* - Geoff
*/
+
+
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/dh.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
-/* We generate DH parameters as follows
+/*-
+ * We generate DH parameters as follows
* find a prime q which is prime_len/2 bits long.
* p=(2*q)+1 or (p-1)/2 = q
* For this case, g is a generator if
int g,ok= -1;
BN_CTX *ctx=NULL;
-#ifdef OPENSSL_FIPS
- if(FIPS_selftest_failed())
- {
- FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS,FIPS_R_FIPS_SELFTEST_FAILED);
- return 0;
- }
-
- if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
- {
- DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
- goto err;
- }
-#endif
-
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
BN_CTX_start(ctx);