File gnutls-3.6.7-fips-rsa-4096.patch of Package gnutls.27841

diff -Nurp gnutls-3.6.7-orig/lib/nettle/int/rsa-keygen-fips186.c gnutls-3.6.7/lib/nettle/int/rsa-keygen-fips186.c
--- gnutls-3.6.7-orig/lib/nettle/int/rsa-keygen-fips186.c	2019-01-05 12:28:47.000000000 +0100
+++ gnutls-3.6.7/lib/nettle/int/rsa-keygen-fips186.c	2020-05-08 23:39:04.206472627 +0200
@@ -269,7 +269,8 @@ _rsa_generate_fips186_4_keypair(struct r
 
 	FIPS_RULE(n_size == 2048 && seed_length != 14 * 2, 0, "seed length other than 28 bytes\n");
 	FIPS_RULE(n_size == 3072 && seed_length != 16 * 2, 0, "seed length other than 32 bytes\n");
-	FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "unsupported size for modulus\n");
+	FIPS_RULE(n_size == 4096 && seed_length != 24 * 2, 0, "seed length other than 48 bytes\n");
+	FIPS_RULE(n_size != 2048 && n_size != 3072 && n_size != 4096, 0, "unsupported size for modulus\n");
 
 	if (!mpz_tstbit(pub->e, 0)) {
 		_gnutls_debug_log("Unacceptable e (it is even)\n");
@@ -407,7 +408,7 @@ rsa_generate_fips186_4_keypair(struct rs
 	unsigned seed_length;
 	int ret;
 
-	FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "size of prime of other than 2048 or 3072\n");
+	FIPS_RULE(n_size != 2048 && n_size != 3072 && n_size != 4096, 0, "size of prime of other than 2048, 3072 or 4096\n");
 
 	seed_length = SEED_LENGTH(n_size);
 	if (seed_length > sizeof(seed))
openSUSE Build Service is sponsored by