From: Pauli Date: Wed, 13 Aug 2025 03:00:12 +0000 (+1000) Subject: rsa sig: make indicator parameter conditional on FIPS X-Git-Tag: openssl-3.6.0-alpha1~105 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1aae0a4016127c8cf73b5d33866622529ec8aa8e;p=thirdparty%2Fopenssl.git rsa sig: make indicator parameter conditional on FIPS Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/28243) --- diff --git a/providers/implementations/signature/rsa_sig.c.in b/providers/implementations/signature/rsa_sig.c.in index 5f1485ed1c9..ca4a9ba5f4d 100644 --- a/providers/implementations/signature/rsa_sig.c.in +++ b/providers/implementations/signature/rsa_sig.c.in @@ -1393,8 +1393,8 @@ static void *rsa_dupctx(void *vprsactx) ['SIGNATURE_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'], - ['SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE', 'verify', 'uint'], - ['SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'], + ['SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE', 'verify', 'uint', 'fips'], + ['SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], )); -} static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) @@ -1532,10 +1532,10 @@ static int rsa_x931_padding_allowed(PROV_RSA_CTX *ctx) ['SIGNATURE_PARAM_MGF1_PROPERTIES', 'mgf1pq', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'], - ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'], - ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'], - ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int'], - ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int'], + ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int', 'fips'], )); -} #define rsa_set_ctx_params_no_digest_st rsa_set_ctx_params_st @@ -1547,10 +1547,10 @@ static int rsa_x931_padding_allowed(PROV_RSA_CTX *ctx) ['SIGNATURE_PARAM_MGF1_PROPERTIES', 'mgf1pq', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'], ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'], - ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'], - ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'], - ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int'], - ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int'], + ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int', 'fips'], + ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int', 'fips'], )); -} static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])