forked from rpms/openssl
6c57fc8dcc
Resolves: rhbz#2144010
60 lines
1.9 KiB
Diff
60 lines
1.9 KiB
Diff
diff -up openssl-3.0.1/crypto/rsa/rsa_oaep.c.oaep openssl-3.0.1/crypto/rsa/rsa_oaep.c
|
|
--- openssl-3.0.1/crypto/rsa/rsa_oaep.c.oaep 2022-11-14 13:45:05.970402064 +0100
|
|
+++ openssl-3.0.1/crypto/rsa/rsa_oaep.c 2022-11-14 13:51:20.725741198 +0100
|
|
@@ -78,8 +78,22 @@ int ossl_rsa_padding_add_PKCS1_OAEP_mgf1
|
|
return 0;
|
|
#endif
|
|
}
|
|
+
|
|
+#ifdef FIPS_MODULE
|
|
+ if (EVP_MD_is_a(md, "SHAKE-128") || EVP_MD_is_a(md, "SHAKE-256")) {
|
|
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
|
+ return 0;
|
|
+ }
|
|
+#endif
|
|
if (mgf1md == NULL)
|
|
mgf1md = md;
|
|
+
|
|
+#ifdef FIPS_MODULE
|
|
+ if (EVP_MD_is_a(mgf1md, "SHAKE-128") || EVP_MD_is_a(mgf1md, "SHAKE-256")) {
|
|
+ ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
|
|
+ return 0;
|
|
+ }
|
|
+#endif
|
|
|
|
mdlen = EVP_MD_get_size(md);
|
|
if (mdlen <= 0) {
|
|
diff -up openssl-3.0.1/crypto/rsa/rsa_pss.c.oaep openssl-3.0.1/crypto/rsa/rsa_pss.c
|
|
--- openssl-3.0.1/crypto/rsa/rsa_pss.c.oaep 2022-11-15 14:53:11.103467808 +0100
|
|
+++ openssl-3.0.1/crypto/rsa/rsa_pss.c 2022-11-15 15:00:07.233966865 +0100
|
|
@@ -53,6 +53,14 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa,
|
|
if (mgf1Hash == NULL)
|
|
mgf1Hash = Hash;
|
|
|
|
+#ifdef FIPS_MODULE
|
|
+ if (EVP_MD_is_a(Hash, "SHAKE-128") || EVP_MD_is_a(Hash, "SHAKE-256"))
|
|
+ goto err;
|
|
+
|
|
+ if (EVP_MD_is_a(mgf1Hash, "SHAKE-128") || EVP_MD_is_a(mgf1Hash, "SHAKE-256"))
|
|
+ goto err;
|
|
+#endif
|
|
+
|
|
hLen = EVP_MD_get_size(Hash);
|
|
if (hLen < 0)
|
|
goto err;
|
|
@@ -164,6 +172,14 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *
|
|
if (mgf1Hash == NULL)
|
|
mgf1Hash = Hash;
|
|
|
|
+#ifdef FIPS_MODULE
|
|
+ if (EVP_MD_is_a(Hash, "SHAKE-128") || EVP_MD_is_a(Hash, "SHAKE-256"))
|
|
+ goto err;
|
|
+
|
|
+ if (EVP_MD_is_a(mgf1Hash, "SHAKE-128") || EVP_MD_is_a(mgf1Hash, "SHAKE-256"))
|
|
+ goto err;
|
|
+#endif
|
|
+
|
|
hLen = EVP_MD_get_size(Hash);
|
|
if (hLen < 0)
|
|
goto err;
|