testing/openssl-3
SHA256
3
0
Fork 0
forked from pool/openssl-3
Code Pull Requests Activity
6bc57d937f
openssl-3/openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
Pedro Monreal Gonzalez 6bc57d937f - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 
* SHA-1 is not allowed anymore in FIPS 186-5 for signature
    verification operations. After 12/31/2030, NIST will disallow
    SHA-1 for all of its usages.
  * Add openssl-3-FIPS-Deny-SHA-1-sigver-in-FIPS-provider.patch

- FIPS: RSA keygen PCT requirements.
  * Skip the rsa_keygen_pairwise_test() PCT in rsa_keygen() as the
    self-test requirements are covered by do_rsa_pct() for both
    RSA-OAEP and RSA signatures [bsc#1221760]
  * Enforce error state if rsa_keygen PCT is run and fails [bsc#1221753]
  * Add openssl-3-FIPS-PCT_rsa_keygen.patch

- FIPS: Check that the fips provider is available before setting
  it as the default provider in FIPS mode. [bsc#1220523]
  * Rebase openssl-Force-FIPS.patch

- FIPS: Port openssl to use jitterentropy [bsc#1220523]
  * Set the module in error state if the jitter RNG fails either on
    initialization or entropy gathering because health tests failed.
  * Add jitterentropy as a seeding source output also in crypto/info.c
  * Move the jitter entropy collector and the associated lock out
    of the header file to avoid redefinitions.
  * Add the fips_local.cnf symlink to the spec file. This simlink
    points to the openssl_fips.config file that is provided by the
    crypto-policies package.
  * Rebase openssl-3-jitterentropy-3.4.0.patch
  * Rebase openssl-FIPS-enforce-EMS-support.patch

- FIPS: Block non-Approved Elliptic Curves [bsc#1221786]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=110
2024-08-07 21:54:42 +00:00

77 lines
2.8 KiB
Diff
Raw Blame History

From 670e73d9084465384b11ef24802ca4a313e1d2f4 Mon Sep 17 00:00:00 2001
From: Rohan McLure <rohanmclure@linux.ibm.com>
Date: Tue, 15 Aug 2023 15:20:20 +1000
Subject: [PATCH] ecc: Remove extraneous parentheses in secp384r1
Substitutions in the felem_reduce() method feature unecessary
parentheses, remove them.
Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
---
crypto/ec/ecp_nistp384.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/crypto/ec/ecp_nistp384.c b/crypto/ec/ecp_nistp384.c
index 14f9530d07c6..ff68f9cc7ad0 100644
--- a/crypto/ec/ecp_nistp384.c
+++ b/crypto/ec/ecp_nistp384.c
@@ -540,7 +540,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[7] += in[12] >> 8;
acc[6] += (in[12] & 0xff) << 48;
acc[6] -= in[12] >> 16;
- acc[5] -= ((in[12] & 0xffff) << 40);
+ acc[5] -= (in[12] & 0xffff) << 40;
acc[6] += in[12] >> 48;
acc[5] += (in[12] & 0xffffffffffff) << 8;
@@ -549,7 +549,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[6] += in[11] >> 8;
acc[5] += (in[11] & 0xff) << 48;
acc[5] -= in[11] >> 16;
- acc[4] -= ((in[11] & 0xffff) << 40);
+ acc[4] -= (in[11] & 0xffff) << 40;
acc[5] += in[11] >> 48;
acc[4] += (in[11] & 0xffffffffffff) << 8;
@@ -558,7 +558,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[5] += in[10] >> 8;
acc[4] += (in[10] & 0xff) << 48;
acc[4] -= in[10] >> 16;
- acc[3] -= ((in[10] & 0xffff) << 40);
+ acc[3] -= (in[10] & 0xffff) << 40;
acc[4] += in[10] >> 48;
acc[3] += (in[10] & 0xffffffffffff) << 8;
@@ -567,7 +567,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[4] += in[9] >> 8;
acc[3] += (in[9] & 0xff) << 48;
acc[3] -= in[9] >> 16;
- acc[2] -= ((in[9] & 0xffff) << 40);
+ acc[2] -= (in[9] & 0xffff) << 40;
acc[3] += in[9] >> 48;
acc[2] += (in[9] & 0xffffffffffff) << 8;
@@ -582,7 +582,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[3] += acc[8] >> 8;
acc[2] += (acc[8] & 0xff) << 48;
acc[2] -= acc[8] >> 16;
- acc[1] -= ((acc[8] & 0xffff) << 40);
+ acc[1] -= (acc[8] & 0xffff) << 40;
acc[2] += acc[8] >> 48;
acc[1] += (acc[8] & 0xffffffffffff) << 8;
@@ -591,7 +591,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[2] += acc[7] >> 8;
acc[1] += (acc[7] & 0xff) << 48;
acc[1] -= acc[7] >> 16;
- acc[0] -= ((acc[7] & 0xffff) << 40);
+ acc[0] -= (acc[7] & 0xffff) << 40;
acc[1] += acc[7] >> 48;
acc[0] += (acc[7] & 0xffffffffffff) << 8;
View Git Blame Copy Permalink