On Sun, Jan 20, 2013, Oz, Tal (Tal) wrote: > Hi, > > I'm using OpenSSL 1.0.1c linked with FIPS object module. > On startup FIPS is enabled successfully (using FIPS_mode_set function). > > When I try to generate rsa key it failed with error 'non fips rsa method'. > I tried calling both EVP API and rsa function directly (RSA_generate_key). > I can see it failed in rsa_gen.c in function RSA_generate_key_ex() > [snip] > Anything I should do differently to make it work ? >
Well the openssl genrsa and genpkey commands do essentially the same and they work in FIPS mode. So I'd guess it's something wrong elsewhere, such as how your application is linked or how you enter FIPS mode? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
