diff options
Diffstat (limited to 'crypto/openssl/crypto/dsa/dsa_sign.c')
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_sign.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/crypto/openssl/crypto/dsa/dsa_sign.c b/crypto/openssl/crypto/dsa/dsa_sign.c index 89205026f01b..3c9753bac391 100644 --- a/crypto/openssl/crypto/dsa/dsa_sign.c +++ b/crypto/openssl/crypto/dsa/dsa_sign.c @@ -64,9 +64,17 @@ #include <openssl/dsa.h> #include <openssl/rand.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE +#include <openssl/engine.h> +#endif +#include <openssl/fips.h> DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !FIPS_dsa_check(dsa)) + return NULL; +#endif return dsa->meth->dsa_do_sign(dgst, dlen, dsa); } @@ -87,6 +95,10 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !FIPS_dsa_check(dsa)) + return 0; +#endif return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); } |