Using: FIPS Object Module 2.0.9 OpenSSL 1.0.1l When I call RSA_generate_key: if (rsa = RSA_generate_key(keySize, RSA_F4, NULL, NULL)) I get the following error string: (OPENSSL error:04081078:rsa routines:RSA_BUILTIN_KEYGEN:key size too small) As I understand, RSA Key size must be 2048 or greater in FIPS mode, so I printed out the key size just before calling the above function: ******** KEYSIZE = 2048. What else could cause this function to report a key size too small if it is 2048 bits? Is 2048 still FIPS-compliant? BTW: this works if FIPS mode is off. Thanks! -- View this message in context: http://openssl.6102.n7.nabble.com/RSA-generate-key-fails-in-FIPS-Mode-with-key-size-2048-tp63989.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
