More function code correction.
This commit is contained in:
Dr. Stephen Henson
parent
a32f4770e9
commit
1a58139aaa
13 changed files with 63 additions and 73 deletions
|
|
@ -111,13 +111,13 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
DHerr(DH_F_GENERATE_PARAMETERS, DH_R_KEY_SIZE_TOO_SMALL);
|
||||
DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -169,7 +169,7 @@ static int generate_key(DH *dh)
|
|||
ok=1;
|
||||
err:
|
||||
if (ok != 1)
|
||||
DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
|
||||
DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
|
||||
|
||||
if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
|
||||
if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
|
||||
|
|
@ -203,7 +203,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
|||
|
||||
if (dh->priv_key == NULL)
|
||||
{
|
||||
DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
|
||||
DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
@ -223,7 +223,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
|||
|
||||
if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
|
||||
{
|
||||
DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
|
||||
DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -119,14 +119,14 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS,
|
||||
FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN,
|
||||
FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
DSAerr(DSA_F_DSA_GENERATE_PARAMETERS, DSA_R_KEY_SIZE_TOO_SMALL);
|
||||
DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL);
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ int fips_check_dsa(DSA *dsa)
|
|||
if (!fips_pkey_signature_test(&pk, tbs, -1,
|
||||
NULL, 0, EVP_dss1(), 0, NULL))
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA
|
|||
|
||||
if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL);
|
||||
DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -208,7 +208,7 @@ int FIPS_check_incore_fingerprint(void)
|
|||
|
||||
if (FIPS_text_start()==NULL)
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM);
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -218,11 +218,11 @@ int FIPS_check_incore_fingerprint(void)
|
|||
memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
|
||||
{
|
||||
if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end)
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING);
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING);
|
||||
else if (OPENSSL_NONPIC_relocated)
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED);
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED);
|
||||
else
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -324,15 +324,6 @@ end:
|
|||
return ret;
|
||||
}
|
||||
|
||||
#if 0
|
||||
/* here just to cause error codes to exist */
|
||||
static void dummy()
|
||||
{
|
||||
FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD);
|
||||
FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
}
|
||||
#endif
|
||||
|
||||
void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
|
||||
void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
|
||||
void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
|
||||
|
|
@ -431,7 +422,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
|
|||
sig = OPENSSL_malloc(RSA_size(pkey->pkey.rsa));
|
||||
if (!sig)
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_CHECK_PK_SIG,ERR_R_MALLOC_FAILURE);
|
||||
FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -103,30 +103,29 @@ void ERR_load_FIPS_strings(void);
|
|||
/* Error codes for the FIPS functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define FIPS_F_DH_GENERATE_PARAMETERS 117
|
||||
#define FIPS_F_DSA_DO_SIGN 111
|
||||
#define FIPS_F_DSA_DO_VERIFY 112
|
||||
#define FIPS_F_DSA_GENERATE_PARAMETERS 110
|
||||
#define FIPS_F_FIPS_CHECK_DSA 116
|
||||
#define FIPS_F_FIPS_CHECK_DSO 120
|
||||
#define FIPS_F_FIPS_CHECK_EXE 106
|
||||
#define FIPS_F_FIPS_CHECK_FINGERPRINT 121
|
||||
#define FIPS_F_FIPS_CHECK_PK_SIG 122
|
||||
#define FIPS_F_FIPS_CHECK_RSA 115
|
||||
#define FIPS_F_FIPS_DSA_CHECK 102
|
||||
#define FIPS_F_FIPS_MODE_SET 105
|
||||
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 123
|
||||
#define FIPS_F_FIPS_SELFTEST_AES 104
|
||||
#define FIPS_F_FIPS_SELFTEST_DES 107
|
||||
#define FIPS_F_FIPS_SELFTEST_DSA 109
|
||||
#define FIPS_F_FIPS_SELFTEST_RNG 118
|
||||
#define FIPS_F_FIPS_SELFTEST_RSA 108
|
||||
#define FIPS_F_FIPS_SELFTEST_SHA 103
|
||||
#define FIPS_F_HASH_FINAL 100
|
||||
#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114
|
||||
#define FIPS_F_RSA_GENERATE_KEY 113
|
||||
#define FIPS_F_RSA_X931_GENERATE_KEY 119
|
||||
#define FIPS_F_SSLEAY_RAND_BYTES 101
|
||||
#define FIPS_F_DH_BUILTIN_GENPARAMS 100
|
||||
#define FIPS_F_DSA_BUILTIN_PARAMGEN 101
|
||||
#define FIPS_F_DSA_DO_SIGN 102
|
||||
#define FIPS_F_DSA_DO_VERIFY 103
|
||||
#define FIPS_F_FIPS_CHECK_DSA 104
|
||||
#define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105
|
||||
#define FIPS_F_FIPS_CHECK_RSA 106
|
||||
#define FIPS_F_FIPS_DSA_CHECK 107
|
||||
#define FIPS_F_FIPS_MODE_SET 108
|
||||
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109
|
||||
#define FIPS_F_FIPS_SELFTEST_AES 110
|
||||
#define FIPS_F_FIPS_SELFTEST_DES 111
|
||||
#define FIPS_F_FIPS_SELFTEST_DSA 112
|
||||
#define FIPS_F_FIPS_SELFTEST_HMAC 113
|
||||
#define FIPS_F_FIPS_SELFTEST_RNG 114
|
||||
#define FIPS_F_FIPS_SELFTEST_SHA1 115
|
||||
#define FIPS_F_RSA_BUILTIN_KEYGEN 116
|
||||
#define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117
|
||||
#define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118
|
||||
#define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119
|
||||
#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120
|
||||
#define FIPS_F_RSA_X931_GENERATE_KEY_EX 121
|
||||
#define FIPS_F_SSLEAY_RAND_BYTES 122
|
||||
|
||||
/* Reason codes. */
|
||||
#define FIPS_R_CANNOT_READ_EXE 103
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ int FIPS_selftest_hmac()
|
|||
|
||||
if(memcmp(out,t->kaval,outlen))
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -376,13 +376,13 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
@ -519,13 +519,13 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_RSA_EAY_PRIVATE_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
@ -658,13 +658,13 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -118,13 +118,13 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
|
|||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (FIPS_mode() && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
|
||||
FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -218,7 +218,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
|
|||
hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx));
|
||||
if (hash_id == -1)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
return 0;
|
||||
}
|
||||
tmpdinfo[m_len] = (unsigned char)hash_id;
|
||||
|
|
@ -232,7 +232,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
|
|||
|
||||
if (!der)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
return 0;
|
||||
}
|
||||
memcpy(tmpdinfo, der, dlen);
|
||||
|
|
@ -255,7 +255,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
|
|||
saltlen = -2;
|
||||
if (!sbuf)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_SIGN,ERR_R_MALLOC_FAILURE);
|
||||
goto psserr;
|
||||
}
|
||||
if (!RSA_padding_add_PKCS1_PSS(rsa, sbuf, md,
|
||||
|
|
@ -277,7 +277,7 @@ static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y,
|
|||
j=RSA_size(rsa);
|
||||
if (i > (j-RSA_PKCS1_PADDING_SIZE))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
|
||||
RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
|
||||
goto done;
|
||||
}
|
||||
/* NB: call underlying method directly to avoid FIPS blocking */
|
||||
|
|
@ -309,7 +309,7 @@ static int fips_rsa_verify(int dtype,
|
|||
|
||||
if (siglen != (unsigned int)RSA_size(sv->key))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
|
||||
return(0);
|
||||
}
|
||||
|
||||
|
|
@ -325,7 +325,7 @@ static int fips_rsa_verify(int dtype,
|
|||
s= OPENSSL_malloc((unsigned int)siglen);
|
||||
if (s == NULL)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931)
|
||||
|
|
@ -345,23 +345,23 @@ static int fips_rsa_verify(int dtype,
|
|||
int hash_id;
|
||||
if (i != (int)(diglen + 1))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
goto err;
|
||||
}
|
||||
hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx));
|
||||
if (hash_id == -1)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
goto err;
|
||||
}
|
||||
if (s[diglen] != (unsigned char)hash_id)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
goto err;
|
||||
}
|
||||
if (memcmp(s, dig, diglen))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
goto err;
|
||||
}
|
||||
ret = 1;
|
||||
|
|
@ -373,7 +373,7 @@ static int fips_rsa_verify(int dtype,
|
|||
|
||||
if (!der)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE);
|
||||
return(0);
|
||||
}
|
||||
|
||||
|
|
@ -388,7 +388,7 @@ static int fips_rsa_verify(int dtype,
|
|||
if ((i != (int)(dlen + diglen)) || memcmp(der, s, dlen)
|
||||
|| memcmp(s + dlen, dig, diglen))
|
||||
{
|
||||
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
|
||||
goto err;
|
||||
}
|
||||
ret = 1;
|
||||
|
|
|
|||
|
|
@ -207,21 +207,21 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
|
|||
BIGNUM *Xp = NULL, *Xq = NULL;
|
||||
BN_CTX *ctx = NULL;
|
||||
|
||||
if (bits < 1024)
|
||||
if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (bits & 0xff)
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_INVALID_KEY_LENGTH);
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_INVALID_KEY_LENGTH);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(FIPS_selftest_failed())
|
||||
{
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_FIPS_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ int FIPS_selftest_sha1()
|
|||
EVP_Digest(test[n],strlen(test[n]),md, NULL, EVP_sha1(), NULL);
|
||||
if(memcmp(md,ret[n],sizeof md))
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_SELFTEST_SHA,FIPS_R_SELFTEST_FAILED);
|
||||
FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue