00001
00002
00003 #include "pch.h"
00004
00005 #ifndef CRYPTOPP_IMPORTS
00006
00007 #include "fips140.h"
00008 #include "misc.h"
00009 #include "trdlocal.h"
00010
00011 NAMESPACE_BEGIN(CryptoPP)
00012
00013
00014
00015 #ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00016 #define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
00017 #endif
00018
00019 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(THREADS_AVAILABLE))
00020 #error FIPS 140-2 compliance requires the availability of thread local storage.
00021 #endif
00022
00023 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
00024 #error FIPS 140-2 compliance requires the availability of OS provided RNG.
00025 #endif
00026
00027 PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
00028
00029 bool FIPS_140_2_ComplianceEnabled()
00030 {
00031 return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
00032 }
00033
00034 void SimulatePowerUpSelfTestFailure()
00035 {
00036 g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
00037 }
00038
00039 PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
00040 {
00041 return g_powerUpSelfTestStatus;
00042 }
00043
00044 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00045 ThreadLocalStorage & AccessPowerUpSelfTestInProgress()
00046 {
00047 static ThreadLocalStorage selfTestInProgress;
00048 return selfTestInProgress;
00049 }
00050 #endif
00051
00052 bool PowerUpSelfTestInProgressOnThisThread()
00053 {
00054 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00055 return AccessPowerUpSelfTestInProgress().GetValue() != NULL;
00056 #else
00057 assert(false);
00058 return false;
00059 #endif
00060 }
00061
00062 void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
00063 {
00064 CRYPTOPP_UNUSED(inProgress);
00065 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00066 AccessPowerUpSelfTestInProgress().SetValue((void *)inProgress);
00067 #endif
00068 }
00069
00070 void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
00071 {
00072 CRYPTOPP_UNUSED(encryptor), CRYPTOPP_UNUSED(decryptor);
00073 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00074 EncryptionPairwiseConsistencyTest(encryptor, decryptor);
00075 #endif
00076 }
00077
00078 void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
00079 {
00080 CRYPTOPP_UNUSED(signer), CRYPTOPP_UNUSED(verifier);
00081 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00082 SignaturePairwiseConsistencyTest(signer, verifier);
00083 #endif
00084 }
00085
00086 NAMESPACE_END
00087
00088 #endif