NULL, /* init */
NULL, /* finish */
#endif
- 0, /* flags */
+ ECDSA_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
}
while (BN_is_zero(k));
+ /* We do not want timing information to leak the length of k,
+ * so we compute G*k using an equivalent scalar of fixed
+ * bit-length. */
+
+ if (!BN_add(k, k, order)) goto err;
+ if (BN_num_bits(k) <= BN_num_bits(order))
+ if (!BN_add(k, k, order)) goto err;
+
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
{
ECDSA_DATA *ecdsa;
const BIGNUM *priv_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
+ return NULL;
+ }
+#endif
+
ecdsa = ecdsa_check(eckey);
group = EC_KEY_get0_group(eckey);
priv_key = EC_KEY_get0_private_key(eckey);
const EC_GROUP *group;
const EC_POINT *pub_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
+ return -1;
+ }
+#endif
+
/* check input values */
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)