Overview

File gnutls-FIPS-no_dsa_selftest.patch of Package gnutls.36178

From 54ec6a20399a7704e59cfa783bf86232318bba4a Mon Sep 17 00:00:00 2001
From: Angel Yankov <angel.yankov@suse.com>
Date: Thu, 11 Jul 2024 13:07:20 +0300
Subject: [PATCH 1/1] Remove DSA selftest check in FIPS mode.

DSA is not-approved in FIPS 140-3, there is no need to run a selftest
on it.
---
 lib/fips.c | 5 -----
 1 file changed, 5 deletions(-)

Index: gnutls-3.8.3/lib/fips.c
===================================================================
--- gnutls-3.8.3.orig/lib/fips.c
+++ gnutls-3.8.3/lib/fips.c
@@ -638,11 +638,6 @@ int _gnutls_fips_perform_self_checks2(vo
 		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
 	}
 
-	ret = gnutls_pk_self_test(0, GNUTLS_PK_DSA);
-	if (ret < 0) {
-		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
-	}
-
 	ret = gnutls_pk_self_test(0, GNUTLS_PK_EC);
 	if (ret < 0) {
 		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
openSUSE Build Service is sponsored by
Places