From 444ab3abb1ff4b28189e7b15dadcebb2e3564fdf Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 11 Jun 2019 12:06:27 +0100 Subject: [PATCH] Add some dummy BIGNUM calls from inside the FIPS provider Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/9130) --- providers/fips/fipsprov.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index ab37d98d6c..bec305b5e7 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -50,6 +50,8 @@ static int dummy_evp_call(OPENSSL_CTX *libctx) unsigned int dgstlen = 0; unsigned char dgst[SHA256_DIGEST_LENGTH]; int ret = 0; + BN_CTX *bnctx = NULL; + BIGNUM *a = NULL, *b = NULL; if (ctx == NULL || sha256 == NULL) goto err; @@ -63,8 +65,25 @@ static int dummy_evp_call(OPENSSL_CTX *libctx) if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0) goto err; + bnctx = BN_CTX_new_ex(libctx); + if (bnctx == NULL) + goto err; + BN_CTX_start(bnctx); + a = BN_CTX_get(bnctx); + b = BN_CTX_get(bnctx); + if (b == NULL) + goto err; + BN_zero(a); + if (!BN_one(b) + || !BN_add(a, a, b) + || BN_cmp(a, b) != 0) + goto err; + ret = 1; err: + BN_CTX_end(bnctx); + BN_CTX_free(bnctx); + EVP_MD_CTX_free(ctx); EVP_MD_meth_free(sha256); return ret; -- 2.25.1