*/
#include <openssl/opensslconf.h>
+#include <stdarg.h>
#ifndef OPENSSL_FIPS
#error FIPS is disabled.
extern "C" {
#endif
+#ifndef OPENSSL_FIPSCANISTER
+#define OPENSSL_FIPSCAPABLE
+#endif
+
struct dsa_st;
struct ec_key_st;
struct rsa_st;
struct evp_pkey_st;
struct env_md_st;
+struct env_md_ctx_st;
struct evp_cipher_st;
struct evp_cipher_ctx_st;
+struct ec_method_st;
+struct ecdsa_method;
+struct dh_method;
int FIPS_module_mode_set(int onoff);
int FIPS_module_mode(void);
int (*add_cb)(int *pointer, int amount,
int type, const char *file, int line));
+void FIPS_set_error_callbacks(
+ void (*put_cb)(int lib, int func,int reason,const char *file,int line),
+ void (*add_cb)(int num, va_list args) );
+
void FIPS_set_malloc_callbacks(
void *(*malloc_cb)(int num, const char *file, int line),
void (*free_cb)(void *));
const unsigned char *ciphertext,
int len);
+const struct env_md_st *FIPS_get_digestbynid(int nid);
+
+struct rsa_st *FIPS_rsa_new(void);
+void FIPS_rsa_free(struct rsa_st *r);
+int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_sign_digest(struct rsa_st *rsa,
+ const unsigned char *md, int md_len,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_verify_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ const unsigned char *sigbuf, unsigned int siglen);
+int FIPS_rsa_verify_digest(struct rsa_st *rsa,
+ const unsigned char *dig, int diglen,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ const unsigned char *sigbuf, unsigned int siglen);
+
#ifndef OPENSSL_FIPSCANISTER
int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
const EVP_MD *FIPS_evp_dss(void);
const EVP_MD *FIPS_evp_ecdsa(void);
+const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void);
+int FIPS_rsa_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+const struct ec_method_st *fips_ec_gf2m_simple_method(void);
+const struct ec_method_st *fips_ec_gfp_simple_method(void);
+const struct ec_method_st *fips_ec_gfp_mont_method(void);
+const struct ec_method_st *fips_ec_gfp_nist_method(void);
+
+const struct ecdsa_method *FIPS_ecdsa_openssl(void);
+const struct ecdh_method *FIPS_ecdh_openssl(void);
+
+int FIPS_ec_key_generate_key(struct ec_key_st *key);
+
+const struct dh_method *FIPS_dh_openssl(void);
+
#endif
/* Where necessary redirect standard OpenSSL APIs to FIPS versions */