Set error code is additional data callback fails.

[openssl.git] / fips / rand / fips_drbg_rand.c

diff --git a/fips/rand/fips_drbg_rand.c b/fips/rand/fips_drbg_rand.c
index f179bd82a9259c48675123a797f45fe3e8dea688..1863026bd56a8aff6dcf691d5f8d21bd09173a47 100644 (file)
--- a/fips/rand/fips_drbg_rand.c
+++ b/fips/rand/fips_drbg_rand.c
@@ -65,7 +65,7 @@
 /* Mapping of SP800-90 DRBGs to OpenSSL RAND_METHOD */
 
 /* Since we only have one global PRNG used at any time in OpenSSL use a global
- * variable to store contexts.
+ * variable to store context.
  */
 
 static DRBG_CTX ossl_dctx;
@@ -94,7 +94,7 @@ static int fips_drbg_bytes(unsigned char *out, int count)
                        adinlen = dctx->get_adin(dctx, &adin);
                        if (adinlen && !adin)
                                {
-                               /* ERROR */
+                               FIPSerr(FIPS_F_FIPS_DRBG_BYTES, FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT);
                                goto err;
                                }
                        }
@@ -117,6 +117,13 @@ static int fips_drbg_bytes(unsigned char *out, int count)
        return rv;
        }
 
+static int fips_drbg_pseudo(unsigned char *out, int count)
+       {
+       if (fips_drbg_bytes(out, count) <= 0)
+               return -1;
+       return 1;
+       }
+
 static int fips_drbg_status(void)
        {
        DRBG_CTX *dctx = &ossl_dctx;
@@ -168,7 +175,7 @@ static const RAND_METHOD rand_drbg_meth =
        fips_drbg_bytes,
        fips_drbg_cleanup,
        fips_drbg_add,
-       fips_drbg_bytes,
+       fips_drbg_pseudo,
        fips_drbg_status
        };