Overview

File nss-fips-pairwise-consistency-check.patch of Package mozilla-nss.6304

From 48ec29e2ca51cc964a9949a98289881ad76c788d Mon Sep 17 00:00:00 2001
From: Hans Petter Jansson <hpj@suse.com>
Date: Sun, 17 Sep 2017 21:38:21 +0200
Subject: [PATCH 4/6] Sign 224-bit (SHA-2 sized) hash in
 sftk_PairwiseConsistencyCheck().

---
 nss/lib/softoken/pkcs11c.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nss/lib/softoken/pkcs11c.c b/nss/lib/softoken/pkcs11c.c
index 29a4a9a..c71fd39 100644
--- a/nss/lib/softoken/pkcs11c.c
+++ b/nss/lib/softoken/pkcs11c.c
@@ -4372,8 +4372,8 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSession,
     return crv;
 }
 
-#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH 20         /* 160-bits */
+#define PAIRWISE_DIGEST_LENGTH SHA224_LENGTH /* 224-bits */
+#define PAIRWISE_MESSAGE_LENGTH 20           /* 160-bits */
 
 /*
  * FIPS 140-2 pairwise consistency check utilized to validate key pair.
-- 
2.12.0
openSUSE Build Service is sponsored by
Places