[openssl-users] RSA_generate_key fails in FIPS Mode with key size 2048
Neptune
pdrotter at us.ibm.com
Wed Feb 24 16:31:42 UTC 2016
Using:
FIPS Object Module 2.0.9
OpenSSL 1.0.1l
When I call RSA_generate_key:
if (rsa = RSA_generate_key(keySize, RSA_F4, NULL, NULL))
I get the following error string:
(OPENSSL error:04081078:rsa routines:RSA_BUILTIN_KEYGEN:key size too small)
As I understand, RSA Key size must be 2048 or greater in FIPS mode, so I
printed out the key size just before calling the above function:
******** KEYSIZE = 2048.
What else could cause this function to report a key size too small if it is
2048 bits? Is 2048 still FIPS-compliant?
BTW: this works if FIPS mode is off.
Thanks!
--
View this message in context: http://openssl.6102.n7.nabble.com/RSA-generate-key-fails-in-FIPS-Mode-with-key-size-2048-tp63989.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list