X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=fips%2Fhmac%2Ffips_hmac_selftest.c;h=c95e73f347e5806d094898bc285be2d12bc1b993;hp=73455ffee2edb1c9eb9395b2b6875e25a097f593;hb=8f331999f5906f2f8fdd350ee647865984831c9b;hpb=2b4b28dc32ce7623f6169b43cd18585174de6b20

diff --git a/fips/hmac/fips_hmac_selftest.c b/fips/hmac/fips_hmac_selftest.c
index 73455ffee2..c95e73f347 100644
--- a/fips/hmac/fips_hmac_selftest.c
+++ b/fips/hmac/fips_hmac_selftest.c
@@ -1,5 +1,5 @@
 /* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -47,10 +47,13 @@
  *
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <string.h>
 #include <openssl/err.h>
 #include <openssl/fips.h>
 #include <openssl/hmac.h>
+#include "fips_locl.h"
 
 #ifdef OPENSSL_FIPS
 typedef struct {
@@ -110,26 +113,65 @@ static const HMAC_KAT vector[] = {
 };
 
 int FIPS_selftest_hmac()
-    {
-    size_t n;
-    unsigned int    outlen;
-    unsigned char   out[EVP_MAX_MD_SIZE];
-    const EVP_MD   *md;
-    const HMAC_KAT *t;
-
-    for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
 	{
-	md = (*t->alg)();
-	HMAC(md,t->key,strlen(t->key),
-		(const unsigned char *)t->iv,strlen(t->iv),
-		out,&outlen);
+	size_t n;
+	unsigned int    outlen;
+	unsigned char   out[EVP_MAX_MD_SIZE];
+	const EVP_MD   *md;
+	const HMAC_KAT *t;
+	int rv = 1, subid;
+	HMAC_CTX c;
+	HMAC_CTX_init(&c);
+
+
+	for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
+		{
+		md = (*t->alg)();
+		subid = M_EVP_MD_type(md);
+		if (!fips_post_started(FIPS_TEST_HMAC, subid, 0))
+			continue;
+		if (!HMAC_Init_ex(&c, t->key, strlen(t->key), md, NULL))
+			{
+			rv = -1;
+			goto err;
+			}
+		if (!HMAC_Update(&c, (const unsigned char *)t->iv, strlen(t->iv)))
+			{
+			rv = -1;
+			goto err;
+			}
+		if (!fips_post_corrupt(FIPS_TEST_HMAC, subid, NULL))
+			{
+			if (!HMAC_Update(&c, (const unsigned char *)t->iv, 1))
+				{
+				rv = -1;
+				goto err;
+				}
+			}
+		if (!HMAC_Final(&c, out, &outlen))
+			{
+			rv = -1;
+			goto err;
+			}
+
+		if(memcmp(out,t->kaval,outlen))
+			{
+			fips_post_failed(FIPS_TEST_HMAC, subid, NULL);
+			rv = 0;
+		    	}
+		else if (!fips_post_success(FIPS_TEST_HMAC, subid, NULL))
+			goto err;
+		}
 
-	if(memcmp(out,t->kaval,outlen))
-	    {
-	    FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
-	    return 0;
-	    }
+	err:
+	HMAC_CTX_cleanup(&c);
+	if (rv == -1)
+		{
+		fips_post_failed(FIPS_TEST_HMAC, subid, NULL);
+		rv = 0;
+		}
+	if (!rv)
+		   FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
+	return rv;
 	}
-    return 1;
-    }
 #endif