Use single X931 key generation source file for FIPS and non-FIPS builds.
This commit is contained in:
parent
e2b798c8b3
commit
c2a459315a
4 changed files with 12 additions and 10 deletions
|
@ -333,6 +333,7 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
|
|||
../crypto/rsa/rsa_pss.o \
|
||||
../crypto/rsa/rsa_ssl.o \
|
||||
../crypto/rsa/rsa_x931.o \
|
||||
../crypto/rsa/rsa_x931g.o \
|
||||
../crypto/sha/sha1dgst.o \
|
||||
../crypto/sha/sha256.o \
|
||||
../crypto/sha/sha512.o \
|
||||
|
|
|
@ -20,11 +20,11 @@ LIB=$(TOP)/libcrypto.a
|
|||
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
|
||||
rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
|
||||
rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
|
||||
rsa_pmeth.c rsa_crpt.c
|
||||
rsa_pmeth.c rsa_crpt.c rsa_x931g.c
|
||||
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
|
||||
rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
|
||||
rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
|
||||
rsa_pmeth.o rsa_crpt.o
|
||||
rsa_pmeth.o rsa_crpt.o rsa_x931g.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
|
|
@ -62,12 +62,12 @@
|
|||
#include <openssl/err.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/fips.h>
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
#include <openssl/fips.h>
|
||||
|
||||
extern int fips_check_rsa(RSA *rsa);
|
||||
|
||||
#endif
|
||||
|
||||
/* X9.31 RSA key derivation and generation */
|
||||
|
||||
|
@ -206,7 +206,8 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
|
|||
int ok = 0;
|
||||
BIGNUM *Xp = NULL, *Xq = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT);
|
||||
|
@ -224,6 +225,7 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
|
|||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
ctx = BN_CTX_new();
|
||||
if (!ctx)
|
||||
|
@ -258,8 +260,10 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
|
|||
NULL, NULL, NULL, NULL, NULL, NULL, e, cb))
|
||||
goto error;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if(!fips_check_rsa(rsa))
|
||||
goto error;
|
||||
#endif
|
||||
|
||||
ok = 1;
|
||||
|
||||
|
@ -277,4 +281,3 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
|
|||
|
||||
}
|
||||
|
||||
#endif
|
|
@ -22,10 +22,8 @@ TEST= fips_rsavtest.c fips_rsastest.c fips_rsagtest.c
|
|||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC= fips_rsa_selftest.c fips_rsa_x931g.c \
|
||||
fips_rsa_sign.c fips_rsa_lib.c
|
||||
LIBOBJ= fips_rsa_selftest.o fips_rsa_x931g.o \
|
||||
fips_rsa_sign.o fips_rsa_lib.o
|
||||
LIBSRC= fips_rsa_selftest.c fips_rsa_sign.c fips_rsa_lib.c
|
||||
LIBOBJ= fips_rsa_selftest.o fips_rsa_sign.o fips_rsa_lib.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
|
Loading…
Reference in a new issue