diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-03-06 13:10:37 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-03-06 13:10:37 +0000 |
commit | ff4a19a471bfcb80ddd11b491b181589e324a52f (patch) | |
tree | 95bac202325f004c687fcdd1db5b110f1dfa9256 /fips/rand | |
parent | 868f12988c7397fa6466a4fbc7269cd6de99ec1b (diff) |
Fix couple of bugs in CTR DRBG implementation.
Diffstat (limited to 'fips/rand')
-rw-r--r-- | fips/rand/fips_drbg_ctr.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/fips/rand/fips_drbg_ctr.c b/fips/rand/fips_drbg_ctr.c index 212bcf8df6..2b2d226c53 100644 --- a/fips/rand/fips_drbg_ctr.c +++ b/fips/rand/fips_drbg_ctr.c @@ -360,12 +360,15 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx) { case NID_aes_128_ctr: keylen = 16; + break; case NID_aes_192_ctr: keylen = 24; + break; case NID_aes_256_ctr: keylen = 32; + break; default: return -2; @@ -394,6 +397,15 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx) /* Set key schedule for df_key */ AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks); + dctx->min_entropy = cctx->keylen; + dctx->max_entropy = DRBG_MAX_ENTROPY; + dctx->min_nonce = dctx->min_entropy / 2; + dctx->max_nonce = DRBG_MAX_NONCE; + dctx->max_pers = DRBG_MAX_LENGTH; + dctx->max_adin = DRBG_MAX_LENGTH; + } + else + { dctx->min_entropy = dctx->seedlen; dctx->max_entropy = dctx->seedlen; /* Nonce not used */ @@ -402,15 +414,6 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx) dctx->max_pers = dctx->seedlen; dctx->max_adin = dctx->seedlen; } - else - { - dctx->min_entropy = cctx->keylen; - dctx->max_entropy = DRBG_MAX_ENTROPY; - dctx->min_nonce = dctx->min_entropy / 2; - dctx->max_nonce = DRBG_MAX_NONCE; - dctx->max_pers = DRBG_MAX_LENGTH; - dctx->max_adin = DRBG_MAX_LENGTH; - } dctx->max_request = 1<<19; dctx->reseed_counter = DRBG_MAX_LENGTH; |