Clear signed vs. unsigned conflicts.

Change the fingerprint accordingly.

diff --git a/fips/rsa/fingerprint.sha1 b/fips/rsa/fingerprint.sha1
index 21631d26646fd0afb962eacbe7253e6a8c34300e..569434700c2ccbdcb044cd8ecf477978bce42694 100644 (file)
--- a/fips/rsa/fingerprint.sha1
+++ b/fips/rsa/fingerprint.sha1
@@ -1,3 +1,3 @@
 HMAC-SHA1(fips_rsa_eay.c)= eabab59a2f11f3da4c21e1144efe1684f5e8f1ec
 HMAC-SHA1(fips_rsa_gen.c)= 4bbc0afcade1ac53f469aaa89f84c413678254bf
-HMAC-SHA1(fips_rsa_selftest.c)= c31301785f748b091a1a0bb20641116a448ff02d
+HMAC-SHA1(fips_rsa_selftest.c)= 70553a5212e86f65b068564946d39b738a201e22

diff --git a/fips/rsa/fips_rsa_selftest.c b/fips/rsa/fips_rsa_selftest.c
index 104ad7865b33a7d45fe1e6e82a5c863fc0099ece..4e3b9445fcc1a30a0099bd11d13f07b8befd017c 100644 (file)
--- a/fips/rsa/fips_rsa_selftest.c
+++ b/fips/rsa/fips_rsa_selftest.c
@@ -211,7 +211,7 @@ int FIPS_selftest_rsa()
     /* ...1)  using the same RSA key to encrypt the SHA-1 hash of a
      * plaintext value larger than the RSA key size
     */
-    if (RSA_size(key) >= strlen(original_ptext))
+    if (RSA_size(key) >= sizeof(original_ptext) - 1)
        {
        FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED);
        return 0;
@@ -219,7 +219,7 @@ int FIPS_selftest_rsa()
     /* ...2) then generate the SHA-1 digest of plaintext, and compare the
      * digest to the Known Answer (note here we duplicate the SHA-1 KAT)
      */
-    SHA1((unsigned char*)original_ptext,strlen(original_ptext),md);
+    SHA1(original_ptext,sizeof(original_ptext) - 1,md);
     if(memcmp(md,mdkat,SHA_DIGEST_LENGTH))
        {
        FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED);