summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh/dh_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh/dh_lib.c')
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 7aef080e7a..00218f2b92 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -64,6 +64,10 @@
64#include <openssl/engine.h> 64#include <openssl/engine.h>
65#endif 65#endif
66 66
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70
67const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; 71const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
68 72
69static const DH_METHOD *default_DH_method = NULL; 73static const DH_METHOD *default_DH_method = NULL;
@@ -76,7 +80,16 @@ void DH_set_default_method(const DH_METHOD *meth)
76const DH_METHOD *DH_get_default_method(void) 80const DH_METHOD *DH_get_default_method(void)
77 { 81 {
78 if(!default_DH_method) 82 if(!default_DH_method)
83 {
84#ifdef OPENSSL_FIPS
85 if (FIPS_mode())
86 return FIPS_dh_openssl();
87 else
88 return DH_OpenSSL();
89#else
79 default_DH_method = DH_OpenSSL(); 90 default_DH_method = DH_OpenSSL();
91#endif
92 }
80 return default_DH_method; 93 return default_DH_method;
81 } 94 }
82 95
@@ -156,7 +169,7 @@ DH *DH_new_method(ENGINE *engine)
156 ret->counter = NULL; 169 ret->counter = NULL;
157 ret->method_mont_p=NULL; 170 ret->method_mont_p=NULL;
158 ret->references = 1; 171 ret->references = 1;
159 ret->flags=ret->meth->flags; 172 ret->flags=ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
160 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); 173 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
161 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) 174 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
162 { 175 {