Free keys if DSA pairwise error.

[openssl.git] / crypto / dsa / dsa_key.c

diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 5cacc0447805729644412dd8cc47467b8343cbb1..acc34a586513473aa847503c8497edad40f81ef0 100644 (file)
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -56,6 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
@@ -160,8 +162,12 @@ static int dsa_builtin_keygen(DSA *dsa)
        if (fips_dsa_pairwise_fail)
                BN_add_word(dsa->pub_key, 1);
        if(!fips_check_dsa(dsa))
+               {
+               dsa->pub_key = NULL;
+               dsa->priv_key = NULL;
+               goto err;
+               }
 #endif
-           goto err;
        ok=1;
 
 err: