diff options
Diffstat (limited to 'crypto/rsa')
| -rw-r--r-- | crypto/rsa/rsa_eay.c | 8 | ||||
| -rw-r--r-- | crypto/rsa/rsa_gen.c | 4 | ||||
| -rw-r--r-- | crypto/rsa/rsa_x931g.c | 2 |
3 files changed, 7 insertions, 7 deletions
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index bb434d7328..325efb95c7 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -170,7 +170,7 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, goto err; } - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); @@ -382,7 +382,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, goto err; } - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); @@ -530,7 +530,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, goto err; } - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); @@ -674,7 +674,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, goto err; } - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 24f9eaf4d6..d28f8725cd 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -82,7 +82,7 @@ int fips_check_rsa_prng(RSA *rsa, int bits) { int strength; - if (!FIPS_mode()) + if (!FIPS_module_mode()) return 1; if (rsa->flags & (RSA_FLAG_NON_FIPS_ALLOW|RSA_FLAG_CHECKED)) @@ -205,7 +205,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) return 0; } - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT); diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c index 819a728954..e6e62c4ad3 100644 --- a/crypto/rsa/rsa_x931g.c +++ b/crypto/rsa/rsa_x931g.c @@ -210,7 +210,7 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb) BN_CTX *ctx = NULL; #ifdef OPENSSL_FIPS - if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && + if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT); |