Hi,
My code is using the FIPS capable openssl (0.9.8j) in FIPS Mode.
X509_get_pub_key function is used to retrieve the public key from a signing
certificate.
pubKey = X509_get_pubkey(x509Cert);
The returned pubKey has the FIPS ALLOW Flag set :
if((pubKey->pkey.rsa)->flags & RSA_FLAG_NON_FIPS_ALLOW)
{
printf("This is true\n");
}
Is openSSL explicity setting this flag somewhere in code?
Subsequent call to RSA_verify succeeds because of setting of this flag. Is
this intended behaviour?
Pankaj
--
View this message in context:
http://www.nabble.com/FIPS-flag-X509_get_pub_key-tp25530577p25530577.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
