File openssl-1_1-FIPS-140-3-DRBG-oversampling.patch of Package openssl-1_1

Index: openssl-1.1.1w/crypto/rand/drbg_lib.c
===================================================================
--- openssl-1.1.1w.orig/crypto/rand/drbg_lib.c
+++ openssl-1.1.1w/crypto/rand/drbg_lib.c
@@ -244,6 +244,13 @@ static RAND_DRBG *rand_drbg_new(int secu
         rand_drbg_unlock(parent);
     }
 
+#ifdef OPENSSL_FIPS
+    /* Add oversampling of the noise source on initial seeding to comply
+     * with the NIST SP800-90C rev4 requirements for FIPS 140-3.
+     */
+    drbg->strength += drbg->strength / 2;
+#endif
+
     return drbg;
 
  err:
Index: openssl-1.1.1w/doc/man7/RAND_DRBG.pod
===================================================================
--- openssl-1.1.1w.orig/doc/man7/RAND_DRBG.pod
+++ openssl-1.1.1w/doc/man7/RAND_DRBG.pod
@@ -256,7 +256,7 @@ The random bytes are used as entropy inp
 (resp. reinstantiation) if the DRBG is instantiated
 (resp. uninstantiated or in an error state).
 The number of random bits required for reseeding is determined by the
-security strength of the DRBG. Currently it defaults to 256 bits (32 bytes).
+security strength of the DRBG. Currently it defaults to 384 bits (48 bytes).
 It is possible to provide less randomness than required.
 In this case the missing randomness will be obtained by pulling random input
 from the trusted entropy sources.