Crypto++  8.8
Free C++ class library of cryptographic schemes
fips140.cpp
1 // fips140.cpp - originally written and placed in the public domain by Wei Dai
2 
3 #include "pch.h"
4 
5 #ifndef CRYPTOPP_IMPORTS
6 
7 #include "fips140.h"
8 #include "misc.h"
9 
10 NAMESPACE_BEGIN(CryptoPP)
11 
12 // Define this to 1 to turn on FIPS 140-2 compliance features, including additional tests during
13 // startup, random number generation, and key generation. These tests may affect performance.
14 #ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
15 #define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
16 #endif
17 
18 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
19 #error FIPS 140-2 compliance requires the availability of OS provided RNG.
20 #endif
21 
22 PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
23 
24 bool FIPS_140_2_ComplianceEnabled()
25 {
26  return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
27 }
28 
29 void SimulatePowerUpSelfTestFailure()
30 {
31  g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
32 }
33 
34 PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
35 {
36  return g_powerUpSelfTestStatus;
37 }
38 
39 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
40 // One variable for all threads for compatibility. Previously this
41 // was a ThreadLocalStorage variable, which is per-thread. Also see
42 // https://github.com/weidai11/cryptopp/issues/208
43 static bool s_inProgress = false;
44 #endif
45 
46 bool PowerUpSelfTestInProgressOnThisThread()
47 {
48 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
49  return s_inProgress;
50 #else
51  return false;
52 #endif
53 }
54 
55 void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
56 {
57 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
58  s_inProgress = inProgress;
59 #else
60  CRYPTOPP_UNUSED(inProgress);
61 #endif
62 }
63 
64 void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
65 {
66 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
67  EncryptionPairwiseConsistencyTest(encryptor, decryptor);
68 #else
69  CRYPTOPP_UNUSED(encryptor), CRYPTOPP_UNUSED(decryptor);
70 #endif
71 }
72 
73 void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
74 {
75 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
76  SignaturePairwiseConsistencyTest(signer, verifier);
77 #else
78  CRYPTOPP_UNUSED(signer), CRYPTOPP_UNUSED(verifier);
79 #endif
80 }
81 
82 NAMESPACE_END
83 
84 #endif
PK_Decryptor
Interface for public-key decryptors.
Definition: cryptlib.h:2738
PK_Encryptor
Interface for public-key encryptors.
Definition: cryptlib.h:2703
PK_Signer
Interface for public-key signers.
Definition: cryptlib.h:2882
PK_Verifier
Interface for public-key signature verifiers.
Definition: cryptlib.h:2946
CRYPTOPP_API
#define CRYPTOPP_API
Win32 calling convention.
Definition: config_dll.h:119
fips140.h
Classes and functions for the FIPS 140-2 validated library.
FIPS_140_2_ComplianceEnabled
CRYPTOPP_DLL bool FIPS_140_2_ComplianceEnabled()
Determines whether the library provides FIPS validated cryptography.
GetPowerUpSelfTestStatus
CRYPTOPP_DLL PowerUpSelfTestStatus GetPowerUpSelfTestStatus()
Provides the current power-up self test status.
PowerUpSelfTestStatus
PowerUpSelfTestStatus
Status of the power-up self test.
Definition: fips140.h:37
POWER_UP_SELF_TEST_NOT_DONE
@ POWER_UP_SELF_TEST_NOT_DONE
The self tests have not been performed.
Definition: fips140.h:40
POWER_UP_SELF_TEST_FAILED
@ POWER_UP_SELF_TEST_FAILED
The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), but the result was fa...
Definition: fips140.h:43
SimulatePowerUpSelfTestFailure
CRYPTOPP_DLL void SimulatePowerUpSelfTestFailure()
Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED.
misc.h
Utility functions for the Crypto++ library.
CryptoPP
Crypto++ library namespace.
pch.h
Precompiled header file.
Generated on Mon Jun 26 2023 03:35:19 for Crypto++ by doxygen 1.9.1