@@ -60,214 +60,6 @@ static void wolfprov_init_cast_mutex(void)
6060 }
6161}
6262
63- /**
64- * Get the cast mutex for a specific algorithm.
65- *
66- * @param [in] algo Algorithm category (WP_CAST_ALGO_*).
67- * @return Pointer to the mutex for the specified algorithm.
68- * @return NULL if algo is out of range.
69- */
70- wolfSSL_Mutex * wp_get_cast_mutex (int algo )
71- {
72- if (algo < 0 || algo >= WP_CAST_ALGO_COUNT ) {
73- return NULL ;
74- }
75- return & castAlgos [algo ].mutex ;
76- }
77-
78- /**
79- * Get the initialization state for a specific algorithm's CAST.
80- *
81- * @param [in] algo Algorithm category (WP_CAST_ALGO_*).
82- * @return Initialization state (0 = not initialized, 1 = initialized).
83- * @return 0 if algo is out of range.
84- */
85- int wp_get_cast_init (int algo )
86- {
87- if (algo < 0 || algo >= WP_CAST_ALGO_COUNT ) {
88- return 0 ;
89- }
90- return castAlgos [algo ].init ;
91- }
92-
93- /**
94- * Set the initialization state for a specific algorithm's CAST.
95- *
96- * @param [in] algo Algorithm category (WP_CAST_ALGO_*).
97- * @param [in] init Initialization state to set.
98- */
99- void wp_set_cast_init (int algo , int init )
100- {
101- if (algo >= 0 && algo < WP_CAST_ALGO_COUNT ) {
102- castAlgos [algo ].init = init ;
103- }
104- }
105-
106- #ifdef WP_HAVE_RSA
107- /**
108- * Run the RSA CAST self-tests.
109- *
110- * @return 1 on success.
111- * @return 0 on failure.
112- */
113- static int wp_rsa_init_cast_inner (void )
114- {
115- int ret ;
116-
117- ret = wc_RunCast_fips (FIPS_CAST_RSA_SIGN_PKCS1v15 );
118- if (ret != 0 ) {
119- return 0 ;
120- }
121- return 1 ;
122- }
123- #endif
124-
125- #ifdef WP_HAVE_ECDSA
126- /**
127- * Run the ECDSA CAST self-tests.
128- *
129- * @return 1 on success.
130- * @return 0 on failure.
131- */
132- static int wp_ecdsa_init_cast_inner (void )
133- {
134- int ret ;
135-
136- ret = wc_RunCast_fips (FIPS_CAST_ECDSA );
137- if (ret != 0 ) {
138- return 0 ;
139- }
140- return 1 ;
141- }
142- #endif
143-
144- #ifdef WP_HAVE_ECDH
145- /**
146- * Run the ECDH CAST self-tests.
147- *
148- * @return 1 on success.
149- * @return 0 on failure.
150- */
151- static int wp_ecdh_init_cast_inner (void )
152- {
153- int ok = 1 ;
154- int ret ;
155-
156- ret = wc_RunCast_fips (FIPS_CAST_ECC_CDH );
157- if (ret != 0 ) {
158- ok = 0 ;
159- }
160- if (ok ) {
161- ret = wc_RunCast_fips (FIPS_CAST_ECC_PRIMITIVE_Z );
162- if (ret != 0 ) {
163- ok = 0 ;
164- }
165- }
166- return ok ;
167- }
168- #endif
169-
170- #ifdef WP_HAVE_DH
171- /**
172- * Run the DH CAST self-tests.
173- *
174- * @return 1 on success.
175- * @return 0 on failure.
176- */
177- static int wp_dh_init_cast_inner (void )
178- {
179- int ret ;
180-
181- ret = wc_RunCast_fips (FIPS_CAST_DH_PRIMITIVE_Z );
182- if (ret != 0 ) {
183- return 0 ;
184- }
185- return 1 ;
186- }
187- #endif
188-
189- #ifdef WP_HAVE_RANDOM
190- /**
191- * Run the DRBG CAST self-tests.
192- *
193- * @return 1 on success.
194- * @return 0 on failure.
195- */
196- static int wp_drbg_init_cast_inner (void )
197- {
198- int ret ;
199-
200- ret = wc_RunCast_fips (FIPS_CAST_DRBG );
201- if (ret != 0 ) {
202- return 0 ;
203- }
204- return 1 ;
205- }
206- #endif
207-
208- #ifdef WP_HAVE_AES
209- /**
210- * Run the AES CAST self-tests.
211- *
212- * @return 1 on success.
213- * @return 0 on failure.
214- */
215- static int wp_aes_init_cast_inner (void )
216- {
217- int ret ;
218- int ok = 1 ;
219-
220- ret = wc_RunCast_fips (FIPS_CAST_AES_CBC );
221- if (ret != 0 ) {
222- ok = 0 ;
223- }
224- if (ok ) {
225- ret = wc_RunCast_fips (FIPS_CAST_AES_GCM );
226- if (ret != 0 ) {
227- ok = 0 ;
228- }
229- }
230- return ok ;
231- }
232- #endif
233-
234- #ifdef WP_HAVE_HMAC
235- /**
236- * Run the HMAC CAST self-tests.
237- *
238- * @return 1 on success.
239- * @return 0 on failure.
240- */
241- static int wp_hmac_init_cast_inner (void )
242- {
243- int ret ;
244- int ok = 1 ;
245-
246- ret = wc_RunCast_fips (FIPS_CAST_HMAC_SHA1 );
247- if (ret != 0 ) {
248- ok = 0 ;
249- }
250- if (ok ) {
251- ret = wc_RunCast_fips (FIPS_CAST_HMAC_SHA2_256 );
252- if (ret != 0 ) {
253- ok = 0 ;
254- }
255- }
256- if (ok ) {
257- ret = wc_RunCast_fips (FIPS_CAST_HMAC_SHA2_512 );
258- if (ret != 0 ) {
259- ok = 0 ;
260- }
261- }
262- if (ok ) {
263- ret = wc_RunCast_fips (FIPS_CAST_HMAC_SHA3_256 );
264- if (ret != 0 ) {
265- ok = 0 ;
266- }
267- }
268- return ok ;
269- }
270- #endif
27163
27264/**
27365 * Initialize a CAST self-test for a specific algorithm.
@@ -284,66 +76,94 @@ int wp_init_cast(int algo)
28476 int ok = 1 ;
28577
28678 if (algo < 0 || algo >= WP_CAST_ALGO_COUNT ) {
79+ WOLFPROV_ERROR_MSG (WP_LOG_COMP_PROVIDER ,
80+ "FIPS CAST initialization failed: invalid algorithm" );
28781 return 0 ;
28882 }
28983
29084 if (castAlgos [algo ].init == 0 ) {
291- if (wp_lock (wp_get_cast_mutex (algo )) != 1 ) {
85+ if (wp_lock (& castAlgos [algo ].mutex ) != 1 ) {
86+ WOLFPROV_ERROR_MSG (WP_LOG_COMP_PROVIDER ,
87+ "FIPS CAST initialization failed: unable to acquire lock" );
29288 return 0 ;
29389 }
29490 /* Make sure another thread did not complete already while we waited
29591 * to acquire per algo lock */
29692 if (castAlgos [algo ].init == 0 ) {
297- /* Dispatch to algorithm-specific inner function */
29893 switch (algo ) {
29994#ifdef WP_HAVE_AES
300- case WP_CAST_ALGO_AES :
301- ok = wp_aes_init_cast_inner ();
302- break ;
95+ case WP_CAST_ALGO_AES :
96+ if (wc_RunCast_fips (FIPS_CAST_AES_CBC ) != 0 ||
97+ wc_RunCast_fips (FIPS_CAST_AES_GCM ) != 0 ) {
98+ ok = 0 ;
99+ }
100+ break ;
303101#endif
304102#ifdef WP_HAVE_HMAC
305- case WP_CAST_ALGO_HMAC :
306- ok = wp_hmac_init_cast_inner ();
307- break ;
103+ case WP_CAST_ALGO_HMAC :
104+ if (wc_RunCast_fips (FIPS_CAST_HMAC_SHA1 ) != 0 ||
105+ wc_RunCast_fips (FIPS_CAST_HMAC_SHA2_256 ) != 0 ||
106+ wc_RunCast_fips (FIPS_CAST_HMAC_SHA2_512 ) != 0 ||
107+ wc_RunCast_fips (FIPS_CAST_HMAC_SHA3_256 ) != 0 ) {
108+ ok = 0 ;
109+ }
110+ break ;
308111#endif
309112#ifdef WP_HAVE_RSA
310- case WP_CAST_ALGO_RSA :
311- ok = wp_rsa_init_cast_inner ();
312- break ;
113+ case WP_CAST_ALGO_RSA :
114+ if (wc_RunCast_fips (FIPS_CAST_RSA_SIGN_PKCS1v15 ) != 0 ) {
115+ ok = 0 ;
116+ }
117+ break ;
313118#endif
314119#ifdef WP_HAVE_ECDSA
315- case WP_CAST_ALGO_ECDSA :
316- ok = wp_ecdsa_init_cast_inner ();
317- break ;
120+ case WP_CAST_ALGO_ECDSA :
121+ if (wc_RunCast_fips (FIPS_CAST_ECDSA ) != 0 ) {
122+ ok = 0 ;
123+ }
124+ break ;
318125#endif
319126#ifdef WP_HAVE_ECDH
320- case WP_CAST_ALGO_ECDH :
321- ok = wp_ecdh_init_cast_inner ();
322- break ;
127+ case WP_CAST_ALGO_ECDH :
128+ if (wc_RunCast_fips (FIPS_CAST_ECC_CDH ) != 0 ||
129+ wc_RunCast_fips (FIPS_CAST_ECC_PRIMITIVE_Z ) != 0 ) {
130+ ok = 0 ;
131+ }
132+ break ;
323133#endif
324134#ifdef WP_HAVE_DH
325- case WP_CAST_ALGO_DH :
326- ok = wp_dh_init_cast_inner ();
327- break ;
135+ case WP_CAST_ALGO_DH :
136+ if (wc_RunCast_fips (FIPS_CAST_DH_PRIMITIVE_Z ) != 0 ) {
137+ ok = 0 ;
138+ }
139+ break ;
328140#endif
329141#ifdef WP_HAVE_RANDOM
330- case WP_CAST_ALGO_DRBG :
331- ok = wp_drbg_init_cast_inner ();
332- break ;
142+ case WP_CAST_ALGO_DRBG :
143+ if (wc_RunCast_fips (FIPS_CAST_DRBG ) != 0 ) {
144+ ok = 0 ;
145+ }
146+ break ;
333147#endif
334- default :
335- ok = 0 ;
336- break ;
337- }
148+ default :
149+ ok = 0 ;
150+ break ;
151+ }
338152
339153 if (ok ) {
340154 castAlgos [algo ].init = 1 ;
341155 }
342156 }
343- if (wp_unlock (wp_get_cast_mutex ( algo ) ) != 1 ) {
157+ if (wp_unlock (& castAlgos [ algo ]. mutex ) != 1 ) {
344158 ok = 0 ;
345159 }
346160 }
161+
162+ if (!ok ) {
163+ WOLFPROV_ERROR_MSG (WP_LOG_COMP_PROVIDER ,
164+ "FIPS CAST initialization failed" );
165+ }
166+
347167 return ok ;
348168}
349169#endif
0 commit comments