generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Before initalising a live DRBG (i.e. not in test mode) run a complete health

Browse Source 
check on a DRBG of the same type.
This commit is contained in:
Dr. Stephen Henson 2011-04-09 17:27:07 +00:00
parent 68ea88b8d1
commit f3823ddfcf
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
fips/rand/fips_drbg_lib.c
View File

@ -84,6 +84,18 @@ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags)
FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_ERROR_INITIALISING_DRBG);
}
/* If not in test mode run selftests on DRBG of the same type */
if (!(dctx->flags & DRBG_FLAG_TEST))
{
DRBG_CTX tctx;
if (!fips_drbg_kat(&tctx, type, flags | DRBG_FLAG_TEST))
{
/*FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE);*/
return 0;
}
}
return rv;
}