summaryrefslogtreecommitdiff
path: root/crypto/dsa/dsa_key.c
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2012-07-11 23:31:36 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2012-07-11 23:31:36 +0000
commit0758ab5ea778e4ba36d2150af1bba602a48d6467 (patch)
tree0c30591ac90cb5e07a0763793709fd1056b67f57 /crypto/dsa/dsa_key.c
parent2b8b5455829304396e38200c205612c4dc57c052 (diff)
vendor/openssl/1.0.1c
Diffstat (limited to 'crypto/dsa/dsa_key.c')
-rw-r--r--crypto/dsa/dsa_key.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 5e3912423014c..9cf669b921ac6 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -64,14 +64,28 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
-#ifndef OPENSSL_FIPS
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
static int dsa_builtin_keygen(DSA *dsa);
int DSA_generate_key(DSA *dsa)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+#endif
if(dsa->meth->dsa_keygen)
return dsa->meth->dsa_keygen(dsa);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dsa_generate_key(dsa);
+#endif
return dsa_builtin_keygen(dsa);
}
@@ -128,5 +142,3 @@ err:
return(ok);
}
#endif
-
-#endif
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-10 21:58:16 +0000