/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#define PATH_MAX 1024
#endif
-static int fips_selftest_fail;
-static int fips_mode;
+static int fips_selftest_fail = 0;
+static int fips_mode = 0;
static int fips_started = 0;
static int fips_is_owning_thread(void);
if (!esig)
goto error;
}
-#if 0
- else if (!EVP_SignFinal(&mctx, sig, &siglen, pkey))
- goto error;
-#endif
if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen)))
goto error;
-
+#if 0
+ {
+ /* Debug code to print out self test KAT discrepancies */
+ unsigned int i;
+ fprintf(stderr, "%s=", fail_str);
+ for (i = 0; i < siglen; i++)
+ fprintf(stderr, "%02X", sig[i]);
+ fprintf(stderr, "\n");
+ goto error;
+ }
+#endif
if (!FIPS_digestinit(&mctx, digest))
goto error;
if (!FIPS_digestupdate(&mctx, tbs, tbslen))
{
ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
}
-#if 0
- else
- ret = EVP_VerifyFinal(&mctx, sig, siglen, pkey);
-#endif
error:
if (dsig != NULL)
unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE];
unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE];
OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE);
+ memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE);
+ memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE);
if (FIPS_cipherinit(ctx, cipher, key, iv, 1) <= 0)
return 0;
- FIPS_cipher(ctx, citmp, plaintext, len);
+ if (!FIPS_cipher(ctx, citmp, plaintext, len))
+ return 0;
if (memcmp(citmp, ciphertext, len))
return 0;
if (FIPS_cipherinit(ctx, cipher, key, iv, 0) <= 0)