generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

use X9.31 keygen by default in FIPS mode

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit d0c9a90640c8902fef3eb74e8ef05227f8e7dcb7)
This commit is contained in:
Dr. Stephen Henson 2015-07-29 16:16:02 +01:00
parent 721cbae7e6
commit 5030cc69ff
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/rsa/rsa_gen.c
View File

@ -69,6 +69,8 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
# include <openssl/fips.h> # include <openssl/fips.h>
extern int FIPS_rsa_x931_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
BN_GENCB *cb);
#endif #endif
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
@ -94,7 +96,7 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
if (FIPS_mode()) if (FIPS_mode())
return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb); return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb);
#endif #endif
return rsa_builtin_keygen(rsa, bits, e_value, cb); return rsa_builtin_keygen(rsa, bits, e_value, cb);
} }