diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-06-06 15:39:17 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-06-06 15:39:17 +0000 |
commit | 6342b6e3324e39863607efce048fa2ef1f3a293d (patch) | |
tree | 803effdff2d24a690bca5c37d7607e6de84a853d /crypto/ecdh | |
parent | a6dc77822bb0948e04be800e424d8076a6a8c003 (diff) |
Redirection of ECDSA, ECDH operations to FIPS module.
Also use FIPS EC methods unconditionally for now: might want to use them
only in FIPS mode or with a switch later.
Diffstat (limited to 'crypto/ecdh')
-rw-r--r-- | crypto/ecdh/ech_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index 4d8ea03d3d..49c0e41d14 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -73,6 +73,9 @@ #include <openssl/engine.h> #endif #include <openssl/err.h> +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT; @@ -90,7 +93,14 @@ void ECDH_set_default_method(const ECDH_METHOD *meth) const ECDH_METHOD *ECDH_get_default_method(void) { if(!default_ECDH_method) - default_ECDH_method = ECDH_OpenSSL(); + { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + default_ECDH_method = FIPS_ecdh_openssl(); + else +#endif + default_ECDH_method = ECDH_OpenSSL(); + } return default_ECDH_method; } |