File nss-CC-constructor_selftests.patch of Package mozilla-nss.972
# HG changeset patch
# Parent a4116725d048eff8480c58c19ba4abe30351b906
# Parent f829facc22ff686079f0db710fd693b527c6ca10
Perform necessary selftests in the libraaary constructors so that they get
called at library load time. Do not test non-FIPS-approved tests by default.
diff --git a/cmd/chktest/chktest.c b/cmd/chktest/chktest.c
--- a/cmd/chktest/chktest.c
+++ b/cmd/chktest/chktest.c
@@ -31,13 +31,13 @@ int main(int argc, char **argv)
}
rv = BL_Init();
if (rv != SECSuccess) {
SECU_PrintPRandOSError("");
return -1;
}
RNG_SystemInfoForRNG();
- good_result = BLAPI_SHVerifyFile(argv[1]);
+ good_result = BLAPI_SHVerifyFile(argv[1], NULL);
printf("%s\n",
(good_result ? "SUCCESS" : "FAILURE"));
return (good_result) ? SECSuccess : SECFailure;
}
diff --git a/lib/freebl/blapi.h b/lib/freebl/blapi.h
--- a/lib/freebl/blapi.h
+++ b/lib/freebl/blapi.h
@@ -1554,27 +1554,27 @@ extern void PQG_DestroyVerify(PQGVerify
extern void BL_Cleanup(void);
/* unload freebl shared library from memory */
extern void BL_Unload(void);
/**************************************************************************
* Verify a given Shared library signature *
**************************************************************************/
-PRBool BLAPI_SHVerify(const char *name, PRFuncPtr addr);
+PRBool BLAPI_SHVerify(const char *name, PRFuncPtr addr, int *err);
/**************************************************************************
* Verify a given filename's signature *
**************************************************************************/
-PRBool BLAPI_SHVerifyFile(const char *shName);
+PRBool BLAPI_SHVerifyFile(const char *shName, int *err);
/**************************************************************************
* Verify Are Own Shared library signature *
**************************************************************************/
-PRBool BLAPI_VerifySelf(const char *name);
+PRBool BLAPI_VerifySelf(const char *name, int *err);
/*********************************************************************/
extern const SECHashObject * HASH_GetRawHashObject(HASH_HashType hashType);
extern void BL_SetForkState(PRBool forked);
#ifndef NSS_DISABLE_ECC
/*
diff --git a/lib/freebl/fips-selftest.inc b/lib/freebl/fips-selftest.inc
new file mode 100644
--- /dev/null
+++ b/lib/freebl/fips-selftest.inc
@@ -0,0 +1,279 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test - common stuff.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef FIPS_INC
+#define FIPS_INC
+
+/* common functions used for FIPS selftests. Due to the modular design of NSS
+ * putting these into libfreebl would mean either amending the API represented
+ * by FREEBLVectorStr - which might cause problems with newer applications, or
+ * extending the API with another similar function set. Thus, to make things
+ * less complicated in the binaries, we mess up the source a bit. */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <limits.h>
+
+#include <prtypes.h>
+#include <prerror.h>
+
+#include <prlink.h>
+
+#include "blapi.h"
+
+#define NSS_FORCE_FIPS_ENV "NSS_FIPS"
+#define FIPS_PROC_PATH "/proc/sys/crypto/fips_enabled"
+
+#define CHECKSUM_SUFFIX ".chk"
+
+typedef enum fips_check_status {
+ CHECK_UNCHECKED = -1,
+ CHECK_OK = 0,
+ CHECK_FAIL,
+ CHECK_FAIL_CRYPTO,
+ CHECK_MISSING
+} fips_check_status;
+
+/* initial value of FIPS state is -1 */
+static int fips_state = -1;
+
+static int fips_wanted = -1;
+
+/* debug messages are sent to stderr */
+static void
+debug(const char *fmt,...)
+{
+#ifdef DEBUG_FIPS
+ va_list args;
+
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ va_end(args);
+ fputc('\n', stderr);
+#endif
+ return;
+}
+
+/* Fatal messages ending with abort(); this function never returns */
+static void __attribute__ ((__noreturn__))
+fatal(const char *fmt,...)
+{
+ va_list args;
+
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ va_end(args);
+ fputc('\n', stderr);
+ abort();
+}
+
+/* check whether FIPS moode is mandated by the kernel */
+static int
+fips_isWantedProc(void)
+{
+ int fips_wanted = 0;
+ int fips_fd;
+ char fips_sys = 0;
+
+ struct stat dummy;
+ if (-1 == stat(FIPS_PROC_PATH, &dummy)) {
+ switch (errno) {
+ case ENOENT:
+ case ENOTDIR:
+ break;
+ default:
+ fatal("Check for system-wide FIPS mode is required and %s cannot"
+ " be accessed for reason other than non-existence - aborting"
+ , FIPS_PROC_PATH);
+ break;
+ }
+ } else {
+ if (-1 == (fips_fd = open(FIPS_PROC_PATH, O_RDONLY))) {
+ fatal("Check for system-wide FIPS mode is required and %s cannot"
+ " be opened for reading - aborting"
+ , FIPS_PROC_PATH);
+ }
+ if (1 > read(fips_fd, &fips_sys, 1)) {
+ fatal("Check for system-wide FIPS mode is required and %s doesn't"
+ " return at least one character - aborting"
+ , FIPS_PROC_PATH);
+ }
+ close(fips_sys);
+ switch (fips_sys) {
+ case '0':
+ case '1':
+ fips_wanted = fips_sys - '0';
+ break;
+ default:
+ fatal("Bogus character %c found in %s - aborting"
+ , fips_sys, FIPS_PROC_PATH);
+ }
+ }
+ return fips_wanted;
+}
+
+/* "legacy" from lib/sysinit/nsssysinit.c */
+static PRBool
+getFIPSEnv(void)
+{
+ char *fipsEnv = getenv("NSS_FIPS");
+ if (!fipsEnv) {
+ return PR_FALSE;
+ }
+ if ((strcasecmp(fipsEnv,"fips") == 0) ||
+ (strcasecmp(fipsEnv,"true") == 0) ||
+ (strcasecmp(fipsEnv,"on") == 0) ||
+ (strcasecmp(fipsEnv,"1") == 0)) {
+ return PR_TRUE;
+ }
+ return PR_FALSE;
+}
+
+static int
+fips_isWantedEnv(void)
+{
+ return getFIPSEnv() ? 1 : 0;
+}
+
+static int
+fips_isWanted(void)
+{
+ int fips_requests = 0;
+#ifdef LINUX
+ fips_requests += fips_isWantedProc();
+#endif
+ fips_requests += fips_isWantedEnv();
+ return fips_requests;
+}
+
+/* check integrity signatures (if present) */
+static fips_check_status
+fips_checkSignature(char *libName, PRFuncPtr addr)
+{
+ PRBool rv;
+ fips_check_status rv_check = CHECK_UNCHECKED;
+ int l = PATH_MAX;
+ int err = 0;
+ int err_NOENT = 0;
+ char full_lib_name[PATH_MAX+1];
+ full_lib_name[0] = '\0';
+
+ if (NULL == libName) {
+ err_NOENT = ENOENT;
+ rv = BLAPI_VerifySelf(SHLIB_PREFIX"freebl"SHLIB_VERSION"."SHLIB_SUFFIX, &err);
+ } else {
+ err_NOENT = PR_FILE_NOT_FOUND_ERROR;
+ strncat(full_lib_name, SHLIB_PREFIX, l);
+ l -= strlen(SHLIB_PREFIX);
+ strncat(full_lib_name, libName, l);
+ l -= strlen(libName);
+ strncat(full_lib_name, SHLIB_VERSION"."SHLIB_SUFFIX, l);
+ l -= strlen(SHLIB_VERSION"."SHLIB_SUFFIX);
+ rv = BLAPI_SHVerify(full_lib_name, addr, &err);
+ }
+
+ if (rv) {
+ rv_check = CHECK_OK;
+ } else {
+ if (err_NOENT == err) {
+ rv_check = CHECK_MISSING;
+ } else {
+ rv_check = CHECK_FAIL;
+ }
+ }
+
+ return rv_check;
+}
+
+/* decide what to do depending on the results of tests and system/required FIPS
+ * mode */
+static int
+fips_resolve(fips_check_status check, char *libName)
+{
+ int state;
+
+ if (fips_wanted) {
+ switch (check) {
+ case CHECK_OK:
+ debug("fips - %s: mandatory checksum ok"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_FAIL:
+ fatal("fips - %s: mandatory checksum failed - aborting"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_FAIL_CRYPTO:
+ fatal("fips - %s: mandatory crypto test failed - aborting"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_MISSING:
+ fatal("fips - %s: mandatory checksum data missing - aborting"
+ , (libName) ? libName : "freebl");
+ break;
+ default:
+ fatal("Fatal error: internal error at %s:%u"
+ , __FILE__, __LINE__);
+ break;
+ }
+ state = 1;
+ } else {
+ switch (check) {
+ case CHECK_OK:
+ debug("fips - %s: checksum ok"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_FAIL:
+ fatal("fips - %s: checksum failed - aborting"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_FAIL_CRYPTO:
+ fatal("fips - %s: crypto test failed - aborting"
+ , (libName) ? libName : "freebl");
+ break;
+ case CHECK_MISSING:
+ debug("fips - %s: mandatory checksum data missing, but not required in non FIPS mode; continuing non-FIPS"
+ , (libName) ? libName : "freebl");
+ break;
+ default:
+ fatal("Fatal error: internal error at %s:%u"
+ , __FILE__, __LINE__);
+ break;
+ }
+ state = 0;
+ }
+ return state;
+}
+
+/* generic selftest
+ * libName and addr are the name of shared object to check and a function
+ * contained therein; (NULL, NULL) performs selfcheck of freebl.
+ * crypto_check is callback that performs cryptographic algorithms checks; NULL
+ * for libraries that do not implement any cryptographic algorithms per se
+ */
+static int
+fips_initTest(char *libName, PRFuncPtr addr, fips_check_status cryptoCheck(void))
+{
+ fips_check_status check = fips_checkSignature(libName, addr);
+
+ fips_wanted = fips_isWanted();
+
+ if ((cryptoCheck) && (CHECK_OK == check)) {
+ check = cryptoCheck();
+ debug("fips - %s: crypto check %s"
+ , (libName) ? libName : "freebl"
+ , (CHECK_OK == check) ? "ok" : "failed");
+ }
+
+ return fips_resolve(check, libName);
+}
+
+#endif
diff --git a/lib/freebl/fips.c b/lib/freebl/fips.c
new file mode 100644
--- /dev/null
+++ b/lib/freebl/fips.c
@@ -0,0 +1,69 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "fips-selftest.inc"
+
+#include "fips.h"
+
+#define RNG_DEV_FIPS0 "/dev/urandom"
+#define RNG_DEV_FIPS1 "/dev/random"
+
+/* crypto algorithms selftest wrapper */
+static fips_check_status
+fips_checkCryptoFreebl(void)
+{
+ /* currently there are no crypto selftets in FreeBL, since it is not
+ * considered to be a stand-alone FIPS crypto module */
+ return CHECK_OK;
+}
+
+/* constructor - load-time selfchecks */
+static void __attribute__ ((constructor))
+fips_initTestFreebl(void)
+{
+ fips_state = fips_initTest(NULL, NULL, fips_checkCryptoFreebl);
+
+ debug("FIPS mode: %i\n", FIPS_mode());
+ return;
+}
+
+/* returns the FIPS mode we are running in or the one that we aspire to if the
+ * tests have not completed yet - which might happen during the crypto selftest
+ */
+int
+FIPS_mode(void)
+{
+ int fips;
+
+ /* until FIPS mode is cleared up, assume we are running in whatever is
+ * wanted by the environment */
+ fips = (-1 != fips_state) ? fips_state : fips_wanted;
+ switch (fips) {
+ case 0:
+ case 1:
+ return fips;
+ default:
+ fatal("Fatal error: internal error at %s:%u"
+ , __FILE__, __LINE__);
+ }
+}
+
+/* returns string specifying what system RNG file to use for seeding */
+char *
+FIPS_rngDev(void)
+{
+ switch (FIPS_mode()) {
+ case 0:
+ return RNG_DEV_FIPS0;
+ case 1:
+ return RNG_DEV_FIPS1;
+ default:
+ fatal("Fatal error: internal error at %s:%u"
+ , __FILE__, __LINE__);
+ }
+}
+
diff --git a/lib/freebl/fips.h b/lib/freebl/fips.h
new file mode 100644
--- /dev/null
+++ b/lib/freebl/fips.h
@@ -0,0 +1,15 @@
+/*
+ * PKCS #11 FIPS Power-Up Self Test.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef FIPS_H
+#define FIPS_H
+
+int FIPS_mode(void);
+char* FIPS_rngDev(void);
+
+#endif
+
diff --git a/lib/freebl/loader.c b/lib/freebl/loader.c
--- a/lib/freebl/loader.c
+++ b/lib/freebl/loader.c
@@ -1217,36 +1217,36 @@ AESKeyWrap_Decrypt(AESKeyWrapContext *cx
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return vector->p_AESKeyWrap_Decrypt(cx, output, outputLen, maxOutputLen,
input, inputLen);
}
PRBool
-BLAPI_SHVerify(const char *name, PRFuncPtr addr)
+BLAPI_SHVerify(const char *name, PRFuncPtr addr, int *err)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return PR_FALSE;
- return vector->p_BLAPI_SHVerify(name, addr);
+ return vector->p_BLAPI_SHVerify(name, addr, err);
}
/*
* The Caller is expected to pass NULL as the name, which will
* trigger the p_BLAPI_VerifySelf() to return 'TRUE'. Pass the real
* name of the shared library we loaded (the static libraryName set
* in freebl_LoadDSO) to p_BLAPI_VerifySelf.
*/
PRBool
-BLAPI_VerifySelf(const char *name)
+BLAPI_VerifySelf(const char *name, int *err)
{
PORT_Assert(!name);
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return PR_FALSE;
- return vector->p_BLAPI_VerifySelf(libraryName);
+ return vector->p_BLAPI_VerifySelf(libraryName, err);
}
/* ============== New for 3.006 =============================== */
SECStatus
EC_NewKey(ECParams * params, ECPrivateKey ** privKey)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
@@ -1831,21 +1831,21 @@ void
SHA224_Clone(SHA224Context *dest, SHA224Context *src)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return;
(vector->p_SHA224_Clone)(dest, src);
}
PRBool
-BLAPI_SHVerifyFile(const char *name)
+BLAPI_SHVerifyFile(const char *name, int *err)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return PR_FALSE;
- return vector->p_BLAPI_SHVerifyFile(name);
+ return vector->p_BLAPI_SHVerifyFile(name, err);
}
/* === new for DSA-2 === */
SECStatus
PQG_ParamGenV2( unsigned int L, unsigned int N, unsigned int seedBytes,
PQGParams **pParams, PQGVerify **pVfy)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
diff --git a/lib/freebl/loader.h b/lib/freebl/loader.h
--- a/lib/freebl/loader.h
+++ b/lib/freebl/loader.h
@@ -294,18 +294,18 @@ struct FREEBLVectorStr {
SECStatus (* p_AESKeyWrap_Decrypt)(AESKeyWrapContext *cx,
unsigned char *output,
unsigned int *outputLen, unsigned int maxOutputLen,
const unsigned char *input, unsigned int inputLen);
/* Version 3.004 came to here */
- PRBool (*p_BLAPI_SHVerify)(const char *name, PRFuncPtr addr);
- PRBool (*p_BLAPI_VerifySelf)(const char *name);
+ PRBool (*p_BLAPI_SHVerify)(const char *name, PRFuncPtr addr, int *err);
+ PRBool (*p_BLAPI_VerifySelf)(const char *name, int *err);
/* Version 3.005 came to here */
SECStatus (* p_EC_NewKey)(ECParams * params,
ECPrivateKey ** privKey);
SECStatus (* p_EC_NewKeyFromSeed)(ECParams * params,
ECPrivateKey ** privKey,
@@ -553,17 +553,17 @@ struct FREEBLVectorStr {
SECStatus (*p_SHA224_HashBuf)(unsigned char *dest, const unsigned char *src,
PRUint32 src_length);
SECStatus (*p_SHA224_Hash)(unsigned char *dest, const char *src);
void (*p_SHA224_TraceState)(SHA224Context *cx);
unsigned int (* p_SHA224_FlattenSize)(SHA224Context *cx);
SECStatus (* p_SHA224_Flatten)(SHA224Context *cx,unsigned char *space);
SHA224Context * (* p_SHA224_Resurrect)(unsigned char *space, void *arg);
void (* p_SHA224_Clone)(SHA224Context *dest, SHA224Context *src);
- PRBool (*p_BLAPI_SHVerifyFile)(const char *name);
+ PRBool (*p_BLAPI_SHVerifyFile)(const char *name, int *err);
/* Version 3.013 came to here */
SECStatus (* p_PQG_ParamGenV2)( unsigned int L, unsigned int N,
unsigned int seedBytes,
PQGParams **pParams, PQGVerify **pVfy);
SECStatus (*p_PRNGTEST_RunHealthTests)(void);
diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn
--- a/lib/freebl/manifest.mn
+++ b/lib/freebl/manifest.mn
@@ -57,16 +57,17 @@ PRIVATE_EXPORTS = \
alghmac.h \
blapi.h \
hmacct.h \
secmpi.h \
secrng.h \
ec.h \
ecl.h \
ecl-curve.h \
+ fips.h \
$(NULL)
MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h mp_gf2m.h
MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c mp_gf2m.c
ECL_HDRS = ecl-exp.h ecl.h ec2.h ecp.h ecl-priv.h
ifndef NSS_DISABLE_ECC
@@ -120,16 +121,17 @@ CSRCS = \
seed.c \
jpake.c \
$(MPI_SRCS) \
$(MPCPU_SRCS) \
$(ECL_SRCS) \
$(STUBS_SRCS) \
$(LOWHASH_SRCS) \
$(EXTRA_SRCS) \
+ fips.c \
$(NULL)
ALL_CSRCS := $(CSRCS)
ALL_HDRS = \
alghmac.h \
blapi.h \
blapit.h \
@@ -139,16 +141,17 @@ ALL_HDRS = \
rijndael.h \
camellia.h \
secmpi.h \
sha_fast.h \
sha256.h \
shsign.h \
vis_proto.h \
seed.h \
+ fips.h \
$(NULL)
ifdef AES_GEN_TBL
DEFINES += -DRIJNDAEL_GENERATE_TABLES
else
ifdef AES_GEN_TBL_M
DEFINES += -DRIJNDAEL_GENERATE_TABLES_MACRO
diff --git a/lib/freebl/nsslowhash.c b/lib/freebl/nsslowhash.c
--- a/lib/freebl/nsslowhash.c
+++ b/lib/freebl/nsslowhash.c
@@ -8,343 +8,75 @@
#include "prtypes.h"
#include "secerr.h"
#include "pkcs11t.h"
#include "blapi.h"
#include "hasht.h"
#include "plhash.h"
#include "nsslowhash.h"
-/* FIPS preprocessor directives for message digests */
-#define FIPS_KNOWN_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-/* Known Hash Message (512-bits). Used for all hashes (incl. SHA-N [N>1]). */
-static const PRUint8 known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
-static CK_RV
-freebl_fips_MD2_PowerUpSelfTest( void )
-{
- /* MD2 Known Digest Message (128-bits). */
- static const PRUint8 md2_known_digest[] = {
- 0x41,0x5a,0x12,0xb2,0x3f,0x28,0x97,0x17,
- 0x0c,0x71,0x4e,0xcc,0x40,0xc8,0x1d,0x1b};
-
- /* MD2 variables. */
- MD2Context * md2_context;
- unsigned int md2_bytes_hashed;
- PRUint8 md2_computed_digest[MD2_LENGTH];
-
-
- /***********************************************/
- /* MD2 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md2_context = MD2_NewContext();
-
- if( md2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- MD2_Begin( md2_context );
-
- MD2_Update( md2_context, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- MD2_End( md2_context, md2_computed_digest, &md2_bytes_hashed, MD2_LENGTH );
-
- MD2_DestroyContext( md2_context , PR_TRUE );
-
- if( ( md2_bytes_hashed != MD2_LENGTH ) ||
- ( PORT_Memcmp( md2_computed_digest, md2_known_digest,
- MD2_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-
-static CK_RV
-freebl_fips_MD5_PowerUpSelfTest( void )
-{
- /* MD5 Known Digest Message (128-bits). */
- static const PRUint8 md5_known_digest[] = {
- 0x25,0xc8,0xc0,0x10,0xc5,0x6e,0x68,0x28,
- 0x28,0xa4,0xa5,0xd2,0x98,0x9a,0xea,0x2d};
-
- /* MD5 variables. */
- PRUint8 md5_computed_digest[MD5_LENGTH];
- SECStatus md5_status;
-
-
- /***********************************************/
- /* MD5 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md5_status = MD5_HashBuf( md5_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( md5_status != SECSuccess ) ||
- ( PORT_Memcmp( md5_computed_digest, md5_known_digest,
- MD5_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-static CK_RV
-freebl_fips_SHA_PowerUpSelfTest( void )
-{
- /* SHA-1 Known Digest Message (160-bits). */
- static const PRUint8 sha1_known_digest[] = {
- 0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b,
- 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0,
- 0xe0,0x68,0x47,0x7a};
-
- /* SHA-224 Known Digest Message (224-bits). */
- static const PRUint8 sha224_known_digest[] = {
- 0x89,0x5e,0x7f,0xfd,0x0e,0xd8,0x35,0x6f,
- 0x64,0x6d,0xf2,0xde,0x5e,0xed,0xa6,0x7f,
- 0x29,0xd1,0x12,0x73,0x42,0x84,0x95,0x4f,
- 0x8e,0x08,0xe5,0xcb};
-
- /* SHA-256 Known Digest Message (256-bits). */
- static const PRUint8 sha256_known_digest[] = {
- 0x38,0xa9,0xc1,0xf0,0x35,0xf6,0x5d,0x61,
- 0x11,0xd4,0x0b,0xdc,0xce,0x35,0x14,0x8d,
- 0xf2,0xdd,0xaf,0xaf,0xcf,0xb7,0x87,0xe9,
- 0x96,0xa5,0xd2,0x83,0x62,0x46,0x56,0x79};
-
- /* SHA-384 Known Digest Message (384-bits). */
- static const PRUint8 sha384_known_digest[] = {
- 0x11,0xfe,0x1c,0x00,0x89,0x48,0xde,0xb3,
- 0x99,0xee,0x1c,0x18,0xb4,0x10,0xfb,0xfe,
- 0xe3,0xa8,0x2c,0xf3,0x04,0xb0,0x2f,0xc8,
- 0xa3,0xc4,0x5e,0xea,0x7e,0x60,0x48,0x7b,
- 0xce,0x2c,0x62,0xf7,0xbc,0xa7,0xe8,0xa3,
- 0xcf,0x24,0xce,0x9c,0xe2,0x8b,0x09,0x72};
-
- /* SHA-512 Known Digest Message (512-bits). */
- static const PRUint8 sha512_known_digest[] = {
- 0xc8,0xb3,0x27,0xf9,0x0b,0x24,0xc8,0xbf,
- 0x4c,0xba,0x33,0x54,0xf2,0x31,0xbf,0xdb,
- 0xab,0xfd,0xb3,0x15,0xd7,0xfa,0x48,0x99,
- 0x07,0x60,0x0f,0x57,0x41,0x1a,0xdd,0x28,
- 0x12,0x55,0x25,0xac,0xba,0x3a,0x99,0x12,
- 0x2c,0x7a,0x8f,0x75,0x3a,0xe1,0x06,0x6f,
- 0x30,0x31,0xc9,0x33,0xc6,0x1b,0x90,0x1a,
- 0x6c,0x98,0x9a,0x87,0xd0,0xb2,0xf8,0x07};
-
- /* SHA-X variables. */
- PRUint8 sha_computed_digest[HASH_LENGTH_MAX];
- SECStatus sha_status;
-
- /*************************************************/
- /* SHA-1 Single-Round Known Answer Hashing Test. */
- /*************************************************/
-
- sha_status = SHA1_HashBuf( sha_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( sha_status != SECSuccess ) ||
- ( PORT_Memcmp( sha_computed_digest, sha1_known_digest,
- SHA1_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- /***************************************************/
- /* SHA-224 Single-Round Known Answer Hashing Test. */
- /***************************************************/
-
- sha_status = SHA224_HashBuf( sha_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( sha_status != SECSuccess ) ||
- ( PORT_Memcmp( sha_computed_digest, sha224_known_digest,
- SHA224_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- /***************************************************/
- /* SHA-256 Single-Round Known Answer Hashing Test. */
- /***************************************************/
-
- sha_status = SHA256_HashBuf( sha_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( sha_status != SECSuccess ) ||
- ( PORT_Memcmp( sha_computed_digest, sha256_known_digest,
- SHA256_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- /***************************************************/
- /* SHA-384 Single-Round Known Answer Hashing Test. */
- /***************************************************/
-
- sha_status = SHA384_HashBuf( sha_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( sha_status != SECSuccess ) ||
- ( PORT_Memcmp( sha_computed_digest, sha384_known_digest,
- SHA384_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- /***************************************************/
- /* SHA-512 Single-Round Known Answer Hashing Test. */
- /***************************************************/
-
- sha_status = SHA512_HashBuf( sha_computed_digest, known_hash_message,
- FIPS_KNOWN_HASH_MESSAGE_LENGTH );
-
- if( ( sha_status != SECSuccess ) ||
- ( PORT_Memcmp( sha_computed_digest, sha512_known_digest,
- SHA512_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-freebl_fipsSoftwareIntegrityTest(void)
-{
- CK_RV crv = CKR_OK;
-
- /* make sure that our check file signatures are OK */
- if (!BLAPI_VerifySelf(SHLIB_PREFIX"freebl"SHLIB_VERSION"."SHLIB_SUFFIX)) {
- crv = CKR_DEVICE_ERROR; /* better error code? checksum error? */
- }
- return crv;
-}
-
+/* FIPS selftests are implemented in library constructors and abort on failure
+ * - if anybody gets to call this function it means the tests passed and this
+ * can be a successful no-op; the integrity selftest that used to be here is
+ * handled by the freebl constructor as well
+ */
CK_RV
freebl_fipsPowerUpSelfTest( void )
{
- CK_RV rv;
-
- /* MD2 Power-Up SelfTest(s). */
- rv = freebl_fips_MD2_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* MD5 Power-Up SelfTest(s). */
- rv = freebl_fips_MD5_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* SHA-X Power-Up SelfTest(s). */
- rv = freebl_fips_SHA_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* Software/Firmware Integrity Test. */
- rv = freebl_fipsSoftwareIntegrityTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* Passed Power-Up SelfTest(s). */
return( CKR_OK );
}
struct NSSLOWInitContextStr {
int count;
};
struct NSSLOWHASHContextStr {
const SECHashObject *hashObj;
void *hashCtxt;
};
-static int nsslow_GetFIPSEnabled(void) {
-#ifdef LINUX
- FILE *f;
- char d;
- size_t size;
-
- f = fopen("/proc/sys/crypto/fips_enabled", "r");
- if (!f)
- return 0;
-
- size = fread(&d, 1, 1, f);
- fclose(f);
- if (size != 1)
- return 0;
- if (d != '1')
- return 0;
-#endif
- return 1;
-}
-
-
-static int post = 0;
-static int post_failed = 0;
-
static NSSLOWInitContext dummyContext = { 0 };
NSSLOWInitContext *
NSSLOW_Init(void)
{
SECStatus rv;
CK_RV crv;
#ifdef FREEBL_NO_DEPEND
PRBool nsprAvailable = PR_FALSE;
rv = FREEBL_InitStubs();
nsprAvailable = (rv == SECSuccess ) ? PR_TRUE : PR_FALSE;
#endif
- if (post_failed) {
- return NULL;
- }
-
-
- if (!post && nsslow_GetFIPSEnabled()) {
- crv = freebl_fipsPowerUpSelfTest();
- if (crv != CKR_OK) {
- post_failed = 1;
- return NULL;
- }
- }
- post = 1;
-
-
return &dummyContext;
}
void
NSSLOW_Shutdown(NSSLOWInitContext *context)
{
PORT_Assert(context == &dummyContext);
return;
}
void
NSSLOW_Reset(NSSLOWInitContext *context)
{
PORT_Assert(context == &dummyContext);
- post_failed = 0;
- post = 0;
return;
}
NSSLOWHASHContext *
NSSLOWHASH_NewContext(NSSLOWInitContext *initContext,
HASH_HashType hashType)
{
NSSLOWHASHContext *context;
- if (post_failed) {
- PORT_SetError(SEC_ERROR_PKCS11_DEVICE_ERROR);
- return NULL;
- }
-
if (initContext != &dummyContext) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return (NULL);
}
context = PORT_ZNew(NSSLOWHASHContext);
if (!context) {
return NULL;
diff --git a/lib/freebl/shvfy.c b/lib/freebl/shvfy.c
--- a/lib/freebl/shvfy.c
+++ b/lib/freebl/shvfy.c
@@ -269,37 +269,37 @@ readItem(PRFileDesc *fd, SECItem *item)
item->data = NULL;
item->len = 0;
return SECFailure;
}
return SECSuccess;
}
PRBool
-BLAPI_SHVerify(const char *name, PRFuncPtr addr)
+BLAPI_SHVerify(const char *name, PRFuncPtr addr, int *err)
{
PRBool result = PR_FALSE; /* if anything goes wrong,
* the signature does not verify */
/* find our shared library name */
char *shName = PR_GetLibraryFilePathname(name, addr);
if (!shName) {
goto loser;
}
- result = BLAPI_SHVerifyFile(shName);
+ result = BLAPI_SHVerifyFile(shName, err);
loser:
if (shName != NULL) {
PR_Free(shName);
}
return result;
}
PRBool
-BLAPI_SHVerifyFile(const char *shName)
+BLAPI_SHVerifyFile(const char *shName, int *err)
{
char *checkName = NULL;
PRFileDesc *checkFD = NULL;
PRFileDesc *shFD = NULL;
void *hashcx = NULL;
const SECHashObject *hashObj = NULL;
SECItem signature = { 0, NULL, 0 };
SECItem hash;
@@ -332,16 +332,19 @@ BLAPI_SHVerifyFile(const char *shName)
/* open the check File */
checkFD = PR_Open(checkName, PR_RDONLY, 0);
if (checkFD == NULL) {
#ifdef DEBUG_SHVERIFY
fprintf(stderr, "Failed to open the check file %s: (%d, %d)\n",
checkName, (int)PR_GetError(), (int)PR_GetOSError());
#endif /* DEBUG_SHVERIFY */
+ if (err) {
+ *err = PORT_GetError();
+ }
goto loser;
}
/* read and Verify the headerthe header */
bytesRead = PR_Read(checkFD, buf, 12);
if (bytesRead != 12) {
goto loser;
}
@@ -490,19 +493,19 @@ loser:
if (key.publicValue.data != NULL) {
PORT_Free(key.publicValue.data);
}
return result;
}
PRBool
-BLAPI_VerifySelf(const char *name)
+BLAPI_VerifySelf(const char *name, int *err)
{
if (name == NULL) {
/*
* If name is NULL, freebl is statically linked into softoken.
* softoken will call BLAPI_SHVerify next to verify itself.
*/
return PR_TRUE;
}
- return BLAPI_SHVerify(name, (PRFuncPtr) decodeInt);
+ return BLAPI_SHVerify(name, (PRFuncPtr) decodeInt, err);
}
diff --git a/lib/softoken/fips.c b/lib/softoken/fips.c
new file mode 100644
--- /dev/null
+++ b/lib/softoken/fips.c
@@ -0,0 +1,26 @@
+#include "../freebl/fips-selftest.inc"
+
+#include "fips.h"
+
+#include "softoken.h"
+
+/* crypto algorithms selftest wrapper */
+static fips_check_status
+fips_checkCryptoSoftoken(void)
+{
+ if (CKR_OK == FIPS_cryptoSelftestSoftoken()) {
+ return CHECK_OK;
+ } else {
+ return CHECK_FAIL_CRYPTO;
+ }
+}
+
+/* constructor - load-time selfchecks */
+static void __attribute__ ((constructor))
+fips_initTestSoftoken(void)
+{
+ fips_state = fips_initTest("softokn", (PRFuncPtr)fips_initTestSoftoken, fips_checkCryptoSoftoken);
+
+ return;
+}
+
diff --git a/lib/softoken/fips.h b/lib/softoken/fips.h
new file mode 100644
--- /dev/null
+++ b/lib/softoken/fips.h
@@ -0,0 +1,10 @@
+#ifndef FIPS_H
+#define FIPS_H
+
+#include "softoken.h"
+
+CK_RV FIPS_cryptoSelftestSoftoken(void);
+CK_RV sftk_fipsPowerUpSelfTest(void);
+
+#endif
+
diff --git a/lib/softoken/fipstest.c b/lib/softoken/fipstest.c
--- a/lib/softoken/fipstest.c
+++ b/lib/softoken/fipstest.c
@@ -77,16 +77,22 @@
#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
#define FIPS_DSA_PRIME_LENGTH 128 /* 1024-bits */
#define FIPS_DSA_BASE_LENGTH 128 /* 1024-bits */
/* FIPS preprocessor directives for RNG. */
#define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */
+/* Do not test algorithms not approved for use in FIPS 140-2 - it adds
+ * unnecessary time and code overhead for no noticable gain.
+ * Build with -DRUN_ALL_SELFTESTS to compile the tests in
+ */
+
+#ifdef RUN_ALL_SELFTESTS
static CK_RV
sftk_fips_RC2_PowerUpSelfTest( void )
{
/* RC2 Known Key (40-bits). */
static const PRUint8 rc2_known_key[] = { "RSARC" };
/* RC2-CBC Known Initialization Vector (64-bits). */
static const PRUint8 rc2_cbc_known_initialization_vector[] = {"Security"};
@@ -402,16 +408,17 @@ sftk_fips_DES_PowerUpSelfTest( void )
if( ( des_status != SECSuccess ) ||
( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
( PORT_Memcmp( des_computed_plaintext, des_cbc_known_plaintext,
FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
return( CKR_DEVICE_ERROR );
return( CKR_OK );
}
+#endif
static CK_RV
sftk_fips_DES3_PowerUpSelfTest( void )
{
/* DES3 Known Key (56-bits). */
static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
@@ -1985,34 +1992,40 @@ sftk_fips_RNG_PowerUpSelfTest( void )
if( ( rng_status != SECSuccess ) ||
( PORT_Memcmp( DSAX, rng_known_DSAX,
(FIPS_DSA_SUBPRIME_LENGTH) ) != 0 ) )
return( CKR_DEVICE_ERROR );
return( CKR_OK );
}
-static CK_RV
-sftk_fipsSoftwareIntegrityTest(void)
+/* FIPS selftests are implemented in library constructors and abort on failure
+ * - if anybody gets to call this function it means the tests passed and this
+ * can be a successful no-op
+ */
+CK_RV
+sftk_fipsPowerUpSelfTest( void )
{
- CK_RV crv = CKR_OK;
-
- /* make sure that our check file signatures are OK */
- if( !BLAPI_VerifySelf( NULL ) ||
- !BLAPI_SHVerify( SOFTOKEN_LIB_NAME, (PRFuncPtr) sftk_fips_HMAC ) ) {
- crv = CKR_DEVICE_ERROR; /* better error code? checksum error? */
- }
- return crv;
+ return CKR_OK;
}
CK_RV
-sftk_fipsPowerUpSelfTest( void )
+FIPS_cryptoSelftestSoftoken( void )
{
CK_RV rv;
+ /* intialise BL */
+ if( SECSuccess != BL_Init() )
+ return CKR_GENERAL_ERROR;
+
+ /* intialise RNG (needed for RSA blinging parameters */
+ if( SECSuccess != RNG_RNGInit() )
+ return CKR_GENERAL_ERROR;
+
+#ifdef RUN_ALL_SELFTESTS
/* RC2 Power-Up SelfTest(s). */
rv = sftk_fips_RC2_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
/* RC4 Power-Up SelfTest(s). */
rv = sftk_fips_RC4_PowerUpSelfTest();
@@ -2020,16 +2033,17 @@ sftk_fipsPowerUpSelfTest( void )
if( rv != CKR_OK )
return rv;
/* DES Power-Up SelfTest(s). */
rv = sftk_fips_DES_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
+#endif
/* DES3 Power-Up SelfTest(s). */
rv = sftk_fips_DES3_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
/* AES Power-Up SelfTest(s) for 128-bit key. */
@@ -2045,27 +2059,29 @@ sftk_fipsPowerUpSelfTest( void )
return rv;
/* AES Power-Up SelfTest(s) for 256-bit key. */
rv = sftk_fips_AES_PowerUpSelfTest(FIPS_AES_256_KEY_SIZE);
if( rv != CKR_OK )
return rv;
+#ifdef RUN_ALL_SELFTESTS
/* MD2 Power-Up SelfTest(s). */
rv = sftk_fips_MD2_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
/* MD5 Power-Up SelfTest(s). */
rv = sftk_fips_MD5_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
+#endif
/* SHA-X Power-Up SelfTest(s). */
rv = sftk_fips_SHA_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
/* HMAC SHA-X Power-Up SelfTest(s). */
@@ -2095,18 +2111,12 @@ sftk_fipsPowerUpSelfTest( void )
#ifndef NSS_DISABLE_ECC
/* ECDSA Power-Up SelfTest(s). */
rv = sftk_fips_ECDSA_PowerUpSelfTest();
if( rv != CKR_OK )
return rv;
#endif
- /* Software/Firmware Integrity Test. */
- rv = sftk_fipsSoftwareIntegrityTest();
-
- if( rv != CKR_OK )
- return rv;
-
/* Passed Power-Up SelfTest(s). */
return( CKR_OK );
}
diff --git a/lib/softoken/fipstokn.c b/lib/softoken/fipstokn.c
--- a/lib/softoken/fipstokn.c
+++ b/lib/softoken/fipstokn.c
@@ -445,30 +445,19 @@ CK_RV FC_Initialize(CK_VOID_PTR pReserve
/* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
if (crv != CKR_OK) {
sftk_fatalError = PR_TRUE;
return crv;
}
sftk_fatalError = PR_FALSE; /* any error has been reset */
- crv = sftk_fipsPowerUpSelfTest();
- if (crv != CKR_OK) {
- nsc_CommonFinalize(NULL, PR_TRUE);
- sftk_fatalError = PR_TRUE;
- if (sftk_audit_enabled) {
- char msg[128];
- PR_snprintf(msg,sizeof msg,
- "C_Initialize()=0x%08lX "
- "power-up self-tests failed",
- (PRUint32)crv);
- sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
- }
- return crv;
- }
+ /* FIPS selftests that were here have been moved to constructors
+ * (freebl, softoken and dbm) as to be executed at library load time */
+
nsf_init = PR_TRUE;
return CKR_OK;
}
/*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
CK_RV crv;
diff --git a/lib/softoken/legacydb/fips.c b/lib/softoken/legacydb/fips.c
new file mode 100644
--- /dev/null
+++ b/lib/softoken/legacydb/fips.c
@@ -0,0 +1,25 @@
+#include "../../freebl/fips-selftest.inc"
+
+#include "fips.h"
+
+/*** private per-module symbols ***/
+
+/* crypto algorithms selftest wrapper */
+static fips_check_status
+fips_checkCryptoDbm(void)
+{
+ /* no checks in dbm */
+ return CHECK_OK;
+}
+
+/* constructor - load-time selfchecks */
+static void __attribute__ ((constructor))
+fips_initTestDbm(void)
+{
+ fips_state = fips_initTest("nssdbm", (PRFuncPtr)fips_checkCryptoDbm, NULL);
+
+ return;
+}
+
+/*** public per-module symbols ***/
+
diff --git a/lib/softoken/legacydb/fips.h b/lib/softoken/legacydb/fips.h
new file mode 100644
--- /dev/null
+++ b/lib/softoken/legacydb/fips.h
@@ -0,0 +1,5 @@
+#ifndef FIPS_H
+#define FIPS_H
+
+#endif
+
diff --git a/lib/softoken/legacydb/manifest.mn b/lib/softoken/legacydb/manifest.mn
--- a/lib/softoken/legacydb/manifest.mn
+++ b/lib/softoken/legacydb/manifest.mn
@@ -2,16 +2,17 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
CORE_DEPTH = ../../..
MODULE = nss
REQUIRES = dbm
+DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
LIBRARY_NAME = nssdbm
LIBRARY_VERSION = 3
MAPFILE = $(OBJDIR)/nssdbm.def
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\"
CSRCS = \
@@ -22,10 +23,11 @@ CSRCS = \
lgdestroy.c \
lgfind.c \
lginit.c \
lgutil.c \
lowcert.c \
lowkey.c \
pcertdb.c \
pk11db.c \
+ fips.c \
$(NULL)
diff --git a/lib/softoken/lgglue.c b/lib/softoken/lgglue.c
--- a/lib/softoken/lgglue.c
+++ b/lib/softoken/lgglue.c
@@ -256,17 +256,17 @@ sftkdbLoad_Legacy(PRBool isFIPS)
LGSetCryptFunc setCryptFunction = NULL;
if (legacy_glue_lib) {
/* this check is necessary because it's possible we loaded the
* legacydb to read secmod.db, which told us whether we were in
* FIPS mode or not. */
if (isFIPS && !legacy_glue_libCheckSucceeded) {
if (legacy_glue_libCheckFailed ||
- !BLAPI_SHVerify(LEGACY_LIB_NAME,(PRFuncPtr)legacy_glue_open)) {
+ !BLAPI_SHVerify(LEGACY_LIB_NAME,(PRFuncPtr)legacy_glue_open, NULL)) {
legacy_glue_libCheckFailed = PR_TRUE;
/* don't clobber legacy glue to avoid race. just let it
* get cleared in shutdown */
return SECFailure;
}
legacy_glue_libCheckSucceeded = PR_TRUE;
}
return SECSuccess;
@@ -295,17 +295,17 @@ sftkdbLoad_Legacy(PRBool isFIPS)
!legacy_glue_releaseSecmod || !legacy_glue_deleteSecmod ||
!legacy_glue_addSecmod || !setCryptFunction) {
PR_UnloadLibrary(lib);
return SECFailure;
}
/* verify the loaded library if we are in FIPS mode */
if (isFIPS) {
- if (!BLAPI_SHVerify(LEGACY_LIB_NAME,(PRFuncPtr)legacy_glue_open)) {
+ if (!BLAPI_SHVerify(LEGACY_LIB_NAME,(PRFuncPtr)legacy_glue_open, NULL)) {
PR_UnloadLibrary(lib);
return SECFailure;
}
legacy_glue_libCheckSucceeded = PR_TRUE;
}
setCryptFunction(sftkdb_encrypt_stub,sftkdb_decrypt_stub);
legacy_glue_lib = lib;
diff --git a/lib/softoken/manifest.mn b/lib/softoken/manifest.mn
--- a/lib/softoken/manifest.mn
+++ b/lib/softoken/manifest.mn
@@ -25,16 +25,17 @@ PRIVATE_EXPORTS = \
lowkeyi.h \
lowkeyti.h \
pkcs11ni.h \
softoken.h \
softoknt.h \
softkver.h \
sdb.h \
sftkdbt.h \
+ fips.h \
$(NULL)
CSRCS = \
fipsaudt.c \
fipstest.c \
fipstokn.c \
lgglue.c \
lowkey.c \
@@ -46,16 +47,17 @@ CSRCS = \
sdb.c \
sftkdb.c \
sftkhmac.c \
sftkpars.c \
sftkpwd.c \
softkver.c \
tlsprf.c \
jpakesftk.c \
+ fips.c \
$(NULL)
ifdef SQLITE_UNSAFE_THREADS
DEFINES += -DSQLITE_UNSAFE_THREADS
endif
# This part of the code, including all sub-dirs, can be optimized for size
export ALLOW_OPT_CODE_SIZE = 1
