update 001 patch (#92)

dbenoit17 · web-flow · commit cdc1e582067a · 2023-06-06T21:23:53.000-04:00
diff --git a/patches/001-initial-openssl-for-fips.patch b/patches/001-initial-openssl-for-fips.patch
@@ -1679,7 +1679,7 @@ index 1226149321..befd1612b5 100644
  	}
 
 diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go
-index bdd6d85c69..c6999a4a1f 100644
+index ab56ccd1ed..dd79dc5439 100644
 --- a/src/crypto/rsa/rsa.go
 +++ b/src/crypto/rsa/rsa.go
 @@ -28,8 +28,8 @@ package rsa
@@ -1697,12 +1697,12 @@ index bdd6d85c69..c6999a4a1f 100644
  func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*PrivateKey, error) {
  	randutil.MaybeReadByte(random)
 
--	if boring.Enabled && random == boring.RandReader && nprimes == 2 && (bits == 2048 || bits == 3072) {
-+	if boring.Enabled() && random == boring.RandReader && nprimes == 2 && (bits == 2048 || bits == 3072) {
+-	if boring.Enabled && random == boring.RandReader && nprimes == 2 &&
++	if boring.Enabled() && random == boring.RandReader && nprimes == 2 &&
+ 		(bits == 2048 || bits == 3072 || bits == 4096) {
  		bN, bE, bD, bP, bQ, bDp, bDq, bQinv, err := boring.GenerateKeyRSA(bits)
  		if err != nil {
- 			return nil, err
-@@ -503,7 +503,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
+@@ -504,7 +504,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
  		return nil, ErrMessageTooLong
  	}
 
@@ -1711,7 +1711,7 @@ index bdd6d85c69..c6999a4a1f 100644
  		bkey, err := boringPublicKey(pub)
  		if err != nil {
  			return nil, err
-@@ -532,7 +532,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
+@@ -533,7 +533,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
  	mgf1XOR(db, hash, seed)
  	mgf1XOR(seed, hash, db)
 
@@ -1720,7 +1720,7 @@ index bdd6d85c69..c6999a4a1f 100644
  		var bkey *boring.PublicKeyRSA
  		bkey, err = boringPublicKey(pub)
  		if err != nil {
-@@ -674,7 +674,7 @@ func decryptOAEP(hash, mgfHash hash.Hash, random io.Reader, priv *PrivateKey, ci
+@@ -675,7 +675,7 @@ func decryptOAEP(hash, mgfHash hash.Hash, random io.Reader, priv *PrivateKey, ci
  		return nil, ErrDecryption
  	}
 
@@ -2109,9 +2109,9 @@ index 7bfe3f9417..49702f59ba 100644
  	} else {
  		test("VersionTLS13", VersionTLS13, "")
 @@ -238,7 +238,7 @@ func TestBoringServerSignatureAndHash(t *testing.T) {
- 
+
  			clientConfig := testConfig.Clone()
- 
+
 -			if boring.Enabled {
 +			if boring.Enabled() {
  				serverConfig.Rand = boring.RandReader
@@ -2120,7 +2120,7 @@ index 7bfe3f9417..49702f59ba 100644
 @@ -369,7 +369,7 @@ func TestBoringCertAlgs(t *testing.T) {
  		serverConfig.Certificates = []Certificate{{Certificate: list, PrivateKey: key}}
  		serverConfig.BuildNameToCertificate()
- 
+
 -		if boring.Enabled {
 +		if boring.Enabled() {
  			serverConfig.Rand = boring.RandReader
@@ -2136,7 +2136,7 @@ index 7bfe3f9417..49702f59ba 100644
  			serverConfig.Certificates[0].PrivateKey = testRSA2048PrivateKey
  			serverConfig.BuildNameToCertificate()
  		}
- 
+
 -		if boring.Enabled {
 +		if boring.Enabled() {
  			serverConfig.Rand = boring.RandReader
@@ -3539,7 +3539,7 @@ index 0000000000..a900b3f9e7
 +#endif
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +DEFINEFUNC(void, CRYPTO_set_locking_callback,
-+	(void (*locking_function)(int mode, int n, const char *file, int line)),
++	(void (*locking_function)(int mode, int n, const char *file, int line)), 
 +	(locking_function))
 +#else
 +static inline void
@@ -3916,11 +3916,11 @@ index 0000000000..a900b3f9e7
 +DEFINEFUNC(int, ECDSA_do_verify, (const uint8_t *arg0, size_t arg1, const GO_ECDSA_SIG *arg2, GO_EC_KEY *arg3), (arg0, arg1, arg2, arg3))
 +DEFINEFUNC(size_t, ECDSA_size, (const GO_EC_KEY *arg0), (arg0))
 +
-+DEFINEFUNCINTERNAL(int, ECDSA_sign,
++DEFINEFUNCINTERNAL(int, ECDSA_sign, 
 +	(int type, const unsigned char *dgst, size_t dgstlen, unsigned char *sig, unsigned int *siglen, EC_KEY *eckey),
 +	(type, dgst, dgstlen, sig, siglen, eckey))
 +
-+DEFINEFUNCINTERNAL(int, ECDSA_verify,
++DEFINEFUNCINTERNAL(int, ECDSA_verify, 
 +	(int type, const unsigned char *dgst, size_t dgstlen, const unsigned char *sig, unsigned int siglen, EC_KEY *eckey),
 +	(type, dgst, dgstlen, sig, siglen, eckey))
 +
@@ -4131,7 +4131,7 @@ index 0000000000..a900b3f9e7
 +DEFINEFUNCINTERNAL(void, RSA_get0_factors,
 +		   (const GO_RSA *rsa, const GO_BIGNUM **p, const GO_BIGNUM **q),
 +		   (rsa, p, q))
-+static inline void
++static inline void 
 +_goboringcrypto_RSA_get0_factors(const GO_RSA *rsa, const GO_BIGNUM **p, const GO_BIGNUM **q) {
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +	if (p)
@@ -4146,7 +4146,7 @@ index 0000000000..a900b3f9e7
 +DEFINEFUNCINTERNAL(void, RSA_get0_key,
 +		   (const GO_RSA *rsa, const GO_BIGNUM **n, const GO_BIGNUM **e, const GO_BIGNUM **d),
 +		   (rsa, n, e, d))
-+static inline void
++static inline void 
 +_goboringcrypto_RSA_get0_key(const GO_RSA *rsa, const GO_BIGNUM **n, const GO_BIGNUM **e, const GO_BIGNUM **d) {
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +	if (n)
@@ -4281,9 +4281,9 @@ index 0000000000..a900b3f9e7
 +
 +static inline int
 +_goboringcrypto_EVP_PKEY_CTX_set_rsa_pss_saltlen(GO_EVP_PKEY_CTX * arg0, int arg1) {
-+	return _goboringcrypto_EVP_PKEY_CTX_ctrl(arg0, EVP_PKEY_RSA,
-+		(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY),
-+		EVP_PKEY_CTRL_RSA_PSS_SALTLEN,
++	return _goboringcrypto_EVP_PKEY_CTX_ctrl(arg0, EVP_PKEY_RSA, 
++		(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), 
++		EVP_PKEY_CTRL_RSA_PSS_SALTLEN, 
 +		arg1, NULL);
 +}
 +
