00001
00002
00003
#include "pch.h"
00004
#include "fips140.h"
00005
#include "trdlocal.h"
00006
00007 NAMESPACE_BEGIN(CryptoPP)
00008
00009
00010
00011 #ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00012
#define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
00013
#endif
00014
00015
#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(THREADS_AVAILABLE))
00016
#error FIPS 140-2 compliance requires the availability of thread local storage.
00017
#endif
00018
00019
#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
00020
#error FIPS 140-2 compliance requires the availability of OS provided RNG.
00021
#endif
00022
00023
PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
00024
00025
bool FIPS_140_2_ComplianceEnabled()
00026 {
00027
return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
00028 }
00029
00030
void SimulatePowerUpSelfTestFailure()
00031 {
00032 g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
00033 }
00034
00035
PowerUpSelfTestStatus GetPowerUpSelfTestStatus()
00036 {
00037
return g_powerUpSelfTestStatus;
00038 }
00039
00040
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00041
ThreadLocalStorage & AccessPowerUpSelfTestInProgress()
00042 {
00043
static ThreadLocalStorage selfTestInProgress;
00044
return selfTestInProgress;
00045 }
00046
#endif
00047
00048
bool PowerUpSelfTestInProgressOnThisThread()
00049 {
00050
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00051
return AccessPowerUpSelfTestInProgress().
GetValue() != NULL;
00052
#else
00053
assert(
false);
00054
return false;
00055
#endif
00056
}
00057
00058
void SetPowerUpSelfTestInProgressOnThisThread(
bool inProgress)
00059 {
00060
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00061
AccessPowerUpSelfTestInProgress().
SetValue((
void *)inProgress);
00062
#endif
00063
}
00064
00065
void EncryptionPairwiseConsistencyTest_FIPS_140_Only(
const PK_Encryptor &encryptor,
const PK_Decryptor &decryptor)
00066 {
00067
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00068
EncryptionPairwiseConsistencyTest(encryptor, decryptor);
00069
#endif
00070
}
00071
00072
void SignaturePairwiseConsistencyTest_FIPS_140_Only(
const PK_Signer &signer,
const PK_Verifier &verifier)
00073 {
00074
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00075
SignaturePairwiseConsistencyTest(signer, verifier);
00076
#endif
00077
}
00078
00079 NAMESPACE_END