diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/dh/dh_key.c | 6 | ||||
-rw-r--r-- | crypto/fips_err.h | 2 | ||||
-rw-r--r-- | crypto/rsa/rsa_eay.c | 6 |
3 files changed, 12 insertions, 2 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 50e8011c8..6c0c745c8 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -301,7 +301,11 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { #ifdef OPENSSL_FIPS - FIPS_selftest_check(); + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_DH_INIT,FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } #endif dh->flags |= DH_FLAG_CACHE_MONT_P; return(1); diff --git a/crypto/fips_err.h b/crypto/fips_err.h index f4f834124..041bc1567 100644 --- a/crypto/fips_err.h +++ b/crypto/fips_err.h @@ -71,6 +71,7 @@ static ERR_STRING_DATA FIPS_str_functs[]= { {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, +{ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"}, {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, @@ -113,6 +114,7 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"}, {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, +{ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 865fb6a26..d47f64e75 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -937,7 +937,11 @@ err: static int RSA_eay_init(RSA *rsa) { #ifdef OPENSSL_FIPS - FIPS_selftest_check(); + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_RSA_EAY_INIT,FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } #endif rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; return(1); |