From: Nikos Mavrogiannopoulos Date: Tue, 21 Oct 2014 18:00:54 +0000 (+0200) Subject: fips140-2: limit the FIPS code in fips mode X-Git-Tag: gnutls_3_4_0~766 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e17c4b8704c256d00932b515f2d0b065fbd68ea4;p=thirdparty%2Fgnutls.git fips140-2: limit the FIPS code in fips mode --- diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index ad2b96557d..0653fcc248 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -1276,12 +1276,15 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, mpz_set_ui(pub.e, 65537); +#ifdef ENABLE_FIPS140 if (_gnutls_fips_mode_enabled() != 0) { ret = rsa_generate_fips186_4_keypair(&pub, &priv, NULL, rnd_func, NULL, NULL, level); - } else { + } else +#endif + { ret = rsa_generate_keypair(&pub, &priv, NULL, rnd_func, NULL, NULL,