fips140.cpp

00001 // fips140.cpp - written and placed in the public domain by Wei Dai
00002 
00003 #include "pch.h"
00004 
00005 #ifndef CRYPTOPP_IMPORTS
00006 
00007 #include "fips140.h"
00008 #include "trdlocal.h"   // needs to be included last for cygwin
00009 
00010 NAMESPACE_BEGIN(CryptoPP)
00011 
00012 // Define this to 1 to turn on FIPS 140-2 compliance features, including additional tests during 
00013 // startup, random number generation, and key generation. These tests may affect performance.
00014 #ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00015 #define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
00016 #endif
00017 
00018 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(THREADS_AVAILABLE))
00019 #error FIPS 140-2 compliance requires the availability of thread local storage.
00020 #endif
00021 
00022 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
00023 #error FIPS 140-2 compliance requires the availability of OS provided RNG.
00024 #endif
00025 
00026 PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
00027 
00028 bool FIPS_140_2_ComplianceEnabled()
00029 {
00030         return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
00031 }
00032 
00033 void SimulatePowerUpSelfTestFailure()
00034 {
00035         g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
00036 }
00037 
00038 PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
00039 {
00040         return g_powerUpSelfTestStatus;
00041 }
00042 
00043 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00044 ThreadLocalStorage & AccessPowerUpSelfTestInProgress()
00045 {
00046         static ThreadLocalStorage selfTestInProgress;
00047         return selfTestInProgress;
00048 }
00049 #endif
00050 
00051 bool PowerUpSelfTestInProgressOnThisThread()
00052 {
00053 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00054         return AccessPowerUpSelfTestInProgress().GetValue() != NULL;
00055 #else
00056         assert(false);  // should not be called
00057         return false;
00058 #endif
00059 }
00060 
00061 void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
00062 {
00063 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00064         AccessPowerUpSelfTestInProgress().SetValue((void *)inProgress);
00065 #endif
00066 }
00067 
00068 void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
00069 {
00070 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00071         EncryptionPairwiseConsistencyTest(encryptor, decryptor);
00072 #endif
00073 }
00074 
00075 void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
00076 {
00077 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00078         SignaturePairwiseConsistencyTest(signer, verifier);
00079 #endif
00080 }
00081 
00082 NAMESPACE_END
00083 
00084 #endif
Generated on Sat Dec 23 02:07:07 2006 for Crypto++ by  doxygen 1.5.1-p1