Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.

[openssl.git] / fips / rand / fips_drbg_lib.c
diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c

index 1c8712e7a5255d3d36f94b4a4ad8dc0d670d4ee6..31c5a7a8b003c7d6ad3eb9654a7c1b331e416944 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -63,7 +63,7 @@
  
  /* Support framework for SP800-90 DRBGs */
  
  
  /* Support framework for SP800-90 DRBGs */
  
-static int fips_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags)
+int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags)
         {
         int rv;
         memset(dctx, 0, sizeof(DRBG_CTX));
         {
         int rv;
         memset(dctx, 0, sizeof(DRBG_CTX));
@@ -76,6 +76,14 @@ static int fips_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags)
         if (rv == -2)
                 rv = fips_drbg_ctr_init(dctx);
  
         if (rv == -2)
                 rv = fips_drbg_ctr_init(dctx);
  
+       if (rv <= 0)
+               {
+               if (rv == -2)
+                       FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_UNSUPPORTED_DRBG_TYPE);
+               else
+                       FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_ERROR_INITIALISING_DRBG);
+               }
+
         return rv;
         }
  
         return rv;
         }
  
@@ -89,18 +97,16 @@ DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags)
                 FIPSerr(FIPS_F_FIPS_DRBG_NEW, ERR_R_MALLOC_FAILURE);
                 return NULL;
                 }
                 FIPSerr(FIPS_F_FIPS_DRBG_NEW, ERR_R_MALLOC_FAILURE);
                 return NULL;
                 }
-       rv = fips_drbg_init(dctx, type, flags);
+       if (type == 0)
+               return dctx;
+       rv = FIPS_drbg_init(dctx, type, flags);
  
  
-       if (rv <= 0)
+       if (FIPS_drbg_init(dctx, type, flags) <= 0)
                 {
                 {
-               if (rv == -2)
-                       FIPSerr(FIPS_F_FIPS_DRBG_NEW, FIPS_R_UNSUPPORTED_DRBG_TYPE);
-               else
-                       FIPSerr(FIPS_F_FIPS_DRBG_NEW, FIPS_R_ERROR_INITIALISING_DRBG);
-
                 OPENSSL_free(dctx);
                 return NULL;
                 }
                 OPENSSL_free(dctx);
                 return NULL;
                 }
+               
         return dctx;
         }
  
         return dctx;
         }
  
@@ -331,9 +337,7 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx)
         rv = dctx->uninstantiate(dctx);
         OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
         /* If method has problems uninstantiating, return error */
         rv = dctx->uninstantiate(dctx);
         OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
         /* If method has problems uninstantiating, return error */
-       if (rv <= 0)
-               return rv;
-       return fips_drbg_init(dctx, save_type, save_flags);
+       return rv;
         }
  
  int FIPS_drbg_set_test_mode(DRBG_CTX *dctx,
         }
  
  int FIPS_drbg_set_test_mode(DRBG_CTX *dctx,