AES GCM selftests.

[openssl.git] / fips / fips.c

diff --git a/fips/fips.c b/fips/fips.c
index 6a90328d7e38f5c9f31947c2c2a5291b434fdcbf..4b66537342dfbd536d22f386b1639afe2f0325c9 100644 (file)
--- a/fips/fips.c
+++ b/fips/fips.c
@@ -49,6 +49,7 @@
 
 #define OPENSSL_FIPSAPI
 
+#include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include <openssl/fips_rand.h>
 #include <openssl/err.h>
@@ -56,6 +57,7 @@
 #include <openssl/hmac.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+#include <openssl/ecdsa.h>
 #include <string.h>
 #include <limits.h>
 #include "fips_locl.h"
@@ -173,6 +175,7 @@ int FIPS_selftest(void)
     return FIPS_selftest_sha1()
        && FIPS_selftest_hmac()
        && FIPS_selftest_aes()
+       && FIPS_selftest_aes_gcm()
        && FIPS_selftest_des()
        && FIPS_selftest_rsa()
        && FIPS_selftest_dsa();
@@ -437,6 +440,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
        unsigned char sigtmp[256], *sig = sigtmp;
        unsigned int siglen;
        DSA_SIG *dsig = NULL;
+       ECDSA_SIG *esig = NULL;
        EVP_MD_CTX mctx;
        FIPS_md_ctx_init(&mctx);
 
@@ -473,6 +477,12 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
                if (!dsig)
                        goto error;
                }
+       else if (pkey->type == EVP_PKEY_EC)
+               {
+               esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx);
+               if (!esig)
+                       goto error;
+               }
 #if 0
        else if (!EVP_SignFinal(&mctx, sig, &siglen, pkey))
                goto error;
@@ -494,6 +504,10 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
                {
                ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig);
                }
+       else if (pkey->type == EVP_PKEY_EC)
+               {
+               ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
+               }
 #if 0
        else
                ret = EVP_VerifyFinal(&mctx, sig, siglen, pkey);
@@ -502,6 +516,8 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
        error:
        if (dsig != NULL)
                FIPS_dsa_sig_free(dsig);
+       if (esig != NULL)
+               FIPS_ecdsa_sig_free(esig);
        if (sig != sigtmp)
                OPENSSL_free(sig);
        FIPS_md_ctx_cleanup(&mctx);