err_status_t
crypto_kernel_init() {
err_status_t status;
/* initialize error reporting system */
status = err_reporting_init("crypto");
if (status)
return status;
/* load debug modules */
status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_auth);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_cipher);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_stat);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_alloc);
if (status)
return status;
/* initialize random number generator */
status = rand_source_init();
if (status)
return status;
/* run FIPS-140 statistical tests on rand_source */
status = stat_test_rand_source(rand_source_get_octet_string);
if (status)
return status;
/* initialize pseudorandom number generator */
status = ctr_prng_init(rand_source_get_octet_string);
if (status)
return status;
/* run FIPS-140 statistical tests on ctr_prng */
status = stat_test_rand_source(ctr_prng_get_octet_string);
if (status)
return status;
/* load cipher types */
status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_cbc, AES_128_CBC);
if (status)
return status;
/* load auth func types */
status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
if (status)
return status;
status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
if (status)
return status;
/* change state to secure */
crypto_kernel.state = crypto_kernel_state_secure;
return err_status_ok;
}
err_status_t
crypto_kernel_init() {
err_status_t status;
/* check the security state */
if (crypto_kernel.state == crypto_kernel_state_secure) {
/*
* we're already in the secure state, but we've been asked to
* re-initialize, so we just re-run the self-tests and then return
*/
return crypto_kernel_status();
}
/* initialize error reporting system */
status = err_reporting_init("crypto");
if (status)
return status;
/* load debug modules */
status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_auth);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_cipher);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_stat);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_alloc);
if (status)
return status;
/* initialize random number generator */
status = rand_source_init();
if (status)
return status;
/* run FIPS-140 statistical tests on rand_source */
status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
if (status)
return status;
/* initialize pseudorandom number generator */
status = ctr_prng_init(rand_source_get_octet_string);
if (status)
return status;
/* run FIPS-140 statistical tests on ctr_prng */
status = stat_test_rand_source_with_repetition(ctr_prng_get_octet_string, MAX_RNG_TRIALS);
if (status)
return status;
/* load cipher types */
status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_cbc_cipher, AES_128_CBC);
if (status)
return status;
/* load auth func types */
status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
if (status)
return status;
status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
if (status)
return status;
/* change state to secure */
crypto_kernel.state = crypto_kernel_state_secure;
return err_status_ok;
}
