 1;
+
+ err:
diff --git a/openssl-1.0.1g-fips.patch b/openssl-1.0.1g-fips.patch
index 26b1e86..e51e126 100644
--- a/openssl-1.0.1g-fips.patch
+++ b/openssl-1.0.1g-fips.patch
@@ -983,7 +983,7 @@ diff -up openssl-1.0.1g/crypto/dsa/dsa_key.c.fips openssl-1.0.1g/crypto/dsa/dsa_
+
+ EVP_PKEY_set1_DSA(pk, dsa);
+
-+ if (fips_pkey_signature_test(pk, tbs, 0, NULL, 0, NULL, 0, NULL))
++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL))
+ ret = 1;
+
+ err:
More information about the scm-commits
mailing list