Remove OPENSSL_FIPSCANISTER code.

[openssl.git] / crypto / crypto.h

diff --git a/crypto/crypto.h b/crypto/crypto.h
index e771206a1ba9d9726ce268bbc3637f0c95991206..4b542ce622a09f24d00ef3c92cd07ee905d2e6fe 100644 (file)
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -118,6 +118,7 @@
 #define HEADER_CRYPTO_H
 
 #include <stdlib.h>
+#include <time.h>
 
 #include <openssl/e_os2.h>
 
@@ -138,6 +139,16 @@
    one way or another */
 #include <openssl/symhacks.h>
 
+/* For FIPS mode rename all OpenSSL symbols to avoid clashes with a
+ * non-FIPS OpenSSL.
+ */
+
+#if defined(OPENSSL_FIPSCANISTER)
+# include <openssl/fipssyms.h>
+#else
+# define __fips_constseg
+#endif
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
@@ -379,6 +390,7 @@ int CRYPTO_is_mem_check_on(void);
 #define OPENSSL_malloc_locked(num) \
        CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
 #define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
+#define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
 
 const char *SSLeay_version(int type);
@@ -488,10 +500,10 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
                                    long (**go)(void));
 
 void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
+void CRYPTO_free_locked(void *ptr);
 void *CRYPTO_malloc(int num, const char *file, int line);
 char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *);
+void CRYPTO_free(void *ptr);
 void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
 void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
                           int line);
@@ -545,6 +557,19 @@ void OpenSSLDie(const char *file,int line,const char *assertion);
 
 unsigned int *OPENSSL_ia32cap_loc(void);
 #define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
+int OPENSSL_isservice(void);
+
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
+
+void OPENSSL_init(void);
+
+/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
+ * takes an amount of time dependent on |len|, but independent of the contents
+ * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
+ * defined order as the return value when a != b is undefined, other than to be
+ * non-zero. */
+int CRYPTO_memcmp(const void *a, const void *b, size_t len);
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -552,6 +577,11 @@ unsigned int *OPENSSL_ia32cap_loc(void);
  */
 void ERR_load_CRYPTO_strings(void);
 
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec,
+                       const struct tm *from, const struct tm *to);
+
 /* Error codes for the CRYPTO functions. */
 
 /* Function codes. */
@@ -561,11 +591,13 @@ void ERR_load_CRYPTO_strings(void);
 #define CRYPTO_F_CRYPTO_SET_EX_DATA                     102
 #define CRYPTO_F_DEF_ADD_INDEX                          104
 #define CRYPTO_F_DEF_GET_CLASS                          105
+#define CRYPTO_F_FIPS_MODE_SET                          109
 #define CRYPTO_F_INT_DUP_EX_DATA                        106
 #define CRYPTO_F_INT_FREE_EX_DATA                       107
 #define CRYPTO_F_INT_NEW_EX_DATA                        108
 
 /* Reason codes. */
+#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                101
 #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK             100
 
 #ifdef  __cplusplus