rsa: make parameters conditional on FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/28243)
2025-08-13 12:54:12 +10:00 · 2025-08-13 12:54:12 +10:00 · b411ef0b53
parent 2b7c555fec
commit b411ef0b53
1 changed files with 3 additions and 3 deletions
--- a/providers/implementations/asymciphers/rsa_enc.c.in
+++ b/providers/implementations/asymciphers/rsa_enc.c.in
@ -372,7 +372,7 @@ static void *rsa_dupctx(void *vprsactx)
                          ['ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION',      'tlsver', 'uint'],
                          ['ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION',  'negver', 'uint'],
                          ['ASYM_CIPHER_PARAM_IMPLICIT_REJECTION',      'imrej',  'uint'],
-                          ['ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR', 'ind',    'int'],
+                          ['ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR', 'ind',    'int', 'fips'],
                         )); -}
 static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
@ -469,8 +469,8 @@ static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
                          ['ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION',           'tlsver',  'uint'],
                          ['ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION',       'negver',  'uint'],
                          ['ASYM_CIPHER_PARAM_IMPLICIT_REJECTION',           'imrej',   'uint'],
-                          ['ASYM_CIPHER_PARAM_FIPS_KEY_CHECK',               'ind_k',   'int'],
+                          ['ASYM_CIPHER_PARAM_FIPS_KEY_CHECK',               'ind_k',   'int', 'fips'],
-                          ['ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED', 'ind_pad', 'int'],
+                          ['ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED', 'ind_pad', 'int', 'fips'],
                         )); -}
 static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])