saltbundle/saltbundle-openssl-sle12
SHA256
7
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bundle_testing
saltbundle-openssl-sle12/openssl-fips-drbg_derfunc.patch

83 lines
3.2 KiB
Diff
Raw Permalink Blame History

Index: openssl-1.0.2p/crypto/fips/fips_drbg_ctr.c
===================================================================
--- openssl-1.0.2p.orig/crypto/fips/fips_drbg_ctr.c
+++ openssl-1.0.2p/crypto/fips/fips_drbg_ctr.c
@@ -314,22 +314,13 @@ static int drbg_ctr_generate(DRBG_CTX *d
for (;;) {
inc_128(cctx);
- if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
- AES_encrypt(cctx->V, dctx->lb, &cctx->ks);
- dctx->lb_valid = 1;
- continue;
- }
if (outlen < 16) {
/* Use K as temp space as it will be updated */
AES_encrypt(cctx->V, cctx->K, &cctx->ks);
- if (!fips_drbg_cprng_test(dctx, cctx->K))
- return 0;
memcpy(out, cctx->K, outlen);
break;
}
AES_encrypt(cctx->V, out, &cctx->ks);
- if (!fips_drbg_cprng_test(dctx, out))
- return 0;
out += 16;
outlen -= 16;
if (outlen == 0)
Index: openssl-1.0.2p/crypto/fips/fips_drbg_hash.c
===================================================================
--- openssl-1.0.2p.orig/crypto/fips/fips_drbg_hash.c
+++ openssl-1.0.2p/crypto/fips/fips_drbg_hash.c
@@ -184,19 +184,12 @@ static int hash_gen(DRBG_CTX *dctx, unsi
for (;;) {
FIPS_digestinit(&hctx->mctx, hctx->md);
FIPS_digestupdate(&hctx->mctx, hctx->vtmp, dctx->seedlen);
- if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
- FIPS_digestfinal(&hctx->mctx, dctx->lb, NULL);
- dctx->lb_valid = 1;
- } else if (outlen < dctx->blocklength) {
- FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
- if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
- return 0;
+ if (outlen < dctx->blocklength) {
+ FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
memcpy(out, hctx->vtmp, outlen);
return 1;
} else {
FIPS_digestfinal(&hctx->mctx, out, NULL);
- if (!fips_drbg_cprng_test(dctx, out))
- return 0;
outlen -= dctx->blocklength;
if (outlen == 0)
return 1;
Index: openssl-1.0.2p/crypto/fips/fips_drbg_hmac.c
===================================================================
--- openssl-1.0.2p.orig/crypto/fips/fips_drbg_hmac.c
+++ openssl-1.0.2p/crypto/fips/fips_drbg_hmac.c
@@ -177,23 +177,13 @@ static int drbg_hmac_generate(DRBG_CTX *
return 0;
if (!HMAC_Update(hctx, Vtmp, dctx->blocklength))
return 0;
- if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
- if (!HMAC_Final(hctx, dctx->lb, NULL))
- return 0;
- dctx->lb_valid = 1;
- Vtmp = dctx->lb;
- continue;
- } else if (outlen > dctx->blocklength) {
+ if (outlen > dctx->blocklength) {
if (!HMAC_Final(hctx, out, NULL))
return 0;
- if (!fips_drbg_cprng_test(dctx, out))
- return 0;
Vtmp = out;
} else {
if (!HMAC_Final(hctx, hmac->V, NULL))
return 0;
- if (!fips_drbg_cprng_test(dctx, hmac->V))
- return 0;
memcpy(out, hmac->V, outlen);
break;
}
Reference in New Issue View Git Blame Copy Permalink