generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More function code correction.

Browse Source
This commit is contained in:
Dr. Stephen Henson
2007-08-14 13:20:42 +00:00
parent a32f4770e9
commit 1a58139aaa
13 changed files with 63 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
fips-1.0/dh/fips_dh_gen.c
View File

@@ -111,13 +111,13 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS,FIPS_R_FIPS_SELFTEST_FAILED);
return 0; return 0;
} }
if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
{ {
DHerr(DH_F_GENERATE_PARAMETERS, DH_R_KEY_SIZE_TOO_SMALL); DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
goto err; goto err;
} }

6
fips-1.0/dh/fips_dh_key.c
View File

@@ -169,7 +169,7 @@ static int generate_key(DH *dh)
ok=1; ok=1;
err: err:
if (ok != 1) if (ok != 1)
DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
@@ -203,7 +203,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
if (dh->priv_key == NULL) if (dh->priv_key == NULL)
{ {
DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
goto err; goto err;
} }
@@ -223,7 +223,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
{ {
DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
goto err; goto err;
} }

4
fips-1.0/dsa/fips_dsa_gen.c
View File

@@ -119,14 +119,14 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS, FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN,
FIPS_R_FIPS_SELFTEST_FAILED); FIPS_R_FIPS_SELFTEST_FAILED);
goto err; goto err;
} }
if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{ {
DSAerr(DSA_F_DSA_GENERATE_PARAMETERS, DSA_R_KEY_SIZE_TOO_SMALL); DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL);
goto err; goto err;
} }

2
fips-1.0/dsa/fips_dsa_key.c
View File

@@ -80,7 +80,7 @@ int fips_check_dsa(DSA *dsa)
if (!fips_pkey_signature_test(&pk, tbs, -1, if (!fips_pkey_signature_test(&pk, tbs, -1,
NULL, 0, EVP_dss1(), 0, NULL)) NULL, 0, EVP_dss1(), 0, NULL))
{ {
FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
return 0; return 0;
} }
return 1; return 1;

2
fips-1.0/dsa/fips_dsa_ossl.c
View File

@@ -134,7 +134,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA
if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{ {
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL);
return NULL; return NULL;
} }

19
fips-1.0/fips.c
View File

@@ -208,7 +208,7 @@ int FIPS_check_incore_fingerprint(void)
if (FIPS_text_start()==NULL) if (FIPS_text_start()==NULL)
{ {
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM); FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM);
return 0; return 0;
} }
@@ -218,11 +218,11 @@ int FIPS_check_incore_fingerprint(void)
memcmp(FIPS_signature,sig,sizeof(FIPS_signature))) memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
{ {
if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end) if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end)
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING); FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING);
else if (OPENSSL_NONPIC_relocated) else if (OPENSSL_NONPIC_relocated)
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED); FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED);
else else
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
return 0; return 0;
} }
@@ -324,15 +324,6 @@ end:
return ret; return ret;
} }
#if 0
/* here just to cause error codes to exist */
static void dummy()
{
FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD);
FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED);
}
#endif
void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); } void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); } void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); } void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
@@ -431,7 +422,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
sig = OPENSSL_malloc(RSA_size(pkey->pkey.rsa)); sig = OPENSSL_malloc(RSA_size(pkey->pkey.rsa));
if (!sig) if (!sig)
{ {
FIPSerr(FIPS_F_FIPS_CHECK_PK_SIG,ERR_R_MALLOC_FAILURE); FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }
} }

47
fips-1.0/fips.h
View File

@@ -103,30 +103,29 @@ void ERR_load_FIPS_strings(void);
/* Error codes for the FIPS functions. */ /* Error codes for the FIPS functions. */
/* Function codes. */ /* Function codes. */
#define FIPS_F_DH_GENERATE_PARAMETERS 117 #define FIPS_F_DH_BUILTIN_GENPARAMS 100
#define FIPS_F_DSA_DO_SIGN 111 #define FIPS_F_DSA_BUILTIN_PARAMGEN 101
#define FIPS_F_DSA_DO_VERIFY 112 #define FIPS_F_DSA_DO_SIGN 102
#define FIPS_F_DSA_GENERATE_PARAMETERS 110 #define FIPS_F_DSA_DO_VERIFY 103
#define FIPS_F_FIPS_CHECK_DSA 116 #define FIPS_F_FIPS_CHECK_DSA 104
#define FIPS_F_FIPS_CHECK_DSO 120 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105
#define FIPS_F_FIPS_CHECK_EXE 106 #define FIPS_F_FIPS_CHECK_RSA 106
#define FIPS_F_FIPS_CHECK_FINGERPRINT 121 #define FIPS_F_FIPS_DSA_CHECK 107
#define FIPS_F_FIPS_CHECK_PK_SIG 122 #define FIPS_F_FIPS_MODE_SET 108
#define FIPS_F_FIPS_CHECK_RSA 115 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109
#define FIPS_F_FIPS_DSA_CHECK 102 #define FIPS_F_FIPS_SELFTEST_AES 110
#define FIPS_F_FIPS_MODE_SET 105 #define FIPS_F_FIPS_SELFTEST_DES 111
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 123 #define FIPS_F_FIPS_SELFTEST_DSA 112
#define FIPS_F_FIPS_SELFTEST_AES 104 #define FIPS_F_FIPS_SELFTEST_HMAC 113
#define FIPS_F_FIPS_SELFTEST_DES 107 #define FIPS_F_FIPS_SELFTEST_RNG 114
#define FIPS_F_FIPS_SELFTEST_DSA 109 #define FIPS_F_FIPS_SELFTEST_SHA1 115
#define FIPS_F_FIPS_SELFTEST_RNG 118 #define FIPS_F_RSA_BUILTIN_KEYGEN 116
#define FIPS_F_FIPS_SELFTEST_RSA 108 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117
#define FIPS_F_FIPS_SELFTEST_SHA 103 #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118
#define FIPS_F_HASH_FINAL 100 #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119
#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114 #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120
#define FIPS_F_RSA_GENERATE_KEY 113 #define FIPS_F_RSA_X931_GENERATE_KEY_EX 121
#define FIPS_F_RSA_X931_GENERATE_KEY 119 #define FIPS_F_SSLEAY_RAND_BYTES 122
#define FIPS_F_SSLEAY_RAND_BYTES 101
/* Reason codes. */ /* Reason codes. */
#define FIPS_R_CANNOT_READ_EXE 103 #define FIPS_R_CANNOT_READ_EXE 103

2
fips-1.0/hmac/fips_hmac_selftest.c
View File

@@ -126,7 +126,7 @@ int FIPS_selftest_hmac()
if(memcmp(out,t->kaval,outlen)) if(memcmp(out,t->kaval,outlen))
{ {
FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED); FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
return 0; return 0;
} }
} }

12
fips-1.0/rsa/fips_rsa_eay.c
View File

@@ -376,13 +376,13 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
goto err; goto err;
} }
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{ {
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1; return -1;
} }
@@ -519,13 +519,13 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_RSA_EAY_PRIVATE_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
goto err; goto err;
} }
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{ {
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1; return -1;
} }
@@ -658,13 +658,13 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_RSA_EAY_PUBLIC_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
goto err; goto err;
} }
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{ {
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1; return -1;
} }

4
fips-1.0/rsa/fips_rsa_gen.c
View File

@@ -118,13 +118,13 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_FIPS_SELFTEST_FAILED);
return 0; return 0;
} }
if (FIPS_mode() && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) if (FIPS_mode() && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{ {
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT); FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
return 0; return 0;
} }

24
fips-1.0/rsa/fips_rsa_sign.c
View File

@@ -218,7 +218,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx)); hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx));
if (hash_id == -1) if (hash_id == -1)
{ {
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
return 0; return 0;
} }
tmpdinfo[m_len] = (unsigned char)hash_id; tmpdinfo[m_len] = (unsigned char)hash_id;
@@ -232,7 +232,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
if (!der) if (!der)
{ {
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
return 0; return 0;
} }
memcpy(tmpdinfo, der, dlen); memcpy(tmpdinfo, der, dlen);
@@ -255,7 +255,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
saltlen = -2; saltlen = -2;
if (!sbuf) if (!sbuf)
{ {
RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); RSAerr(RSA_F_FIPS_RSA_SIGN,ERR_R_MALLOC_FAILURE);
goto psserr; goto psserr;
} }
if (!RSA_padding_add_PKCS1_PSS(rsa, sbuf, md, if (!RSA_padding_add_PKCS1_PSS(rsa, sbuf, md,
@@ -277,7 +277,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
j=RSA_size(rsa); j=RSA_size(rsa);
if (i > (j-RSA_PKCS1_PADDING_SIZE)) if (i > (j-RSA_PKCS1_PADDING_SIZE))
{ {
RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
goto done; goto done;
} }
/* NB: call underlying method directly to avoid FIPS blocking */ /* NB: call underlying method directly to avoid FIPS blocking */
@@ -309,7 +309,7 @@ static int fips_rsa_verify(int dtype,
if (siglen != (unsigned int)RSA_size(sv->key)) if (siglen != (unsigned int)RSA_size(sv->key))
{ {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
return(0); return(0);
} }
@@ -325,7 +325,7 @@ static int fips_rsa_verify(int dtype,
s= OPENSSL_malloc((unsigned int)siglen); s= OPENSSL_malloc((unsigned int)siglen);
if (s == NULL) if (s == NULL)
{ {
RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); RSAerr(RSA_F_FIPS_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
goto err; goto err;
} }
if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931) if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931)
@@ -345,23 +345,23 @@ static int fips_rsa_verify(int dtype,
int hash_id; int hash_id;
if (i != (int)(diglen + 1)) if (i != (int)(diglen + 1))
{ {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err; goto err;
} }
hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx)); hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx));
if (hash_id == -1) if (hash_id == -1)
{ {
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE);
goto err; goto err;
} }
if (s[diglen] != (unsigned char)hash_id) if (s[diglen] != (unsigned char)hash_id)
{ {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err; goto err;
} }
if (memcmp(s, dig, diglen)) if (memcmp(s, dig, diglen))
{ {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err; goto err;
} }
ret = 1; ret = 1;
@@ -373,7 +373,7 @@ static int fips_rsa_verify(int dtype,
if (!der) if (!der)
{ {
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE);
return(0); return(0);
} }
@@ -388,7 +388,7 @@ static int fips_rsa_verify(int dtype,
if ((i != (int)(dlen + diglen)) || memcmp(der, s, dlen) if ((i != (int)(dlen + diglen)) || memcmp(der, s, dlen)
|| memcmp(s + dlen, dig, diglen)) || memcmp(s + dlen, dig, diglen))
{ {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err; goto err;
} }
ret = 1; ret = 1;

8
fips-1.0/rsa/fips_rsa_x931g.c
View File

@@ -207,21 +207,21 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
BIGNUM *Xp = NULL, *Xq = NULL; BIGNUM *Xp = NULL, *Xq = NULL;
BN_CTX *ctx = NULL; BN_CTX *ctx = NULL;
if (bits < 1024) if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
{ {
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT); FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT);
return 0; return 0;
} }
if (bits & 0xff) if (bits & 0xff)
{ {
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_INVALID_KEY_LENGTH); FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_INVALID_KEY_LENGTH);
return 0; return 0;
} }
if(FIPS_selftest_failed()) if(FIPS_selftest_failed())
{ {
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED); FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_FIPS_SELFTEST_FAILED);
return 0; return 0;
} }

2
fips-1.0/sha/fips_sha1_selftest.c
View File

@@ -87,7 +87,7 @@ int FIPS_selftest_sha1()
EVP_Digest(test[n],strlen(test[n]),md, NULL, EVP_sha1(), NULL); EVP_Digest(test[n],strlen(test[n]),md, NULL, EVP_sha1(), NULL);
if(memcmp(md,ret[n],sizeof md)) if(memcmp(md,ret[n],sizeof md))
{ {
FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED); FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED);
return 0; return 0;
} }
} }