FIPS Update

1. Move SHA-224 and SHA-256 into FIPSv2.
2. Move HMAC into FIPSv2.
3. Move Hash_DRBG into FIPSv2.

src/include.am

@@ -27,10 +27,17 @@ endif # BUILD_FAST_RSA
 if BUILD_FIPS
 src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
 
+if BUILD_FIPS_V2
 src_libwolfssl_la_SOURCES += \
-               ctaocrypt/src/hmac.c \
+               wolfcrypt/src/hmac.c \
+               wolfcrypt/src/random.c \
+               wolfcrypt/src/sha256.c
+else
+src_libwolfssl_la_SOURCES += \
+               ctaocrypt/src/hmac.c
                ctaocrypt/src/random.c \
                ctaocrypt/src/sha256.c
+endif
 
 if BUILD_RSA
 if BUILD_FIPS_V2
@@ -82,15 +89,19 @@ src_libwolfssl_la_SOURCES += \
                wolfcrypt/src/hash.c \
                wolfcrypt/src/cpuid.c
 
+if !BUILD_FIPS_V2
 if BUILD_RNG
 src_libwolfssl_la_SOURCES += wolfcrypt/src/random.c
 endif
+endif
 
+if !BUILD_FIPS_V2
 if BUILD_ARMASM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
 else
 src_libwolfssl_la_SOURCES += wolfcrypt/src/sha256.c
 endif
+endif
 
 if BUILD_WOLFEVENT
 src_libwolfssl_la_SOURCES += wolfcrypt/src/wolfevent.c

wolfcrypt/src/hmac.c

@@ -29,6 +29,18 @@
 
 #ifndef NO_HMAC
 
+#if defined(HAVE_FIPS) && \
+    defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+
+    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
+    #define FIPS_NO_WRAPPERS
+
+    #ifdef USE_WINDOWS_API
+        #pragma code_seg(".fipsA$b")
+        #pragma const_seg(".fipsB$b")
+    #endif
+#endif
+
 #include <wolfssl/wolfcrypt/hmac.h>
 
 #ifdef NO_INLINE
@@ -40,7 +52,10 @@
 
 
 /* fips wrapper calls, user can call direct */
-#ifdef HAVE_FIPS
+/* If building for old FIPS. */
+#if defined(HAVE_FIPS) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+
     /* does init */
     int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
     {
@@ -101,10 +116,7 @@
         }
     #endif /* HAVE_HKDF */
 
-#else /* else build without fips */
+#else /* else build without fips, or for new fips */
-
-
-#include <wolfssl/wolfcrypt/error-crypt.h>
 
 
 int wc_HmacSizeByType(int type)

wolfcrypt/src/random.c

@@ -25,6 +25,7 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* on HPUX 11 you may need to install /dev/random see
    http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
@@ -35,7 +36,10 @@
 #include <wolfssl/wolfcrypt/cpuid.h>
 
 
-#ifdef HAVE_FIPS
+/* If building for old FIPS. */
+#if defined(HAVE_FIPS) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+
 int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
 {
     return GenerateSeed(os, seed, sz);
@@ -79,14 +83,13 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
     {
         return RNG_HealthTest_fips(reseed, entropyA, entropyASz,
                               entropyB, entropyBSz, output, outputSz);
-    }
+   }
 #endif /* HAVE_HASHDRBG */
 
-#else /* else build without fips */
+#else /* else build without fips, or for new fips */
 
 #ifndef WC_NO_RNG /* if not FIPS and RNG is disabled then do not compile */
 
-#include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 
 #ifdef NO_INLINE

wolfcrypt/src/sha256.c

@@ -30,12 +30,25 @@
 
 #if !defined(NO_SHA256) && !defined(WOLFSSL_ARMASM)
 
+#if defined(HAVE_FIPS) && \
+	defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+
+    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
+    #define FIPS_NO_WRAPPERS
+
+    #ifdef USE_WINDOWS_API
+        #pragma code_seg(".fipsA$d")
+        #pragma const_seg(".fipsB$d")
+    #endif
+#endif
+
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/cpuid.h>
 
 /* fips wrapper calls, user can call direct */
-#ifdef HAVE_FIPS
+#if defined(HAVE_FIPS) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
 
     int wc_InitSha256(wc_Sha256* sha)
     {
@@ -79,7 +92,7 @@
         /* Not supported in FIPS */
     }
 
-#else /* else build without fips */
+#else /* else build without fips, or for FIPS v2 */
 
 
 #if defined(WOLFSSL_TI_HASH)

wolfssl/wolfcrypt/hmac.h

@@ -30,17 +30,26 @@
 
 #include <wolfssl/wolfcrypt/hash.h>
 
-#ifdef HAVE_FIPS
+#if defined(HAVE_FIPS) && \
-/* for fips */
+	(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+/* for fips @wc_fips */
     #include <cyassl/ctaocrypt/hmac.h>
     #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
 #endif
 
 
+#if defined(HAVE_FIPS) && \
+	defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+	#include <wolfssl/wolfcrypt/fips.h>
+#endif
+
 #ifdef __cplusplus
     extern "C" {
 #endif
-#ifndef HAVE_FIPS
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     #include <wolfssl/wolfcrypt/async.h>
@@ -140,6 +149,11 @@ typedef struct Hmac {
 #endif /* WOLFSSL_ASYNC_CRYPT */
 } Hmac;
 
+#ifndef WC_HMAC_TYPE_DEFINED
+    typedef struct RsaKey RsaKey;
+    #define WC_HMAC_TYPE_DEFINED
+#endif
+
 #endif /* HAVE_FIPS */
 
 /* does init */

wolfssl/wolfcrypt/random.h

@@ -30,10 +30,10 @@
 
 #include <wolfssl/wolfcrypt/types.h>
 
-#ifdef HAVE_FIPS
+#if defined(HAVE_FIPS) && \
-/* for fips @wc_fips */
+    defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-#include <cyassl/ctaocrypt/random.h>
+    #include <wolfssl/wolfcrypt/fips.h>
-#endif
+#endif /* HAVE_FIPS_VERSION >= 2 */
 
 #ifdef __cplusplus
     extern "C" {
@@ -70,7 +70,9 @@
 #endif
 
 
-#ifndef HAVE_FIPS /* avoid redefining structs and macros */
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
 
 /* RNG supports the following sources (in order):
  * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
@@ -151,7 +153,7 @@ struct WC_RNG {
 #endif
 };
 
-#endif /* HAVE_FIPS */
+#endif /* NO FIPS or have FIPS v2*/
 
 /* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
  * can't be used with CTaoCrypt FIPS */

wolfssl/wolfcrypt/sha256.h

@@ -33,7 +33,13 @@
 
 #ifndef NO_SHA256
 
-#ifdef HAVE_FIPS
+#if defined(HAVE_FIPS) && \
+    defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+    #include <wolfssl/wolfcrypt/fips.h>
+#endif /* HAVE_FIPS_VERSION >= 2 */
+
+#if defined(HAVE_FIPS) && \
+	(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
     #define wc_Sha256             Sha256
     #define WC_SHA256             SHA256
     #define WC_SHA256_BLOCK_SIZE  SHA256_BLOCK_SIZE
@@ -61,7 +67,9 @@
     extern "C" {
 #endif
 
-#ifndef HAVE_FIPS /* avoid redefinition of structs */
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
 
 #ifdef WOLFSSL_MICROCHIP_PIC32MZ
     #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
@@ -149,7 +157,9 @@ WOLFSSL_API void wc_Sha256SizeSet(wc_Sha256*, word32);
 #endif
 
 #ifdef WOLFSSL_SHA224
-#ifndef HAVE_FIPS /* avoid redefinition of structs */
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
 
 #ifndef NO_OLD_WC_NAMES
     #define Sha224             wc_Sha224