Zero ciphertext and plaintext temporary buffers.
Check FIPS_cipher() return value.
/* ====================================================================
/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#define PATH_MAX 1024
#endif
#define PATH_MAX 1024
#endif
-static int fips_selftest_fail;
-static int fips_mode;
+static int fips_selftest_fail = 0;
+static int fips_mode = 0;
static int fips_started = 0;
static int fips_is_owning_thread(void);
static int fips_started = 0;
static int fips_is_owning_thread(void);
unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE];
unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE];
OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE);
unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE];
unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE];
OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE);
+ memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE);
+ memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE);
if (FIPS_cipherinit(ctx, cipher, key, iv, 1) <= 0)
return 0;
if (FIPS_cipherinit(ctx, cipher, key, iv, 1) <= 0)
return 0;
- FIPS_cipher(ctx, citmp, plaintext, len);
+ if (!FIPS_cipher(ctx, citmp, plaintext, len))
+ return 0;
if (memcmp(citmp, ciphertext, len))
return 0;
if (FIPS_cipherinit(ctx, cipher, key, iv, 0) <= 0)
if (memcmp(citmp, ciphertext, len))
return 0;
if (FIPS_cipherinit(ctx, cipher, key, iv, 0) <= 0)
projects / openssl.git / commitdiff