FIPS 140-3

1. Change the internal version number for the FIPS 140-3 changes as v4.
2. Insert v3 as an alias for FIPS Ready.
3. Use the correct directory for the FIPS old files sources. (For local
   testing of 140-3 builds.)
4. Change back the check for the FIPS version in internal.c for
   EccMakeKey().

src/include.am

@@ -103,7 +103,7 @@ src_libwolfssl_la_SOURCES += ctaocrypt/src/fips_test.c
 
 # fips last file
 src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
-endif
+endif BUILD_FIPS_V1
 
 if BUILD_FIPS_V2
 # FIPSv2 first file
@@ -170,7 +170,7 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/fips.c \
 
 # fips last file
 src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfcrypt_last.c
-endif
+endif BUILD_FIPS_V2
 
 if BUILD_FIPS_RAND
 src_libwolfssl_la_SOURCES += \
@@ -185,6 +185,72 @@ src_libwolfssl_la_SOURCES += \
 endif BUILD_FIPS_RAND
 
 if BUILD_FIPS_V3
+# FIPS Ready first file
+src_libwolfssl_la_SOURCES += \
+               wolfcrypt/src/wolfcrypt_first.c
+
+src_libwolfssl_la_SOURCES += \
+               wolfcrypt/src/hmac.c \
+               wolfcrypt/src/random.c \
+               wolfcrypt/src/sha256.c
+
+if BUILD_RSA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/rsa.c
+endif
+
+if BUILD_ECC
+src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc.c
+endif
+
+if BUILD_AES
+src_libwolfssl_la_SOURCES += wolfcrypt/src/aes.c
+endif
+
+if BUILD_AESNI
+src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_asm.S
+if BUILD_INTELASM
+src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+endif
+endif
+
+if BUILD_DES3
+src_libwolfssl_la_SOURCES += wolfcrypt/src/des3.c
+endif
+
+if BUILD_SHA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha.c
+if BUILD_INTELASM
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256_asm.S
+endif
+endif
+
+if BUILD_SHA512
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512.c
+if BUILD_INTELASM
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512_asm.S
+endif
+endif
+
+if BUILD_SHA3
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha3.c
+endif
+
+if BUILD_DH
+src_libwolfssl_la_SOURCES += wolfcrypt/src/dh.c
+endif
+
+if BUILD_CMAC
+src_libwolfssl_la_SOURCES += wolfcrypt/src/cmac.c
+endif
+
+src_libwolfssl_la_SOURCES += wolfcrypt/src/fips.c \
+                             wolfcrypt/src/fips_test.c
+
+# FIPS Ready last file
+src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfcrypt_last.c
+endif BUILD_FIPS_V3
+
+if BUILD_FIPS_V4
 # FIPS 140-3 first file
 src_libwolfssl_la_SOURCES += \
                wolfcrypt/src/wolfcrypt_first.c
@@ -256,7 +322,7 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/fips.c \
 
 # fips last file
 src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfcrypt_last.c
-endif
+endif BUILD_FIPS_V4
 
 endif BUILD_FIPS
 
@@ -267,11 +333,9 @@ if !BUILD_FIPS_RAND
 # For wolfRand, exclude just a couple files.
 # For old FIPS, keep the wolfCrypt versions of the
 # CtaoCrypt files included above.
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 src_libwolfssl_la_SOURCES += wolfcrypt/src/hmac.c
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
 # CAVP self test
 if BUILD_SELFTEST
@@ -286,16 +350,13 @@ src_libwolfssl_la_SOURCES += \
 
 if !BUILD_FIPS_RAND
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_RNG
 src_libwolfssl_la_SOURCES += wolfcrypt/src/random.c
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_ARMASM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
 else
@@ -304,8 +365,7 @@ if BUILD_INTELASM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256_asm.S
 endif
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
 if BUILD_AFALG
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_hash.c
@@ -333,11 +393,9 @@ if BUILD_RSA
 if BUILD_FAST_RSA
 src_libwolfssl_la_SOURCES += wolfcrypt/user-crypto/src/rsa.c
 else
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 src_libwolfssl_la_SOURCES += wolfcrypt/src/rsa.c
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 endif
 endif
 endif
@@ -350,7 +408,7 @@ if BUILD_SP
 if BUILD_SP_C
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sp_c32.c
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sp_c64.c
-endif
+endif BUILD_SP_C
 if BUILD_SP_X86_64
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sp_x86_64.c
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sp_x86_64_asm.S
@@ -374,10 +432,9 @@ endif
 if BUILD_SP_ARM_CORTEX
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sp_cortexm.c
 endif
-endif
+endif BUILD_SP
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_AES
 src_libwolfssl_la_SOURCES += wolfcrypt/src/aes.c
 if BUILD_ARMASM
@@ -387,33 +444,27 @@ if BUILD_AFALG
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
 endif
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_CMAC
 src_libwolfssl_la_SOURCES += wolfcrypt/src/cmac.c
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_DES3
 src_libwolfssl_la_SOURCES += wolfcrypt/src/des3.c
 endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_SHA
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sha.c
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_SHA512
 if BUILD_ARMASM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
@@ -426,17 +477,13 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512_asm.S
 endif
 endif
 endif
-endif
-endif
+endif !BUILD_FIPS_CURRENT
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_SHA3
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sha3.c
 endif
-endif
-endif
-
+endif !BUILD_FIPS_CURRENT
 
 endif !BUILD_FIPS_RAND
 
@@ -457,13 +504,11 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/memory.c
 endif
 
 if !BUILD_FIPS_RAND
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_DH
 src_libwolfssl_la_SOURCES += wolfcrypt/src/dh.c
 endif
 endif
-endif
 
 if BUILD_ASN
 src_libwolfssl_la_SOURCES += wolfcrypt/src/asn.c
@@ -508,14 +553,12 @@ if BUILD_DSA
 src_libwolfssl_la_SOURCES += wolfcrypt/src/dsa.c
 endif
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_AESNI
 src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_asm.S
 src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
 endif
 endif
-endif
 
 if BUILD_CAMELLIA
 src_libwolfssl_la_SOURCES += wolfcrypt/src/camellia.c
@@ -570,8 +613,7 @@ if BUILD_SLOWMATH
 src_libwolfssl_la_SOURCES += wolfcrypt/src/integer.c
 endif
 
-if !BUILD_FIPS_V3
-if !BUILD_FIPS_V2
+if !BUILD_FIPS_CURRENT
 if BUILD_ECC
 src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc.c
 endif
@@ -582,7 +624,6 @@ if BUILD_SAKKE
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sakke.c
 endif
 endif
-endif
 
 if BUILD_CURVE25519
 src_libwolfssl_la_SOURCES += wolfcrypt/src/curve25519.c