Add a dummy call to BN_rand_ex() in the FIPS provider

The previous commit made BIGNUM RAND operations available from within the FIPS provider. We test this out by making a dummy call to check it completes successfully. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9193)
author: Matt Caswell <matt@openssl.org> 2019-06-19 15:20:03 +0100
committer: Matt Caswell <matt@openssl.org> 2019-07-02 16:49:18 +0100
commit: eba3ebd7beaab865e92e4853881433aaa855392f (patch)
tree: 4151ebca29d6160586290313107ab8afb7ec46d9 /providers
parent: ee1d4f3db4e8963c6472420d0256c2bfd6525137 (diff)
download: openssl-eba3ebd7beaab865e92e4853881433aaa855392f.zip
openssl-eba3ebd7beaab865e92e4853881433aaa855392f.tar.gz
openssl-eba3ebd7beaab865e92e4853881433aaa855392f.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index eb2a0c4..0f0a962 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -120,6 +120,9 @@ static int dummy_evp_call(void *provctx)
     if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
         goto err;
 
+    if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
+        goto err;
+
     ret = 1;
  err:
     BN_CTX_end(bnctx);
author	Matt Caswell <matt@openssl.org>	2019-06-19 15:20:03 +0100
committer	Matt Caswell <matt@openssl.org>	2019-07-02 16:49:18 +0100
commit	eba3ebd7beaab865e92e4853881433aaa855392f (patch)
tree	4151ebca29d6160586290313107ab8afb7ec46d9 /providers
parent	ee1d4f3db4e8963c6472420d0256c2bfd6525137 (diff)
download	openssl-eba3ebd7beaab865e92e4853881433aaa855392f.zip openssl-eba3ebd7beaab865e92e4853881433aaa855392f.tar.gz openssl-eba3ebd7beaab865e92e4853881433aaa855392f.tar.bz2