APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=fips_aes_core.c
-LIBOBJ=fips_aes_core.o
+LIBSRC=fips_aes_core.c fips_aes_selftest.c
+LIBOBJ=fips_aes_core.o fips_aes_selftest.o
SRC= $(LIBSRC)
SHA1(fips_aes_core.c)= 5298df7807877eed470a1ee5f8331fc0876689da
+SHA1(fips_aes_selftest.c)= fb848010c088adbbfaf719ca77c91e8ae0932ce0
SHA1(fips_aes_locl.h)= a3c01d9a4f9d5211e9e785852f6f1a2febfd73b6
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=fips_des_enc.c
-LIBOBJ=fips_des_enc.o
+LIBSRC=fips_des_enc.c fips_des_selftest.c
+LIBOBJ=fips_des_enc.o fips_des_selftest.o
SRC= $(LIBSRC)
SHA1(fips_des_enc.c)= a4b88bb16782604a298d74de04a8b3bc3a204c5a
+SHA1(fips_des_selftest.c)= 5638ae4d50be6110d9efbaa5e7e19c7e04c9940d
SHA1(fips_des_locl.h)= 5e5128f074485e72d6fdee00d22d46a694bd5abe
int f_opt = 0, d_opt = 1;
#ifdef FIPS
- FIPS_mode_set(1);
+ if(!FIPS_mode_set(1))
+ {
+ fprintf(stderr,"Failed to enter FIPS mode.\n");
+ exit(1);
+ }
#endif
ERR_load_crypto_strings();
if (argc > 1)
Makefile.save
lib
+fips_dssvs
-SHA1(fips.c)= 39f2919005cb5c8d3b806b52d81a9247804dbe64
+SHA1(fips.c)= dfb2a82fcff1ee84b7674d84a0e0bf191cb759f3
SHA1(fips_err_wrapper.c)= 0cbe881739f6e7d91308e2e74b92032e69007528
-SHA1(fips.h)= 53ce62539f2b69141693d427af9a4c4abc822cd0
-SHA1(fips_err.c)= 197ccc595c33079de87ae02da868808a9ca60648
+SHA1(fips.h)= 5dc66fb941513cb732c51eeca6f44018d4acd7ae
+SHA1(fips_err.c)= 672c470bf38e01ba2a1fa2d52492bc31330dd974
#ifdef FIPS
-void FIPS_mode_set(int onoff)
+int FIPS_selftest()
+ {
+ return FIPS_selftest_sha1()
+ && FIPS_selftest_aes()
+ && FIPS_selftest_des();
+ }
+
+int FIPS_mode_set(int onoff)
{
FIPS_mode=onoff;
if(onoff)
{
FIPS_rand_check=&rand_fips_meth;
RAND_set_rand_method(&rand_fips_meth);
+ return FIPS_selftest();
}
+ return 1;
}
+
#if 0
/* here just to cause error codes to exist */
static void dummy()
extern void *FIPS_rand_check;
struct dsa_st;
-void FIPS_mode_set(int onoff);
+int FIPS_mode_set(int onoff);
int FIPS_dsa_check(struct dsa_st *dsa);
+int FIPS_selftest_sha1(void);
+int FIPS_selftest_aes(void);
+int FIPS_selftest_des(void);
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
/* Function codes. */
#define FIPS_F_FIPS_DSA_CHECK 102
+#define FIPS_F_FIPS_SELFTEST_AES 104
+#define FIPS_F_FIPS_SELFTEST_SHA1 103
#define FIPS_F_HASH_FINAL 100
#define FIPS_F_SSLEAY_RAND_BYTES 101
/* Reason codes. */
#define FIPS_R_NON_FIPS_METHOD 100
+#define FIPS_R_SELFTEST_FAILED 101
#ifdef __cplusplus
}
/* fips/fips_err.c */
/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
static ERR_STRING_DATA FIPS_str_functs[]=
{
{ERR_PACK(0,FIPS_F_FIPS_DSA_CHECK,0), "FIPS_dsa_check"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_AES,0), "FIPS_selftest_aes"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_SHA1,0), "FIPS_selftest_sha1"},
{ERR_PACK(0,FIPS_F_HASH_FINAL,0), "HASH_FINAL"},
{ERR_PACK(0,FIPS_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},
{0,NULL}
static ERR_STRING_DATA FIPS_str_reasons[]=
{
{FIPS_R_NON_FIPS_METHOD ,"non fips method"},
+{FIPS_R_SELFTEST_FAILED ,"selftest failed"},
{0,NULL}
};
$S fips_rand.c fips_rand.h > fingerprint.sha1
cd ../sha1
-$S fips_sha1dgst.c fips_sha_locl.h fips_md32_common.h > fingerprint.sha1
+$S fips_sha1dgst.c fips_sha1_selftest.c fips_sha_locl.h fips_md32_common.h > fingerprint.sha1
cd ../aes
-$S fips_aes_core.c fips_aes_locl.h > fingerprint.sha1
+$S fips_aes_core.c fips_aes_selftest.c fips_aes_locl.h > fingerprint.sha1
cd ../dsa
$S fips_dsa_ossl.c fips_dsa_gen.c > fingerprint.sha1
cd ../des
-$S fips_des_enc.c fips_des_locl.h > fingerprint.sha1
+$S fips_des_enc.c fips_des_selftest.c fips_des_locl.h > fingerprint.sha1
Makefile.save
lib
fips_standalone_sha1
+fips_sha1test
EXE= fips_standalone_sha1
LIB=$(TOP)/libcrypto.a
-LIBSRC=fips_sha1dgst.c
-LIBOBJ=fips_sha1dgst.o
+LIBSRC=fips_sha1dgst.c fips_sha1_selftest.c
+LIBOBJ=fips_sha1dgst.o fips_sha1_selftest.o
SRC= $(LIBSRC) fips_standalone_sha1.c
SHA1(fips_sha1dgst.c)= 609e2cbf5d3cdcf318ec10238a0e82b93b78e6b5
+SHA1(fips_sha1_selftest.c)= d1becdceec9f08d2cd9ab22238a3f5941a98dd01
SHA1(fips_sha_locl.h)= 677427c495b571991f013939ea7e5dea87828f8c
SHA1(fips_md32_common.h)= 4f41bcde24750b3b8c99a06bcba2fe06ff8db4d0
projects / oweals / openssl.git / commitdiff