Coverage Report

Created: 2024-11-21 07:03

/src/cryptopp/fips140.cpp
Line
Count
Source (jump to first uncovered line)
1
// fips140.cpp - originally written and placed in the public domain by Wei Dai
2
3
#include "pch.h"
4
5
#ifndef CRYPTOPP_IMPORTS
6
7
#include "fips140.h"
8
#include "misc.h"
9
10
NAMESPACE_BEGIN(CryptoPP)
11
12
// Define this to 1 to turn on FIPS 140-2 compliance features, including additional tests during
13
// startup, random number generation, and key generation. These tests may affect performance.
14
#ifndef CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
15
24.7k
#define CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 0
16
#endif
17
18
#if (CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 && !defined(OS_RNG_AVAILABLE))
19
#error FIPS 140-2 compliance requires the availability of OS provided RNG.
20
#endif
21
22
PowerUpSelfTestStatus g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
23
24
bool FIPS_140_2_ComplianceEnabled()
25
24.7k
{
26
24.7k
  return CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2;
27
24.7k
}
28
29
void SimulatePowerUpSelfTestFailure()
30
0
{
31
0
  g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
32
0
}
33
34
PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus()
35
0
{
36
0
  return g_powerUpSelfTestStatus;
37
0
}
38
39
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
40
// One variable for all threads for compatibility. Previously this
41
// was a ThreadLocalStorage variable, which is per-thread. Also see
42
// https://github.com/weidai11/cryptopp/issues/208
43
static bool s_inProgress = false;
44
#endif
45
46
bool PowerUpSelfTestInProgressOnThisThread()
47
0
{
48
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
49
  return s_inProgress;
50
#else
51
0
  return false;
52
0
#endif
53
0
}
54
55
void SetPowerUpSelfTestInProgressOnThisThread(bool inProgress)
56
0
{
57
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
58
  s_inProgress = inProgress;
59
#else
60
0
  CRYPTOPP_UNUSED(inProgress);
61
0
#endif
62
0
}
63
64
void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
65
0
{
66
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
67
  EncryptionPairwiseConsistencyTest(encryptor, decryptor);
68
#else
69
0
  CRYPTOPP_UNUSED(encryptor), CRYPTOPP_UNUSED(decryptor);
70
0
#endif
71
0
}
72
73
void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier)
74
0
{
75
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
76
  SignaturePairwiseConsistencyTest(signer, verifier);
77
#else
78
0
  CRYPTOPP_UNUSED(signer), CRYPTOPP_UNUSED(verifier);
79
0
#endif
80
0
}
81
82
NAMESPACE_END
83
84
#endif