[openssl-users] RSA key generation in FIPS mode

Dr. Stephen Henson steve at openssl.org
Wed Jul 29 14:59:15 UTC 2015

On Tue, Jul 28, 2015, Randy Steck wrote:

> Thus, it appears that there is a function in the FIPS API that allows
> for the creation of RSA keys in a non-approved manner.
> Am I missing something?  Is this by design, or is it a bug?

Yes you're right it uses the unapproved keygen algorithm by default.

The FIPS capable OpenSSL does this too which I'd say this was a bug which
should be fixed.

> Assuming I was to remediate this for one of my clients (hardware
> validation),
> the wrapper function within the canister should replace the call to the
> builtin function with a call to the RSA_X931_generate_key_ex() function,
> and/or the struct creation function should explicitly set the rsa_keygen
> method.  Correct?

Well you don't have to modify the FIPS module at all. The FIPS capable OpenSSL
can be modified to call FIPS_rsa_x931_generate_key_ex in FIPS mode.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list