mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove redundant definitions. Give error code if DRBG sefltest fails.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2011-03-31 17:23:12 +00:00
parent 52b6ee8245
commit e06de4dd35
4 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/fips_err.h
View File

@ -90,12 +90,13 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
{ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"},
{ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"},
{ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_SELFTEST_CMAC"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},

1
fips/fips.h
View File

@ -203,6 +203,7 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_DRBG_INSTANTIATE 133
#define FIPS_F_FIPS_DRBG_NEW 134
#define FIPS_F_FIPS_DRBG_RESEED 135
#define FIPS_F_FIPS_DRBG_SINGLE_KAT 140
#define FIPS_F_FIPS_DSA_CHECK 107
#define FIPS_F_FIPS_MODE_SET 108
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109

2
fips/rand/fips_drbg_selftest.c
View File

@ -797,6 +797,8 @@ static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
rv = 1;
err:
if (rv == 0)
FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_SELFTEST_FAILED);
FIPS_drbg_uninstantiate(dctx);
return rv;

6
fips/rand/fips_rand_lcl.h
View File

@ -97,10 +97,6 @@ struct drbg_ctr_ctx_st
/* fatal error condition */
#define DRBG_STATUS_ERROR 3
/* Maximum values for temp entropy and nonce */
#define DRBG_MAX_ENTROPY 1024
#define DRBG_MAX_NONCE 1024
/* A default maximum length: larger than any reasonable value used in pratice */
#define DRBG_MAX_LENGTH 0x7ffffff0
@ -159,8 +155,6 @@ struct drbg_ctx_st
/* Indicates we have finished with entropy buffer */
void (*cleanup_entropy)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
unsigned char nonce[DRBG_MAX_NONCE];
/* nonce gathering function */
size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char **pout,
int entropy, size_t min_len, size_t max_len);