diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-18 15:10:32 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-18 15:10:34 +0200 |
commit | a6a51cb656b1e3af7d6f3727c58f6c939cd14dba (patch) | |
tree | a13cd25b3a0d1be10d53930f4e9f62ee3a036ef4 | |
parent | 154b7ef4c82d1b296d001c4752ca1df4cd7e73de (diff) | |
download | gnutls-a6a51cb656b1e3af7d6f3727c58f6c939cd14dba.tar.gz |
drbg-aes: removed the continuous DRBG checks
These are no longer necessary for FIPS140-2 compliance.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/nettle/int/drbg-aes.c | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/lib/nettle/int/drbg-aes.c b/lib/nettle/int/drbg-aes.c index 625ae80ab9..a5a05b64a8 100644 --- a/lib/nettle/int/drbg-aes.c +++ b/lib/nettle/int/drbg-aes.c @@ -160,12 +160,6 @@ int drbg_aes_generate(struct drbg_aes_ctx *ctx, unsigned length, uint8_t * dst, INCREMENT(sizeof(ctx->v), ctx->v); aes256_encrypt(&ctx->key, AES_BLOCK_SIZE, dst, ctx->v); - /* if detected loop */ - if (memcmp(dst, ctx->prev_block, AES_BLOCK_SIZE) == 0) { - _gnutls_switch_lib_state(LIB_STATE_ERROR); - return gnutls_assert_val(0); - } - memcpy(ctx->prev_block, dst, AES_BLOCK_SIZE); } @@ -174,12 +168,6 @@ int drbg_aes_generate(struct drbg_aes_ctx *ctx, unsigned length, uint8_t * dst, INCREMENT(sizeof(ctx->v), ctx->v); aes256_encrypt(&ctx->key, AES_BLOCK_SIZE, tmp, ctx->v); - /* if detected loop */ - if (memcmp(tmp, ctx->prev_block, AES_BLOCK_SIZE) == 0) { - _gnutls_switch_lib_state(LIB_STATE_ERROR); - return gnutls_assert_val(0); - } - memcpy(ctx->prev_block, tmp, AES_BLOCK_SIZE); memcpy(dst, tmp, left); } |