From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 12 Oct 2011 13:17:19 +0000 (+0000)
Subject: ECDH POST selftest failure inducing support.
X-Git-Tag: OpenSSL-fips-2_0-rc1~81
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c1f63b5cb3a2a330a6fbc173d09f3101f193fc9c;p=oweals%2Fopenssl.git

ECDH POST selftest failure inducing support.
---

diff --git a/fips/ecdh/fips_ecdh_selftest.c b/fips/ecdh/fips_ecdh_selftest.c
index b46ae3b8e3..2b21ceaf48 100644
--- a/fips/ecdh/fips_ecdh_selftest.c
+++ b/fips/ecdh/fips_ecdh_selftest.c
@@ -214,6 +214,9 @@ int FIPS_selftest_ecdh(void)
 			goto err;
 			}
 
+		if (!fips_post_corrupt(FIPS_TEST_ECDH, ecd->curve, NULL))
+			ztmp[0] ^= 0x1;
+
 		if (memcmp(ztmp, ecd->z, ecd->zlen))
 			{
 			fips_post_failed(FIPS_TEST_ECDH, ecd->curve, 0);
diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c
index c768de75eb..54a59c3f87 100644
--- a/fips/fips_test_suite.c
+++ b/fips/fips_test_suite.c
@@ -1017,6 +1017,8 @@ int main(int argc,char **argv)
         } else if (!strcmp(argv[1], "dsa")) {
 	    fail_id = FIPS_TEST_SIGNATURE;
 	    fail_key = EVP_PKEY_DSA;	
+        } else if (!strcmp(argv[1], "ecdh")) {
+	    fail_id = FIPS_TEST_ECDH;
         } else if (!strcmp(argv[1], "ecdsa")) {
 	    fail_id = FIPS_TEST_SIGNATURE;
 	    fail_key = EVP_PKEY_EC;