]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ee1d4f3)
Add a dummy call to BN_rand_ex() in the FIPS provider
authorMatt Caswell <matt@openssl.org>
Wed, 19 Jun 2019 14:20:03 +0000 (15:20 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 2 Jul 2019 15:49:18 +0000 (16:49 +0100)
The previous commit made BIGNUM RAND operations available from within
the FIPS provider. We test this out by making a dummy call to check it
completes successfully.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9193)

providers/fips/fipsprov.c patch | blob | history

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index eb2a0c45c35b745dc152fe5c442daa47e227d773..0f0a9624e798d6c52c0eccb0a81bb440776980e5 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -120,6 +120,9 @@ static int dummy_evp_call(void *provctx)
     if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
         goto err;
 
+    if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
+        goto err;
+
     ret = 1;
  err:
     BN_CTX_end(bnctx);
Unnamed repository; edit this file 'description' to name the repository.