FIPS: add lc_fips_integrity_checker API

smuellerDD · smuellerDD · commit 59f621a44b38 · 2025-03-01T19:51:00.000+01:00
Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
diff --git a/README.fips.md b/README.fips.md
@@ -42,11 +42,13 @@ NOTE2: The referenced ACVP proxy definitions explicitly exclude SHA LDT tests. T
 
 The `leancrypto-fips` FIPS module implements a global service indicator. This implies that all algorithms are FIPS-approved and the fact that the FIPS module is active is the indicator that FIPS-approved services are available.
 
+The API of `lc_status` provides the version information along with the status whether the FIPS mode is active.
+
 ## Cryptographic Algorithm Self Test
 
 Each cryptographic algorithm has its own power-up self test which is executed before this algorithm is used for the first time.
 
-The caller may trigger a complete new round of self tests, i.e. all algorithms will perform a new self test before the next use, when using the API of `lc_rerun_selftests`.
+The caller may trigger a complete new round of self tests, i.e. all algorithms will perform a new self test before the next use, when using the API of `lc_rerun_selftests`. To reperform the integrity test, the API `lc_fips_integrity_checker` is provided.
 
 When a self-test fails, `leancrypto-fips` aborts and terminates itself as well as the calling application.
 
diff --git a/internal/api/lc_status.h b/internal/api/lc_status.h
@@ -32,6 +32,13 @@ extern "C" {
  */
 void lc_rerun_selftests(void);
 
+/**
+ * @brief Re-run the FIPS 140 integrity test
+ *
+ * \note This API is only present in the FIPS module instance of leancrypto.
+ */
+void lc_fips_integrity_checker(void);
+
 /**
  * @brief Status information about leancrypto
  *
diff --git a/internal/src/fips_integrity_checker_elf.c b/internal/src/fips_integrity_checker_elf.c
@@ -20,6 +20,8 @@
 #include "build_bug_on.h"
 #include "fips_integrity_check.h"
 #include "helper.h"
+#include "lc_status.h"
+#include "visibility.h"
 
 /*
  * The GNU linker creates these variables as start and endpoint of ELF sections
@@ -179,17 +181,22 @@ fips_integrity_checker_build(struct lc_fips_integrity_section_actual *act)
 	fprintf(stderr, "} };\n");
 }
 
-/*
- * This constructor is part of the regular "text" section and thus subject to
- * the integrity test.
- */
-__attribute__((constructor)) static void fips_integrity_checker(void)
+LC_INTERFACE_FUNCTION(void, lc_fips_integrity_checker, void)
 {
 	struct lc_fips_integrity_section_actual act[ARRAY_SIZE(secs)];
 
-	fips140_mode_enable();
 	if (fips_integrity_check(secs, act, ARRAY_SIZE(secs))) {
 		fips_integrity_checker_build(act);
 		exit(1);
 	}
 }
+
+/*
+ * This constructor is part of the regular "text" section and thus subject to
+ * the integrity test.
+ */
+__attribute__((constructor)) static void fips_integrity_checker_dep(void)
+{
+	fips140_mode_enable();
+	lc_fips_integrity_checker();
+}
diff --git a/internal/src/meson.build b/internal/src/meson.build
@@ -41,6 +41,11 @@ if (host_machine.system() == 'linux' and get_option('efi').disabled())
 	src_fips_wrapper_generator += files([
 		'fips_integrity_checker_elf_generator.c'
 	])
+else
+	# Catchall for all other environments
+	src_fips_wrapper += files([
+		'fips_integrity_checker_none.c'
+	])
 endif
 
 if (dilithium_enabled or
diff --git a/linux_kernel/Kbuild.basics b/linux_kernel/Kbuild.basics
@@ -81,6 +81,7 @@ leancrypto-y			+= ../internal/src/left_encode.o	       \
 				   ../internal/src/compare.o		       \
 				   ../internal/src/fips_integrity_check.o      \
 				   ../internal/src/null_buffer.o	       \
+				   ../internal/src/fips_integrity_checker_none.o\
 				   ../internal/src/status.o
 
 leancrypto-$(CONFIG_LEANCRYPTO_SIG_SUPPORT)				       \
diff --git a/meson.build b/meson.build
@@ -249,9 +249,6 @@ meson.add_dist_script(dist_script, meson.project_version())
 # Find Doxygen program
 doxygen = find_program('doxygen', required : false)
 
-# Find objcopy
-objcopy = find_program('objcopy', required : false)
-
 ################################################################################
 # EFI-specific defines
 ################################################################################
diff --git a/ml-dsa/tests/dilithium_keygen_fips_tester.c b/ml-dsa/tests/dilithium_keygen_fips_tester.c
@@ -20,6 +20,7 @@
 #include "ext_headers.h"
 #include "lc_dilithium.h"
 #include "lc_sha3.h"
+#include "lc_status.h"
 #include "ret_checkers.h"
 #include "small_stack_support.h"
 #include "visibility.h"
@@ -41,6 +42,9 @@ static int dilithium_keygen_fips_tester(void)
 	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
 	int ret = 0;
 
+	/* Rerun power up integrity test */
+	lc_fips_integrity_checker();
+
 	CKINT(lc_dilithium_keypair(&ws->pk, &ws->sk, lc_seeded_rng,
 				   DILITHIUM_TYPE));
 
diff --git a/ml-kem/tests/kyber_keygen_fips_tester.c b/ml-kem/tests/kyber_keygen_fips_tester.c
@@ -18,6 +18,7 @@
  */
 
 #include "lc_kyber.h"
+#include "lc_status.h"
 #include "ret_checkers.h"
 #include "small_stack_support.h"
 #include "visibility.h"
@@ -42,6 +43,9 @@ static int kyber_keygen(void)
 #error
 #endif
 
+	/* Rerun power up integrity test */
+	lc_fips_integrity_checker();
+
 	CKINT(lc_kyber_keypair(&ws->pk, &ws->sk, lc_seeded_rng, kyber_type));
 
 out:
diff --git a/slh-dsa/tests/sphincs_keygen_fips_tester.c b/slh-dsa/tests/sphincs_keygen_fips_tester.c
@@ -20,6 +20,7 @@
 #include "compare.h"
 #include "cpufeatures.h"
 #include "lc_sphincs.h"
+#include "lc_status.h"
 #include "small_stack_support.h"
 #include "ret_checkers.h"
 #include "visibility.h"
@@ -47,6 +48,9 @@ static int lc_sphincs_fips_keygen_test(void)
 	int ret;
 	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
 
+	/* Rerun power up integrity test */
+	lc_fips_integrity_checker();
+
 	CKINT(lc_sphincs_keypair(&ws->pk, &ws->sk, lc_seeded_rng,
 				 lc_sphincs_type));
 
