From ce93e7a99301293d45331c01a888d67c8a098101 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 12 Sep 2008 14:47:28 +0000 Subject: Only run required tests during power-up self-test. Enter error state after a failed key generation tests. --- cipher/dsa.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'cipher/dsa.c') diff --git a/cipher/dsa.c b/cipher/dsa.c index e16d008e..6b63d1d7 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -342,6 +342,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, gcry_mpi_release (sk->g); sk->g = NULL; gcry_mpi_release (sk->y); sk->y = NULL; gcry_mpi_release (sk->x); sk->x = NULL; + fips_signal_error ("self-test after key generation failed"); return GPG_ERR_SELFTEST_FAILED; } return 0; @@ -703,10 +704,12 @@ selftests_dsa (selftest_report_func_t report) /* Run a full self-test for ALGO and return 0 on success. */ static gpg_err_code_t -run_selftests (int algo, selftest_report_func_t report) +run_selftests (int algo, int extended, selftest_report_func_t report) { gpg_err_code_t ec; + (void)extended; + switch (algo) { case GCRY_PK_DSA: -- cgit v1.2.1