diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 43c916fc1..fab410b9e 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -472,16 +472,16 @@ int ec_key_public_check(const EC_KEY *eckey, BN_CTX *ctx) */ if (eckey->priv_key != NULL) { if (BN_cmp(eckey->priv_key, order) >= 0) { - ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_WRONG_ORDER); + ECerr(EC_F_EC_KEY_PUBLIC_CHECK, EC_R_WRONG_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, NULL, ctx)) { - ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, ERR_R_EC_LIB); + ECerr(EC_F_EC_KEY_PUBLIC_CHECK, ERR_R_EC_LIB); goto err; } if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) { - ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY); + ECerr(EC_F_EC_KEY_PUBLIC_CHECK, EC_R_INVALID_PRIVATE_KEY); goto err; } } diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c index 8794a6781..f38137388 100644 --- a/crypto/ec/ecdh_ossl.c +++ b/crypto/ec/ecdh_ossl.c @@ -28,7 +28,7 @@ int ossl_ecdh_compute_key(unsigned char **psec, size_t *pseclen, { #ifdef OPENSSL_FIPS if (FIPS_selftest_failed()) { - FIPSerr(FIPS_F_ECDH_COMPUTE_KEY, FIPS_R_FIPS_SELFTEST_FAILED); + FIPSerr(FIPS_F_OSSL_ECDH_COMPUTE_KEY, FIPS_R_FIPS_SELFTEST_FAILED); return -1; } #endif diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 3445abd02..9e9526241 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -204,7 +204,7 @@ ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, #ifdef OPENSSL_FIPS if (FIPS_selftest_failed()) { - FIPSerr(FIPS_F_OSSL_ECDSA_SIGN_SIG, FIPS_R_FIPS_SELFTEST_FAILED); + FIPSerr(FIPS_F_ECDSA_SIMPLE_SIGN_SIG, FIPS_R_FIPS_SELFTEST_FAILED); return NULL; } #endif @@ -373,7 +373,7 @@ int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, #ifdef OPENSSL_FIPS if (FIPS_selftest_failed()) { - FIPSerr(FIPS_F_OSSL_ECDSA_VERIFY_SIG, FIPS_R_FIPS_SELFTEST_FAILED); + FIPSerr(FIPS_F_ECDSA_SIMPLE_VERIFY_SIG, FIPS_R_FIPS_SELFTEST_FAILED); return -1; } #endif diff --git a/crypto/fips/fips_sha_selftest.c b/crypto/fips/fips_sha_selftest.c index 035c2c092..4a6336248 100644 --- a/crypto/fips/fips_sha_selftest.c +++ b/crypto/fips/fips_sha_selftest.c @@ -195,25 +195,25 @@ int FIPS_selftest_sha3(void) EVP_Digest(msg_sha3_256, sizeof(msg_sha3_256), md, NULL, EVP_sha3_256(), NULL); if (memcmp(dig_sha3_256, md, sizeof(dig_sha3_256))) { - FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_SHA3, FIPS_R_SELFTEST_FAILED); return 0; } EVP_Digest(msg_sha3_512, sizeof(msg_sha3_512), md, NULL, EVP_sha3_512(), NULL); if (memcmp(dig_sha3_512, md, sizeof(dig_sha3_512))) { - FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_SHA3, FIPS_R_SELFTEST_FAILED); return 0; } EVP_Digest(msg_shake_128, sizeof(msg_shake_128), md, NULL, EVP_shake128(), NULL); if (memcmp(dig_shake_128, md, sizeof(dig_shake_128))) { - FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_SHA3, FIPS_R_SELFTEST_FAILED); return 0; } EVP_Digest(msg_shake_256, sizeof(msg_shake_256), md, NULL, EVP_shake256(), NULL); if (memcmp(dig_shake_256, md, sizeof(dig_shake_256))) { - FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_SHA3, FIPS_R_SELFTEST_FAILED); return 0; } diff --git a/include/openssl/fips.h b/include/openssl/fips.h index e4208cbfa..7af006e7b 100644 --- a/include/openssl/fips.h +++ b/include/openssl/fips.h @@ -130,8 +130,13 @@ extern "C" { # define FIPS_F_FIPS_SELFTEST_HKDF 155 # define FIPS_F_FIPS_SELFTEST_SHA1 115 # define FIPS_F_FIPS_SELFTEST_SHA2 105 +# define FIPS_F_FIPS_SELFTEST_SHA3 156 +# define FIPS_F_ECDSA_SIMPLE_VERIFY_SIG 157 +# define FIPS_F_ECDSA_SIMPLE_SIGN_SIG 158 # define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 # define FIPS_F_OSSL_ECDSA_VERIFY_SIG 148 +# define FIPS_F_OSSL_ECDSA_SIMPLE_VERIFY_SIG 159 +# define FIPS_F_OSSL_ECDH_COMPUTE_KEY 160 # define FIPS_F_RSA_BUILTIN_KEYGEN 116 # define FIPS_F_RSA_OSSL_INIT 149 # define FIPS_F_RSA_OSSL_PRIVATE_DECRYPT 117