Fabcoin Core  0.16.2
P2P Digital Currency
Classes | Macros | Typedefs | Enumerations | Functions
fips140.h File Reference

Classes and functions for the FIPS 140-2 validated library. More...

#include "cryptlib.h"
#include "secblock.h"
Include dependency graph for fips140.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

class  SelfTestFailure
 Exception thrown when a crypto algorithm is used after a self test fails. More...
 

Macros

#define CRYPTOPP_DUMMY_DLL_MAC   "MAC_51f34b8db820ae8"
 The placeholder used prior to embedding the actual MAC in the module. More...
 

Typedefs

typedef PowerUpSelfTestStatus(CRYPTOPP_APIPGetPowerUpSelfTestStatus) ()
 

Enumerations

enum  PowerUpSelfTestStatus { POWER_UP_SELF_TEST_NOT_DONE, POWER_UP_SELF_TEST_FAILED, POWER_UP_SELF_TEST_PASSED }
 Status of the power-up self test. More...
 

Functions

CRYPTOPP_DLL bool CRYPTOPP_API FIPS_140_2_ComplianceEnabled ()
 Determines whether the library provides FIPS validated cryptography. More...
 
CRYPTOPP_DLL void CRYPTOPP_API DoPowerUpSelfTest (const char *moduleFilename, const byte *expectedModuleMac)
 Performs the power-up self test. More...
 
CRYPTOPP_DLL void CRYPTOPP_API DoDllPowerUpSelfTest ()
 Performs the power-up self test on the DLL. More...
 
CRYPTOPP_DLL void CRYPTOPP_API SimulatePowerUpSelfTestFailure ()
 Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED. More...
 
CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus ()
 Provides the current power-up self test status. More...
 
CRYPTOPP_DLL MessageAuthenticationCode *CRYPTOPP_API NewIntegrityCheckingMAC ()
 Class object that calculates the MAC on the module. More...
 
CRYPTOPP_DLL bool CRYPTOPP_API IntegrityCheckModule (const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac=NULL, unsigned long *pMacFileLocation=NULL)
 Verifies the MAC on the module. More...
 
bool PowerUpSelfTestInProgressOnThisThread ()
 
void SetPowerUpSelfTestInProgressOnThisThread (bool inProgress)
 
void SignaturePairwiseConsistencyTest (const PK_Signer &signer, const PK_Verifier &verifier)
 
void EncryptionPairwiseConsistencyTest (const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
 
void SignaturePairwiseConsistencyTest_FIPS_140_Only (const PK_Signer &signer, const PK_Verifier &verifier)
 
void EncryptionPairwiseConsistencyTest_FIPS_140_Only (const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
 

Detailed Description

Classes and functions for the FIPS 140-2 validated library.

The FIPS validated library is only available on Windows as a DLL. Once compiled, the library is always in FIPS mode contingent upon successful execution of DoPowerUpSelfTest() or DoDllPowerUpSelfTest().

See also
Visual Studio and config.h on the Crypto++ wiki.

Definition in file fips140.h.

Macro Definition Documentation

#define CRYPTOPP_DUMMY_DLL_MAC   "MAC_51f34b8db820ae8"

The placeholder used prior to embedding the actual MAC in the module.

After the DLL is built but before it is MAC'd, the string CRYPTOPP_DUMMY_DLL_MAC is used as a placeholder for the actual MAC. A post-build step is performed which calculates the MAC of the DLL and embeds it in the module. The actual MAC is written by the cryptest.exe program using the mac_dll subcommand.

Definition at line 109 of file fips140.h.

Typedef Documentation

typedef PowerUpSelfTestStatus(CRYPTOPP_API * PGetPowerUpSelfTestStatus) ()

Definition at line 76 of file fips140.h.

Enumeration Type Documentation

Status of the power-up self test.

Enumerator
POWER_UP_SELF_TEST_NOT_DONE 

The self tests have not been performed.

POWER_UP_SELF_TEST_FAILED 

The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), but the result was failure.

POWER_UP_SELF_TEST_PASSED 

The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), and the result was success.

Definition at line 38 of file fips140.h.

Function Documentation

CRYPTOPP_DLL void CRYPTOPP_API DoDllPowerUpSelfTest ( )

Performs the power-up self test on the DLL.

Performs the power-up self test using the filename of this DLL and the embedded module MAC, and sets the self test status to POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED.

The self tests for an algorithm are performed by the Algortihm class when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.

Definition at line 623 of file fipstest.cpp.

Here is the caller graph for this function:

CRYPTOPP_DLL void CRYPTOPP_API DoPowerUpSelfTest ( const char *  moduleFilename,
const byte expectedModuleMac 
)

Performs the power-up self test.

Parameters
moduleFilenamethe fully qualified name of the module
expectedModuleMacthe expected MAC of the components protected by the integrity check

Performs the power-up self test, and sets the self test status to POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED.

The self tests for an algorithm are performed by the Algortihm class when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.

Definition at line 463 of file fipstest.cpp.

Here is the call graph for this function:

void EncryptionPairwiseConsistencyTest ( const PK_Encryptor encryptor,
const PK_Decryptor decryptor 
)

Definition at line 205 of file fipstest.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

void EncryptionPairwiseConsistencyTest_FIPS_140_Only ( const PK_Encryptor encryptor,
const PK_Decryptor decryptor 
)

Definition at line 70 of file fips140.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

CRYPTOPP_DLL bool CRYPTOPP_API FIPS_140_2_ComplianceEnabled ( )

Determines whether the library provides FIPS validated cryptography.

Returns
true if FIPS 140-2 validated features were enabled at compile time.

true if FIPS 140-2 validated features were enabled at compile time, false otherwise.

Note
FIPS mode is enabled at compile time. A program or other module cannot arbitrarily enter or exit the mode.

Definition at line 29 of file fips140.cpp.

Here is the caller graph for this function:

CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus ( )

Provides the current power-up self test status.

Returns
the current power-up self test status

Definition at line 39 of file fips140.cpp.

Here is the caller graph for this function:

CRYPTOPP_DLL bool CRYPTOPP_API IntegrityCheckModule ( const char *  moduleFilename,
const byte expectedModuleMac,
SecByteBlock pActualMac = NULL,
unsigned long *  pMacFileLocation = NULL 
)

Verifies the MAC on the module.

Parameters
moduleFilenamethe fully qualified name of the module
expectedModuleMacthe expected MAC of the components protected by the integrity check
pActualMacthe actual MAC of the components calculated by the integrity check
pMacFileLocationthe offest of the MAC in the PE/PE+ module
Returns
true if the MAC is valid, false otherwise

Definition at line 277 of file fipstest.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

CRYPTOPP_DLL MessageAuthenticationCode* CRYPTOPP_API NewIntegrityCheckingMAC ( )

Class object that calculates the MAC on the module.

Returns
the MAC for the module

Definition at line 271 of file fipstest.cpp.

Here is the caller graph for this function:

bool PowerUpSelfTestInProgressOnThisThread ( )

Definition at line 52 of file fips140.cpp.

Here is the caller graph for this function:

void SetPowerUpSelfTestInProgressOnThisThread ( bool  inProgress)

Definition at line 62 of file fips140.cpp.

Here is the caller graph for this function:

void SignaturePairwiseConsistencyTest ( const PK_Signer signer,
const PK_Verifier verifier 
)

Definition at line 241 of file fipstest.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

void SignaturePairwiseConsistencyTest_FIPS_140_Only ( const PK_Signer signer,
const PK_Verifier verifier 
)

Definition at line 78 of file fips140.cpp.

Here is the call graph for this function:

Here is the caller graph for this function:

CRYPTOPP_DLL void CRYPTOPP_API SimulatePowerUpSelfTestFailure ( )

Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED.

Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED to simulate failure.

Definition at line 34 of file fips140.cpp.

Here is the caller graph for this function: