4af0aa7796
* libica-01-fips-update-remove-sigVer-from-fips-ECDSA-kat.patch * libica-02-fips-update-Change-service-indicator-implementation.patch OBS-URL: https://build.opensuse.org/package/show/security:tls/libica?expand=0&rev=24
29 lines
1.0 KiB
Diff
29 lines
1.0 KiB
Diff
From 0a7e4c34a0cc58e1242d4b131e9c224736eadef2 Mon Sep 17 00:00:00 2001
|
|
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
|
Date: Mon, 28 Oct 2024 13:04:19 +0100
|
|
Subject: [PATCH] fips update: remove sigVer from fips ECDSA kat
|
|
|
|
From https://github.com/usnistgov/ACVP/blob/master/src/ecdsa/sections/05-capabilities.adoc
|
|
"The 'componentTest' property is only valid for detECDSA / sigGen / FIPS186-5 and
|
|
ECDSA / sigGen / * registrations." i.e., only ECDSA sigGen component can be tested.
|
|
|
|
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
|
---
|
|
src/fips.c | 3 ---
|
|
1 file changed, 3 deletions(-)
|
|
|
|
diff --git a/src/fips.c b/src/fips.c
|
|
index 4d1db07..3c26043 100644
|
|
--- a/src/fips.c
|
|
+++ b/src/fips.c
|
|
@@ -1240,9 +1240,6 @@ ecdsa_kat(void)
|
|
/* adapter handle not needed here, just CPACF */
|
|
rc = ica_ecdsa_sign_ex_internal(0, eckey, tv->hash, tv->hashlen,
|
|
sigbuf, tv->siglen, tv->k);
|
|
- if (rc)
|
|
- goto _err_;
|
|
- rc = ica_ecdsa_verify(0, eckey, tv->hash, tv->hashlen, sigbuf, tv->siglen);
|
|
if (rc)
|
|
goto _err_;
|
|
if (memcmp(sigbuf, tv->sig, tv->siglen) != 0) {
|