Merge pull request #2962 from tmael/fips_solaris

FIPS on Solaris

fips-check.sh

@@ -34,6 +34,7 @@ Platform is one of:
     fips-ready
     stm32l4-v2 (FIPSv2, use for STM32L4)
     wolfrand
+    solaris
 Keep (default off) retains the XXX-fips-test temp dir for inspection.
 
 Example:
@@ -41,6 +42,8 @@ Example:
 usageText
 }
 
+MAKE=make
+
 LINUX_FIPS_VERSION=v3.2.6
 LINUX_FIPS_REPO=git@github.com:wolfSSL/fips.git
 LINUX_CRYPT_VERSION=v3.2.6
@@ -229,6 +232,19 @@ wolfrand)
   FIPS_INCS=( fips.h )
   FIPS_OPTION=rand
   ;;
+solaris)
+  FIPS_VERSION=WCv4-stable
+  FIPS_REPO=git@github.com:wolfssl/fips.git
+  CRYPT_VERSION=WCv4-stable
+  CRYPT_INC_PATH=wolfssl/wolfcrypt
+  CRYPT_SRC_PATH=wolfcrypt/src
+  WC_MODS+=( cmac dh ecc sha3 )
+  RNG_VERSION=WCv4-rng-stable
+  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
+  FIPS_INCS=( fips.h )
+  FIPS_OPTION=v2
+  MAKE=gmake
+  ;;
 *)
   Usage
   exit 1
@@ -321,7 +337,7 @@ then
 else
     ./configure --enable-fips=$FIPS_OPTION
 fi
-if ! make; then
+if ! $MAKE; then
     echo "fips-check: Make failed. Debris left for analysis."
     exit 3
 fi
@@ -331,11 +347,11 @@ then
     NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
     if [ -n "$NEWHASH" ]; then
         sed -i.bak "s/^\".*\";/\"${NEWHASH}\";/" $CRYPT_SRC_PATH/fips_test.c
-        make clean
+        $MAKE clean
     fi
 fi
 
-if ! make test; then
+if ! $MAKE test; then
     echo "fips-check: Test failed. Debris left for analysis."
     exit 3
 fi

wolfcrypt/test/test.c

@@ -27921,13 +27921,15 @@ int mutex_test(void)
         return -12701;
     if (wc_LockMutex(&m) != 0)
         return -12702;
+#if !defined(WOLFSSL_SOLARIS)
     if (wc_FreeMutex(&m) != BAD_MUTEX_E)
         return -12703;
+#endif
     if (wc_UnLockMutex(&m) != 0)
         return -12704;
     if (wc_FreeMutex(&m) != 0)
         return -12705;
-#ifndef WOLFSSL_NO_MUTEXLOCK_AFTER_FREE
+#if !defined(WOLFSSL_NO_MUTEXLOCK_AFTER_FREE)
     if (wc_LockMutex(&m) != BAD_MUTEX_E)
         return -12706;
     if (wc_UnLockMutex(&m) != BAD_MUTEX_E)

wolfssl/wolfcrypt/settings.h

@@ -209,6 +209,9 @@
 /* Uncomment next line if using RENESAS RX64N */
 /* #define WOLFSSL_RENESAS_RX65N */
 
+/* Uncomment next line if using Solaris OS*/
+/* #define WOLFSSL_SOLARIS */
+
 #include <wolfssl/wolfcrypt/visibility.h>
 
 #ifdef WOLFSSL_USER_SETTINGS
@@ -1400,6 +1403,23 @@ extern void uITRON4_free(void *p) ;
     #endif
 #endif /* MICRIUM */
 
+#if defined(sun) || defined(__sun)
+# if defined(__SVR4) || defined(__svr4__)
+    /* Solaris */
+    #ifndef WOLFSSL_SOLARIS
+        #define WOLFSSL_SOLARIS
+    #endif
+# else
+    /* SunOS */
+# endif
+#endif
+
+#ifdef WOLFSSL_SOLARIS
+    #define WOLFSSL_NO_MUTEXLOCK_AFTER_FREE
+    /* Avoid naming clash with fp_zero from math.h > ieefp.h */
+    #define WOLFSSL_DH_CONST
+#endif
+
 #ifdef WOLFSSL_MCF5441X
     #define BIG_ENDIAN_ORDER
     #ifndef SIZEOF_LONG