#include <stdlib.h>
#include <string.h>
#include <openssl/crypto.h>
-#include <openssl/evp.h>
-#include <openssl/aes.h>
#include <openssl/fips.h>
#include <openssl/fips_rand.h>
#include "fips_rand_lcl.h"
{
FIPS_digestinit(&hctx->mctx, hctx->md);
FIPS_digestupdate(&hctx->mctx, hctx->vtmp, dctx->seedlen);
- if (!(dctx->flags & DRBG_FLAG_TEST) && !dctx->lb_valid)
+ if (!(dctx->xflags & DRBG_FLAG_TEST) && !dctx->lb_valid)
{
FIPS_digestfinal(&hctx->mctx, dctx->lb, NULL);
dctx->lb_valid = 1;
- continue;
}
- if (outlen < dctx->blocklength)
+ else if (outlen < dctx->blocklength)
{
FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
memcpy(out, hctx->vtmp, outlen);
return 1;
}
- FIPS_digestfinal(&hctx->mctx, out, NULL);
- if (!fips_drbg_cprng_test(dctx, out))
- return 0;
- outlen -= dctx->blocklength;
- if (outlen == 0)
- return 1;
- out += dctx->blocklength;
+ else
+ {
+ FIPS_digestfinal(&hctx->mctx, out, NULL);
+ if (!fips_drbg_cprng_test(dctx, out))
+ return 0;
+ outlen -= dctx->blocklength;
+ if (outlen == 0)
+ return 1;
+ out += dctx->blocklength;
+ }
ctx_add_buf(dctx, hctx->vtmp, NULL, 0);
}
}
switch (dctx->type)
{
case NID_sha1:
- md = EVP_sha1();
dctx->strength = 128;
break;
case NID_sha224:
- md = EVP_sha224();
dctx->strength = 192;
break;
dctx->max_pers = DRBG_MAX_LENGTH;
dctx->max_adin = DRBG_MAX_LENGTH;
- dctx->max_request = 1<<19;
+ dctx->max_request = 1<<16;
dctx->reseed_interval = 1<<24;
return 1;