Add loaded dynamic ENGINEs to list.

[openssl.git] / fips / rand / fips_drbg_lib.c

diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 32e4b83c5e9f7cdcb83fbc44436b3412dd7e0633..ee162d05eb0281d42548ec0365262ae79631943b 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -154,6 +154,8 @@ static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout,
        {
        unsigned char *tout, *p;
        size_t bl = dctx->entropy_blocklen, rv;
+       if (!dctx->get_entropy)
+               return 0;
        if (dctx->xflags & DRBG_FLAG_TEST || !bl)
                return dctx->get_entropy(dctx, pout, entropy, min_len, max_len);
        rv = dctx->get_entropy(dctx, &tout, entropy + bl,
@@ -241,7 +243,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
                goto end;
                }
 
-       if (dctx->max_nonce > 0)
+       if (dctx->max_nonce > 0 && dctx->get_nonce)
                {
                noncelen = dctx->get_nonce(dctx, &nonce,
                                        dctx->strength / 2,
@@ -386,6 +388,12 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
        {
        int r = 0;
 
+       if (FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_SELFTEST_FAILED);
+               return 0;
+               }
+
        if (!fips_drbg_check(dctx))
                return 0;
 
@@ -538,9 +546,9 @@ void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval)
 
 static int drbg_stick = 0;
 
-void FIPS_drbg_stick(void)
+void FIPS_drbg_stick(int onoff)
        {
-       drbg_stick = 1;
+       drbg_stick = onoff;
        }
 
 /* Continuous DRBG utility function */