openssl-1_1/openssl-fips-rsagen-d-bits.patch

Index: openssl-1.1.0c/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.1.0c.orig/crypto/rsa/rsa_gen.c	2016-12-08 17:55:15.968669184 +0100
+++ openssl-1.1.0c/crypto/rsa/rsa_gen.c	2016-12-08 17:55:15.976669308 +0100
@@ -173,6 +173,12 @@ static int fips_rsa_builtin_keygen(RSA *
         goto err;
     }
 
+    BN_copy(rsa->e, e_value);
+
+    if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
+        test = 1;
+
+retry:
     /* prepare approximate minimum p and q */
     if (!BN_set_word(r0, 0xB504F334))
         goto err;
@@ -185,12 +191,6 @@ static int fips_rsa_builtin_keygen(RSA *
     if (!BN_lshift(r3, r3, pbits - 100))
         goto err;
 
-    BN_copy(rsa->e, e_value);
-
-    if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
-        test = 1;
-
- retry:
     /* generate p and q */
     for (i = 0; i < 5 * pbits; i++) {
  ploop:
@@ -323,6 +323,8 @@ static int fips_rsa_builtin_keygen(RSA *
         BN_free(pr0);
     }
 
+    /* test 2^(bits/2) < d < LCM((p-1)*(q-1)) */
+    /* the LCM part is covered due to the generation by modulo above */
     if (BN_num_bits(rsa->d) < pbits)
         goto retry;             /* d is too small */
- Renamed from openssl-1_1_0 (bsc#1081335) * All the minor versions of the 1.1.x openssl branch have the same sonum and keep ABI compatibility - Remove bit obsolete syntax - Use %license macro - Don't disable afalgeng on aarch64 - Add support for s390x CPACF enhancements (fate#321518) patches taken from https://github.com/openssl/openssl/pull/2859: * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch - Do not filter pkgconfig() provides/requires. - Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a clean upgrade path as an aid to zypp (boo#1070003). - Update to 1.1.0g OpenSSL Security Advisory [02 Nov 2017] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2 2018-02-16 13:13:08 +01:00			`Index: openssl-1.1.0c/crypto/rsa/rsa_gen.c`
			`===================================================================`
			`--- openssl-1.1.0c.orig/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.968669184 +0100`
			`+++ openssl-1.1.0c/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.976669308 +0100`
			`@@ -173,6 +173,12 @@ static int fips_rsa_builtin_keygen(RSA *`
			`goto err;`
			`}`

			`+ BN_copy(rsa->e, e_value);`
			`+`
			`+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))`
			`+ test = 1;`
			`+`
			`+retry:`
			`/* prepare approximate minimum p and q */`
			`if (!BN_set_word(r0, 0xB504F334))`
			`goto err;`
			`@@ -185,12 +191,6 @@ static int fips_rsa_builtin_keygen(RSA *`
			`if (!BN_lshift(r3, r3, pbits - 100))`
			`goto err;`

			`- BN_copy(rsa->e, e_value);`
			`-`
			`- if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))`
			`- test = 1;`
			`-`
			`- retry:`
			`/* generate p and q */`
			`for (i = 0; i < 5 * pbits; i++) {`
			`ploop:`
			`@@ -323,6 +323,8 @@ static int fips_rsa_builtin_keygen(RSA *`
			`BN_free(pr0);`
			`}`

			`+ /* test 2^(bits/2) < d < LCM((p-1)(q-1)) /`
			`+ /* the LCM part is covered due to the generation by modulo above */`
			`if (BN_num_bits(rsa->d) < pbits)`
			`goto retry; /* d is too small */`