From bce1af776247fee153223ea156228810779483ce Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 1 Jun 2011 14:07:32 +0000
Subject: [PATCH] Add DSA and ECDSA "clone digests" to module for compatibility
 with old applications.

---
 Makefile.fips        | 3 +++
 Makefile.org         | 3 +++
 crypto/evp/m_dss.c   | 4 ++--
 crypto/evp/m_dss1.c  | 4 ++--
 crypto/evp/m_ecdsa.c | 4 ++--
 fips/fipssyms.h      | 3 +++
 6 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/Makefile.fips b/Makefile.fips
index 61a644222e..5d0aca0a3e 100644
--- a/Makefile.fips
+++ b/Makefile.fips
@@ -330,6 +330,9 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
 	../crypto/evp/e_aes.o \
 	../crypto/evp/e_des3.o \
 	../crypto/evp/m_sha1.o \
+	../crypto/evp/m_dss1.o \
+	../crypto/evp/m_dss.o \
+	../crypto/evp/m_ecdsa.o \
 	../crypto/hmac/hmac.o \
 	../crypto/modes/cbc128.o \
 	../crypto/modes/ccm128.o \
diff --git a/Makefile.org b/Makefile.org
index 716cccac43..21a7a3751e 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -323,6 +323,9 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
 	../crypto/evp/e_aes.o \
 	../crypto/evp/e_des3.o \
 	../crypto/evp/m_sha1.o \
+	../crypto/evp/m_dss1.o \
+	../crypto/evp/m_dss.o \
+	../crypto/evp/m_ecdsa.o \
 	../crypto/hmac/hmac.o \
 	../crypto/modes/cbc128.o \
 	../crypto/modes/ccm128.o \
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
index 48c2689504..ca95d29116 100644
--- a/crypto/evp/m_dss.c
+++ b/crypto/evp/m_dss.c
@@ -81,13 +81,13 @@ static const EVP_MD dsa_md=
 	NID_dsaWithSHA,
 	NID_dsaWithSHA,
 	SHA_DIGEST_LENGTH,
-	EVP_MD_FLAG_PKEY_DIGEST,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_PKEY_DIGEST|EVP_MD_FLAG_FIPS,
 	init,
 	update,
 	final,
 	NULL,
 	NULL,
-	EVP_PKEY_DSA_method,
+	EVP_PKEY_NULL_method,
 	SHA_CBLOCK,
 	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
index 4f03fb70e0..54a0faba5e 100644
--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
@@ -82,13 +82,13 @@ static const EVP_MD dss1_md=
 	NID_dsa,
 	NID_dsaWithSHA1,
 	SHA_DIGEST_LENGTH,
-	EVP_MD_FLAG_PKEY_DIGEST,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_PKEY_DIGEST|EVP_MD_FLAG_FIPS,
 	init,
 	update,
 	final,
 	NULL,
 	NULL,
-	EVP_PKEY_DSA_method,
+	EVP_PKEY_NULL_method,
 	SHA_CBLOCK,
 	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
diff --git a/crypto/evp/m_ecdsa.c b/crypto/evp/m_ecdsa.c
index 8d87a49ebe..c1fd691f5c 100644
--- a/crypto/evp/m_ecdsa.c
+++ b/crypto/evp/m_ecdsa.c
@@ -130,13 +130,13 @@ static const EVP_MD ecdsa_md=
 	NID_ecdsa_with_SHA1,
 	NID_ecdsa_with_SHA1,
 	SHA_DIGEST_LENGTH,
-	EVP_MD_FLAG_PKEY_DIGEST,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_PKEY_DIGEST|EVP_MD_FLAG_FIPS,
 	init,
 	update,
 	final,
 	NULL,
 	NULL,
-	EVP_PKEY_ECDSA_method,
+	EVP_PKEY_NULL_method,
 	SHA_CBLOCK,
 	sizeof(EVP_MD *)+sizeof(SHA_CTX),
 	};
diff --git a/fips/fipssyms.h b/fips/fipssyms.h
index 2748746071..bdbc2faab9 100644
--- a/fips/fipssyms.h
+++ b/fips/fipssyms.h
@@ -343,6 +343,9 @@
 #define EVP_des_ede_ecb FIPS_evp_des_ede_ecb
 #define EVP_des_ede_ofb FIPS_evp_des_ede_ofb
 #define EVP_sha1 FIPS_evp_sha1
+#define EVP_dss FIPS_evp_dss
+#define EVP_dss1 FIPS_evp_dss1
+#define EVP_ecdsa FIPS_evp_ecdsa
 #define EVP_sha224 FIPS_evp_sha224
 #define EVP_sha256 FIPS_evp_sha256
 #define EVP_sha384 FIPS_evp_sha384
-- 
2.25.1