diff options
Diffstat (limited to 'crypto/openssl/crypto/rsa/rsa_sign.c')
-rw-r--r-- | crypto/openssl/crypto/rsa/rsa_sign.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/openssl/crypto/rsa/rsa_sign.c b/crypto/openssl/crypto/rsa/rsa_sign.c index 5488c06f6d8d..743dfd76501e 100644 --- a/crypto/openssl/crypto/rsa/rsa_sign.c +++ b/crypto/openssl/crypto/rsa/rsa_sign.c @@ -137,7 +137,12 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, i2d_X509_SIG(&sig,&p); s=tmps; } +#ifdef OPENSSL_FIPS + /* Bypass algorithm blocking: this is allowed if we get this far */ + i=rsa->meth->rsa_priv_enc(i,s,sigret,rsa,RSA_PKCS1_PADDING); +#else i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); +#endif if (i <= 0) ret=0; else @@ -190,8 +195,11 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); return 0; } -#endif + /* Bypass algorithm blocking: this is allowed */ + i=rsa->meth->rsa_pub_dec((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); +#else i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); +#endif if (i <= 0) goto err; |