rv = 1;
err:
+ if (rv == 0)
+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_SELFTEST_FAILED);
FIPS_drbg_uninstantiate(dctx);
return rv;
goto err;
}
+ dctx->flags &= ~DRBG_FLAG_NOERR;
+ if (!FIPS_drbg_uninstantiate(dctx))
+ {
+ FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+ goto err;
+ }
+
/* Instantiate with valid data. NB: errors now reported again */
if (!FIPS_drbg_init(dctx, td->nid, td->flags))
goto err;
goto err;
}
+ dctx->flags &= ~DRBG_FLAG_NOERR;
+
+ if (!FIPS_drbg_uninstantiate(dctx))
+ {
+ FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+ goto err;
+ }
+
/* Instantiate again with valid data */
}
FIPS_drbg_uninstantiate(dctx);
- p = (unsigned char *)dctx;
+ p = (unsigned char *)&dctx->d;
/* Standard says we have to check uninstantiate really zeroes
* the data...
*/
- for (i = 0; i < sizeof(DRBG_CTX); i++)
+ for (i = 0; i < sizeof(dctx->d); i++)
{
if (*p != 0)
{
return 0;
}
-
+
int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags)
{
projects / openssl.git / blobdiff