generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Place DRBG in error state if health check fails.

Browse Source
This commit is contained in:
Dr. Stephen Henson
2011-09-05 15:32:32 +00:00
parent 2c472780c0
commit 7634137b8a
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fips/rand/fips_drbg_lib.c
View File

@@ -96,6 +96,7 @@ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags)
if (!fips_drbg_kat(&tctx, type, flags | DRBG_FLAG_TEST)) if (!fips_drbg_kat(&tctx, type, flags | DRBG_FLAG_TEST))
{ {
FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE);
dctx->status = DRBG_STATUS_ERROR;
return 0; return 0;
} }
} }
@@ -333,6 +334,7 @@ static int fips_drbg_check(DRBG_CTX *dctx)
dctx->flags | DRBG_FLAG_TEST)) dctx->flags | DRBG_FLAG_TEST))
{ {
FIPSerr(FIPS_F_FIPS_DRBG_CHECK, FIPS_R_SELFTEST_FAILURE); FIPSerr(FIPS_F_FIPS_DRBG_CHECK, FIPS_R_SELFTEST_FAILURE);
dctx->status = DRBG_STATUS_ERROR;
return 0; return 0;
} }
dctx->health_check_cnt = 0; dctx->health_check_cnt = 0;