From ed457feb491c7470eccf8449c329361b205a20aa Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Mar 19 2015 16:18:22 +0000
Subject: Merge branch 'master' into f21


---

diff --git a/openssl-1.0.1e-cc-reqs.patch b/openssl-1.0.1e-cc-reqs.patch
new file mode 100644
index 0000000..e266bb1
--- /dev/null
+++ b/openssl-1.0.1e-cc-reqs.patch
@@ -0,0 +1,25 @@
+diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
+--- openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs	2015-01-13 12:45:51.000000000 +0100
++++ openssl-1.0.1e/crypto/rsa/rsa_gen.c	2015-01-15 17:35:04.649697922 +0100
+@@ -438,6 +438,10 @@ static int rsa_builtin_keygen(RSA *rsa,
+ 	if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err;
+ 	if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err;
+ 
++	/* prepare minimum p and q difference */
++	if (!BN_one(r3)) goto err;
++	if (bitsp > 100 && !BN_lshift(r3, r3, bitsp - 100)) goto err;
++
+ 	BN_copy(rsa->e, e_value);
+ 
+ 	/* generate p and q */
+@@ -463,7 +467,9 @@ static int rsa_builtin_keygen(RSA *rsa,
+ 			{
+ 			if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
+ 				goto err;
+-			} while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
++	       		if (!BN_sub(r2, rsa->q, rsa->p))
++				goto err;
++			} while((BN_ucmp(r2, r3) <= 0) && (++degenerate < 3));
+ 		if(degenerate == 3)
+ 			{
+ 			ok = 0; /* we set our own err */
diff --git a/openssl-1.0.1j-evp-wrap.patch b/openssl-1.0.1j-evp-wrap.patch
index 5e60d76..b90caea 100644
--- a/openssl-1.0.1j-evp-wrap.patch
+++ b/openssl-1.0.1j-evp-wrap.patch
@@ -1074,17 +1074,17 @@ diff -up openssl-1.0.1j/crypto/modes/wrap128.c.wrap openssl-1.0.1j/crypto/modes/
 +	unsigned char got_iv[8];
 +
 +	ret = crypto_128_unwrap_raw(key, got_iv, out, in, inlen, block);
-+	if (ret != inlen)
-+		return ret;
++	if (ret == 0)
++		return 0;
 +
 +	if (!iv)
 +		iv = default_iv;
-+	if (CRYPTO_memcmp(out, iv, 8))
++	if (CRYPTO_memcmp(got_iv, iv, 8))
 +		{
-+		OPENSSL_cleanse(out, inlen);
++		OPENSSL_cleanse(out, ret);
 +		return 0;
 +		}
-+	return inlen;
++	return ret;
 +	}
 +
 +/** Wrapping according to RFC 5649 section 4.1.
@@ -1105,7 +1105,7 @@ diff -up openssl-1.0.1j/crypto/modes/wrap128.c.wrap openssl-1.0.1j/crypto/modes/
 +		const unsigned char *in, size_t inlen, block128_f block)
 +	{
 +	/* n: number of 64-bit blocks in the padded key data */
-+	const size_t blocks_padded = (inlen + 8) / 8;
++	const size_t blocks_padded = (inlen + 7) / 8;
 +	const size_t padded_len = blocks_padded * 8;
 +	const size_t padding_len = padded_len - inlen;
 +	/* RFC 5649 section 3: Alternative Initial Value */
@@ -1139,7 +1139,7 @@ diff -up openssl-1.0.1j/crypto/modes/wrap128.c.wrap openssl-1.0.1j/crypto/modes/
 +		block(out, out, key);
 +		ret = 16; /* AIV + padded input */
 +		}
-+		else
++	else
 +		{
 +		memmove(out, in, inlen);
 +		memset(out + inlen, 0, padding_len); /* Section 4.1 step 1 */
@@ -1197,7 +1197,7 @@ diff -up openssl-1.0.1j/crypto/modes/wrap128.c.wrap openssl-1.0.1j/crypto/modes/
 +		memmove(out, out + 8, 8);
 +		padded_len = 8;
 +		}
-+		else
++	else
 +		{
 +		padded_len = inlen - 8;
 +		ret = crypto_128_unwrap_raw(key, aiv, out, out, inlen, block);
diff --git a/openssl.spec b/openssl.spec
index 6d20a96..9227e7b 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -23,7 +23,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.1k
-Release: 1%{?dist}
+Release: 5%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -88,7 +88,8 @@ Patch80: openssl-1.0.1j-evp-wrap.patch
 Patch81: openssl-1.0.1k-padlock64.patch
 Patch84: openssl-1.0.1k-trusted-first.patch
 Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch
-Patch89: openssl-1.0.1k-ephemeral-key-size.patch
+Patch86: openssl-1.0.1k-ephemeral-key-size.patch
+Patch87: openssl-1.0.1e-cc-reqs.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -210,7 +211,8 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
 %patch81 -p1 -b .padlock64
 %patch84 -p1 -b .trusted-first
 %patch85 -p1 -b .armcap
-%patch89 -p1 -b .ephemeral
+%patch86 -p1 -b .ephemeral
+%patch87 -p1 -b .cc-reqs
 
 sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
 
@@ -478,6 +480,20 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun libs -p /sbin/ldconfig
 
 %changelog
+* Mon Mar 16 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-5
+- fix bug in the CRYPTO_128_unwrap()
+
+* Fri Feb 27 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-4
+- fix bug in the RFC 5649 support (#1185878)
+
+* Sat Feb 21 2015 Till Maas <opensource@till.name> - 1:1.0.1k-3
+- Rebuilt for Fedora 23 Change
+  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
+
+* Thu Jan 15 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-2
+- test in the non-FIPS RSA keygen for minimal distance of p and q
+  similarly to the FIPS RSA keygen
+
 * Fri Jan  9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-1
 - new upstream release fixing multiple security issues