aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/dsa/dsa_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/dsa/dsa_key.c')
-rw-r--r--crypto/dsa/dsa_key.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 942000e3a5..3df9a6c6a9 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -106,11 +106,14 @@ static int dsa_builtin_keygen(DSA *dsa)
BIGNUM *pub_key=NULL,*priv_key=NULL;
#ifdef OPENSSL_FIPS
- if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
+ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
+ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{
DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
+ if (!fips_check_dsa_prng(dsa, 0, 0))
+ goto err;
#endif
if ((ctx=BN_CTX_new()) == NULL) goto err;
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-30 14:32:01 +0000