fips-check.sh 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476
  1. #!/bin/bash
  2. # fips-check.sh
  3. # This script checks the current revision of the code against the
  4. # previous release of the FIPS code. While wolfSSL and wolfCrypt
  5. # may be advancing, they must work correctly with the last tested
  6. # copy of our FIPS approved code.
  7. #
  8. # This should check out all the approved flavors. The command line
  9. # option selects the flavor.
  10. #
  11. # $ ./fips-check [flavor] [keep]
  12. #
  13. # - flavor: linux (default), ios, android, windows, freertos, linux-ecc, netbsd-selftest, linuxv2, fipsv2-OE-ready, stm32l4-v2, linuxv5, fips-ready, fips-dev
  14. #
  15. # - keep: (default off) XXX-fips-test temp dir around for inspection
  16. #
  17. Usage() {
  18. cat <<usageText
  19. Usage: $0 [flavor [keep]]
  20. Flavor is one of:
  21. linux (default)
  22. ios
  23. android
  24. windows
  25. freertos
  26. openrtos-3.9.2
  27. linux-ecc
  28. netbsd-selftest
  29. marvell-linux-selftest
  30. sgx
  31. netos-7.6
  32. linuxv2 (FIPSv2, use for Win10)
  33. stm32l4-v2 (FIPSv2, use for STM32L4)
  34. wolfrand
  35. solaris
  36. linuxv5 (current FIPS 140-3)
  37. fips-ready (ready FIPS 140-3)
  38. fips-dev (dev FIPS 140-3)
  39. Keep (default off) retains the XXX-fips-test temp dir for inspection.
  40. Example:
  41. $0 windows keep
  42. usageText
  43. }
  44. MAKE='make'
  45. LINUX_FIPS_VERSION=v3.2.6
  46. LINUX_FIPS_REPO=git@github.com:wolfSSL/fips.git
  47. LINUX_CRYPT_VERSION=v3.2.6
  48. LINUX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  49. LINUX_ECC_FIPS_VERSION=v3.10.3
  50. LINUX_ECC_FIPS_REPO=git@github.com:wolfSSL/fips.git
  51. LINUX_ECC_CRYPT_VERSION=v3.2.6
  52. LINUX_ECC_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  53. IOS_FIPS_VERSION=v3.4.8a
  54. IOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
  55. IOS_CRYPT_VERSION=v3.4.8.fips
  56. IOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  57. ANDROID_FIPS_VERSION=v3.5.0
  58. ANDROID_FIPS_REPO=git@github.com:wolfSSL/fips.git
  59. ANDROID_CRYPT_VERSION=v3.5.0
  60. ANDROID_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  61. WINDOWS_FIPS_VERSION=v3.6.6
  62. WINDOWS_FIPS_REPO=git@github.com:wolfSSL/fips.git
  63. WINDOWS_CRYPT_VERSION=v3.6.6
  64. WINDOWS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  65. FREERTOS_FIPS_VERSION=v3.6.1-FreeRTOS
  66. FREERTOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
  67. FREERTOS_CRYPT_VERSION=v3.6.1
  68. FREERTOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  69. OPENRTOS_3_9_2_FIPS_VERSION=v3.9.2-OpenRTOS
  70. OPENRTOS_3_9_2_FIPS_REPO=git@github.com:wolfSSL/fips.git
  71. OPENRTOS_3_9_2_CRYPT_VERSION=v3.6.1
  72. OPENRTOS_3_9_2_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  73. #NOTE: Does not include the SGX examples yet, update version once fipsv2 is
  74. # finished and merge conflicts can be resolved. This will be tagged as
  75. # v3.12.4.sgx-examples
  76. #SGX_FIPS_VERSION=v3.12.4.sgx-examples
  77. SGX_FIPS_VERSION=v3.6.6
  78. SGX_FIPS_REPO=git@github.com:wolfSSL/fips.git
  79. SGX_CRYPT_VERSION=v3.12.4
  80. SGX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  81. NETOS_7_6_FIPS_VERSION=v3.12.6
  82. NETOS_7_6_FIPS_REPO=git@github.com:wolfSSL/fips.git
  83. NETOS_7_6_CRYPT_VERSION=v3.12.4
  84. NETOS_7_6_CRYPT_REPO=git@github.com:cyassl/cyassl.git
  85. # non-FIPS, CAVP only but pull in selftest
  86. # will reset above variables below in flavor switch
  87. NETBSD_FIPS_VERSION=v3.14.2b
  88. NETBSD_FIPS_REPO=git@github.com:wolfssl/fips.git
  89. NETBSD_CRYPT_VERSION=v3.14.2
  90. NETBSD_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
  91. # non-FIPS, CAVP only but pull in selftest
  92. # will reset above variables below in flavor switch
  93. MARVELL_LINUX_FIPS_VERSION=v3.14.2b
  94. MARVELL_LINUX_FIPS_REPO=git@github.com:wolfssl/fips.git
  95. MARVELL_LINUX_CRYPT_VERSION=v4.1.0-stable
  96. MARVELL_LINUX_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
  97. STM32L4_V2_FIPS_VERSION=WCv4.0.1-stable
  98. STM32L4_V2_FIPS_REPO=git@github.com:wolfSSL/fips.git
  99. STM32L4_V2_CRYPT_VERSION=WCv4.0.1-stable
  100. FIPS_SRCS=( fips.c fips_test.c )
  101. WC_MODS=( aes des3 sha sha256 sha512 rsa hmac random aes_asm )
  102. TEST_DIR=XXX-fips-test
  103. CRYPT_INC_PATH=cyassl/ctaocrypt
  104. CRYPT_SRC_PATH=ctaocrypt/src
  105. RNG_VERSION=v3.6.0
  106. FIPS_OPTION=v1
  107. CAVP_SELFTEST_ONLY="no"
  108. GIT="git -c advice.detachedHead=false"
  109. if [ "$1" == "" ]; then FLAVOR="linux"; else FLAVOR="$1"; fi
  110. if [ "$2" == "keep" ]; then KEEP="yes"; else KEEP="no"; fi
  111. case "$FLAVOR" in
  112. ios)
  113. FIPS_VERSION=$IOS_FIPS_VERSION
  114. FIPS_REPO=$IOS_FIPS_REPO
  115. CRYPT_VERSION=$IOS_CRYPT_VERSION
  116. CRYPT_REPO=$IOS_CRYPT_REPO
  117. ;;
  118. android)
  119. FIPS_VERSION=$ANDROID_FIPS_VERSION
  120. FIPS_REPO=$ANDROID_FIPS_REPO
  121. CRYPT_VERSION=$ANDROID_CRYPT_VERSION
  122. CRYPT_REPO=$ANDROID_CRYPT_REPO
  123. ;;
  124. windows)
  125. FIPS_VERSION=$WINDOWS_FIPS_VERSION
  126. FIPS_REPO=$WINDOWS_FIPS_REPO
  127. CRYPT_VERSION=$WINDOWS_CRYPT_VERSION
  128. CRYPT_REPO=$WINDOWS_CRYPT_REPO
  129. ;;
  130. freertos)
  131. FIPS_VERSION=$FREERTOS_FIPS_VERSION
  132. FIPS_REPO=$FREERTOS_FIPS_REPO
  133. CRYPT_VERSION=$FREERTOS_CRYPT_VERSION
  134. CRYPT_REPO=$FREERTOS_CRYPT_REPO
  135. ;;
  136. openrtos-3.9.2)
  137. FIPS_VERSION=$OPENRTOS_3_9_2_FIPS_VERSION
  138. FIPS_REPO=$OPENRTOS_3_9_2_FIPS_REPO
  139. CRYPT_VERSION=$OPENRTOS_3_9_2_CRYPT_VERSION
  140. CRYPT_REPO=$OPENRTOS_3_9_2_CRYPT_REPO
  141. FIPS_CONFLICTS=( aes hmac random sha256 )
  142. ;;
  143. linux)
  144. FIPS_VERSION=$LINUX_FIPS_VERSION
  145. FIPS_REPO=$LINUX_FIPS_REPO
  146. CRYPT_VERSION=$LINUX_CRYPT_VERSION
  147. CRYPT_REPO=$LINUX_CRYPT_REPO
  148. ;;
  149. linux-ecc)
  150. FIPS_VERSION=$LINUX_ECC_FIPS_VERSION
  151. FIPS_REPO=$LINUX_ECC_FIPS_REPO
  152. CRYPT_VERSION=$LINUX_ECC_CRYPT_VERSION
  153. CRYPT_REPO=$LINUX_ECC_CRYPT_REPO
  154. ;;
  155. linuxv2 | fipsv2-OE-ready)
  156. FIPS_VERSION=WCv4-stable
  157. FIPS_REPO=git@github.com:wolfssl/fips.git
  158. CRYPT_VERSION=WCv4-stable
  159. CRYPT_INC_PATH=wolfssl/wolfcrypt
  160. CRYPT_SRC_PATH=wolfcrypt/src
  161. WC_MODS+=( cmac dh ecc sha3 )
  162. RNG_VERSION=WCv4-rng-stable
  163. FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
  164. FIPS_INCS=( fips.h )
  165. FIPS_OPTION=v2
  166. ;;
  167. netbsd-selftest)
  168. FIPS_VERSION=$NETBSD_FIPS_VERSION
  169. FIPS_REPO=$NETBSD_FIPS_REPO
  170. CRYPT_VERSION=$NETBSD_CRYPT_VERSION
  171. CRYPT_REPO=$NETBSD_CRYPT_REPO
  172. FIPS_SRCS=( selftest.c )
  173. WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
  174. CRYPT_INC_PATH=wolfssl/wolfcrypt
  175. CRYPT_SRC_PATH=wolfcrypt/src
  176. CAVP_SELFTEST_ONLY="yes"
  177. ;;
  178. marvell-linux-selftest)
  179. FIPS_VERSION=$MARVELL_LINUX_FIPS_VERSION
  180. FIPS_REPO=$MARVELL_LINUX_FIPS_REPO
  181. CRYPT_VERSION=$MARVELL_LINUX_CRYPT_VERSION
  182. CRYPT_REPO=$MARVELL_LINUX_CRYPT_REPO
  183. FIPS_SRCS=( selftest.c )
  184. WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
  185. CRYPT_INC_PATH=wolfssl/wolfcrypt
  186. CRYPT_SRC_PATH=wolfcrypt/src
  187. CAVP_SELFTEST_ONLY="yes"
  188. CAVP_SELFTEST_OPTION=v2
  189. ;;
  190. sgx)
  191. FIPS_VERSION=$SGX_FIPS_VERSION
  192. FIPS_REPO=$SGX_FIPS_REPO
  193. CRYPT_VERSION=$SGX_CRYPT_VERSION
  194. CRYPT_REPO=$SGX_CRYPT_REPO
  195. ;;
  196. netos-7.6)
  197. FIPS_VERSION=$NETOS_7_6_FIPS_VERSION
  198. FIPS_REPO=$NETOS_7_6_FIPS_REPO
  199. CRYPT_VERSION=$NETOS_7_6_CRYPT_VERSION
  200. CRYPT_REPO=$NETOS_7_6_CRYPT_REPO
  201. ;;
  202. linuxv5)
  203. FIPS_REPO="git@github.com:wolfSSL/fips.git"
  204. FIPS_VERSION="WCv5.0-RC12"
  205. CRYPT_REPO="git@github.com:wolfSSL/wolfssl.git"
  206. CRYPT_VERSION="WCv5.0-RC12"
  207. CRYPT_INC_PATH="wolfssl/wolfcrypt"
  208. CRYPT_SRC_PATH="wolfcrypt/src"
  209. WC_MODS=( aes sha sha256 sha512 rsa hmac random cmac dh ecc sha3 kdf
  210. aes_asm sha256_asm sha512_asm )
  211. RNG_VERSION="WCv5.0-RC12"
  212. FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
  213. FIPS_INCS=( fips.h )
  214. FIPS_OPTION="v5"
  215. COPY_DIRECT=( wolfcrypt/src/aes_gcm_asm.S )
  216. ;;
  217. fips-ready)
  218. FIPS_REPO="git@github.com:wolfSSL/fips.git"
  219. FIPS_VERSION="master"
  220. CRYPT_INC_PATH=wolfssl/wolfcrypt
  221. CRYPT_SRC_PATH=wolfcrypt/src
  222. FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
  223. FIPS_INCS=( fips.h )
  224. FIPS_OPTION=ready
  225. ;;
  226. fips-dev)
  227. FIPS_REPO="git@github.com:wolfSSL/fips.git"
  228. FIPS_VERSION="master"
  229. CRYPT_INC_PATH=wolfssl/wolfcrypt
  230. CRYPT_SRC_PATH=wolfcrypt/src
  231. FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
  232. FIPS_INCS=( fips.h )
  233. FIPS_OPTION=dev
  234. ;;
  235. stm32l4-v2)
  236. FIPS_VERSION=$STM32L4_V2_FIPS_VERSION
  237. FIPS_REPO=$STM32L4_V2_FIPS_REPO
  238. CRYPT_VERSION=$STM32L4_V2_CRYPT_VERSION
  239. CRYPT_INC_PATH=wolfssl/wolfcrypt
  240. CRYPT_SRC_PATH=wolfcrypt/src
  241. # Replace the WC_MODS list for now. Do not want to copy over random.c yet.
  242. WC_MODS=( aes des3 sha sha256 sha512 rsa hmac )
  243. WC_MODS+=( cmac dh ecc )
  244. FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
  245. FIPS_INCS=( fips.h )
  246. FIPS_OPTION=v2
  247. ;;
  248. wolfrand)
  249. FIPS_REPO=git@github.com:wolfssl/fips.git
  250. FIPS_VERSION=WRv4-stable
  251. CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
  252. CRYPT_VERSION=WCv4-stable
  253. CRYPT_INC_PATH=wolfssl/wolfcrypt
  254. CRYPT_SRC_PATH=wolfcrypt/src
  255. RNG_VERSION=WCv4-rng-stable
  256. WC_MODS=( hmac sha256 random )
  257. FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
  258. FIPS_INCS=( fips.h )
  259. FIPS_OPTION=rand
  260. ;;
  261. solaris)
  262. FIPS_VERSION=WCv4-stable
  263. FIPS_REPO=git@github.com:wolfssl/fips.git
  264. CRYPT_VERSION=WCv4-stable
  265. CRYPT_INC_PATH=wolfssl/wolfcrypt
  266. CRYPT_SRC_PATH=wolfcrypt/src
  267. WC_MODS+=( cmac dh ecc sha3 )
  268. RNG_VERSION=WCv4-rng-stable
  269. FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
  270. FIPS_INCS=( fips.h )
  271. FIPS_OPTION=v2
  272. MAKE=gmake
  273. ;;
  274. *)
  275. Usage
  276. exit 1
  277. esac
  278. if ! $GIT clone . "$TEST_DIR"; then
  279. echo "fips-check: Couldn't duplicate current working directory."
  280. exit 1
  281. fi
  282. pushd "$TEST_DIR" || exit 2
  283. case "$FIPS_OPTION" in
  284. *dev)
  285. echo "Don't need to copy in tagged wolfCrypt files for fips-dev."
  286. ;;
  287. *ready)
  288. echo "Don't need to copy in tagged wolfCrypt files for FIPS Ready."
  289. ;;
  290. v1)
  291. # make a clone of the last FIPS release tag
  292. if ! $GIT clone --depth 1 -b "$CRYPT_VERSION" "$CRYPT_REPO" old-tree; then
  293. echo "fips-check: Couldn't checkout the FIPS release."
  294. exit 1
  295. fi
  296. for MOD in "${WC_MODS[@]}"
  297. do
  298. cp "old-tree/$CRYPT_SRC_PATH/${MOD}.c" "$CRYPT_SRC_PATH"
  299. cp "old-tree/$CRYPT_INC_PATH/${MOD}.h" "$CRYPT_INC_PATH"
  300. done
  301. # We are using random.c from a separate release.
  302. # This is forcefully overwriting any other checkout of the cyassl sources.
  303. # Removing this as default behavior for SGX and netos projects.
  304. if [ "$CAVP_SELFTEST_ONLY" == "no" ] && [ "$FLAVOR" != "sgx" ] && \
  305. [ "$FLAVOR" != "netos-7.6" ];
  306. then
  307. pushd old-tree || exit 2
  308. $GIT fetch origin "$RNG_VERSION" || exit $?
  309. $GIT checkout FETCH_HEAD || exit $?
  310. popd || exit 2
  311. cp "old-tree/$CRYPT_SRC_PATH/random.c" "$CRYPT_SRC_PATH"
  312. cp "old-tree/$CRYPT_INC_PATH/random.h" "$CRYPT_INC_PATH"
  313. fi
  314. ;;
  315. v2|rand|v5*)
  316. $GIT branch --no-track "my$CRYPT_VERSION" "$CRYPT_VERSION" || exit $?
  317. # Checkout the fips versions of the wolfCrypt files from the repo.
  318. for MOD in "${WC_MODS[@]}"
  319. do
  320. if [ -f "$CRYPT_SRC_PATH/$MOD.c" ]; then
  321. $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.c" || exit $?
  322. fi
  323. # aes_asm.S, sha256_asm.S sha512_asm.S
  324. if [ -f "$CRYPT_SRC_PATH/$MOD.S" ]; then
  325. echo "Checking out asm file: $MOD.S"
  326. $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.S" || exit $?
  327. fi
  328. # aes_asm.asm
  329. if [ -f "$CRYPT_SRC_PATH/$MOD.asm" ]; then
  330. echo "Checking out asm file: $MOD.asm"
  331. $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.asm" || exit $?
  332. fi
  333. if [ -f "$CRYPT_INC_PATH/$MOD.h" ]; then
  334. $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_INC_PATH/$MOD.h" || exit $?
  335. fi
  336. done
  337. for MOD in "${COPY_DIRECT[@]}"
  338. do
  339. $GIT checkout "my$CRYPT_VERSION" -- "$MOD" || exit $?
  340. done
  341. $GIT branch --no-track "myrng$RNG_VERSION" "$RNG_VERSION" || exit $?
  342. # Checkout the fips versions of the wolfCrypt files from the repo.
  343. $GIT checkout "myrng$RNG_VERSION" -- "$CRYPT_SRC_PATH/random.c" "$CRYPT_INC_PATH/random.h" || exit $?
  344. ;;
  345. *)
  346. echo "fips-check: Invalid FIPS option \"${FIPS_OPTION}\"."
  347. exit 1
  348. ;;
  349. esac
  350. # clone the FIPS repository
  351. case "$FIPS_OPTION" in
  352. *dev)
  353. if ! $GIT clone --depth 1 "$FIPS_REPO" fips; then
  354. echo "fips-check: Couldn't check out the FIPS repository for fips-dev."
  355. exit 1
  356. fi
  357. ;;
  358. *)
  359. if ! $GIT clone --depth 1 -b "$FIPS_VERSION" "$FIPS_REPO" fips; then
  360. echo "fips-check: Couldn't check out ${FIPS_VERSION} from repository ${FIPS_REPO}."
  361. exit 1
  362. fi
  363. ;;
  364. esac
  365. for SRC in "${FIPS_SRCS[@]}"
  366. do
  367. cp "fips/$SRC" "$CRYPT_SRC_PATH"
  368. done
  369. for INC in "${FIPS_INCS[@]}"
  370. do
  371. cp "fips/$INC" "$CRYPT_INC_PATH"
  372. done
  373. # When checking out cert 3389 ready code, NIST will no longer perform
  374. # new certifications on 140-2 modules. If we were to use the latest files from
  375. # master that would require re-cert due to changes in the module boundary.
  376. # Since OE additions can still be processed for cert3389 we will call 140-2
  377. # ready "fipsv2-OE-ready" indicating it is ready to use for an OE addition but
  378. # would not be good for a new certification effort with the latest files.
  379. if [ "$FLAVOR" = "fipsv2-OE-ready" ]; then
  380. OLD_VERSION=" return \"v4.0.0-alpha\";"
  381. OE_READY_VERSION=" return \"fipsv2-OE-ready\";"
  382. cp "${CRYPT_SRC_PATH}/fips.c" "${CRYPT_SRC_PATH}/fips.c.bak"
  383. sed "s/^${OLD_VERSION}/${OE_READY_VERSION}/" "${CRYPT_SRC_PATH}/fips.c.bak" >"${CRYPT_SRC_PATH}/fips.c"
  384. fi
  385. # run the make test
  386. ./autogen.sh
  387. if [ "$CAVP_SELFTEST_ONLY" == "yes" ];
  388. then
  389. if [ "$CAVP_SELFTEST_OPTION" == "v2" ]
  390. then
  391. ./configure --enable-selftest=v2
  392. else
  393. ./configure --enable-selftest
  394. fi
  395. else
  396. ./configure --enable-fips=$FIPS_OPTION
  397. fi
  398. if ! $MAKE; then
  399. echo "fips-check: Make failed. Debris left for analysis."
  400. exit 3
  401. fi
  402. if [ "$CAVP_SELFTEST_ONLY" == "no" ];
  403. then
  404. NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
  405. if [ -n "$NEWHASH" ]; then
  406. cp "${CRYPT_SRC_PATH}/fips_test.c" "${CRYPT_SRC_PATH}/fips_test.c.bak"
  407. sed "s/^\".*\";/\"${NEWHASH}\";/" "${CRYPT_SRC_PATH}/fips_test.c.bak" >"${CRYPT_SRC_PATH}/fips_test.c"
  408. make clean
  409. fi
  410. fi
  411. if ! $MAKE test; then
  412. echo "fips-check: Test failed. Debris left for analysis."
  413. exit 3
  414. fi
  415. if [ ${#FIPS_CONFLICTS[@]} -ne 0 ];
  416. then
  417. echo "Due to the way this package is compiled by the customer duplicate"
  418. echo "source file names are an issue, renaming:"
  419. for FNAME in "${FIPS_CONFLICTS[@]}"
  420. do
  421. echo "wolfcrypt/src/$FNAME.c to wolfcrypt/src/wc_$FNAME.c"
  422. mv "./wolfcrypt/src/$FNAME.c" "./wolfcrypt/src/wc_$FNAME.c"
  423. done
  424. echo "Confirming files were renamed..."
  425. ls -la ./wolfcrypt/src/wc_*.c
  426. fi
  427. # Clean up
  428. popd || exit 2
  429. if [ "$KEEP" == "no" ];
  430. then
  431. rm -rf "$TEST_DIR"
  432. fi