From 1b6ea3080d86e8c3a249cda92fbd20417e942704 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 4 Dec 2019 09:54:35 +0100
Subject: [PATCH] PROV: Avoid MDC2 in the RSA signature implementation in the
 FIPS module

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10557)
---
 providers/implementations/signature/rsa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 3f941b1032..6b0f55a19a 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -308,6 +308,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
             return 0;
         }
 
+#ifndef FIPS_MODE
         if (EVP_MD_is_a(prsactx->md, OSSL_DIGEST_NAME_MDC2)) {
             unsigned int sltmp;
 
@@ -326,6 +327,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
             ret = sltmp;
             goto end;
         }
+#endif
 
         switch (prsactx->pad_mode) {
         case RSA_X931_PADDING:
@@ -401,7 +403,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
                                   prsactx->pad_mode);
     }
 
-#ifdef LEGACY_MODE
+#ifndef FIPS_MODE
  end:
 #endif
     if (ret <= 0) {
-- 
2.34.1