diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-05-06 17:38:39 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-05-06 17:38:39 +0000 |
commit | ad4784953d6d79484204a8bb8243be73a6e9aa98 (patch) | |
tree | 1e58ec0ced9a3013f2ab517a667d5e5fb581d309 /fips/utl | |
parent | 6b7be581e52761b2a0dc5dcf35214ff813b9f9f0 (diff) |
Return error codes for selftest failure instead of hard assertion errors.
Diffstat (limited to 'fips/utl')
-rw-r--r-- | fips/utl/fips_enc.c | 12 | ||||
-rw-r--r-- | fips/utl/fips_md.c | 12 |
2 files changed, 20 insertions, 4 deletions
diff --git a/fips/utl/fips_enc.c b/fips/utl/fips_enc.c index a25e5a1e5c..55a880d06e 100644 --- a/fips/utl/fips_enc.c +++ b/fips/utl/fips_enc.c @@ -256,11 +256,15 @@ int FIPS_cipher_ctx_cleanup(EVP_CIPHER_CTX *c) int FIPS_cipher_ctx_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { int ret; + if (FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_FIPS_CIPHER_CTX_CTRL, FIPS_R_SELFTEST_FAILED); + return 0; + } if(!ctx->cipher) { EVPerr(EVP_F_FIPS_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); return 0; } - FIPS_selftest_check(); if(!ctx->cipher->ctrl) { EVPerr(EVP_F_FIPS_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); @@ -327,6 +331,10 @@ int FIPS_cipher_ctx_set_key_length(EVP_CIPHER_CTX *ctx, int keylen) int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { - FIPS_selftest_check(); + if (FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_FIPS_CIPHER, FIPS_R_SELFTEST_FAILED); + return -1; + } return ctx->cipher->do_cipher(ctx,out,in,inl); } diff --git a/fips/utl/fips_md.c b/fips/utl/fips_md.c index 37149506f3..556267994c 100644 --- a/fips/utl/fips_md.c +++ b/fips/utl/fips_md.c @@ -204,7 +204,11 @@ int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type) int FIPS_digestupdate(EVP_MD_CTX *ctx, const void *data, size_t count) { - FIPS_selftest_check(); + if (FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_FIPS_DIGESTUPDATE, FIPS_R_SELFTEST_FAILED); + return 0; + } return ctx->update(ctx,data,count); } @@ -213,7 +217,11 @@ int FIPS_digestfinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; - FIPS_selftest_check(); + if (FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_FIPS_DIGESTFINAL, FIPS_R_SELFTEST_FAILED); + return 0; + } OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret=ctx->digest->final(ctx,md); |