Add self tests for rsa encryption

SP800-56br2 requires seperate KAT's (fips self tests) to be tested for both encryption and decryption
using the RSA primitive (i.e. no padding). This is specified in FIPS140-2 IG D.9

A copy of the methods EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt(), EVP_PKEY_decrypt_init(), EVP_PKEY_decrypt()
are now in the fips module.

Removed the #ifdef FIPS_MODULE in evp_pkey_ctx_free_old_ops().

Added corruption test

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12835)

1 files changed, 10 insertions, 0 deletions

diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index d404716b23..2ae999e023 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -184,6 +184,10 @@ file after successfully running the self tests during installation.
 
 Known answer test for a symmetric cipher.
 
+=item "KAT_AsymmetricCipher" (B<OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER>)
+
+Known answer test for a asymmetric cipher.
+
 =item "KAT_Digest" (B<OSSL_SELF_TEST_TYPE_KAT_DIGEST>)
 
 Known answer test for a digest.
@@ -237,6 +241,12 @@ The FIPS module passes the following descriptions(s) to OSSL_SELF_TEST_onbegin()
 
 Key generation tests used with the "Pairwise_Consistency_Test" type.
 
+=item "RSA_Encrypt" (B<OSSL_SELF_TEST_DESC_ASYM_RSA_ENC>)
+
+=item "RSA_Decrypt" (B<OSSL_SELF_TEST_DESC_ASYM_RSA_DEC>)
+
+"KAT_AsymmetricCipher" uses this to indicate an encrypt or decrypt KAT.
+
 =item "AES_GCM" (B<OSSL_SELF_TEST_DESC_CIPHER_AES_GCM>)
 
 =item "TDES" (B<OSSL_SELF_TEST_DESC_CIPHER_TDES>)