From: Richard Levitte <levitte@openssl.org>
Date: Wed, 4 Dec 2019 08:54:35 +0000 (+0100)
Subject: PROV: Avoid MDC2 in the RSA signature implementation in the FIPS module
X-Git-Tag: openssl-3.0.0-alpha1~392
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1b6ea3080d86e8c3a249cda92fbd20417e942704;p=oweals%2Fopenssl.git

PROV: Avoid MDC2 in the RSA signature implementation in the FIPS module

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10557)
---

diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 3f941b1032..6b0f55a19a 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -308,6 +308,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
             return 0;
         }
 
+#ifndef FIPS_MODE
         if (EVP_MD_is_a(prsactx->md, OSSL_DIGEST_NAME_MDC2)) {
             unsigned int sltmp;
 
@@ -326,6 +327,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
             ret = sltmp;
             goto end;
         }
+#endif
 
         switch (prsactx->pad_mode) {
         case RSA_X931_PADDING:
@@ -401,7 +403,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
                                   prsactx->pad_mode);
     }
 
-#ifdef LEGACY_MODE
+#ifndef FIPS_MODE
  end:
 #endif
     if (ret <= 0) {