/src/cryptopp/fips140.cpp

Source (jump to first uncovered line)
// fips140.cpp - originally written and placed in the public domain by Wei Dai

#include "pch.h"

#ifndef CRYPTOPP_IMPORTS

#include "fips140.h"
#include "misc.h"

NAMESPACE_BEGIN(CryptoPP)

// Define this to 1 to turn on FIPS 140-2 compliance features, including additional tests during
// startup, random number generation, and key generation. These tests may affect performance.
#ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
#define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
#endif

#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
#error FIPS 140-2 compliance requires the availability of OS provided RNG.
#endif

PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;

bool FIPS_140_2_ComplianceEnabled()
{
  return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
}

void SimulatePowerUpSelfTestFailure()
{
  g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
}

PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
{
  return g_powerUpSelfTestStatus;
}

#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
// One variable for all threads for compatibility. Previously this
// was a ThreadLocalStorage variable, which is per-thread. Also see
// https://github.com/weidai11/cryptopp/issues/208
static bool s_inProgress = false;
#endif

bool PowerUpSelfTestInProgressOnThisThread()
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
  return s_inProgress;
#else
  return false;
#endif
}

void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
  s_inProgress = inProgress;
#else
  CRYPTOPP_UNUSED(inProgress);
#endif
}

void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
  EncryptionPairwiseConsistencyTest(encryptor, decryptor);
#else
  CRYPTOPP_UNUSED(encryptor), CRYPTOPP_UNUSED(decryptor);
#endif
}

void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
{
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
  SignaturePairwiseConsistencyTest(signer, verifier);
#else
  CRYPTOPP_UNUSED(signer), CRYPTOPP_UNUSED(verifier);
#endif
}

NAMESPACE_END

#endif

Line	Count	Source (jump to first uncovered line)
1		// fips140.cpp - originally written and placed in the public domain by Wei Dai
2
3		#include "pch.h"
4
5		#ifndef CRYPTOPP_IMPORTS
6
7		#include "fips140.h"
8		#include "misc.h"
9
10		NAMESPACE_BEGIN(CryptoPP)
11
12		// Define this to 1 to turn on FIPS 140-2 compliance features, including additional tests during
13		// startup, random number generation, and key generation. These tests may affect performance.
14		#ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
15	24.7k	#define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
16		#endif
17
18		#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
19		#error FIPS 140-2 compliance requires the availability of OS provided RNG.
20		#endif
21
22		PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
23
24		bool FIPS_140_2_ComplianceEnabled()
25	24.7k	{
26	24.7k	return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
27	24.7k	}
28
29		void SimulatePowerUpSelfTestFailure()
30	0	{
31	0	g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
32	0	}
33
34		PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
35	0	{
36	0	return g_powerUpSelfTestStatus;
37	0	}
38
39		#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
40		// One variable for all threads for compatibility. Previously this
41		// was a ThreadLocalStorage variable, which is per-thread. Also see
42		// https://github.com/weidai11/cryptopp/issues/208
43		static bool s_inProgress = false;
44		#endif
45
46		bool PowerUpSelfTestInProgressOnThisThread()
47	0	{
48		#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
49		return s_inProgress;
50		#else
51	0	return false;
52	0	#endif
53	0	}
54
55		void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
56	0	{
57		#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
58		s_inProgress = inProgress;
59		#else
60	0	CRYPTOPP_UNUSED(inProgress);
61	0	#endif
62	0	}
63
64		void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
65	0	{
66		#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
67		EncryptionPairwiseConsistencyTest(encryptor, decryptor);
68		#else
69	0	CRYPTOPP_UNUSED(encryptor), CRYPTOPP_UNUSED(decryptor);
70	0	#endif
71	0	}
72
73		void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
74	0	{
75		#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
76		SignaturePairwiseConsistencyTest(signer, verifier);
77		#else
78	0	CRYPTOPP_UNUSED(signer), CRYPTOPP_UNUSED(verifier);
79	0	#endif
80	0	}
81
82		NAMESPACE_END
83
84		#endif

Coverage Report

Created: 2024-11-21 07:03