diff options
| author | steve <steve> | 2011-04-22 11:12:55 +0000 |
|---|---|---|
| committer | steve <steve> | 2011-04-22 11:12:55 +0000 |
| commit | 8ed59563cffa03ba895177ea4dd3fb27965a92d8 (patch) | |
| tree | a4c049cd277ccf9440457df7411054ea7807c9bb /crypto | |
| parent | 6be57bd46323c69af7395bbc849203a99a6ccf42 (diff) | |
| download | openssl-8ed59563cffa03ba895177ea4dd3fb27965a92d8.tar.gz | |
Return errors instead of aborting when selftest fails.
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/dh/dh_key.c | 6 | ||||
| -rw-r--r-- | crypto/fips_err.h | 2 | ||||
| -rw-r--r-- | crypto/rsa/rsa_eay.c | 6 |
3 files changed, 12 insertions, 2 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 50e8011c8..6c0c745c8 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -301,7 +301,11 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { #ifdef OPENSSL_FIPS - FIPS_selftest_check(); + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_DH_INIT,FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } #endif dh->flags |= DH_FLAG_CACHE_MONT_P; return(1); diff --git a/crypto/fips_err.h b/crypto/fips_err.h index f4f834124..041bc1567 100644 --- a/crypto/fips_err.h +++ b/crypto/fips_err.h @@ -71,6 +71,7 @@ static ERR_STRING_DATA FIPS_str_functs[]= { {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, +{ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"}, {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, @@ -113,6 +114,7 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"}, {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, +{ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 865fb6a26..d47f64e75 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -937,7 +937,11 @@ err: static int RSA_eay_init(RSA *rsa) { #ifdef OPENSSL_FIPS - FIPS_selftest_check(); + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_RSA_EAY_INIT,FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } #endif rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; return(1); |