Make sure all BIGNUM operations work within the FIPS provider

The FIPS provider does not have a default OPENSSL_CTX so, where necessary, we need to ensure we can always access an explicit OPENSSL_CTX. We remove functions from the FIPS provider that use the default OPENSSL_CTX, and fixup some places which were using those removed functions. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9310)
author: Matt Caswell <matt@openssl.org> 2019-07-04 15:41:17 +0100
committer: Matt Caswell <matt@openssl.org> 2019-07-15 11:03:44 +0100
commit: 2934be91349b365f1350fe9c30e4263be653c0f6 (patch)
tree: 926db8537c403e61baf0c228800fb88bcec37005 /crypto/bn/bn_sqrt.c
parent: 753149d97f8474ff8745a66175b8e4a19fe50743 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index 5981cd077a..2107487b72 100644
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -180,7 +180,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
             if (!BN_set_word(y, i))
                 goto end;
         } else {
-            if (!BN_priv_rand(y, BN_num_bits(p), 0, 0))
+            if (!BN_priv_rand_ex(y, BN_num_bits(p), 0, 0, ctx))
                 goto end;
             if (BN_ucmp(y, p) >= 0) {
                 if (!(p->neg ? BN_add : BN_sub) (y, y, p))
author	Matt Caswell <matt@openssl.org>	2019-07-04 15:41:17 +0100
committer	Matt Caswell <matt@openssl.org>	2019-07-15 11:03:44 +0100
commit	2934be91349b365f1350fe9c30e4263be653c0f6 (patch)
tree	926db8537c403e61baf0c228800fb88bcec37005 /crypto/bn/bn_sqrt.c
parent	753149d97f8474ff8745a66175b8e4a19fe50743 (diff)