/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
*/
#include <openssl/opensslconf.h>
+#include <stdarg.h>
#ifndef OPENSSL_FIPS
#error FIPS is disabled.
extern "C" {
#endif
+#ifndef OPENSSL_FIPSCANISTER
+#define OPENSSL_FIPSCAPABLE
+#endif
+
struct dsa_st;
struct ec_key_st;
struct rsa_st;
struct evp_pkey_st;
struct env_md_st;
+struct env_md_ctx_st;
struct evp_cipher_st;
struct evp_cipher_ctx_st;
+struct ec_method_st;
+struct ecdsa_method;
+struct dh_method;
+struct CMAC_CTX_st;
int FIPS_module_mode_set(int onoff);
int FIPS_module_mode(void);
int (*add_cb)(int *pointer, int amount,
int type, const char *file, int line));
+void FIPS_set_error_callbacks(
+ void (*put_cb)(int lib, int func,int reason,const char *file,int line),
+ void (*add_cb)(int num, va_list args) );
+
void FIPS_set_malloc_callbacks(
void *(*malloc_cb)(int num, const char *file, int line),
void (*free_cb)(void *));
const unsigned char *ciphertext,
int len);
+const struct env_md_st *FIPS_get_digestbynid(int nid);
+
+struct rsa_st *FIPS_rsa_new(void);
+void FIPS_rsa_free(struct rsa_st *r);
+int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_sign_digest(struct rsa_st *rsa,
+ const unsigned char *md, int md_len,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_verify_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ const unsigned char *sigbuf, unsigned int siglen);
+int FIPS_rsa_verify_digest(struct rsa_st *rsa,
+ const unsigned char *dig, int diglen,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ const unsigned char *sigbuf, unsigned int siglen);
+
#ifndef OPENSSL_FIPSCANISTER
int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
+int FIPS_digestupdate(EVP_MD_CTX *ctx, const void *data, size_t count);
+int FIPS_digestfinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size);
+int FIPS_md_ctx_cleanup(EVP_MD_CTX *ctx);
+
+int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv, int enc);
+int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, unsigned int inl);
+int FIPS_cipher_ctx_cleanup(EVP_CIPHER_CTX *c);
const EVP_CIPHER *FIPS_evp_aes_128_cbc(void);
const EVP_CIPHER *FIPS_evp_aes_128_ccm(void);
const EVP_MD *FIPS_evp_sha256(void);
const EVP_MD *FIPS_evp_sha384(void);
const EVP_MD *FIPS_evp_sha512(void);
+const EVP_MD *FIPS_evp_dss1(void);
+const EVP_MD *FIPS_evp_dss(void);
+const EVP_MD *FIPS_evp_ecdsa(void);
+
+const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void);
+int FIPS_rsa_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+const struct dsa_method *FIPS_dsa_openssl(void);
+int FIPS_dsa_generate_key(DSA *dsa);
+int FIPS_dsa_generate_parameters_ex(DSA *dsa, int bits,
+ const unsigned char *seed,int seed_len,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+int fips_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+ unsigned char *seed_out,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+const struct ec_method_st *fips_ec_gf2m_simple_method(void);
+const struct ec_method_st *fips_ec_gfp_simple_method(void);
+const struct ec_method_st *fips_ec_gfp_mont_method(void);
+const struct ec_method_st *fips_ec_gfp_nist_method(void);
+
+const struct ecdsa_method *FIPS_ecdsa_openssl(void);
+const struct ecdh_method *FIPS_ecdh_openssl(void);
+
+int FIPS_ec_key_generate_key(struct ec_key_st *key);
+
+const struct dh_method *FIPS_dh_openssl(void);
+int FIPS_dh_generate_parameters_ex(DH *dh, int prime_len,
+ int generator, BN_GENCB *cb);
+
+int FIPS_cmac_init(struct CMAC_CTX_st *ctx, const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl);
+int FIPS_cmac_update(struct CMAC_CTX_st *ctx, const void *in, size_t dlen);
+int FIPS_cmac_final(struct CMAC_CTX_st *ctx, unsigned char *out,
+ size_t *poutlen);
+void FIPS_cmac_ctx_cleanup(struct CMAC_CTX_st *ctx);
#endif
projects / openssl.git / blobdiff