1 /* fips_test.h 2 * 3 * Copyright (C) 2006-2021 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 22 23 24 #ifndef WOLF_CRYPT_FIPS_TEST_H 25 #define WOLF_CRYPT_FIPS_TEST_H 26 27 #include <wolfssl/wolfcrypt/types.h> 28 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 enum FipsCastId { 35 FIPS_CAST_AES_CBC, 36 FIPS_CAST_AES_GCM, 37 FIPS_CAST_HMAC_SHA1, 38 FIPS_CAST_HMAC_SHA2_256, 39 FIPS_CAST_HMAC_SHA2_512, 40 FIPS_CAST_HMAC_SHA3_256, 41 FIPS_CAST_DRBG, 42 FIPS_CAST_RSA_SIGN_PKCS1v15, 43 FIPS_CAST_ECC_CDH, 44 FIPS_CAST_ECC_PRIMITIVE_Z, 45 FIPS_CAST_DH_PRIMITIVE_Z, 46 FIPS_CAST_ECDSA, 47 FIPS_CAST_KDF_TLS12, 48 FIPS_CAST_KDF_TLS13, 49 FIPS_CAST_KDF_SSH, 50 FIPS_CAST_COUNT 51 }; 52 53 enum FipsCastStateId { 54 FIPS_CAST_STATE_INIT, 55 FIPS_CAST_STATE_PROCESSING, 56 FIPS_CAST_STATE_SUCCESS, 57 FIPS_CAST_STATE_FAILURE 58 }; 59 60 enum FipsModeId { 61 FIPS_MODE_INIT, 62 FIPS_MODE_NORMAL, 63 FIPS_MODE_DEGRADED, 64 FIPS_MODE_FAILED 65 }; 66 67 68 /* FIPS failure callback */ 69 typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash); 70 71 /* Public set function */ 72 WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf); 73 74 /* Public get status functions */ 75 WOLFSSL_API int wolfCrypt_GetStatus_fips(void); 76 WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void); 77 78 #ifdef HAVE_FORCE_FIPS_FAILURE 79 /* Public function to force failure mode for operational testing */ 80 WOLFSSL_API int wolfCrypt_SetStatus_fips(int); 81 #endif 82 83 WOLFSSL_LOCAL int DoIntegrityTest(char*, int); 84 WOLFSSL_LOCAL int DoPOST(char*, int); 85 WOLFSSL_LOCAL int DoCAST(int); 86 WOLFSSL_LOCAL int DoKnownAnswerTests(char*, int); /* FIPSv1 and FIPSv2 */ 87 88 WOLFSSL_API int wc_RunCast_fips(int); 89 WOLFSSL_API int wc_GetCastStatus_fips(int); 90 91 #ifdef __cplusplus 92 } /* extern "C" */ 93 #endif 94 95 #endif /* WOLF_CRYPT_FIPS_TEST_H */ 96 97