Add FIPS selftests for ECDH algorithm.
[openssl.git] / fips / fips_post.c
index 1ab156f..e55ec08 100644 (file)
@@ -105,12 +105,14 @@ void fips_post_end(void)
        if (post_failure)
                {
                post_status = FIPS_POST_STATUS_FAILED;
-               fips_post_cb(FIPS_POST_END, 0, 0, NULL);
+               if(fips_post_cb)
+                       fips_post_cb(FIPS_POST_END, 0, 0, NULL);
                }
        else
                {
                post_status = FIPS_POST_STATUS_OK;
-               fips_post_cb(FIPS_POST_END, 1, 0, NULL);
+               if (fips_post_cb)
+                       fips_post_cb(FIPS_POST_END, 1, 0, NULL);
                }
        }
 
@@ -170,8 +172,12 @@ int FIPS_selftest(void)
                rv = 0;
        if (!FIPS_selftest_aes())
                rv = 0;
+       if (!FIPS_selftest_aes_ccm())
+               rv = 0;
        if (!FIPS_selftest_aes_gcm())
                rv = 0;
+       if (!FIPS_selftest_aes_xts())
+               rv = 0;
        if (!FIPS_selftest_des())
                rv = 0;
        if (!FIPS_selftest_rsa())
@@ -180,6 +186,8 @@ int FIPS_selftest(void)
                rv = 0;
        if (!FIPS_selftest_dsa())
                rv = 0;
+       if (!FIPS_selftest_ecdh())
+               rv = 0;
        fips_post_end();
        return rv;
        }
@@ -203,6 +211,7 @@ int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
        int ret = 0;
        unsigned char *sig = NULL;
        unsigned int siglen;
+       __fips_constseg
        static const unsigned char str1[]="12345678901234567890";
        DSA_SIG *dsig = NULL;
        ECDSA_SIG *esig = NULL;