From 96a7c6be649326f0af51ddc0fffac79979a2f45f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Tue, 5 Mar 2013 07:54:04 +0200
Subject: main/openssl: update padlock sha1 patch

Add EVP_MD_FLAG_PKEY_METHOD_SIGNATURE to padlock_sha1_md to fix
DSA/SHA1 verification in certain cases. Seems that NID_sha1 instead
of NID_dss is used sometimes incorrectly, and this seems to be the
workaround regular SHA1 code does too.

Suggested-by: Daniel Mansfield <daniel.mansfield@unsw.edu.au>
---
 .../0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch')

diff --git a/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
index 6b21985797..c88edbf8fe 100644
--- a/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+++ b/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -424,7 +424,7 @@ index 6ab42d2..e107d3c 100644
 +	NID_sha1,
 +	NID_sha1WithRSAEncryption,
 +	SHA_DIGEST_LENGTH,
-+	0,
++	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
 +	padlock_sha1_init,
 +	padlock_sha1_update,
 +	padlock_sha1_final,
-- 
cgit v1.2.3