Add ignored FIPS options to evp.h change clashing flag value.

[openssl.git] / crypto / evp / evp.h

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 985ff2f5a96cdc572f8538b537acfde059b2ce4a..8c7741932bb149a79425d89bbf675a80305cce51 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -279,15 +279,23 @@ struct env_md_ctx_st
                                                * cleaned */
 #define EVP_MD_CTX_FLAG_REUSE          0x0004 /* Don't free up ctx->md_data
                                                * in EVP_MD_CTX_cleanup */
-#define EVP_MD_CTX_FLAG_NO_INIT                0x0008 /* Don't initialized md_data */
+/* FIPS and pad options are ignored in 1.0.0, definitions are here
+ * so we don't accidentally reuse the values for other purposes.
+ */
 
-/* MD operational flags */
+#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008  /* Allow use of non FIPS digest
+                                                * in FIPS mode */
 
-#define EVP_MD_CTX_FLAG_OP_MASK                0x00f0
+/* The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
+#define EVP_MD_CTX_FLAG_PAD_MASK       0xF0    /* RSA mode to use */
+#define EVP_MD_CTX_FLAG_PAD_PKCS1      0x00    /* PKCS#1 v1.5 mode */
+#define EVP_MD_CTX_FLAG_PAD_X931       0x10    /* X9.31 mode */
+#define EVP_MD_CTX_FLAG_PAD_PSS                0x20    /* PSS mode */
 
-#define EVP_MD_CTX_FLAG_OP_DIGEST      0x0000
-#define EVP_MD_CTX_FLAG_OP_SIGN                0x0010
-#define EVP_MD_CTX_FLAG_OP_VERIFY      0x0020
+#define EVP_MD_CTX_FLAG_NO_INIT                0x0100 /* Don't initialize md_data */
 
 struct evp_cipher_st
        {
@@ -421,6 +429,7 @@ int EVP_MD_type(const EVP_MD *md);
 int EVP_MD_pkey_type(const EVP_MD *md);        
 int EVP_MD_size(const EVP_MD *md);
 int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
 
 const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
 #define EVP_MD_CTX_size(e)             EVP_MD_size(EVP_MD_CTX_md(e))
@@ -1142,7 +1151,7 @@ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
        int (*encrypt_init)(EVP_PKEY_CTX *ctx),
-       int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+       int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
                                        const unsigned char *in, size_t inlen));
 
 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
@@ -1183,6 +1192,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_F_EVP_DIGESTINIT_EX                                 128
 #define EVP_F_EVP_ENCRYPTFINAL_EX                       127
 #define EVP_F_EVP_MD_CTX_COPY_EX                        110
+#define EVP_F_EVP_MD_SIZE                               162
 #define EVP_F_EVP_OPENINIT                              102
 #define EVP_F_EVP_PBE_ALG_ADD                           115
 #define EVP_F_EVP_PBE_ALG_ADD_TYPE                      160
@@ -1262,6 +1272,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_INVALID_OPERATION                                 148
 #define EVP_R_IV_TOO_LARGE                              102
 #define EVP_R_KEYGEN_FAILURE                            120
+#define EVP_R_MESSAGE_DIGEST_IS_NULL                    159
 #define EVP_R_METHOD_NOT_SUPPORTED                      144
 #define EVP_R_MISSING_PARAMETERS                        103
 #define EVP_R_NO_CIPHER_SET                             131