wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

adding comment to header and _fips to c files

Browse Source
This commit is contained in:
Jacob Barthelmeh
2015-01-08 10:42:01 -07:00
parent 878c1889b3
commit d366599285
32 changed files with 163 additions and 496 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cyassl/ctaocrypt/camellia.h
View File

@@ -23,7 +23,7 @@
#define CTAO_CRYPT_CAMELLIA_H #define CTAO_CRYPT_CAMELLIA_H
/* for blake2 reverse compatibility */ /* for camellia reverse compatibility */
#ifdef HAVE_CAMELLIA #ifdef HAVE_CAMELLIA
#include <wolfssl/wolfcrypt/camellia.h> #include <wolfssl/wolfcrypt/camellia.h>
#define CamelliaSetKey wc_CamelliaSetKey #define CamelliaSetKey wc_CamelliaSetKey

2
cyassl/ctaocrypt/hmac.h
View File

@@ -33,7 +33,7 @@
#define HmacInitCavium wc_HmacInitCavium #define HmacInitCavium wc_HmacInitCavium
#define HmacFreeCavium wc_HmacFreeCavium #define HmacFreeCavium wc_HmacFreeCavium
#endif #endif
#define wolfSSL_GetHmacMaxSize wc_wolfSSL_GetHmacMaxSize #define CyaSSL_GetHmacMaxSize wolfSSL_GetHmacMaxSize
#ifdef HAVE_HKDF #ifdef HAVE_HKDF
#define HKDF wc_HKDF #define HKDF wc_HKDF
#endif /* HAVE_HKDF */ #endif /* HAVE_HKDF */

1
cyassl/ctaocrypt/types.h
View File

@@ -33,6 +33,7 @@
#define CYASSL_MAX_16BIT WOLFSSL_MAX_16BIT #define CYASSL_MAX_16BIT WOLFSSL_MAX_16BIT
#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ #define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
#define cyassl_word wolfssl_word #define cyassl_word wolfssl_word
#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
/* if macros need to be reverted back to previous name for fips */ /* if macros need to be reverted back to previous name for fips */
// #define WOLFSSL_MAX_ERROR_SZ CYASSL_MAX_ERROR_SZ // #define WOLFSSL_MAX_ERROR_SZ CYASSL_MAX_ERROR_SZ

9
cyassl/ssl.h
View File

@@ -30,6 +30,7 @@
* include the new ssl.h * include the new ssl.h
*/ */
#include <wolfssl/ssl.h> #include <wolfssl/ssl.h>
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/settings.h> #include <cyassl/ctaocrypt/settings.h>
#ifdef __cplusplus #ifdef __cplusplus
@@ -385,18 +386,10 @@
/* JRB macro redefinitions and api calls for cryptography for reverse compat. */ /* JRB macro redefinitions and api calls for cryptography for reverse compat. */
/* new fips header files since old ones could not be changed for compatibility*/
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
#define CYASSL_SMALL_STACK #define CYASSL_SMALL_STACK
#endif #endif
#if !defined(CYASSL_MAX_ERROR_SZ) && !defined(HAVE_FIPS)
#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
#endif
/* /*
* wrapper around macros until they are changed in cyassl code * wrapper around macros until they are changed in cyassl code

1
examples/server/server.c
View File

@@ -1,4 +1,3 @@
#include <wolfssl/test.h>
/* server.c /* server.c
* *
* Copyright (C) 2006-2015 wolfSSL Inc. * Copyright (C) 2006-2015 wolfSSL Inc.

2
wolfcrypt/benchmark/benchmark.c
View File

@@ -167,7 +167,7 @@ int benchmark_test(void *args)
#endif #endif
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND) #if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON(); WOLFSSL_API int wolfSSL_Debugging_ON();
#endif #endif
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM

14
wolfcrypt/src/aes.c
View File

@@ -33,25 +33,25 @@
int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir) int dir)
{ {
return AesSetKey(aes, key, len, iv, dir); return AesSetKey_fips(aes, key, len, iv, dir);
} }
int wc_AesSetIV(Aes* aes, const byte* iv) int wc_AesSetIV(Aes* aes, const byte* iv)
{ {
return AesSetIV(aes, iv); return AesSetIV_fips(aes, iv);
} }
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{ {
return AesCbcEncrypt(aes, out, in, sz); return AesCbcEncrypt_fips(aes, out, in, sz);
} }
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{ {
return AesCbcDecrypt(aes, out, in, sz); return AesCbcDecrypt_fips(aes, out, in, sz);
} }
@@ -95,7 +95,7 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len) int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
{ {
return AesGcmSetKey(aes, key, len); return AesGcmSetKey_fips(aes, key, len);
} }
@@ -104,7 +104,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte* authTag, word32 authTagSz, byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz) const byte* authIn, word32 authInSz)
{ {
return AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, return AesGcmEncrypt_fips(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
authIn, authInSz); authIn, authInSz);
} }
@@ -114,7 +114,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz) const byte* authIn, word32 authInSz)
{ {
return AesGcmDecrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, return AesGcmDecrypt_fips(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
authIn, authInSz); authIn, authInSz);
} }

10
wolfcrypt/src/des3.c
View File

@@ -46,7 +46,7 @@ int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
{ {
return Des3_SetKey(des, key, iv, dir); return Des3_SetKey_fips(des, key, iv, dir);
} }
@@ -64,13 +64,13 @@ int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
{ {
return Des3_CbcEncrypt(des, out, in, sz); return Des3_CbcEncrypt_fips(des, out, in, sz);
} }
int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
{ {
return Des3_CbcDecrypt(des, out, in, sz); return Des3_CbcDecrypt_fips(des, out, in, sz);
} }
@@ -100,7 +100,7 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
int wc_Des3_SetIV(Des3* des, const byte* iv) int wc_Des3_SetIV(Des3* des, const byte* iv)
{ {
return Des3_SetIV(des, iv); return Des3_SetIV_fips(des, iv);
} }
@@ -128,7 +128,7 @@ void wc_Des3_FreeCavium(Des3* des3)
#endif /* HAVE_CAVIUM */ #endif /* HAVE_CAVIUM */
#else #else /* build without fips */
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>

40
wolfcrypt/src/hmac.c
View File

@@ -33,19 +33,19 @@
/* does init */ /* does init */
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz) int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
{ {
return HmacSetKey(hmac, type, key, keySz); return HmacSetKey_fips(hmac, type, key, keySz);
} }
int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz) int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
{ {
return HmacUpdate(hmac, in, sz); return HmacUpdate_fips(hmac, in, sz);
} }
int wc_HmacFinal(Hmac* hmac, byte* out) int wc_HmacFinal(Hmac* hmac, byte* out)
{ {
return HmacFinal(hmac, out); return HmacFinal_fips(hmac, out);
} }
@@ -62,7 +62,7 @@ int wc_HmacFinal(Hmac* hmac, byte* out)
} }
#endif #endif
int wc_wolfSSL_GetHmacMaxSize(void) int wolfSSL_GetHmacMaxSize(void)
{ {
return CyaSSL_GetHmacMaxSize(); return CyaSSL_GetHmacMaxSize();
} }
@@ -79,35 +79,7 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
#endif /* HAVE_HKDF */ #endif /* HAVE_HKDF */
#else /* else build without fips */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
int wc_HmacSetKey_fips(Hmac* hmac, int type, const byte* key,
word32 keySz)
{
return HmacSetKey_fips(hmac, type, key, keySz);
}
int wc_HmacUpdate_fips(Hmac* hmac, const byte* in , word32 sz)
{
return HmacUpdate_fips(hmac, in, sz);
}
int wc_HmacFinal_fips(Hmac* hmac, byte* out)
{
return HmacFinal_fips(hmac, out);
}
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define HmacSetKey HmacSetKey_fips
#define HmacUpdate HmacUpdate_fips
#define HmacFinal HmacFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#else
#ifdef WOLFSSL_PIC32MZ_HASH #ifdef WOLFSSL_PIC32MZ_HASH
#define wc_InitMd5 wc_InitMd5_sw #define wc_InitMd5 wc_InitMd5_sw
@@ -743,7 +715,7 @@ static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
#endif /* HAVE_CAVIUM */ #endif /* HAVE_CAVIUM */
int wc_wolfSSL_GetHmacMaxSize(void) int wolfSSL_GetHmacMaxSize(void)
{ {
return MAX_DIGEST_SIZE; return MAX_DIGEST_SIZE;
} }

47
wolfcrypt/src/random.c
View File

@@ -48,13 +48,13 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
int wc_InitRng(RNG* rng) int wc_InitRng(RNG* rng)
{ {
return InitRng(rng); return InitRng_fips(rng);
} }
int wc_RNG_GenerateBlock(RNG* rng, byte* b, word32 sz) int wc_RNG_GenerateBlock(RNG* rng, byte* b, word32 sz)
{ {
return RNG_GenerateBlock(rng, b, sz); return RNG_GenerateBlock_fips(rng, b, sz);
} }
@@ -66,7 +66,7 @@ int wc_RNG_GenerateByte(RNG* rng, byte* b)
#if defined(HAVE_HASHDRBG) || defined(NO_RC4) #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
int wc_FreeRng(RNG* rng) int wc_FreeRng(RNG* rng)
{ {
return FreeRng(rng); return FreeRng_fips(rng);
} }
@@ -74,49 +74,12 @@ int wc_RNG_GenerateByte(RNG* rng, byte* b)
const byte* entropyA, word32 entropyASz, const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz, const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz) byte* output, word32 outputSz)
{
return RNG_HealthTest(reseed, entropyA, entropyASz,
entropyB, entropyBSz, output, outputSz);
}
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
int wc_InitRng_fips(RNG* rng)
{
return InitRng_fips(rng);
}
int wc_FreeRng_fips(RNG* rng)
{
return FreeRng_fips(rng);
}
int wc_RNG_GenerateBlock_fips(RNG* rng, byte* buf, word32 bufSz)
{
return RNG_GenerateBlock_fips(rng, buf, bufSz);
}
int wc_RNG_HealthTest_fips(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz)
{ {
return RNG_HealthTest_fips(reseed, entropyA, entropyASz, return RNG_HealthTest_fips(reseed, entropyA, entropyASz,
entropyB, entropyBSz, output, outputSz); entropyB, entropyBSz, output, outputSz);
} }
#ifndef FIPS_NO_WRAPPERS #endif /* HAVE_HASHDRBG || NO_RC4 */
/* if not impl or fips.c impl wrapper force fips calls if fips build */ #else /* else build without fips */
#define InitRng InitRng_fips
#define FreeRng FreeRng_fips
#define RNG_GenerateBlock RNG_GenerateBlock_fips
#define RNG_HealthTest RNG_HealthTest_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#else
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
#if defined(HAVE_HASHDRBG) || defined(NO_RC4) #if defined(HAVE_HASHDRBG) || defined(NO_RC4)

114
wolfcrypt/src/rsa.c
View File

@@ -32,66 +32,67 @@
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
int wc_InitRsaKey(RsaKey* key, void* ptr) int wc_InitRsaKey(RsaKey* key, void* ptr)
{ {
return InitRsaKey(key, ptr); return InitRsaKey_fips(key, ptr);
} }
int wc_FreeRsaKey(RsaKey* key) int wc_FreeRsaKey(RsaKey* key)
{ {
return FreeRsaKey(key); return FreeRsaKey_fips(key);
} }
int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng) word32 outLen, RsaKey* key, RNG* rng)
{ {
return RsaPublicEncrypt(in, inLen, out, outLen, key, rng); return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
} }
int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
RsaKey* key) RsaKey* key)
{ {
return RsaPrivateDecryptInline(in, inLen, out, key); return RsaPrivateDecryptInline_fips(in, inLen, out, key);
} }
int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key) word32 outLen, RsaKey* key)
{ {
return RsaPrivateDecrypt(in, inLen, out, outLen, key); return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
} }
int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng) word32 outLen, RsaKey* key, RNG* rng)
{ {
return RsaSSL_Sign(in, inLen, out, outLen, key, rng); return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
} }
int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key) int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{ {
return RsaSSL_VerifyInline(in, inLen, out, key); return RsaSSL_VerifyInline_fips(in, inLen, out, key);
} }
int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key) word32 outLen, RsaKey* key)
{ {
return RsaSSL_Verify(in, inLen, out, outLen, key); return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
} }
int wc_RsaEncryptSize(RsaKey* key) int wc_RsaEncryptSize(RsaKey* key)
{ {
return RsaEncryptSize(key); return RsaEncryptSize_fips(key);
} }
int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b, int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32* bSz) word32* bSz)
{ {
/* not specified as fips so not needing _fips */
return RsaFlattenPublicKey(key, a, aSz, b, bSz); return RsaFlattenPublicKey(key, a, aSz, b, bSz);
} }
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN
@@ -121,97 +122,12 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
} }
#endif #endif
/* these are functions in asn and are routed to wolfssl/wolfcrypt/asn.c
* wc_RsaPrivateKeyDecode
* wc_RsaPublicKeyDecode
*/
#ifdef HAVE_FIPS #else /* else build without fips */
/* fips wrapper calls, user can call direct */
int wc_InitRsaKey_fips(RsaKey* key, void* ptr)
{
return InitRsaKey_fips(key, ptr);
}
int wc_FreeRsaKey_fips(RsaKey* key)
{
return FreeRsaKey_fips(key);
}
int wc_RsaPublicEncrypt_fips(const byte* in,word32 inLen,byte* out,
word32 outLen, RsaKey* key, RNG* rng)
{
return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
}
int wc_RsaPrivateDecryptInline_fips(byte* in, word32 inLen,
byte** out, RsaKey* key)
{
return RsaPrivateDecryptInline_fips(in, inLen, out, key);
}
int wc_RsaPrivateDecrypt_fips(const byte* in, word32 inLen,
byte* out,word32 outLen,RsaKey* key)
{
return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
}
int wc_RsaSSL_Sign_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng)
{
return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
}
int wc_RsaSSL_VerifyInline_fips(byte* in, word32 inLen, byte** out,
RsaKey* key)
{
return RsaSSL_VerifyInline_fips(in, inLen, out, key);
}
int wc_RsaSSL_Verify_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
}
int wc_RsaEncryptSize_fips(RsaKey* key)
{
return RsaEncryptSize_fips(key);
}
int wc_RsaPrivateKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey* key, word32 sz)
{
return RsaPrivateKeyDecode_fips(input, inOutIdx, key, sz);
}
int wc_RsaPublicKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey* key, word32 sz)
{
return RsaPublicKeyDecode_fips(input, inOutIdx, key, sz);
}
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitRsaKey InitRsaKey_fips
#define FreeRsaKey FreeRsaKey_fips
#define RsaPublicEncrypt RsaPublicEncrypt_fips
#define RsaPrivateDecryptInline RsaPrivateDecryptInline_fips
#define RsaPrivateDecrypt RsaPrivateDecrypt_fips
#define RsaSSL_Sign RsaSSL_Sign_fips
#define RsaSSL_VerifyInline RsaSSL_VerifyInline_fips
#define RsaSSL_Verify RsaSSL_Verify_fips
#define RsaEncryptSize RsaEncryptSize_fips
/* no implicit KeyDecodes since in asn.c (not rsa.c) */
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#else
#include <wolfssl/wolfcrypt/random.h> #include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>

23
wolfcrypt/src/sha.c
View File

@@ -28,11 +28,6 @@
#if !defined(NO_SHA) #if !defined(NO_SHA)
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <wolfssl/wolfcrypt/sha.h> #include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>
@@ -67,23 +62,7 @@
return ShaHash(data, sz, out); return ShaHash(data, sz, out);
} }
#else /* else build without fips */
int wc_InitSha_fips(Sha* sha)
{
return InitSha_fips(sha);
}
int wc_ShaUpdate_fips(Sha* sha, const byte* data, word32 sz)
{
return ShaUpdate_fips(sha, data, sz);
}
int wc_ShaFinal_fips(Sha* sha, byte* out)
{
return ShaFinal_fips(sha, out);
}
#else
#ifdef FREESCALE_MMCAU #ifdef FREESCALE_MMCAU
#include "cau_api.h" #include "cau_api.h"

8
wolfcrypt/src/sha256.c
View File

@@ -34,19 +34,19 @@
int wc_InitSha256(Sha256* sha) int wc_InitSha256(Sha256* sha)
{ {
return InitSha256(sha); return InitSha256_fips(sha);
} }
int wc_Sha256Update(Sha256* sha, const byte* data, word32 len) int wc_Sha256Update(Sha256* sha, const byte* data, word32 len)
{ {
return Sha256Update(sha, data, len); return Sha256Update_fips(sha, data, len);
} }
int wc_Sha256Final(Sha256* sha, byte* out) int wc_Sha256Final(Sha256* sha, byte* out)
{ {
return Sha256Final(sha, out); return Sha256Final_fips(sha, out);
} }
@@ -54,7 +54,7 @@ int wc_Sha256Hash(const byte* data, word32 len, byte* out)
{ {
return Sha256Hash(data, len, out); return Sha256Hash(data, len, out);
} }
#else #else /* else build without fips */
#ifdef WOLFSSL_PIC32MZ_HASH #ifdef WOLFSSL_PIC32MZ_HASH
#define wc_InitSha256 InitSha256_sw #define wc_InitSha256 InitSha256_sw
#define wc_Sha256Update Sha256Update_sw #define wc_Sha256Update Sha256Update_sw

14
wolfcrypt/src/sha512.c
View File

@@ -31,19 +31,19 @@
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
int wc_InitSha512(Sha512* sha) int wc_InitSha512(Sha512* sha)
{ {
return InitSha512(sha); return InitSha512_fips(sha);
} }
int wc_Sha512Update(Sha512* sha, const byte* data, word32 len) int wc_Sha512Update(Sha512* sha, const byte* data, word32 len)
{ {
return Sha512Update(sha, data, len); return Sha512Update_fips(sha, data, len);
} }
int wc_Sha512Final(Sha512* sha, byte* out) int wc_Sha512Final(Sha512* sha, byte* out)
{ {
return Sha512Final(sha, out); return Sha512Final_fips(sha, out);
} }
@@ -56,19 +56,19 @@ int wc_Sha512Hash(const byte* data, word32 len, byte* out)
int wc_InitSha384(Sha384* sha) int wc_InitSha384(Sha384* sha)
{ {
return InitSha384(sha); return InitSha384_fips(sha);
} }
int wc_Sha384Update(Sha384* sha, const byte* data, word32 len) int wc_Sha384Update(Sha384* sha, const byte* data, word32 len)
{ {
return Sha384Update(sha, data, len); return Sha384Update_fips(sha, data, len);
} }
int wc_Sha384Final(Sha384* sha, byte* out) int wc_Sha384Final(Sha384* sha, byte* out)
{ {
return Sha384Final(sha, out); return Sha384Final_fips(sha, out);
} }
@@ -77,7 +77,7 @@ int wc_Sha384Hash(const byte* data, word32 len, byte* out)
return Sha384Hash(data, len, out); return Sha384Hash(data, len, out);
} }
#endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA384 */
#else #else /* else build without using fips */
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h> #include <wolfssl/wolfcrypt/error-crypt.h>

37
wolfssl/wolfcrypt/aes.h
View File

@@ -39,7 +39,7 @@
#endif #endif
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* to avoid redefinition of macros */
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
#include <wolfssl/ctaocrypt/logging.h> #include <wolfssl/ctaocrypt/logging.h>
#include "cavium_common.h" #include "cavium_common.h"
@@ -72,7 +72,7 @@
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* to avoid redefinition of structures */
#define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002 #define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002
enum { enum {
@@ -177,39 +177,6 @@ typedef struct Gmac {
WOLFSSL_API void wc_AesFreeCavium(Aes*); WOLFSSL_API void wc_AesFreeCavium(Aes*);
#endif #endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_AesSetKey_fips(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV_fips(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz);
WOLFSSL_API int wc_AesGcmSetKey_fips(Aes* aes, const byte* key, word32 len);
WOLFSSL_API int wc_AesGcmEncrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
// #ifndef FIPS_NO_WRAPPERS
// /* if not impl or fips.c impl wrapper force fips calls if fips build */
// #define AesSetKey AesSetKey_fips
// #define AesSetIV AesSetIV_fips
// #define AesCbcEncrypt AesCbcEncrypt_fips
// #define AesCbcDecrypt AesCbcDecrypt_fips
// #define AesGcmSetKey AesGcmSetKey_fips
// #define AesGcmEncrypt AesGcmEncrypt_fips
// #define AesGcmDecrypt AesGcmDecrypt_fips
// #endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

25
wolfssl/wolfcrypt/des3.h
View File

@@ -29,7 +29,7 @@
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
/* included for fips */ /* included for fips @wc_fips */
#include <cyassl/ctaocrypt/des3.h> #include <cyassl/ctaocrypt/des3.h>
#endif #endif
@@ -37,7 +37,7 @@
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* to avoid redifinition of macros */
#define WOLFSSL_3DES_CAVIUM_MAGIC 0xBEEF0003 #define WOLFSSL_3DES_CAVIUM_MAGIC 0xBEEF0003
enum { enum {
@@ -106,27 +106,6 @@ WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
WOLFSSL_API void wc_Des3_FreeCavium(Des3*); WOLFSSL_API void wc_Des3_FreeCavium(Des3*);
#endif #endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_Des3_SetKey_fips(Des3* des, const byte* key, const byte* iv,
int dir);
WOLFSSL_API int wc_Des3_SetIV_fips(Des3* des, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt_fips(Des3* des, byte* out, const byte* in,
word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt_fips(Des3* des, byte* out, const byte* in,
word32 sz);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define Des3_SetKey Des3_SetKey_fips
#define Des3_SetIV Des3_SetIV_fips
#define Des3_CbcEncrypt Des3_CbcEncrypt_fips
#define Des3_CbcDecrypt Des3_CbcDecrypt_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

12
wolfssl/wolfcrypt/hmac.h
View File

@@ -168,7 +168,7 @@ WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
WOLFSSL_API void wc_HmacFreeCavium(Hmac*); WOLFSSL_API void wc_HmacFreeCavium(Hmac*);
#endif #endif
WOLFSSL_API int wc_wolfSSL_GetHmacMaxSize(void); WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
#ifdef HAVE_HKDF #ifdef HAVE_HKDF
@@ -180,16 +180,6 @@ WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
#endif /* HAVE_HKDF */ #endif /* HAVE_HKDF */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_HmacSetKey_fips(Hmac*, int type, const byte* key,
word32 keySz);
WOLFSSL_API int wc_HmacUpdate_fips(Hmac*, const byte*, word32);
WOLFSSL_API int wc_HmacFinal_fips(Hmac*, byte*);
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

24
wolfssl/wolfcrypt/random.h
View File

@@ -26,7 +26,7 @@
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
/* for fips */ /* for fips @wc_fips */
#include <cyassl/ctaocrypt/random.h> #include <cyassl/ctaocrypt/random.h>
#endif #endif
@@ -34,7 +34,7 @@
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* avoid redefining structs and macros */
#if defined(HAVE_HASHDRBG) || defined(NO_RC4) #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#ifdef NO_SHA256 #ifdef NO_SHA256
#error "Hash DRBG requires SHA-256." #error "Hash DRBG requires SHA-256."
@@ -135,26 +135,6 @@ WOLFSSL_API int wc_RNG_GenerateByte(RNG*, byte*);
byte* output, word32 outputSz); byte* output, word32 outputSz);
#endif /* HAVE_HASHDRBG || NO_RC4 */ #endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_InitRng_fips(RNG* rng);
WOLFSSL_API int wc_FreeRng_fips(RNG* rng);
WOLFSSL_API int wc_RNG_GenerateBlock_fips(RNG* rng, byte* buf, word32 bufSz);
WOLFSSL_API int wc_RNG_HealthTest_fips(int reseed,
const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
byte* output, word32 outputSz);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define InitRng InitRng_fips
#define FreeRng FreeRng_fips
#define RNG_GenerateBlock RNG_GenerateBlock_fips
#define RNG_HealthTest RNG_HealthTest_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

31
wolfssl/wolfcrypt/rsa.h
View File

@@ -35,13 +35,13 @@
#else #else
#include <wolfssl/wolfcrypt/integer.h> #include <wolfssl/wolfcrypt/integer.h>
#include <wolfssl/wolfcrypt/random.h> #include <wolfssl/wolfcrypt/random.h>
#endif #endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* avoid redefinition of structs */
#define WOLFSSL_RSA_CAVIUM_MAGIC 0xBEEF0006 #define WOLFSSL_RSA_CAVIUM_MAGIC 0xBEEF0006
enum { enum {
@@ -110,33 +110,6 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
WOLFSSL_API void wc_RsaFreeCavium(RsaKey*); WOLFSSL_API void wc_RsaFreeCavium(RsaKey*);
#endif #endif
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_InitRsaKey_fips(RsaKey* key, void*);
WOLFSSL_API int wc_FreeRsaKey_fips(RsaKey* key);
WOLFSSL_API int wc_RsaPublicEncrypt_fips(const byte* in,word32 inLen,byte* out,
word32 outLen, RsaKey* key, RNG* rng);
WOLFSSL_API int wc_RsaPrivateDecryptInline_fips(byte* in, word32 inLen,
byte** out, RsaKey* key);
WOLFSSL_API int wc_RsaPrivateDecrypt_fips(const byte* in, word32 inLen,
byte* out,word32 outLen,RsaKey* key);
WOLFSSL_API int wc_RsaSSL_Sign_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
WOLFSSL_API int wc_RsaSSL_VerifyInline_fips(byte* in, word32 inLen, byte** out,
RsaKey* key);
WOLFSSL_API int wc_RsaSSL_Verify_fips(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
WOLFSSL_API int wc_RsaEncryptSize_fips(RsaKey* key);
WOLFSSL_API int wc_RsaPrivateKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey*, word32);
WOLFSSL_API int wc_RsaPublicKeyDecode_fips(const byte* input, word32* inOutIdx,
RsaKey*, word32);
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

20
wolfssl/wolfcrypt/sha.h
View File

@@ -29,15 +29,15 @@
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
/* for fips */ /* for fips @wc_fips */
#include <cyassl/ctaocrypt/sha.h> #include <cyassl/ctaocrypt/sha.h>
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS
#ifndef HAVE_FIPS /* avoid redefining structs */
/* in bytes */ /* in bytes */
enum { enum {
#ifdef STM32F2_HASH #ifdef STM32F2_HASH
@@ -73,22 +73,6 @@ WOLFSSL_API int wc_ShaUpdate(Sha*, const byte*, word32);
WOLFSSL_API int wc_ShaFinal(Sha*, byte*); WOLFSSL_API int wc_ShaFinal(Sha*, byte*);
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*); WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_InitSha_fips(Sha*);
WOLFSSL_API int wc_ShaUpdate_fips(Sha*, const byte*, word32);
WOLFSSL_API int wc_ShaFinal_fips(Sha*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define wc_InitSha wc_InitSha_fips
#define wc_ShaUpdate wc_ShaUpdate_fips
#define wc_ShaFinal wc_ShaFinal_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

5
wolfssl/wolfcrypt/sha256.h
View File

@@ -27,7 +27,7 @@
#define WOLF_CRYPT_SHA256_H #define WOLF_CRYPT_SHA256_H
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
/* for fips */ /* for fips @wc_fips */
#include <cyassl/ctaocrypt/sha256.h> #include <cyassl/ctaocrypt/sha256.h>
#endif #endif
@@ -37,12 +37,11 @@
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* avoid redefinition of structs */
#ifdef WOLFSSL_PIC32MZ_HASH #ifdef WOLFSSL_PIC32MZ_HASH
#include "port/pic32/pic32mz-crypt.h" #include "port/pic32/pic32mz-crypt.h"
#endif #endif
/* in bytes */ /* in bytes */
enum { enum {
SHA256 = 2, /* hash type unique */ SHA256 = 2, /* hash type unique */

34
wolfssl/wolfcrypt/sha512.h
View File

@@ -26,8 +26,7 @@
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
/* since using old code turn on old macros @wc_fips */ /* for fips @wc_fips */
/* for fips */
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
#define CYASSL_SHA512 #define CYASSL_SHA512
#if defined(WOLFSSL_SHA384) #if defined(WOLFSSL_SHA384)
@@ -40,7 +39,7 @@
extern "C" { extern "C" {
#endif #endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* avoid redefinition of structs */
/* in bytes */ /* in bytes */
enum { enum {
@@ -69,7 +68,7 @@ WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM) #if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
#ifndef HAVE_FIPS #ifndef HAVE_FIPS /* avoid redefinition of structs */
/* in bytes */ /* in bytes */
enum { enum {
SHA384 = 5, /* hash type unique */ SHA384 = 5, /* hash type unique */
@@ -94,33 +93,6 @@ WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32);
WOLFSSL_API int wc_Sha384Final(Sha384*, byte*); WOLFSSL_API int wc_Sha384Final(Sha384*, byte*);
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*); WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#ifdef HAVE_FIPS
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_InitSha512_fips(Sha512*);
WOLFSSL_API int wc_Sha512Update_fips(Sha512*, const byte*, word32);
WOLFSSL_API int wc_Sha512Final_fips(Sha512*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define wc_InitSha512 wc_InitSha512_fips
#define wc_Sha512Update wc_Sha512Update_fips
#define wc_Sha512Final wc_Sha512Final_fips
#endif /* FIPS_NO_WRAPPERS */
/* fips wrapper calls, user can call direct */
WOLFSSL_API int wc_InitSha384_fips(Sha384*);
WOLFSSL_API int wc_Sha384Update_fips(Sha384*, const byte*, word32);
WOLFSSL_API int wc_Sha384Final_fips(Sha384*, byte*);
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define wc_InitSha384 wc_InitSha384_fips
#define wc_Sha384Update wc_Sha384Update_fips
#define wc_Sha384Final wc_Sha384Final_fips
#endif /* FIPS_NO_WRAPPERS */
#endif /* HAVE_FIPS */
#endif /* WOLFSSL_SHA384 */ #endif /* WOLFSSL_SHA384 */
#ifdef __cplusplus #ifdef __cplusplus