mozilla-nss/nss-fips-dsa-kat.patch

# HG changeset patch
# User Hans Petter Jansson <hpj@suse.com>
# Date 1505605677 -7200
#      Sun Sep 17 01:47:57 2017 +0200
# Node ID 4ae6bed68a83c01f6d2ce7a37bdb0bdb0556416f
# Parent  5e191a391c38967e49a1d005800713ccd1010b09
[PATCH 2/6] Make DSA KAT FIPS compliant (1024 -> 2048 bit key).
From b88701933a284ba8640df66b954c04d36ee592c9 Mon Sep 17 00:00:00 2001
---
 nss/lib/freebl/dsa.c        |   2 +-
 nss/lib/freebl/fipsfreebl.c | 143 +++++++++++++++++++++++++++-----------------
 2 files changed, 90 insertions(+), 55 deletions(-)

Index: nss/lib/freebl/dsa.c
===================================================================
--- nss.orig/lib/freebl/dsa.c
+++ nss/lib/freebl/dsa.c
@@ -536,7 +536,7 @@ DSA_SignDigest(DSAPrivateKey *key, SECIt
     return rv;
 }
 
-/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
+/* For FIPS compliance testing. Seed must be the same size as subprime. */
 SECStatus
 DSA_SignDigestWithSeed(DSAPrivateKey *key,
                        SECItem *signature,