openssl-1_1/openssl-1_1-ossl-sli-006-rsa_pkcs1_padding.patch

Index: openssl-1.1.1l/crypto/rsa/rsa_pmeth.c
===================================================================
--- openssl-1.1.1l.orig/crypto/rsa/rsa_pmeth.c
+++ openssl-1.1.1l/crypto/rsa/rsa_pmeth.c
@@ -140,13 +140,11 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
             unsigned int sltmp;
             if (rctx->pad_mode != RSA_PKCS1_PADDING)
                 return -1;
-            /* PKCS1-v1.5 padding is disallowed after 2023 */
-            fips_sli_disapprove_EVP_PKEY_CTX(ctx);
             ret = RSA_sign_ASN1_OCTET_STRING(0,
                                              tbs, tbslen, sig, &sltmp, rsa);
-
             if (ret <= 0)
                 return ret;
+            fips_sli_check_hash_siggen_EVP_PKEY_CTX(ctx, rctx->md);
             ret = sltmp;
         } else if (rctx->pad_mode == RSA_X931_PADDING) {
             if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
@@ -179,13 +177,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
             ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
                                       sig, rsa, RSA_X931_PADDING);
         } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-            /*  PKCS1-v1.5 padding is disallowed after 2023  */
-            fips_sli_disapprove_EVP_PKEY_CTX(ctx);
             unsigned int sltmp;
             ret = RSA_sign(EVP_MD_type(rctx->md),
                            tbs, tbslen, sig, &sltmp, rsa);
             if (ret <= 0)
                 return ret;
+            fips_sli_check_hash_siggen_EVP_PKEY_CTX(ctx, rctx->md);
             ret = sltmp;
         } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
             if (!setup_tbuf(rctx, ctx))
@@ -290,10 +287,13 @@ static int pkey_rsa_verify(EVP_PKEY_CTX
 
     if (rctx->md) {
         if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-            /* PKCS1-v1.5 padding is disallowed after 2023 */
-            fips_sli_disapprove_EVP_PKEY_CTX(ctx);
-            return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
-                              sig, siglen, rsa);
+            int ret;
+            ret = RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
+                             sig, siglen, rsa);
+            if (ret <= 0)
+                return 0;
+            fips_sli_check_hash_sigver_EVP_PKEY_CTX(ctx, rctx->md);
+            return ret;
         }
         if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
             RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);