FIPS Ready Windows Fix

1. Modify the WIN10 FIPS solution user_settings.h to check for a
   FIPS Ready flag and to override HAVE_FIPS_VERSION to 3 if set.
2. Removed some redundant constants from the EVP file.

IDE/WIN10/user_settings.h

@@ -1,6 +1,14 @@
 #ifndef _WIN_USER_SETTINGS_H_
 #define _WIN_USER_SETTINGS_H_
 
+/* For FIPS Ready, uncomment the following: */
+/* #define WOLFSSL_FIPS_READY */
+#ifdef WOLFSSL_FIPS_READY
+    #undef HAVE_FIPS_VERSION
+    #define HAVE_FIPS_VERSION 3
+#endif
+
+
 /* Verify this is Windows */
 #ifndef _WIN32
 #error This user_settings.h header is only designed for Windows

wolfcrypt/src/evp.c

@@ -36,16 +36,6 @@
 #if defined(OPENSSL_EXTRA)
 
 #if !defined(HAVE_PKCS7) && \
-    ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
-     (HAVE_FIPS_VERSION > 2)) || defined(HAVE_SELFTEST))
-enum {
-    /* In the event of fips cert 3389 or CAVP selftest build, these enums are
-     * not in aes.h for use with evp so enumerate it here outside the fips
-     * boundary */
-    GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
-    CCM_NONCE_MIN_SZ = 7,
-};
-#elif !defined(HAVE_PKCS7) && \
       ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
        (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST))
     #include <wolfssl/wolfcrypt/aes.h>