Blame SOURCES/openssl-1.0.2k-rsa-check.patch

edd0ab
diff -up openssl-1.0.2k/crypto/rsa/rsa_gen.c.rsa-check openssl-1.0.2k/crypto/rsa/rsa_gen.c
edd0ab
--- openssl-1.0.2k/crypto/rsa/rsa_gen.c.rsa-check	2019-02-06 12:58:50.570844207 +0100
edd0ab
+++ openssl-1.0.2k/crypto/rsa/rsa_gen.c	2019-02-06 13:10:57.058468214 +0100
edd0ab
@@ -94,11 +94,11 @@ int fips_check_rsa(RSA *rsa)
edd0ab
 
edd0ab
     /* Perform pairwise consistency signature test */
edd0ab
     if (!fips_pkey_signature_test(pk, tbs, -1,
edd0ab
-                                  NULL, 0, EVP_sha1(),
edd0ab
+                                  NULL, 0, EVP_sha256(),
edd0ab
                                   EVP_MD_CTX_FLAG_PAD_PKCS1, NULL)
edd0ab
-        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha1(),
edd0ab
+        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(),
edd0ab
                                      EVP_MD_CTX_FLAG_PAD_X931, NULL)
edd0ab
-        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha1(),
edd0ab
+        || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(),
edd0ab
                                      EVP_MD_CTX_FLAG_PAD_PSS, NULL))
edd0ab
         goto err;
edd0ab
     /* Now perform pairwise consistency encrypt/decrypt test */