From 8c0ef0b1f5b145adfe207f011eed6b1c1edf1aef Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Mon, 7 Apr 2025 11:06:52 -0600
Subject: [PATCH] Explicit API redirects for FIPS moving forward

---
 wolfcrypt/src/integer.c | 4 ++++
 wolfcrypt/src/sp_int.c  | 4 ++++
 wolfcrypt/src/tfm.c     | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c
index 8ecabf552..d3cde9fd8 100644
--- a/wolfcrypt/src/integer.c
+++ b/wolfcrypt/src/integer.c
@@ -177,6 +177,9 @@ int mp_init (mp_int * a)
 /* clear one (frees)  */
 void mp_clear (mp_int * a)
 {
+#ifdef HAVE_FIPS
+    mp_forcezero(a);
+#else
   int i;
 
   if (a == NULL)
@@ -202,6 +205,7 @@ void mp_clear (mp_int * a)
     a->alloc = a->used = 0;
     a->sign  = MP_ZPOS;
   }
+#endif
 }
 
 void mp_free (mp_int * a)
diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c
index 976ea7a24..f626832d5 100644
--- a/wolfcrypt/src/sp_int.c
+++ b/wolfcrypt/src/sp_int.c
@@ -5272,6 +5272,9 @@ void sp_zero(sp_int* a)
  */
 void sp_clear(sp_int* a)
 {
+#ifdef HAVE_FIPS
+    sp_forcezero(a);
+#else
     /* Clear when valid pointer passed in. */
     if (a != NULL) {
         unsigned int i;
@@ -5284,6 +5287,7 @@ void sp_clear(sp_int* a)
         _sp_zero(a);
         sp_free(a);
     }
+#endif
 }
 
 #if !defined(NO_RSA) || !defined(NO_DH) || defined(HAVE_ECC) || \
diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
index a07fcbbe9..b341b4bfe 100644
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -4575,6 +4575,9 @@ void fp_zero(fp_int *a)
 
 void fp_clear(fp_int *a)
 {
+#ifdef HAVE_FIPS
+    fp_forcezero(a);
+#else
     int size;
     a->used = 0;
     a->sign = FP_ZPOS;
@@ -4585,6 +4588,7 @@ void fp_clear(fp_int *a)
 #endif
     XMEMSET(a->dp, 0, size * sizeof(fp_digit));
     fp_free(a);
+#endif
 }
 
 void fp_forcezero (mp_int * a)