From df4d748f5982ae8fa2bb2813d375213c545258a9 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 5 Jan 2018 17:00:39 -0800 Subject: [PATCH] FIPS Update 1. Move SHA-224 and SHA-256 into FIPSv2. 2. Move HMAC into FIPSv2. 3. Move Hash_DRBG into FIPSv2. --- src/include.am | 13 ++++++++++++- wolfcrypt/src/hmac.c | 22 +++++++++++++++++----- wolfcrypt/src/random.c | 11 +++++++---- wolfcrypt/src/sha256.c | 17 +++++++++++++++-- wolfssl/wolfcrypt/hmac.h | 20 +++++++++++++++++--- wolfssl/wolfcrypt/random.h | 14 ++++++++------ wolfssl/wolfcrypt/sha256.h | 16 +++++++++++++--- 7 files changed, 89 insertions(+), 24 deletions(-) diff --git a/src/include.am b/src/include.am index fa400a411..bdf4217f6 100644 --- a/src/include.am +++ b/src/include.am @@ -27,10 +27,17 @@ endif # BUILD_FAST_RSA if BUILD_FIPS src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c +if BUILD_FIPS_V2 src_libwolfssl_la_SOURCES += \ - ctaocrypt/src/hmac.c \ + wolfcrypt/src/hmac.c \ + wolfcrypt/src/random.c \ + wolfcrypt/src/sha256.c +else +src_libwolfssl_la_SOURCES += \ + ctaocrypt/src/hmac.c ctaocrypt/src/random.c \ ctaocrypt/src/sha256.c +endif if BUILD_RSA if BUILD_FIPS_V2 @@ -82,15 +89,19 @@ src_libwolfssl_la_SOURCES += \ wolfcrypt/src/hash.c \ wolfcrypt/src/cpuid.c +if !BUILD_FIPS_V2 if BUILD_RNG src_libwolfssl_la_SOURCES += wolfcrypt/src/random.c endif +endif +if !BUILD_FIPS_V2 if BUILD_ARMASM src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c else src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256.c endif +endif if BUILD_WOLFEVENT src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfevent.c diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index c81f19b17..a9e659420 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -29,6 +29,18 @@ #ifndef NO_HMAC +#if defined(HAVE_FIPS) && \ + defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) + + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS + + #ifdef USE_WINDOWS_API + #pragma code_seg(".fipsA$b") + #pragma const_seg(".fipsB$b") + #endif +#endif + #include #ifdef NO_INLINE @@ -40,7 +52,10 @@ /* fips wrapper calls, user can call direct */ -#ifdef HAVE_FIPS +/* If building for old FIPS. */ +#if defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) + /* does init */ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz) { @@ -101,10 +116,7 @@ } #endif /* HAVE_HKDF */ -#else /* else build without fips */ - - -#include +#else /* else build without fips, or for new fips */ int wc_HmacSizeByType(int type) diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 92234de52..3755a30cb 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -25,6 +25,7 @@ #endif #include +#include /* on HPUX 11 you may need to install /dev/random see http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I @@ -35,7 +36,10 @@ #include -#ifdef HAVE_FIPS +/* If building for old FIPS. */ +#if defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) + int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz) { return GenerateSeed(os, seed, sz); @@ -79,14 +83,13 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b) { return RNG_HealthTest_fips(reseed, entropyA, entropyASz, entropyB, entropyBSz, output, outputSz); - } + } #endif /* HAVE_HASHDRBG */ -#else /* else build without fips */ +#else /* else build without fips, or for new fips */ #ifndef WC_NO_RNG /* if not FIPS and RNG is disabled then do not compile */ -#include #include #ifdef NO_INLINE diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 1efe335eb..b36d42d68 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -30,12 +30,25 @@ #if !defined(NO_SHA256) && !defined(WOLFSSL_ARMASM) +#if defined(HAVE_FIPS) && \ + defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) + + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS + + #ifdef USE_WINDOWS_API + #pragma code_seg(".fipsA$d") + #pragma const_seg(".fipsB$d") + #endif +#endif + #include #include #include /* fips wrapper calls, user can call direct */ -#ifdef HAVE_FIPS +#if defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) int wc_InitSha256(wc_Sha256* sha) { @@ -79,7 +92,7 @@ /* Not supported in FIPS */ } -#else /* else build without fips */ +#else /* else build without fips, or for FIPS v2 */ #if defined(WOLFSSL_TI_HASH) diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index 58e84d662..33ccd1358 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -30,17 +30,26 @@ #include -#ifdef HAVE_FIPS -/* for fips */ +#if defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) +/* for fips @wc_fips */ #include #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE #endif +#if defined(HAVE_FIPS) && \ + defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) + #include +#endif + #ifdef __cplusplus extern "C" { #endif -#ifndef HAVE_FIPS + +/* avoid redefinition of structs */ +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_ASYNC_CRYPT #include @@ -140,6 +149,11 @@ typedef struct Hmac { #endif /* WOLFSSL_ASYNC_CRYPT */ } Hmac; +#ifndef WC_HMAC_TYPE_DEFINED + typedef struct RsaKey RsaKey; + #define WC_HMAC_TYPE_DEFINED +#endif + #endif /* HAVE_FIPS */ /* does init */ diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index c1f7a8732..2e0f9f6b8 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -30,10 +30,10 @@ #include -#ifdef HAVE_FIPS -/* for fips @wc_fips */ -#include -#endif +#if defined(HAVE_FIPS) && \ + defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) + #include +#endif /* HAVE_FIPS_VERSION >= 2 */ #ifdef __cplusplus extern "C" { @@ -70,7 +70,9 @@ #endif -#ifndef HAVE_FIPS /* avoid redefining structs and macros */ +/* avoid redefinition of structs */ +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) /* RNG supports the following sources (in order): * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and @@ -151,7 +153,7 @@ struct WC_RNG { #endif }; -#endif /* HAVE_FIPS */ +#endif /* NO FIPS or have FIPS v2*/ /* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts, * can't be used with CTaoCrypt FIPS */ diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h index a2d387a13..2710ef34b 100644 --- a/wolfssl/wolfcrypt/sha256.h +++ b/wolfssl/wolfcrypt/sha256.h @@ -33,7 +33,13 @@ #ifndef NO_SHA256 -#ifdef HAVE_FIPS +#if defined(HAVE_FIPS) && \ + defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) + #include +#endif /* HAVE_FIPS_VERSION >= 2 */ + +#if defined(HAVE_FIPS) && \ + (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) #define wc_Sha256 Sha256 #define WC_SHA256 SHA256 #define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE @@ -61,7 +67,9 @@ extern "C" { #endif -#ifndef HAVE_FIPS /* avoid redefinition of structs */ +/* avoid redefinition of structs */ +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifdef WOLFSSL_MICROCHIP_PIC32MZ #include @@ -149,7 +157,9 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32); #endif #ifdef WOLFSSL_SHA224 -#ifndef HAVE_FIPS /* avoid redefinition of structs */ +/* avoid redefinition of structs */ +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) #ifndef NO_OLD_WC_NAMES #define Sha224 wc_Sha224