when performing ECDSA selftest.
{ERR_REASON(FIPS_R_SELFTEST_FAILURE) ,"selftest failure"},
{ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),"strength error undetected"},
{ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"},
+{ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR) ,"uninstantiate error"},
{ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),"uninstantiate zeroise error"},
{ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE),"unsupported drbg type"},
{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"},
err:
+ FIPS_md_ctx_cleanup(&mctx);
+
if (x)
BN_clear_free(x);
if (y)
#define FIPS_R_SELFTEST_FAILURE 135
#define FIPS_R_STRENGTH_ERROR_UNDETECTED 136
#define FIPS_R_TEST_FAILURE 137
+#define FIPS_R_UNINSTANTIATE_ERROR 141
#define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138
#define FIPS_R_UNSUPPORTED_DRBG_TYPE 139
#define FIPS_R_UNSUPPORTED_PLATFORM 140
goto err;
}
+ dctx->flags &= ~DRBG_FLAG_NOERR;
+ if (!FIPS_drbg_uninstantiate(dctx))
+ {
+ FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+ goto err;
+ }
+
/* Instantiate with valid data. NB: errors now reported again */
if (!FIPS_drbg_init(dctx, td->nid, td->flags))
goto err;
goto err;
}
+ dctx->flags &= ~DRBG_FLAG_NOERR;
+
+ if (!FIPS_drbg_uninstantiate(dctx))
+ {
+ FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+ goto err;
+ }
+
/* Instantiate again with valid data */
projects / openssl.git / commitdiff