Issue #6939 has been reported by vo.x (Vit Ondruch).

----------------------------------------
Bug #6939: Uninformative exception in FIPS mode
https://bugs.ruby-lang.org/issues/6939

Author: vo.x (Vit Ondruch)
Status: Open
Priority: Normal
Assignee: duerst (Martin Dürst)
Category: 
Target version: 
ruby -v: trunk


# cat /proc/sys/crypto/fips_enabled
1
]# irb
irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> OpenSSL::PKey::DH.new(1024)
=> -----BEGIN DH PARAMETERS-----
MIGHAoGBAMjWrD9U8wfqxMEMPBaBnihhTJb6CGgy7Auy1Aark27nFER3RuYY4ZXC
2lZ11/mDhyymW/LPNr8cupYgs5AsZttguT/zhpr6j2sobnjkcvj8T6FkQ42TC4Dw
PS+O+Mdvz1BP8ZUWXV8QBxyxCKCanPVWvPGI8tC5amj9QM66VyUTAgEC
-----END DH PARAMETERS-----

irb(main):003:0> OpenSSL::PKey::DH.new(128)
OpenSSL::PKey::DHError: BN lib
	from (irb):3:in `initialize'
	from (irb):3:in `new'
	from (irb):3
	from /bin/irb:12:in `<main>'
irb(main):004:0> 


Could you please provide better exception message? While it is fine that DH.new fails with short key, it is not obvious from the message what is the reason. Thank you.


-- 
http://bugs.ruby-lang.org/