[rpms/openssl] rebase_40beta: - add -x931 parameter to openssl genrsa command to use the ANSI X9.31

[rpms/openssl] rebase_40beta: - add -x931 parameter to openssl genrsa command to use the ANSI X9.31

[Tomas Mraz]

            A new commit has been pushed.

            Repo   : rpms/openssl
            Branch : rebase_40beta
            Commit : 15fad7109b4e941d8a855a6e6374fc93c0b900f2
            Author : Tomas Mraz <tmraz@fedoraproject.org>
            Date   : 2011-02-04T15:14:18+01:00
            Stats  : +455/-1 in 4 file(s)
            URL    : https://src.fedoraproject.org/rpms/openssl/c/15fad7109b4e941d8a855a6e6374fc93c0b900f2?branch=rebase_40beta

            Log:
            - add -x931 parameter to openssl genrsa command to use the ANSI X9.31
  key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
  to allow using MD5 when the system is in the maintenance state
  even if the /proc fips flag is on

---
diff --git a/openssl-1.0.0c-fips-md5-allow.patch b/openssl-1.0.0c-fips-md5-allow.patch
new file mode 100644
index 0000000..f9f5e5d
--- /dev/null
+++ b/openssl-1.0.0c-fips-md5-allow.patch
@@ -0,0 +1,20 @@
+diff -up openssl-1.0.0c/crypto/md5/md5_dgst.c.md5-allow openssl-1.0.0c/crypto/md5/md5_dgst.c
+--- openssl-1.0.0c/crypto/md5/md5_dgst.c.md5-allow	2011-02-03 19:53:28.000000000 +0100
++++ openssl-1.0.0c/crypto/md5/md5_dgst.c	2011-02-03 20:33:14.000000000 +0100
+@@ -75,7 +75,15 @@ const char MD5_version[]="MD5" OPENSSL_V
+ #define INIT_DATA_C (unsigned long)0x98badcfeL
+ #define INIT_DATA_D (unsigned long)0x10325476L
+ 
+-FIPS_NON_FIPS_MD_Init(MD5)
++int MD5_Init(MD5_CTX *c)
++#ifdef OPENSSL_FIPS
++	{
++	if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
++		FIPS_BAD_ALGORITHM(alg)
++	return private_MD5_Init(c);
++	}
++int private_MD5_Init(MD5_CTX *c)
++#endif
+ 	{
+ 	memset (c,0,sizeof(*c));
+ 	c->A=INIT_DATA_A;

diff --git a/openssl-1.0.0c-fips186-3.patch b/openssl-1.0.0c-fips186-3.patch
new file mode 100644
index 0000000..de3e5ab
--- /dev/null
+++ b/openssl-1.0.0c-fips186-3.patch
@@ -0,0 +1,384 @@
+diff -up openssl-1.0.0c/crypto/dsa/dsa_gen.c.fips186-3 openssl-1.0.0c/crypto/dsa/dsa_gen.c
+--- openssl-1.0.0c/crypto/dsa/dsa_gen.c.fips186-3	2011-02-03 21:04:14.000000000 +0100
++++ openssl-1.0.0c/crypto/dsa/dsa_gen.c	2011-02-04 08:54:42.000000000 +0100
+@@ -120,11 +120,11 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 	int ok=0;
+ 	unsigned char seed[SHA256_DIGEST_LENGTH];
+ 	unsigned char md[SHA256_DIGEST_LENGTH];
+-	unsigned char buf[SHA256_DIGEST_LENGTH],buf2[SHA256_DIGEST_LENGTH];
++	unsigned char buf[SHA256_DIGEST_LENGTH];
+ 	BIGNUM *r0,*W,*X,*c,*test;
+ 	BIGNUM *g=NULL,*q=NULL,*p=NULL;
+ 	BN_MONT_CTX *mont=NULL;
+-	int i, k, n=0, m=0, qsize = qbits >> 3;
++	int i, k, b, n=0, m=0, qsize = qbits >> 3;
+ 	int counter=0;
+ 	int r=0;
+ 	BN_CTX *ctx=NULL;
+@@ -138,9 +138,13 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 	    goto err;
+ 	    }
+ 
+-	if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
++	if (FIPS_mode() &&
++	    (bits != 1024 || qbits != 160) &&
++	    (bits != 2048 || qbits != 224) &&
++	    (bits != 2048 || qbits != 256) &&
++	    (bits != 3072 || qbits != 256))
+ 		{
+-		DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL);
++		DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_INVALID);
+ 		goto err;
+ 		}
+ #endif
+@@ -151,22 +155,25 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 		return 0;
+ 
+ 	if (evpmd == NULL)
+-		/* use SHA1 as default */
+-		evpmd = EVP_sha1();
++	    {
++		if (qbits <= 160)
++			evpmd = EVP_sha1();
++		else if (qbits <= 224)
++			evpmd = EVP_sha224();
++		else
++			evpmd = EVP_sha256();
++	    }
+ 
+ 	if (bits < 512)
+ 		bits = 512;
+ 
+ 	bits = (bits+63)/64*64;
+ 
+-	/* NB: seed_len == 0 is special case: copy generated seed to
+- 	 * seed_in if it is not NULL.
+- 	 */
+ 	if (seed_len && (seed_len < (size_t)qsize))
+ 		seed_in = NULL;		/* seed buffer too small -- ignore */
+ 	if (seed_len > (size_t)qsize) 
+ 		seed_len = qsize;	/* App. 2.2 of FIPS PUB 186 allows larger SEED,
+-					 * but our internal buffers are restricted to 160 bits*/
++					 * but our internal buffers are restricted to 256 bits*/
+ 	if (seed_in != NULL)
+ 		memcpy(seed, seed_in, seed_len);
+ 
+@@ -189,13 +196,18 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 	if (!BN_lshift(test,BN_value_one(),bits-1))
+ 		goto err;
+ 
++	/* step 3 n = \lceil bits / qbits \rceil - 1 */
++	n = (bits+qbits-1)/qbits - 1;
++	/* step 4 b = bits - 1 - n * qbits */
++	b = bits - 1 - n*qbits;
++
+ 	for (;;)
+ 		{
+ 		for (;;) /* find q */
+ 			{
+ 			int seed_is_random;
+ 
+-			/* step 1 */
++			/* step 5 generate seed */
+ 			if(!BN_GENCB_call(cb, 0, m++))
+ 				goto err;
+ 
+@@ -210,28 +222,17 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 				seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
+ 				}
+ 			memcpy(buf , seed, qsize);
+-			memcpy(buf2, seed, qsize);
+-			/* precompute "SEED + 1" for step 7: */
+-			for (i = qsize-1; i >= 0; i--)
+-				{
+-				buf[i]++;
+-				if (buf[i] != 0)
+-					break;
+-				}
+ 
+-			/* step 2 */
++			/* step 6 U = hash(seed) */
+ 			EVP_Digest(seed, qsize, md,   NULL, evpmd, NULL);
+-			EVP_Digest(buf,  qsize, buf2, NULL, evpmd, NULL);
+-			for (i = 0; i < qsize; i++)
+-				md[i]^=buf2[i];
+ 
+-			/* step 3 */
++			/* step 7 q = 2^(qbits-1) + U + 1 - (U mod 2) */
+ 			md[0] |= 0x80;
+ 			md[qsize-1] |= 0x01;
+ 			if (!BN_bin2bn(md, qsize, q))
+ 				goto err;
+ 
+-			/* step 4 */
++			/* step 8 test for prime (64 round of Rabin-Miller) */
+ 			r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
+ 					seed_is_random, cb);
+ 			if (r > 0)
+@@ -239,27 +240,22 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 			if (r != 0)
+ 				goto err;
+ 
+-			/* do a callback call */
+-			/* step 5 */
+ 			}
+ 
+ 		if(!BN_GENCB_call(cb, 2, 0)) goto err;
+ 		if(!BN_GENCB_call(cb, 3, 0)) goto err;
+ 
+-		/* step 6 */
++		/* step 11 */
+ 		counter=0;
+-		/* "offset = 2" */
+-
+-		n=(bits-1)/160;
++		/* "offset = 1" */
+ 
+ 		for (;;)
+ 			{
+ 			if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
+ 				goto err;
+ 
+-			/* step 7 */
++			/* step 11.1, 11.2 obtain W */
+ 			BN_zero(W);
+-			/* now 'buf' contains "SEED + offset - 1" */
+ 			for (k=0; k<=n; k++)
+ 				{
+ 				/* obtain "SEED + offset + k" by incrementing: */
+@@ -272,28 +268,30 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 
+ 				EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL);
+ 
+-				/* step 8 */
+ 				if (!BN_bin2bn(md, qsize, r0))
+ 					goto err;
+-				if (!BN_lshift(r0,r0,(qsize << 3)*k)) goto err;
++				if (k == n)
++					BN_mask_bits(r0,b);
++				if (!BN_lshift(r0,r0,qbits*k)) goto err;
+ 				if (!BN_add(W,W,r0)) goto err;
+ 				}
+ 
+-			/* more of step 8 */
+-			if (!BN_mask_bits(W,bits-1)) goto err;
++			/* step 11.3 X = W + 2^(L-1) */
+ 			if (!BN_copy(X,W)) goto err;
+ 			if (!BN_add(X,X,test)) goto err;
+ 
+-			/* step 9 */
++			/* step 11.4 c = X mod 2*q */
+ 			if (!BN_lshift1(r0,q)) goto err;
+ 			if (!BN_mod(c,X,r0,ctx)) goto err;
++
++			/* step 11.5 p = X - (c - 1) */
+ 			if (!BN_sub(r0,c,BN_value_one())) goto err;
+ 			if (!BN_sub(p,X,r0)) goto err;
+ 
+-			/* step 10 */
++			/* step 11.6 */
+ 			if (BN_cmp(p,test) >= 0)
+ 				{
+-				/* step 11 */
++				/* step 11.7 */
+ 				r = BN_is_prime_fasttest_ex(p, DSS_prime_checks,
+ 						ctx, 1, cb);
+ 				if (r > 0)
+@@ -302,12 +300,12 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 					goto err;
+ 				}
+ 
+-			/* step 13 */
++			/* step 11.9 */
+ 			counter++;
+ 			/* "offset = offset + n + 1" */
+ 
+-			/* step 14 */
+-			if (counter >= 4096) break;
++			/* step 12 */
++			if (counter >= 4*bits) break;
+ 			}
+ 		}
+ end:
+diff -up openssl-1.0.0c/crypto/dsa/dsa.h.fips186-3 openssl-1.0.0c/crypto/dsa/dsa.h
+--- openssl-1.0.0c/crypto/dsa/dsa.h.fips186-3	2011-02-03 21:04:14.000000000 +0100
++++ openssl-1.0.0c/crypto/dsa/dsa.h	2011-02-03 21:04:14.000000000 +0100
+@@ -316,6 +316,7 @@ void ERR_load_DSA_strings(void);
+ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+ #define DSA_R_DECODE_ERROR				 104
+ #define DSA_R_INVALID_DIGEST_TYPE			 106
++#define DSA_R_KEY_SIZE_INVALID				 113
+ #define DSA_R_KEY_SIZE_TOO_SMALL			 110
+ #define DSA_R_MISSING_PARAMETERS			 101
+ #define DSA_R_MODULUS_TOO_LARGE				 103
+diff -up openssl-1.0.0c/crypto/dsa/dsatest.c.fips186-3 openssl-1.0.0c/crypto/dsa/dsatest.c
+--- openssl-1.0.0c/crypto/dsa/dsatest.c.fips186-3	2011-02-03 21:14:07.000000000 +0100
++++ openssl-1.0.0c/crypto/dsa/dsatest.c	2011-02-04 08:40:24.000000000 +0100
+@@ -96,36 +96,41 @@ static int MS_CALLBACK dsa_cb(int p, int
+ /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
+  * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
+ static unsigned char seed[20]={
+-	0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
+-	0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
++	0x02,0x47,0x11,0x92,0x11,0x88,0xC8,0xFB,0xAF,0x48,0x4C,0x62,
++	0xDF,0xA5,0xBE,0xA0,0xA4,0x3C,0x56,0xE3,
+ 	};
+ 
+ static unsigned char out_p[]={
+-	0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+-	0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+-	0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+-	0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+-	0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+-	0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+-	0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+-	0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
++	0xAC,0xCB,0x1E,0x63,0x60,0x69,0x0C,0xFB,0x06,0x19,0x68,0x3E,
++	0xA5,0x01,0x5A,0xA2,0x15,0x5C,0xE2,0x99,0x2D,0xD5,0x30,0x99,
++	0x7E,0x5F,0x8D,0xE2,0xF7,0xC6,0x2E,0x8D,0xA3,0x9F,0x58,0xAD,
++	0xD6,0xA9,0x7D,0x0E,0x0D,0x95,0x53,0xA6,0x71,0x3A,0xDE,0xAB,
++	0xAC,0xE9,0xF4,0x36,0x55,0x9E,0xB9,0xD6,0x93,0xBF,0xF3,0x18,
++	0x1C,0x14,0x7B,0xA5,0x42,0x2E,0xCD,0x00,0xEB,0x35,0x3B,0x1B,
++	0xA8,0x51,0xBB,0xE1,0x58,0x42,0x85,0x84,0x22,0xA7,0x97,0x5E,
++	0x99,0x6F,0x38,0x20,0xBD,0x9D,0xB6,0xD9,0x33,0x37,0x2A,0xFD,
++	0xBB,0xD4,0xBC,0x0C,0x2A,0x67,0xCB,0x9F,0xBB,0xDF,0xF9,0x93,
++	0xAA,0xD6,0xF0,0xD6,0x95,0x0B,0x5D,0x65,0x14,0xD0,0x18,0x9D,
++	0xC6,0xAF,0xF0,0xC6,0x37,0x7C,0xF3,0x5F,
+ 	};
+ 
+ static unsigned char out_q[]={
+-	0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
+-	0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
+-	0xda,0xce,0x91,0x5f,
++	0xE3,0x8E,0x5E,0x6D,0xBF,0x2B,0x79,0xF8,0xC5,0x4B,0x89,0x8B,
++	0xBA,0x2D,0x91,0xC3,0x6C,0x80,0xAC,0x87,
+ 	};
+ 
+ static unsigned char out_g[]={
+-	0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
+-	0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
+-	0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
+-	0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
+-	0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
+-	0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
+-	0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
+-	0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
++	0x42,0x4A,0x04,0x4E,0x79,0xB4,0x99,0x7F,0xFD,0x58,0x36,0x2C,
++	0x1B,0x5F,0x18,0x7E,0x0D,0xCC,0xAB,0x81,0xC9,0x5D,0x10,0xCE,
++	0x4E,0x80,0x7E,0x58,0xB4,0x34,0x3F,0xA7,0x45,0xC7,0xAA,0x36,
++	0x24,0x42,0xA9,0x3B,0xE8,0x0E,0x04,0x02,0x2D,0xFB,0xA6,0x13,
++	0xB9,0xB5,0x15,0xA5,0x56,0x07,0x35,0xE4,0x03,0xB6,0x79,0x7C,
++	0x62,0xDD,0xDF,0x3F,0x71,0x3A,0x9D,0x8B,0xC4,0xF6,0xE7,0x1D,
++	0x52,0xA8,0xA9,0x43,0x1D,0x33,0x51,0x88,0x39,0xBD,0x73,0xE9,
++	0x5F,0xBE,0x82,0x49,0x27,0xE6,0xB5,0x53,0xC1,0x38,0xAC,0x2F,
++	0x6D,0x97,0x6C,0xEB,0x67,0xC1,0x5F,0x67,0xF8,0x35,0x05,0x5E,
++	0xD5,0x68,0x80,0xAA,0x96,0xCA,0x0B,0x8A,0xE6,0xF1,0xB1,0x41,
++	0xC6,0x75,0x94,0x0A,0x0A,0x2A,0xFA,0x29,
+ 	};
+ 
+ static const unsigned char str1[]="12345678901234567890";
+@@ -157,7 +162,7 @@ int main(int argc, char **argv)
+ 	BIO_printf(bio_err,"test generation of DSA parameters\n");
+ 
+ 	BN_GENCB_set(&cb, dsa_cb, bio_err);
+-	if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
++	if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 1024,
+ 				seed, 20, &counter, &h, &cb))
+ 		goto end;
+ 
+@@ -170,9 +175,9 @@ int main(int argc, char **argv)
+ 	BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h);
+ 		
+ 	DSA_print(bio_err,dsa,0);
+-	if (counter != 105) 
++	if (counter != 239) 
+ 		{
+-		BIO_printf(bio_err,"counter should be 105\n");
++		BIO_printf(bio_err,"counter should be 239\n");
+ 		goto end;
+ 		}
+ 	if (h != 2)
+diff -up openssl-1.0.0c/crypto/fips/fips_dsa_selftest.c.fips186-3 openssl-1.0.0c/crypto/fips/fips_dsa_selftest.c
+--- openssl-1.0.0c/crypto/fips/fips_dsa_selftest.c.fips186-3	2011-02-03 21:04:14.000000000 +0100
++++ openssl-1.0.0c/crypto/fips/fips_dsa_selftest.c	2011-02-04 09:03:03.000000000 +0100
+@@ -68,44 +68,42 @@
+ 
+ #ifdef OPENSSL_FIPS
+ 
+-/* seed, out_p, out_q, out_g are taken the NIST test vectors */
+-
+ static unsigned char seed[20] = {
+-	0x77, 0x8f, 0x40, 0x74, 0x6f, 0x66, 0xbe, 0x33, 0xce, 0xbe, 0x99, 0x34,
+-	0x4c, 0xfc, 0xf3, 0x28, 0xaa, 0x70, 0x2d, 0x3a
+-  	};
++	0x02,0x47,0x11,0x92,0x11,0x88,0xC8,0xFB,0xAF,0x48,0x4C,0x62,
++	0xDF,0xA5,0xBE,0xA0,0xA4,0x3C,0x56,0xE3,
++	};
+ 
+ static unsigned char out_p[] = {
+-	0xf7, 0x7c, 0x1b, 0x83, 0xd8, 0xe8, 0x5c, 0x7f, 0x85, 0x30, 0x17, 0x57,
+-	0x21, 0x95, 0xfe, 0x26, 0x04, 0xeb, 0x47, 0x4c, 0x3a, 0x4a, 0x81, 0x4b,
+-	0x71, 0x2e, 0xed, 0x6e, 0x4f, 0x3d, 0x11, 0x0f, 0x7c, 0xfe, 0x36, 0x43,
+-	0x51, 0xd9, 0x81, 0x39, 0x17, 0xdf, 0x62, 0xf6, 0x9c, 0x01, 0xa8, 0x69,
+-	0x71, 0xdd, 0x29, 0x7f, 0x47, 0xe6, 0x65, 0xa6, 0x22, 0xe8, 0x6a, 0x12,
+-	0x2b, 0xc2, 0x81, 0xff, 0x32, 0x70, 0x2f, 0x9e, 0xca, 0x53, 0x26, 0x47,
+-	0x0f, 0x59, 0xd7, 0x9e, 0x2c, 0xa5, 0x07, 0xc4, 0x49, 0x52, 0xa3, 0xe4,
+-	0x6b, 0x04, 0x00, 0x25, 0x49, 0xe2, 0xe6, 0x7f, 0x28, 0x78, 0x97, 0xb8,
+-	0x3a, 0x32, 0x14, 0x38, 0xa2, 0x51, 0x33, 0x22, 0x44, 0x7e, 0xd7, 0xef,
+-	0x45, 0xdb, 0x06, 0x4a, 0xd2, 0x82, 0x4a, 0x82, 0x2c, 0xb1, 0xd7, 0xd8,
+-	0xb6, 0x73, 0x00, 0x4d, 0x94, 0x77, 0x94, 0xef
++	0xAC,0xCB,0x1E,0x63,0x60,0x69,0x0C,0xFB,0x06,0x19,0x68,0x3E,
++	0xA5,0x01,0x5A,0xA2,0x15,0x5C,0xE2,0x99,0x2D,0xD5,0x30,0x99,
++	0x7E,0x5F,0x8D,0xE2,0xF7,0xC6,0x2E,0x8D,0xA3,0x9F,0x58,0xAD,
++	0xD6,0xA9,0x7D,0x0E,0x0D,0x95,0x53,0xA6,0x71,0x3A,0xDE,0xAB,
++	0xAC,0xE9,0xF4,0x36,0x55,0x9E,0xB9,0xD6,0x93,0xBF,0xF3,0x18,
++	0x1C,0x14,0x7B,0xA5,0x42,0x2E,0xCD,0x00,0xEB,0x35,0x3B,0x1B,
++	0xA8,0x51,0xBB,0xE1,0x58,0x42,0x85,0x84,0x22,0xA7,0x97,0x5E,
++	0x99,0x6F,0x38,0x20,0xBD,0x9D,0xB6,0xD9,0x33,0x37,0x2A,0xFD,
++	0xBB,0xD4,0xBC,0x0C,0x2A,0x67,0xCB,0x9F,0xBB,0xDF,0xF9,0x93,
++	0xAA,0xD6,0xF0,0xD6,0x95,0x0B,0x5D,0x65,0x14,0xD0,0x18,0x9D,
++	0xC6,0xAF,0xF0,0xC6,0x37,0x7C,0xF3,0x5F,
+ 	};
+ 
+ static unsigned char out_q[] = {
+-	0xd4, 0x0a, 0xac, 0x9f, 0xbd, 0x8c, 0x80, 0xc2, 0x38, 0x7e, 0x2e, 0x0c,
+-	0x52, 0x5c, 0xea, 0x34, 0xa1, 0x83, 0x32, 0xf3
++	0xE3,0x8E,0x5E,0x6D,0xBF,0x2B,0x79,0xF8,0xC5,0x4B,0x89,0x8B,
++	0xBA,0x2D,0x91,0xC3,0x6C,0x80,0xAC,0x87,
+ 	};
+ 
+ static unsigned char out_g[] = {
+-	0x34, 0x73, 0x8b, 0x57, 0x84, 0x8e, 0x55, 0xbf, 0x57, 0xcc, 0x41, 0xbb,
+-	0x5e, 0x2b, 0xd5, 0x42, 0xdd, 0x24, 0x22, 0x2a, 0x09, 0xea, 0x26, 0x1e,
+-	0x17, 0x65, 0xcb, 0x1a, 0xb3, 0x12, 0x44, 0xa3, 0x9e, 0x99, 0xe9, 0x63,
+-	0xeb, 0x30, 0xb1, 0x78, 0x7b, 0x09, 0x40, 0x30, 0xfa, 0x83, 0xc2, 0x35,
+-	0xe1, 0xc4, 0x2d, 0x74, 0x1a, 0xb1, 0x83, 0x54, 0xd8, 0x29, 0xf4, 0xcf,
+-	0x7f, 0x6f, 0x67, 0x1c, 0x36, 0x49, 0xee, 0x6c, 0xa2, 0x3c, 0x2d, 0x6a,
+-	0xe9, 0xd3, 0x9a, 0xf6, 0x57, 0x78, 0x6f, 0xfd, 0x33, 0xcd, 0x3c, 0xed,
+-	0xfd, 0xd4, 0x41, 0xe6, 0x5c, 0x8b, 0xe0, 0x68, 0x31, 0x47, 0x47, 0xaf,
+-	0x12, 0xa7, 0xf9, 0x32, 0x0d, 0x94, 0x15, 0x48, 0xd0, 0x54, 0x85, 0xb2,
+-	0x04, 0xb5, 0x4d, 0xd4, 0x9d, 0x05, 0x22, 0x25, 0xd9, 0xfd, 0x6c, 0x36,
+-	0xef, 0xbe, 0x69, 0x6c, 0x55, 0xf4, 0xee, 0xec
++	0x42,0x4A,0x04,0x4E,0x79,0xB4,0x99,0x7F,0xFD,0x58,0x36,0x2C,
++	0x1B,0x5F,0x18,0x7E,0x0D,0xCC,0xAB,0x81,0xC9,0x5D,0x10,0xCE,
++	0x4E,0x80,0x7E,0x58,0xB4,0x34,0x3F,0xA7,0x45,0xC7,0xAA,0x36,
++	0x24,0x42,0xA9,0x3B,0xE8,0x0E,0x04,0x02,0x2D,0xFB,0xA6,0x13,
++	0xB9,0xB5,0x15,0xA5,0x56,0x07,0x35,0xE4,0x03,0xB6,0x79,0x7C,
++	0x62,0xDD,0xDF,0x3F,0x71,0x3A,0x9D,0x8B,0xC4,0xF6,0xE7,0x1D,
++	0x52,0xA8,0xA9,0x43,0x1D,0x33,0x51,0x88,0x39,0xBD,0x73,0xE9,
++	0x5F,0xBE,0x82,0x49,0x27,0xE6,0xB5,0x53,0xC1,0x38,0xAC,0x2F,
++	0x6D,0x97,0x6C,0xEB,0x67,0xC1,0x5F,0x67,0xF8,0x35,0x05,0x5E,
++	0xD5,0x68,0x80,0xAA,0x96,0xCA,0x0B,0x8A,0xE6,0xF1,0xB1,0x41,
++	0xC6,0x75,0x94,0x0A,0x0A,0x2A,0xFA,0x29,
+ 	};
+ 
+ static const unsigned char str1[]="12345678901234567890";
+@@ -133,7 +131,7 @@ int FIPS_selftest_dsa()
+ 	goto err;
+     if(!DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,NULL))
+ 	goto err;
+-    if (counter != 378) 
++    if (counter != 239) 
+ 	goto err;
+     if (h != 2)
+ 	goto err;

diff --git a/openssl-1.0.0c-rsa-x931.patch b/openssl-1.0.0c-rsa-x931.patch
new file mode 100644
index 0000000..a60bbcb
--- /dev/null
+++ b/openssl-1.0.0c-rsa-x931.patch
@@ -0,0 +1,36 @@
+diff -up openssl-1.0.0c/apps/genrsa.c.x931 openssl-1.0.0c/apps/genrsa.c
+--- openssl-1.0.0c/apps/genrsa.c.x931	2010-03-01 15:22:02.000000000 +0100
++++ openssl-1.0.0c/apps/genrsa.c	2011-02-01 18:32:05.000000000 +0100
+@@ -95,6 +95,7 @@ int MAIN(int argc, char **argv)
+ 	int ret=1;
+ 	int i,num=DEFBITS;
+ 	long l;
++	int use_x931 = 0;
+ 	const EVP_CIPHER *enc=NULL;
+ 	unsigned long f4=RSA_F4;
+ 	char *outfile=NULL;
+@@ -138,6 +139,8 @@ int MAIN(int argc, char **argv)
+ 			f4=3;
+ 		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
+ 			f4=RSA_F4;
++		else if (strcmp(*argv,"-x931") == 0)
++			use_x931 = 1;
+ #ifndef OPENSSL_NO_ENGINE
+ 		else if (strcmp(*argv,"-engine") == 0)
+ 			{
+@@ -273,7 +276,14 @@ bad:
+ 	if (!rsa)
+ 		goto err;
+ 
+-	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
++	if (use_x931)
++		{
++		if (!BN_set_word(bn, f4))
++			goto err;
++		if (!RSA_X931_generate_key_ex(rsa, num, bn, &cb))
++			goto err;
++		}
++	else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+ 		goto err;
+ 		
+ 	app_RAND_write_file(NULL, bio_err);

diff --git a/openssl.spec b/openssl.spec
index 97b7fec..4816e8a 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0c
-Release: 2%{?dist}
+Release: 3%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-usa.tar.bz2
@@ -64,6 +64,9 @@ Patch52: openssl-1.0.0b-aesni.patch
 Patch53: openssl-1.0.0-name-hash.patch
 Patch54: openssl-1.0.0c-speed-fips.patch
 Patch55: openssl-1.0.0c-apps-ipv6listen.patch
+Patch56: openssl-1.0.0c-rsa-x931.patch
+Patch57: openssl-1.0.0c-fips186-3.patch
+Patch58: openssl-1.0.0c-fips-md5-allow.patch
 # Backported fixes including security fixes
 
 License: OpenSSL
@@ -148,6 +151,9 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch53 -p1 -b .name-hash
 %patch54 -p1 -b .spfips
 %patch55 -p1 -b .ipv6listen
+%patch56 -p1 -b .x931
+%patch57 -p1 -b .fips186-3
+%patch58 -p1 -b .md5-allow
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -397,6 +403,14 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Feb  4 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0c-3
+- add -x931 parameter to openssl genrsa command to use the ANSI X9.31
+  key generation method
+- use FIPS-186-3 method for DSA parameter generation
+- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
+  to allow using MD5 when the system is in the maintenance state
+  even if the /proc fips flag is on
+
 * Mon Jan 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0c-2
 - listen on ipv6 wildcard in s_server so we accept connections
   from both ipv4 and ipv6 (#601612)

[rpms/openssl] rebase_40beta: - add -x931 parameter to openssl genrsa command to use the ANSI X9.31

[Tomas Mraz]

            A new commit has been pushed.

            Repo   : rpms/openssl
            Branch : rebase_40beta
            Commit : 65ebbaecc744b4901110add61ef741bc562722cd
            Author : Tomas Mraz <tmraz@fedoraproject.org>
            Date   : 2011-02-04T15:27:28+01:00
            Stats  : +28/-0 in 2 file(s)
            URL    : https://src.fedoraproject.org/rpms/openssl/c/65ebbaecc744b4901110add61ef741bc562722cd?branch=rebase_40beta

            Log:
            - add -x931 parameter to openssl genrsa command to use the ANSI X9.31
  key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
  to allow using MD5 when the system is in the maintenance state
  even if the /proc fips flag is on
- make openssl pkcs12 command work by default in the FIPS mode

---
diff --git a/openssl-1.0.0c-pkcs12-fips-default.patch b/openssl-1.0.0c-pkcs12-fips-default.patch
new file mode 100644
index 0000000..a671722
--- /dev/null
+++ b/openssl-1.0.0c-pkcs12-fips-default.patch
@@ -0,0 +1,25 @@
+diff -up openssl-1.0.0c/apps/pkcs12.c.fips-default openssl-1.0.0c/apps/pkcs12.c
+--- openssl-1.0.0c/apps/pkcs12.c.fips-default	2009-07-27 23:08:45.000000000 +0200
++++ openssl-1.0.0c/apps/pkcs12.c	2011-02-04 15:25:38.000000000 +0100
+@@ -67,6 +67,9 @@
+ #include <openssl/err.h>
+ #include <openssl/pem.h>
+ #include <openssl/pkcs12.h>
++#ifdef OPENSSL_FIPS
++#include <openssl/fips.h>
++#endif
+ 
+ #define PROG pkcs12_main
+ 
+@@ -130,6 +133,11 @@ int MAIN(int argc, char **argv)
+ 
+     apps_startup();
+ 
++#ifdef OPENSSL_FIPS
++    if (FIPS_mode())
++	cert_pbe = key_pbe; /* cannot use RC2 in the FIPS mode */
++#endif
++
+     enc = EVP_des_ede3_cbc();
+     if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+ 

diff --git a/openssl.spec b/openssl.spec
index 4816e8a..5e606ca 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -67,6 +67,7 @@ Patch55: openssl-1.0.0c-apps-ipv6listen.patch
 Patch56: openssl-1.0.0c-rsa-x931.patch
 Patch57: openssl-1.0.0c-fips186-3.patch
 Patch58: openssl-1.0.0c-fips-md5-allow.patch
+Patch59: openssl-1.0.0c-pkcs12-fips-default.patch
 # Backported fixes including security fixes
 
 License: OpenSSL
@@ -154,6 +155,7 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch56 -p1 -b .x931
 %patch57 -p1 -b .fips186-3
 %patch58 -p1 -b .md5-allow
+%patch59 -p1 -b .fips-default
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -410,6 +412,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 - add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
   to allow using MD5 when the system is in the maintenance state
   even if the /proc fips flag is on
+- make openssl pkcs12 command work by default in the FIPS mode
 
 * Mon Jan 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0c-2
 - listen on ipv6 wildcard in s_server so we accept connections