Fix CPRNG test for Hash DRBG.

author: steve <steve> 2011-06-26 12:29:26 +0000
committer: steve <steve> 2011-06-26 12:29:26 +0000
commit: a7446503d99099d0906783b4eb9e0387a863b6a3 (patch)
tree: d50b10665e639d7ad0560390be78cb365a695c5a /fips
parent: 2ca6fafa94bea32aa4ebe912e74c5941c240b73b (diff)
download: openssl-a7446503d99099d0906783b4eb9e0387a863b6a3.tar.gz
1 files changed, 11 insertions, 9 deletions
diff --git a/fips/rand/fips_drbg_hash.c b/fips/rand/fips_drbg_hash.c
index 544cda1ff..2fdf0e8f3 100644
--- a/fips/rand/fips_drbg_hash.c
+++ b/fips/rand/fips_drbg_hash.c
@@ -199,9 +199,8 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen)
 			{
 			FIPS_digestfinal(&hctx->mctx, dctx->lb, NULL);
 			dctx->lb_valid = 1;
-			continue;
 			}
-		if (outlen < dctx->blocklength)
+		else if (outlen < dctx->blocklength)
 			{
 			FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
 			if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
@@ -209,13 +208,16 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen)
 			memcpy(out, hctx->vtmp, outlen);
 			return 1;
 			}
-		FIPS_digestfinal(&hctx->mctx, out, NULL);
-		if (!fips_drbg_cprng_test(dctx, out))
-			return 0;
-		outlen -= dctx->blocklength;
-		if (outlen == 0)
-			return 1;
-		out += dctx->blocklength;
+		else
+			{
+			FIPS_digestfinal(&hctx->mctx, out, NULL);
+			if (!fips_drbg_cprng_test(dctx, out))
+				return 0;
+			outlen -= dctx->blocklength;
+			if (outlen == 0)
+				return 1;
+			out += dctx->blocklength;
+			}
 		ctx_add_buf(dctx, hctx->vtmp, NULL, 0);
 		}
 	}
author	steve <steve>	2011-06-26 12:29:26 +0000
committer	steve <steve>	2011-06-26 12:29:26 +0000
commit	a7446503d99099d0906783b4eb9e0387a863b6a3 (patch)
tree	d50b10665e639d7ad0560390be78cb365a695c5a /fips
parent	2ca6fafa94bea32aa4ebe912e74c5941c240b73b (diff)
download	openssl-a7446503d99099d0906783b4eb9e0387a863b6a3.tar.gz