diff options
author | kste <kste@google.com> | 2021-04-16 07:33:15 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2021-04-16 07:33:51 -0700 |
commit | 47b6e1783c8dc1eaed150632efd2ceb50f3f867c (patch) | |
tree | e62a25949509a252b05e42065289b9e3efaeea0a /cc/daead | |
parent | 564daf0fd1e6a27ef469fdb0b85ffb60e3a0375e (diff) | |
download | tink-47b6e1783c8dc1eaed150632efd2ceb50f3f867c.tar.gz |
Refactor tink fips into an internal and public part.
Create a new fips_util target which captures all internal functions used for implementing the FIPS checks and puts it in the internal namespace.
The tink_fips.h now only provides functions which are part of the public API.
PiperOrigin-RevId: 368843791
Diffstat (limited to 'cc/daead')
-rw-r--r-- | cc/daead/aes_siv_key_manager.h | 4 | ||||
-rw-r--r-- | cc/daead/deterministic_aead_config.cc | 2 | ||||
-rw-r--r-- | cc/daead/deterministic_aead_config_test.cc | 6 |
3 files changed, 4 insertions, 8 deletions
diff --git a/cc/daead/aes_siv_key_manager.h b/cc/daead/aes_siv_key_manager.h index f82dd46d2..ba83794bd 100644 --- a/cc/daead/aes_siv_key_manager.h +++ b/cc/daead/aes_siv_key_manager.h @@ -107,10 +107,6 @@ class AesSivKeyManager return key; } - FipsCompatibility FipsStatus() const override { - return FipsCompatibility::kNotFips; - } - private: crypto::tink::util::Status ValidateKeySize(uint32_t key_size) const { if (key_size != kKeySizeInBytes) { diff --git a/cc/daead/deterministic_aead_config.cc b/cc/daead/deterministic_aead_config.cc index f745f9dd0..749f8cf4a 100644 --- a/cc/daead/deterministic_aead_config.cc +++ b/cc/daead/deterministic_aead_config.cc @@ -40,7 +40,7 @@ const RegistryConfig& DeterministicAeadConfig::Latest() { util::Status DeterministicAeadConfig::Register() { // Currently there are no FIPS-validated deterministic AEAD key managers // available, therefore none will be registered in FIPS only mode. - if (kUseOnlyFips) { + if (IsFipsModeEnabled()) { return util::OkStatus(); } diff --git a/cc/daead/deterministic_aead_config_test.cc b/cc/daead/deterministic_aead_config_test.cc index 8bada4d3b..bed325b20 100644 --- a/cc/daead/deterministic_aead_config_test.cc +++ b/cc/daead/deterministic_aead_config_test.cc @@ -46,7 +46,7 @@ class DeterministicAeadConfigTest : public ::testing::Test { }; TEST_F(DeterministicAeadConfigTest, Basic) { - if (kUseOnlyFips) { + if (IsFipsModeEnabled()) { GTEST_SKIP() << "Not supported in FIPS-only mode"; } @@ -64,7 +64,7 @@ TEST_F(DeterministicAeadConfigTest, Basic) { // Tests that the DeterministicAeadWrapper has been properly registered and we // can wrap primitives. TEST_F(DeterministicAeadConfigTest, WrappersRegistered) { - if (kUseOnlyFips) { + if (IsFipsModeEnabled()) { GTEST_SKIP() << "Not supported in FIPS-only mode"; } @@ -102,7 +102,7 @@ TEST_F(DeterministicAeadConfigTest, WrappersRegistered) { } TEST_F(DeterministicAeadConfigTest, RegisterFipsValidTemplates) { - if (!kUseOnlyFips) { + if (!IsFipsModeEnabled()) { GTEST_SKIP() << "Only supported in FIPS-only mode"; } |