02427a3414
* All the minor versions of the 1.1.x openssl branch have the same
sonum and keep ABI compatibility
- Remove bit obsolete syntax
- Use %license macro
- Don't disable afalgeng on aarch64
- Add support for s390x CPACF enhancements (fate#321518)
patches taken from https://github.com/openssl/openssl/pull/2859:
* 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
* 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
* 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
* 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
* 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
* 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
* 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
* 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
* 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
- Do not filter pkgconfig() provides/requires.
- Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a
clean upgrade path as an aid to zypp (boo#1070003).
- Update to 1.1.0g
OpenSSL Security Advisory [02 Nov 2017]
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2
40 lines
1.2 KiB
Diff
40 lines
1.2 KiB
Diff
Index: openssl-1.1.0c/crypto/rsa/rsa_gen.c
|
|
===================================================================
|
|
--- openssl-1.1.0c.orig/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.968669184 +0100
|
|
+++ openssl-1.1.0c/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.976669308 +0100
|
|
@@ -173,6 +173,12 @@ static int fips_rsa_builtin_keygen(RSA *
|
|
goto err;
|
|
}
|
|
|
|
+ BN_copy(rsa->e, e_value);
|
|
+
|
|
+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
|
|
+ test = 1;
|
|
+
|
|
+retry:
|
|
/* prepare approximate minimum p and q */
|
|
if (!BN_set_word(r0, 0xB504F334))
|
|
goto err;
|
|
@@ -185,12 +191,6 @@ static int fips_rsa_builtin_keygen(RSA *
|
|
if (!BN_lshift(r3, r3, pbits - 100))
|
|
goto err;
|
|
|
|
- BN_copy(rsa->e, e_value);
|
|
-
|
|
- if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
|
|
- test = 1;
|
|
-
|
|
- retry:
|
|
/* generate p and q */
|
|
for (i = 0; i < 5 * pbits; i++) {
|
|
ploop:
|
|
@@ -323,6 +323,8 @@ static int fips_rsa_builtin_keygen(RSA *
|
|
BN_free(pr0);
|
|
}
|
|
|
|
+ /* test 2^(bits/2) < d < LCM((p-1)*(q-1)) */
|
|
+ /* the LCM part is covered due to the generation by modulo above */
|
|
if (BN_num_bits(rsa->d) < pbits)
|
|
goto retry; /* d is too small */
|
|
|