On Tue, Jul 28, 2015, Randy Steck wrote: > Thus, it appears that there is a function in the FIPS API that allows > for the creation of RSA keys in a non-approved manner. > > Am I missing something? Is this by design, or is it a bug? > Yes you're right it uses the unapproved keygen algorithm by default. The FIPS capable OpenSSL does this too which I'd say this was a bug which should be fixed. > Assuming I was to remediate this for one of my clients (hardware > validation), > the wrapper function within the canister should replace the call to the > builtin function with a call to the RSA_X931_generate_key_ex() function, > and/or the struct creation function should explicitly set the rsa_keygen > method. Correct? > Well you don't have to modify the FIPS module at all. The FIPS capable OpenSSL can be modified to call FIPS_rsa_x931_generate_key_ex in FIPS mode. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
