File openssl-fips-drbg_derfunc.patch of Package openssl-1_1.21009

Index: openssl-1.1.0i/crypto/fips/fips_drbg_ctr.c
===================================================================
--- openssl-1.1.0i.orig/crypto/fips/fips_drbg_ctr.c	2020-01-16 17:13:32.274426342 +0100
+++ openssl-1.1.0i/crypto/fips/fips_drbg_ctr.c	2020-01-16 17:33:10.365732865 +0100
@@ -314,22 +314,13 @@ static int drbg_ctr_generate(DRBG_CTX *d
 
     for (;;) {
         inc_128(cctx);
-        if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
-            AES_encrypt(cctx->V, dctx->lb, &cctx->ks);
-            dctx->lb_valid = 1;
-            continue;
-        }
         if (outlen < 16) {
             /* Use K as temp space as it will be updated */
             AES_encrypt(cctx->V, cctx->K, &cctx->ks);
-            if (!fips_drbg_cprng_test(dctx, cctx->K))
-                return 0;
             memcpy(out, cctx->K, outlen);
             break;
         }
         AES_encrypt(cctx->V, out, &cctx->ks);
-        if (!fips_drbg_cprng_test(dctx, out))
-            return 0;
         out += 16;
         outlen -= 16;
         if (outlen == 0)
Index: openssl-1.1.0i/crypto/fips/fips_drbg_hash.c
===================================================================
--- openssl-1.1.0i.orig/crypto/fips/fips_drbg_hash.c	2020-01-07 12:05:29.833157603 +0100
+++ openssl-1.1.0i/crypto/fips/fips_drbg_hash.c	2020-01-16 17:34:39.430289399 +0100
@@ -185,19 +185,12 @@ static int hash_gen(DRBG_CTX *dctx, unsi
     for (;;) {
         FIPS_digestinit(hctx->mctx, hctx->md);
         FIPS_digestupdate(hctx->mctx, hctx->vtmp, dctx->seedlen);
-        if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
-            FIPS_digestfinal(hctx->mctx, dctx->lb, NULL);
-            dctx->lb_valid = 1;
-        } else if (outlen < dctx->blocklength) {
+        if (outlen < dctx->blocklength) {
             FIPS_digestfinal(hctx->mctx, hctx->vtmp, NULL);
-            if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
-                return 0;
             memcpy(out, hctx->vtmp, outlen);
             return 1;
         } else {
             FIPS_digestfinal(hctx->mctx, out, NULL);
-            if (!fips_drbg_cprng_test(dctx, out))
-                return 0;
             outlen -= dctx->blocklength;
             if (outlen == 0)
                 return 1;
Index: openssl-1.1.0i/crypto/fips/fips_drbg_hmac.c
===================================================================
--- openssl-1.1.0i.orig/crypto/fips/fips_drbg_hmac.c	2020-01-07 12:05:29.833157603 +0100
+++ openssl-1.1.0i/crypto/fips/fips_drbg_hmac.c	2020-01-16 17:37:16.419270376 +0100
@@ -177,23 +177,13 @@ static int drbg_hmac_generate(DRBG_CTX *
             return 0;
         if (!HMAC_Update(hctx, Vtmp, dctx->blocklength))
             return 0;
-        if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid) {
-            if (!HMAC_Final(hctx, dctx->lb, NULL))
-                return 0;
-            dctx->lb_valid = 1;
-            Vtmp = dctx->lb;
-            continue;
-        } else if (outlen > dctx->blocklength) {
+        if (outlen > dctx->blocklength) {
             if (!HMAC_Final(hctx, out, NULL))
                 return 0;
-            if (!fips_drbg_cprng_test(dctx, out))
-                return 0;
             Vtmp = out;
         } else {
             if (!HMAC_Final(hctx, hmac->V, NULL))
                 return 0;
-            if (!fips_drbg_cprng_test(dctx, hmac->V))
-                return 0;
             memcpy(out, hmac->V, outlen);
             break;
         }