int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes,
BIGNUM *e_value, BN_GENCB *cb)
{
+#ifndef FIPS_MODE
/* multi-prime is only supported with the builtin key generation */
if (rsa->meth->rsa_multi_prime_keygen != NULL) {
return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes,
else
return 0;
}
-
+#endif /* FIPS_MODE */
return rsa_builtin_keygen(rsa, bits, primes, e_value, cb);
}
static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value,
BN_GENCB *cb)
{
+#ifdef FIPS_MODE
+ if (primes != 2)
+ return 0;
+ return rsa_sp800_56b_generate_key(rsa, bits, e_value, cb);
+#else
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *tmp, *prime;
int ok = -1, n = 0, bitsr[RSA_MAX_PRIME_NUM], bitse = 0;
int i = 0, quo = 0, rmd = 0, adj = 0, retries = 0;
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ok;
+#endif /* FIPS_MODE */
}