summaryrefslogtreecommitdiff
path: root/crypto/dsa/dsa_sign.c
diff options
context:
space:
mode:
authorSimon L. B. Nielsen <simon@FreeBSD.org>2009-06-07 19:56:18 +0000
committerSimon L. B. Nielsen <simon@FreeBSD.org>2009-06-07 19:56:18 +0000
commit518099af59fbde0e7140459c76f59c9ac24bdf9c (patch)
tree873f9f63931a5d069bbcb053ea49eec4a92802dc /crypto/dsa/dsa_sign.c
parentc285625302c2411508052af6f109be9f6b789379 (diff)
vendor/openssl/0.9.8k
Notes
Diffstat (limited to 'crypto/dsa/dsa_sign.c')
-rw-r--r--crypto/dsa/dsa_sign.c31
1 files changed, 17 insertions, 14 deletions
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index 89205026f01b..4cfbbe57a802 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -64,29 +64,32 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
-DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
- {
- return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
- }
-int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
- unsigned int *siglen, DSA *dsa)
+DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
- DSA_SIG *s;
- s=DSA_do_sign(dgst,dlen,dsa);
- if (s == NULL)
+#ifdef OPENSSL_FIPS
+ if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
{
- *siglen=0;
- return(0);
+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return NULL;
}
- *siglen=i2d_DSA_SIG(s,&sig);
- DSA_SIG_free(s);
- return(1);
+#endif
+ return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
}
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
+#ifdef OPENSSL_FIPS
+ if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return 0;
+ }
+#endif
return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-07 09:45:09 +0000