}
dctx->iflags &= ~DRBG_FLAG_NOERR;
-
if (!FIPS_drbg_uninstantiate(dctx))
{
FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
goto err;
}
- /* Explicit reseed tests */
-
- /* Test explicit reseed with too large additional input */
- if (!do_drbg_init(dctx, td, &t))
- goto err;
-
- dctx->iflags |= DRBG_FLAG_NOERR;
-
- if (FIPS_drbg_reseed(dctx, td->adin, dctx->max_adin + 1) > 0)
+ dctx->iflags &= ~DRBG_FLAG_NOERR;
+ if (!FIPS_drbg_uninstantiate(dctx))
{
- FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED);
+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
goto err;
}
- /* Test explicit reseed with entropy source failure */
-
/* Check prediction resistance request fails if entropy source
* failure.
*/
t.entlen = 0;
+ dctx->iflags |= DRBG_FLAG_NOERR;
if (FIPS_drbg_generate(dctx, randout, td->katlen, 1,
td->adin, td->adinlen))
{
goto err;
}
+ dctx->iflags &= ~DRBG_FLAG_NOERR;
+ if (!FIPS_drbg_uninstantiate(dctx))
+ {
+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+ goto err;
+ }
+
/* Explicit reseed tests */
/* Test explicit reseed with too large additional input */
/* Test explicit reseed with entropy source failure */
- if (!do_drbg_init(dctx, td, &t))
- goto err;
-
- dctx->iflags |= DRBG_FLAG_NOERR;
-
t.entlen = 0;
if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0)
projects / openssl.git / commitdiff