generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Initial switch to DRBG base PRNG in FIPS mode. Include bogus seeding for

Browse Source 
test applications.
This commit is contained in:
Dr. Stephen Henson
2011-04-01 14:46:07 +00:00
parent 212a08080c
commit 011c865640
4 changed files with 43 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
fips/rand/fips_drbg_lib.c
View File

@@ -274,6 +274,17 @@ static int fips_drbg_generate_internal(DRBG_CTX *dctx,
const unsigned char *adin, size_t adinlen)
{
int r = 0;
if (dctx->status != DRBG_STATUS_READY
&& dctx->status != DRBG_STATUS_RESEED)
{
if (dctx->status == DRBG_STATUS_ERROR)
r = FIPS_R_IN_ERROR_STATE;
else if(dctx->status == DRBG_STATUS_UNINITIALISED)
r = FIPS_R_NOT_INSTANTIATED;
goto end;
}
if (outlen > dctx->max_request)
{
r = FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG;
@@ -296,14 +307,7 @@ static int fips_drbg_generate_internal(DRBG_CTX *dctx,
adin = NULL;
adinlen = 0;
}
if (dctx->status != DRBG_STATUS_READY)
{
if (dctx->status == DRBG_STATUS_ERROR)
r = FIPS_R_IN_ERROR_STATE;
else if(dctx->status == DRBG_STATUS_UNINITIALISED)
r = FIPS_R_NOT_INSTANTIATED;
goto end;
}
if (!dctx->generate(dctx, out, outlen, adin, adinlen))
{
r = FIPS_R_GENERATE_ERROR;