Make the RAND code available from inside the FIPS module

[openssl.git] / test / ecdsatest.c

diff --git a/test/ecdsatest.c b/test/ecdsatest.c
index 03327a23dc38cda467b285bd53883baf48964aab..a62efad1cfdfcf12aebb6194f5b2b8dffca5333c 100644 (file)
--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -118,6 +118,11 @@ static int x9_62_tests(int n)
 
     TEST_info("ECDSA KATs for curve %s", OBJ_nid2sn(nid));
 
+#ifdef FIPS_MODE
+    if (EC_curve_nid2nist(nid) == NULL)
+        return TEST_skip("skip non approved curves");
+#endif /* FIPS_MODE */
+
     if (!TEST_ptr(mctx = EVP_MD_CTX_new())
         /* get the message digest */
         || !TEST_ptr(message = OPENSSL_hexstr2buf(tbs, &msg_len))
@@ -205,6 +210,7 @@ static int test_builtin(int n)
     EVP_MD_CTX *mctx = NULL;
     size_t sig_len;
     int nid, ret = 0;
+    int temp;
 
     nid = curves[n].nid;
 
@@ -231,9 +237,10 @@ static int test_builtin(int n)
         || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey_neg, eckey_neg)))
         goto err;
 
-    sig_len = ECDSA_size(eckey);
+    temp = ECDSA_size(eckey);
 
-    if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
+    if (!TEST_int_ge(temp, 0)
+        || !TEST_ptr(sig = OPENSSL_malloc(sig_len = (size_t)temp))
         /* create a signature */
         || !TEST_true(EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey))
         || !TEST_true(EVP_DigestSign(mctx, sig, &sig_len, tbs, sizeof(tbs)))