Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2023-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_crypt_lib.h"
8 : #include "internal/libspdm_fips_lib.h"
9 : #include "internal/libspdm_common_lib.h"
10 :
11 : #if LIBSPDM_FIPS_MODE
12 :
13 : /**
14 : * SHA256 KAT: HMAC-SHA256 KAT covers SHA256 KAT.
15 : **/
16 1 : bool libspdm_fips_selftest_sha256(void *fips_selftest_context)
17 : {
18 1 : bool result = true;
19 :
20 : #if LIBSPDM_SHA256_SUPPORT
21 1 : libspdm_fips_selftest_context_t *context = fips_selftest_context;
22 1 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
23 :
24 : /* any test fail cause the FIPS fail*/
25 1 : if (context->tested_algo != context->self_test_result) {
26 0 : return false;
27 : }
28 :
29 : /* check if run before.*/
30 1 : if ((context->tested_algo & LIBSPDM_FIPS_SELF_TEST_SHA256) != 0) {
31 0 : return true;
32 : }
33 :
34 1 : result = libspdm_fips_selftest_hmac_sha256(context);
35 :
36 : /* mark it as tested*/
37 1 : context->tested_algo |= LIBSPDM_FIPS_SELF_TEST_SHA256;
38 :
39 : /* record test result*/
40 1 : if (result) {
41 1 : context->self_test_result |= LIBSPDM_FIPS_SELF_TEST_SHA256;
42 : } else {
43 0 : context->self_test_result &= ~LIBSPDM_FIPS_SELF_TEST_SHA256;
44 : }
45 : #endif /*LIBSPDM_SHA256_SUPPORT*/
46 :
47 1 : return result;
48 : }
49 :
50 : /**
51 : * SHA384 KAT: HMAC-SHA384 KAT covers SHA384 KAT.
52 : **/
53 1 : bool libspdm_fips_selftest_sha384(void *fips_selftest_context)
54 : {
55 1 : bool result = true;
56 :
57 : #if LIBSPDM_SHA384_SUPPORT
58 1 : libspdm_fips_selftest_context_t *context = fips_selftest_context;
59 1 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
60 :
61 : /* any test fail cause the FIPS fail*/
62 1 : if (context->tested_algo != context->self_test_result) {
63 0 : return false;
64 : }
65 :
66 : /* check if run before.*/
67 1 : if ((context->tested_algo & LIBSPDM_FIPS_SELF_TEST_SHA384) != 0) {
68 0 : return true;
69 : }
70 :
71 1 : result = libspdm_fips_selftest_hmac_sha384(context);
72 :
73 : /* mark it as tested*/
74 1 : context->tested_algo |= LIBSPDM_FIPS_SELF_TEST_SHA384;
75 :
76 : /* record test result*/
77 1 : if (result) {
78 1 : context->self_test_result |= LIBSPDM_FIPS_SELF_TEST_SHA384;
79 : } else {
80 0 : context->self_test_result &= ~LIBSPDM_FIPS_SELF_TEST_SHA384;
81 : }
82 : #endif /*LIBSPDM_SHA384_SUPPORT*/
83 :
84 1 : return result;
85 : }
86 :
87 : /**
88 : * SHA512 KAT: HMAC-SHA512 KAT covers SHA512 KAT.
89 : **/
90 1 : bool libspdm_fips_selftest_sha512(void *fips_selftest_context)
91 : {
92 1 : bool result = true;
93 :
94 : #if LIBSPDM_SHA512_SUPPORT
95 1 : libspdm_fips_selftest_context_t *context = fips_selftest_context;
96 1 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
97 :
98 : /* any test fail cause the FIPS fail*/
99 1 : if (context->tested_algo != context->self_test_result) {
100 0 : return false;
101 : }
102 :
103 : /* check if run before.*/
104 1 : if ((context->tested_algo & LIBSPDM_FIPS_SELF_TEST_SHA512) != 0) {
105 0 : return true;
106 : }
107 :
108 1 : result = libspdm_fips_selftest_hmac_sha512(context);
109 :
110 : /* mark it as tested*/
111 1 : context->tested_algo |= LIBSPDM_FIPS_SELF_TEST_SHA512;
112 :
113 : /* record test result*/
114 1 : if (result) {
115 1 : context->self_test_result |= LIBSPDM_FIPS_SELF_TEST_SHA512;
116 : } else {
117 0 : context->self_test_result &= ~LIBSPDM_FIPS_SELF_TEST_SHA512;
118 : }
119 : #endif /*LIBSPDM_SHA512_SUPPORT*/
120 :
121 1 : return result;
122 : }
123 :
124 : #endif/*LIBSPDM_FIPS_MODE*/
|
