Comment 23 for bug 1553309

> I was not sure of the naming convention for the patches, so I kept the same name as in fedora but used the version of openssl that we were patching.

The patch name is not that important. But it's very important to give the precise URL where you took it from, and that the patch actually matches the patch in that URL. This is the case for some of the patches, but not for openssl-1.0.2g-fips-ec.patch and openssl-1.0.2f-new-fips-reqs.patch, or you took them from a different place than http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/.

> I downloaded openssl source rpm and the fips patches were in the SOURCES directory.

Ah, I see. But according to git, the fips-ec patch hasn't been changed in Fedora git for a year. Also, I downloaded the exact same srpm and compared patches -- the srpm has the same patches as Fedora git (not surprisingly), and the same differences towards the patches in your package:

$ interdiff -p1 fedora/openssl-1.0.2a-fips-ec.patch openssl-1.0.2g/debian/patches/openssl-1.0.2g-fips-ec.patch|diffstat
 b/crypto/fips/Makefile | 64 ---
 crypto/ec/ec2_smpl.c | 5
 crypto/ec/ec_curve.c | 4
 openssl-1.0.2a/crypto/fips/cavs/fips_ecdhvs.c | 456 ---------------------
 openssl-1.0.2a/crypto/fips/cavs/fips_ecdsavs.c | 486 -----------------------
 openssl-1.0.2a/crypto/fips/fips_ecdh_selftest.c | 242 -----------
 openssl-1.0.2a/crypto/fips/fips_ecdsa_selftest.c | 165 -------
 openssl-1.0.2a/version.map | 4
 8 files changed, 1426 deletions(-)

$ interdiff -p1 fedora/openssl-1.0.2f-new-fips-reqs.patch openssl-1.0.2g/debian/patches/openssl-1.0.2g-new-fips-reqs.patch|diffstat
 b/crypto/fips/fips_dh_selftest.c | 6
 b/crypto/fips/fips_ecdh_selftest.c | 240 ++++++++++++++++++++++++++++++++++++
 b/crypto/fips/fips_ecdsa_selftest.c | 165 ++++++++++++++++++++++++
 openssl-1.0.2f/crypto/bn/bn_rand.c | 8 -
 4 files changed, 411 insertions(+), 8 deletions(-)