From afb638f137958205b6b089da8967f4775b4c9bb6 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 17 Jan 2020 14:47:18 +0000
Subject: Make the RSA ASYM_CIPHER implementation available inside the FIPS
 module

RSA ASYM_CIPHER was already available within the default provider. We
now make it also available from inside the FIPS module.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10881)
---
 crypto/rsa/rsa_local.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'crypto/rsa/rsa_local.h')

diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h
index 9b55115e47..e15c1ae3d5 100644
--- a/crypto/rsa/rsa_local.h
+++ b/crypto/rsa/rsa_local.h
@@ -29,6 +29,8 @@ DECLARE_ASN1_ITEM(RSA_PRIME_INFO)
 DEFINE_STACK_OF(RSA_PRIME_INFO)
 
 struct rsa_st {
+    OPENSSL_CTX *libctx;
+
     /*
      * The first parameter is used to pickup errors where this is passed
      * instead of an EVP_PKEY, it is set to 0
@@ -46,11 +48,12 @@ struct rsa_st {
     BIGNUM *dmp1;
     BIGNUM *dmq1;
     BIGNUM *iqmp;
+    /* TODO(3.0): Support PSS in FIPS_MODE */
+#ifndef FIPS_MODE
     /* for multi-prime RSA, defined in RFC 8017 */
     STACK_OF(RSA_PRIME_INFO) *prime_infos;
     /* If a PSS only key this contains the parameter restrictions */
     RSA_PSS_PARAMS *pss;
-#ifndef FIPS_MODE
     /* be careful using this if the RSA structure is shared */
     CRYPTO_EX_DATA ex_data;
 #endif
-- 
cgit v1.2.3