FIPS Update

1. Moved the rest of the FIPS algorithms to FIPSv2. 2. Updated the fips-check and autogen scripts. 3. Updated the automake include for the crypto files. 4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer. 5. Added error code for the SHA-3 KAT. 6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-02-01 11:02:35 -08:00
parent df4d748f59
commit f6fe3744a7
17 changed files with 390 additions and 183 deletions
--- a/tests/api.c
+++ b/tests/api.c
@@ -8400,19 +8400,21 @@ static int test_wc_AesGcmEncryptDecrypt (void)
                    sizeof(vector), iv, sizeof(iv)/sizeof(byte),
                    resultT, sizeof(resultT) - 5, a, sizeof(a));
        }
-        if (gcmE == BAD_FUNC_ARG) {
-            gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
-                            sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT),
-                            a, sizeof(a));
-        }
-        #ifdef HAVE_FIPS
-            if (gcmE == BAD_FUNC_ARG) {
-                gcmE = 0;
-            } else {
-                gcmE = WOLFSSL_FATAL_ERROR;
-            }
-        #endif
-    } /* END wc_AesGcmEncrypt */
+
+		if (gcmE == BAD_FUNC_ARG) {
+			gcmE = 0;
+		} else {
+			gcmE = WOLFSSL_FATAL_ERROR;
+		}
+	}
+
+	/* This case is now considered good. Long IVs are now allowed. */
+	if (gcmE == 0) {
+		gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
+						sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT),
+						a, sizeof(a));
+	}
+    /* END wc_AesGcmEncrypt */

    printf(resultFmt, gcmE == 0 ? passed : failed);
    if (gcmE != 0) {