check for unset entropy and nonce callbacks

author Dr. Stephen Henson <steve@openssl.org>

Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)
diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c

index e0e1d750916b8cf5badcb625653799a3a56a83c4..ee162d05eb0281d42548ec0365262ae79631943b 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -154,6 +154,8 @@ static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout,
         {
         unsigned char *tout, *p;
         size_t bl = dctx->entropy_blocklen, rv;
+       if (!dctx->get_entropy)
+               return 0;
         if (dctx->xflags & DRBG_FLAG_TEST || !bl)
                 return dctx->get_entropy(dctx, pout, entropy, min_len, max_len);
         rv = dctx->get_entropy(dctx, &tout, entropy + bl,
@@ -241,7 +243,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
                 goto end;
                 }
  
-       if (dctx->max_nonce > 0)
+       if (dctx->max_nonce > 0 && dctx->get_nonce)
                 {
                 noncelen = dctx->get_nonce(dctx, &nonce,
                                         dctx->strength / 2,
author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sun, 6 Nov 2011 13:08:41 +0000 (13:08 +0000)