diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-04-11 21:32:51 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-04-11 21:32:51 +0000 |
commit | 63c82f8abb5ea2f984c0250e3432f715fdab4eef (patch) | |
tree | a34ec0c495cb9052b21fa003637cc3e1a76e9eaa | |
parent | 4fd7256b7715a46dd0857aa6a5104b8b4ce7e4cc (diff) |
Update copyright year.
Zero ciphertext and plaintext temporary buffers.
Check FIPS_cipher() return value.
-rw-r--r-- | fips/fips.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fips/fips.c b/fips/fips.c index 7ca24924dd..7e5b651f97 100644 --- a/fips/fips.c +++ b/fips/fips.c @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,8 +70,8 @@ #define PATH_MAX 1024 #endif -static int fips_selftest_fail; -static int fips_mode; +static int fips_selftest_fail = 0; +static int fips_mode = 0; static int fips_started = 0; static int fips_is_owning_thread(void); @@ -511,9 +511,12 @@ int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE]; unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE]; OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE); + memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); + memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); if (FIPS_cipherinit(ctx, cipher, key, iv, 1) <= 0) return 0; - FIPS_cipher(ctx, citmp, plaintext, len); + if (!FIPS_cipher(ctx, citmp, plaintext, len)) + return 0; if (memcmp(citmp, ciphertext, len)) return 0; if (FIPS_cipherinit(ctx, cipher, key, iv, 0) <= 0) |