#include <stdlib.h>
#include <string.h>
#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/aes.h>
#include <openssl/fips.h>
#include <openssl/fips_rand.h>
#include "fips_rand_lcl.h"
for (;;)
{
inc_128(cctx);
+ if (!(dctx->flags & DRBG_FLAG_TEST) && !dctx->lb_valid)
+ {
+ AES_encrypt(cctx->V, dctx->lb, &cctx->ks);
+ dctx->lb_valid = 1;
+ continue;
+ }
if (outlen < 16)
{
/* Use K as temp space as it will be updated */
AES_encrypt(cctx->V, cctx->K, &cctx->ks);
+ if (!fips_drbg_cprng_test(dctx, cctx->K))
+ return 0;
memcpy(out, cctx->K, outlen);
break;
}
AES_encrypt(cctx->V, out, &cctx->ks);
+ if (!fips_drbg_cprng_test(dctx, out))
+ return 0;
out += 16;
outlen -= 16;
if (outlen == 0)
dctx->max_adin = dctx->seedlen;
}
- dctx->max_request = 1<<19;
+ dctx->max_request = 1<<16;
dctx->reseed_interval = 1<<24;
return 1;