Blame SOURCES/openssl-1.0.2k-rsa-check.patch

a07c00
diff -up openssl-1.0.2k/crypto/rsa/rsa_gen.c.rsa-check openssl-1.0.2k/crypto/rsa/rsa_gen.c
a07c00
--- openssl-1.0.2k/crypto/rsa/rsa_gen.c.rsa-check	2019-02-06 12:58:50.570844207 +0100
a07c00
+++ openssl-1.0.2k/crypto/rsa/rsa_gen.c	2019-02-06 13:10:57.058468214 +0100
a07c00
@@ -94,11 +94,11 @@ int fips_check_rsa(RSA *rsa)
a07c00
 
a07c00
     /* Perform pairwise consistency signature test */
a07c00
     if (!fips_pkey_signature_test(pk, tbs, -1,
a07c00
-                                  NULL, 0, EVP_sha1(),
a07c00
+                                  NULL, 0, EVP_sha256(),
a07c00
                                   EVP_MD_CTX_FLAG_PAD_PKCS1, NULL)
a07c00
-        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha1(),
a07c00
+        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(),
a07c00
                                      EVP_MD_CTX_FLAG_PAD_X931, NULL)
a07c00
-        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha1(),
a07c00
+        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(),
a07c00
                                      EVP_MD_CTX_FLAG_PAD_PSS, NULL))
a07c00
         goto err;
a07c00
     /* Now perform pairwise consistency encrypt/decrypt test */