diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-06-06 15:39:17 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-06-06 15:39:17 +0000 |
commit | 6342b6e3324e39863607efce048fa2ef1f3a293d (patch) | |
tree | 803effdff2d24a690bca5c37d7607e6de84a853d /crypto/ecdsa | |
parent | a6dc77822bb0948e04be800e424d8076a6a8c003 (diff) |
Redirection of ECDSA, ECDH operations to FIPS module.
Also use FIPS EC methods unconditionally for now: might want to use them
only in FIPS mode or with a switch later.
Diffstat (limited to 'crypto/ecdsa')
-rw-r--r-- | crypto/ecdsa/ecs_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 2ebae3aa27..0c5b17a527 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -60,6 +60,9 @@ #endif #include <openssl/err.h> #include <openssl/bn.h> +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT; @@ -77,7 +80,14 @@ void ECDSA_set_default_method(const ECDSA_METHOD *meth) const ECDSA_METHOD *ECDSA_get_default_method(void) { if(!default_ECDSA_method) - default_ECDSA_method = ECDSA_OpenSSL(); + { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + default_ECDSA_method = FIPS_ecdsa_openssl(); + else +#endif + default_ECDSA_method = ECDSA_OpenSSL(); + } return default_ECDSA_method; } |