FIPS140-2 tests: removed redundant checks

We keep on check per cipher which is required, and avoid multiple (and time-consuming) tests.
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-07-08 15:14:20 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-07-08 15:14:51 +0200
commit: 87cb7a564f4d963a764838f370cabad55c9b37f4 (patch)
tree: f49032d8980f99df7a848022c056c0ef2a8e18bc /lib/fips.c
parent: 999a433c3d8bbeb528d27cc119cf77d7e43e7a73 (diff)
download: gnutls-87cb7a564f4d963a764838f370cabad55c9b37f4.tar.gz
1 files changed, 1 insertions, 25 deletions
diff --git a/lib/fips.c b/lib/fips.c
index 12c1d0dd42..8b87544b92 100644
--- a/lib/fips.c
+++ b/lib/fips.c
@@ -209,37 +209,13 @@ int _gnutls_fips_perform_self_checks(void)
 
 	/* Tests the FIPS algorithms */
 
-	/* ciphers */
-	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_128_CBC);
-	if (ret < 0) {
-		gnutls_assert();
-		goto error;
-	}
-
-	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_192_CBC);
-	if (ret < 0) {
-		gnutls_assert();
-		goto error;
-	}
-
-	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CBC);
-	if (ret < 0) {
-		gnutls_assert();
-		goto error;
-	}
-
+	/* ciphers - one test per cipher */
 	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_3DES_CBC);
 	if (ret < 0) {
 		gnutls_assert();
 		goto error;
 	}
 
-	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_128_GCM);
-	if (ret < 0) {
-		gnutls_assert();
-		goto error;
-	}
-
 	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_GCM);
 	if (ret < 0) {
 		gnutls_assert();
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-07-08 15:14:20 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-07-08 15:14:51 +0200
commit	87cb7a564f4d963a764838f370cabad55c9b37f4 (patch)
tree	f49032d8980f99df7a848022c056c0ef2a8e18bc /lib/fips.c
parent	999a433c3d8bbeb528d27cc119cf77d7e43e7a73 (diff)
download	gnutls-87cb7a564f4d963a764838f370cabad55c9b37f4.tar.gz