Crypto++
8.3
Free C++ class library of cryptographic schemes
|
Classes and functions for the FIPS 140-2 validated library. More...
Go to the source code of this file.
Classes | |
class | SelfTestFailure |
Exception thrown when a crypto algorithm is used after a self test fails. More... | |
Macros | |
#define | CRYPTOPP_DUMMY_DLL_MAC "MAC_51f34b8db820ae8" |
The placeholder used prior to embedding the actual MAC in the module. More... | |
Enumerations | |
enum | PowerUpSelfTestStatus { POWER_UP_SELF_TEST_NOT_DONE, POWER_UP_SELF_TEST_FAILED, POWER_UP_SELF_TEST_PASSED } |
Status of the power-up self test. More... | |
Functions | |
CRYPTOPP_DLL bool CRYPTOPP_API | FIPS_140_2_ComplianceEnabled () |
Determines whether the library provides FIPS validated cryptography. More... | |
CRYPTOPP_DLL void CRYPTOPP_API | DoPowerUpSelfTest (const char *moduleFilename, const byte *expectedModuleMac) |
Performs the power-up self test. More... | |
CRYPTOPP_DLL void CRYPTOPP_API | DoDllPowerUpSelfTest () |
Performs the power-up self test on the DLL. More... | |
CRYPTOPP_DLL void CRYPTOPP_API | SimulatePowerUpSelfTestFailure () |
Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED. More... | |
CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API | GetPowerUpSelfTestStatus () |
Provides the current power-up self test status. More... | |
CRYPTOPP_DLL MessageAuthenticationCode *CRYPTOPP_API | NewIntegrityCheckingMAC () |
Class object that calculates the MAC on the module. More... | |
CRYPTOPP_DLL bool CRYPTOPP_API | IntegrityCheckModule (const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac=NULL, unsigned long *pMacFileLocation=NULL) |
Verifies the MAC on the module. More... | |
Classes and functions for the FIPS 140-2 validated library.
The FIPS validated library is only available on Windows as a DLL. Once compiled, the library is always in FIPS mode contingent upon successful execution of DoPowerUpSelfTest() or DoDllPowerUpSelfTest().
Definition in file fips140.h.
#define CRYPTOPP_DUMMY_DLL_MAC "MAC_51f34b8db820ae8" |
The placeholder used prior to embedding the actual MAC in the module.
After the DLL is built but before it is MAC'd, the string CRYPTOPP_DUMMY_DLL_MAC is used as a placeholder for the actual MAC. A post-build step is performed which calculates the MAC of the DLL and embeds it in the module. The actual MAC is written by the cryptest.exe
program using the mac_dll
subcommand.
Status of the power-up self test.
Enumerator | |
---|---|
POWER_UP_SELF_TEST_NOT_DONE | The self tests have not been performed. |
POWER_UP_SELF_TEST_FAILED | The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), but the result was failure. |
POWER_UP_SELF_TEST_PASSED | The self tests were executed via DoPowerUpSelfTest() or DoDllPowerUpSelfTest(), and the result was success. |
CRYPTOPP_DLL bool CRYPTOPP_API FIPS_140_2_ComplianceEnabled | ( | ) |
Determines whether the library provides FIPS validated cryptography.
Definition at line 24 of file fips140.cpp.
CRYPTOPP_DLL void CRYPTOPP_API DoPowerUpSelfTest | ( | const char * | moduleFilename, |
const byte * | expectedModuleMac | ||
) |
Performs the power-up self test.
moduleFilename | the fully qualified name of the module |
expectedModuleMac | the expected MAC of the components protected by the integrity check Performs the power-up self test, and sets the self test status to POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED. The self tests for an algorithm are performed by the Algortihm class when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined. |
CRYPTOPP_DLL void CRYPTOPP_API DoDllPowerUpSelfTest | ( | ) |
Performs the power-up self test on the DLL.
Performs the power-up self test using the filename of this DLL and the embedded module MAC, and sets the self test status to POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED. The self tests for an algorithm are performed by the Algortihm class when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.
CRYPTOPP_DLL void CRYPTOPP_API SimulatePowerUpSelfTestFailure | ( | ) |
Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED.
Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED to simulate failure.
Definition at line 29 of file fips140.cpp.
CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus | ( | ) |
Provides the current power-up self test status.
Definition at line 34 of file fips140.cpp.
CRYPTOPP_DLL MessageAuthenticationCode* CRYPTOPP_API NewIntegrityCheckingMAC | ( | ) |
Class object that calculates the MAC on the module.
CRYPTOPP_DLL bool CRYPTOPP_API IntegrityCheckModule | ( | const char * | moduleFilename, |
const byte * | expectedModuleMac, | ||
SecByteBlock * | pActualMac = NULL , |
||
unsigned long * | pMacFileLocation = NULL |
||
) |
Verifies the MAC on the module.
moduleFilename | the fully qualified name of the module |
expectedModuleMac | the expected MAC of the components protected by the integrity check |
pActualMac | the actual MAC of the components calculated by the integrity check |
pMacFileLocation | the offest of the MAC in the PE/PE+ module |