add FIPS pos errors and messages, better output for in core check and how to fix

ctaocrypt/src/error.c

@@ -286,6 +286,24 @@ const char* CTaoCryptGetErrorString(int error)
     case LENGTH_ONLY_E:
         return "Output length only set, not for other use error";
 
+    case IN_CORE_FIPS_E:
+        return "In Core Integrity check FIPS error";
+
+    case AES_KAT_FIPS_E:
+        return "AES Known Answer Test check FIPS error";
+
+    case DES3_KAT_FIPS_E:
+        return "DES3 Known Answer Test check FIPS error";
+
+    case HMAC_KAT_FIPS_E:
+        return "HMAC Known Answer Test check FIPS error";
+
+    case RSA_KAT_FIPS_E:
+        return "RSA Known Answer Test check FIPS error";
+
+    case DRBG_KAT_FIPS_E:
+        return "DRBG Known Answer Test check FIPS error";
+
     default:
         return "unknown error number";
 

ctaocrypt/test/test.c

@@ -58,6 +58,7 @@
 #include <cyassl/ctaocrypt/chacha.h>
 #include <cyassl/ctaocrypt/pwdbased.h>
 #include <cyassl/ctaocrypt/ripemd.h>
+#include <cyassl/ctaocrypt/error-crypt.h>
 #ifdef HAVE_ECC
     #include <cyassl/ctaocrypt/ecc.h>
 #endif
@@ -215,7 +216,13 @@ typedef struct func_args {
 static void myFipsCb(int ok, int err, const char* hash)
 {
     printf("in my Fips callback, ok = %d, err = %d\n", ok, err);
+    printf("message = %s\n", CTaoCryptGetErrorString(err));
     printf("hash = %s\n", hash);
+
+    if (err == IN_CORE_FIPS_E) {
+        printf("In core integrity hash check failure, copy above hash\n");
+        printf("into verifyCore[] in fips_test.c and rebuild\n");
+    }
 }
 
 #endif /* HAVE_FIPS */