00001
00002
00003 #include "pch.h"
00004 #include "fips140.h"
00005 #include "trdlocal.h"
00006
00007 NAMESPACE_BEGIN(CryptoPP)
00008
00009
00010
00011 #ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00012 #define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
00013 #endif
00014
00015 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(THREADS_AVAILABLE))
00016 #error FIPS 140-2 compliance requires the availability of thread local storage.
00017 #endif
00018
00019 #if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
00020 #error FIPS 140-2 compliance requires the availability of OS provided RNG.
00021 #endif
00022
00023 PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
00024
00025 bool FIPS_140_2_ComplianceEnabled()
00026 {
00027 return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
00028 }
00029
00030 void SimulatePowerUpSelfTestFailure()
00031 {
00032 g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
00033 }
00034
00035 PowerUpSelfTestStatus GetPowerUpSelfTestStatus()
00036 {
00037 return g_powerUpSelfTestStatus;
00038 }
00039
00040 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00041 ThreadLocalStorage & AccessPowerUpSelfTestInProgress()
00042 {
00043 static ThreadLocalStorage selfTestInProgress;
00044 return selfTestInProgress;
00045 }
00046 #endif
00047
00048 bool PowerUpSelfTestInProgressOnThisThread()
00049 {
00050 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00051 return AccessPowerUpSelfTestInProgress().GetValue() != NULL;
00052 #else
00053 assert(false);
00054 return false;
00055 #endif
00056 }
00057
00058 void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
00059 {
00060 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00061 AccessPowerUpSelfTestInProgress().SetValue((void *)inProgress);
00062 #endif
00063 }
00064
00065 void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
00066 {
00067 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00068 EncryptionPairwiseConsistencyTest(encryptor, decryptor);
00069 #endif
00070 }
00071
00072 void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
00073 {
00074 #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
00075 SignaturePairwiseConsistencyTest(signer, verifier);
00076 #endif
00077 }
00078
00079 NAMESPACE_END