projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
868f129
)
Fix couple of bugs in CTR DRBG implementation.
author
Dr. Stephen Henson
<steve@openssl.org>
Sun, 6 Mar 2011 13:10:37 +0000
(13:10 +0000)
committer
Dr. Stephen Henson
<steve@openssl.org>
Sun, 6 Mar 2011 13:10:37 +0000
(13:10 +0000)
fips/rand/fips_drbg_ctr.c
patch
|
blob
|
history
diff --git
a/fips/rand/fips_drbg_ctr.c
b/fips/rand/fips_drbg_ctr.c
index 212bcf8df6c9a240340a44d355b8087f771b5e6f..2b2d226c53b0a558830eca4dffd6bd6287fbfbe6 100644
(file)
--- a/
fips/rand/fips_drbg_ctr.c
+++ b/
fips/rand/fips_drbg_ctr.c
@@
-360,12
+360,15
@@
int fips_drbg_ctr_init(DRBG_CTX *dctx)
{
case NID_aes_128_ctr:
keylen = 16;
{
case NID_aes_128_ctr:
keylen = 16;
+ break;
case NID_aes_192_ctr:
keylen = 24;
case NID_aes_192_ctr:
keylen = 24;
+ break;
case NID_aes_256_ctr:
keylen = 32;
case NID_aes_256_ctr:
keylen = 32;
+ break;
default:
return -2;
default:
return -2;
@@
-394,6
+397,15
@@
int fips_drbg_ctr_init(DRBG_CTX *dctx)
/* Set key schedule for df_key */
AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks);
/* Set key schedule for df_key */
AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks);
+ dctx->min_entropy = cctx->keylen;
+ dctx->max_entropy = DRBG_MAX_ENTROPY;
+ dctx->min_nonce = dctx->min_entropy / 2;
+ dctx->max_nonce = DRBG_MAX_NONCE;
+ dctx->max_pers = DRBG_MAX_LENGTH;
+ dctx->max_adin = DRBG_MAX_LENGTH;
+ }
+ else
+ {
dctx->min_entropy = dctx->seedlen;
dctx->max_entropy = dctx->seedlen;
/* Nonce not used */
dctx->min_entropy = dctx->seedlen;
dctx->max_entropy = dctx->seedlen;
/* Nonce not used */
@@
-402,15
+414,6
@@
int fips_drbg_ctr_init(DRBG_CTX *dctx)
dctx->max_pers = dctx->seedlen;
dctx->max_adin = dctx->seedlen;
}
dctx->max_pers = dctx->seedlen;
dctx->max_adin = dctx->seedlen;
}
- else
- {
- dctx->min_entropy = cctx->keylen;
- dctx->max_entropy = DRBG_MAX_ENTROPY;
- dctx->min_nonce = dctx->min_entropy / 2;
- dctx->max_nonce = DRBG_MAX_NONCE;
- dctx->max_pers = DRBG_MAX_LENGTH;
- dctx->max_adin = DRBG_MAX_LENGTH;
- }
dctx->max_request = 1<<19;
dctx->reseed_counter = DRBG_MAX_LENGTH;
dctx->max_request = 1<<19;
dctx->reseed_counter = DRBG_MAX_LENGTH;