kentpeacock / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
Blob Blame History Raw
diff -up openssh-8.6p1/sshkey.c.fips openssh-8.6p1/sshkey.c
--- openssh-8.6p1/sshkey.c.fips	2021-05-06 12:08:36.493926838 +0200
+++ openssh-8.6p1/sshkey.c	2021-05-06 12:08:36.502926908 +0200
@@ -1705,6 +1707,8 @@ rsa_generate_private_key(u_int bits, RSA
		goto out;

	if (EVP_PKEY_keygen(ctx, &res) <= 0) {
+		if (FIPS_mode())
+			logit_f("the key length might be unsupported by FIPS mode approved key generation method");
 		ret = SSH_ERR_LIBCRYPTO_ERROR;
 		goto out;
 	}