Hi,=20

I am looking at FIPS RAND implementation in OpenSSL 0.9.7g, and am
wondering when the key should be scheduled.

DES_set_key() is invoked in FIPS_rand_seed(), like this.=20

void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num)
{
....=20
if(!init)
=09{
=09init=3D1;
=09DES_set_key(&key1,&ks1);
=09DES_set_key(&key2,&ks2);
=09}
....
}

This means that DES_set_key() will not happen twice. When
FIPS_rand_seed() is invoked in the second time, init is already 1 and
DES_set_key() will not be invoked again.

fips_randtest tries to set key three times (once in main, twice in
run_test), but only the first one actually schedules the key. The
first key is being used for all the tests.

It seems to me that DES_set_key() should be done in
FIPS_set_prng_key() instead of FIPS_rand_seed(). Am I missing
something?

Thank you,
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org