X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=fips%2Ffips.h;h=b6263575c3cc37ad021f78370de76b42b16004be;hp=7a079ef7ff43c30a4a52ec63c0d7bd1988c4019b;hb=73c92dfa0c15d7932d86130a525d1a1bc43c312a;hpb=2bfeb7dc831f0bbe4ba6f9347f792a45d72d1e20 diff --git a/fips/fips.h b/fips/fips.h index 7a079ef7ff..b6263575c3 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -81,7 +81,7 @@ struct hmac_ctx_st; unsigned long FIPS_module_version(void); const char *FIPS_module_version_text(void); -int FIPS_module_mode_set(int onoff); +int FIPS_module_mode_set(int onoff, const char *auth); int FIPS_module_mode(void); const void *FIPS_rand_check(void); int FIPS_selftest(void); @@ -97,9 +97,8 @@ int FIPS_selftest_rsa(void); int FIPS_selftest_dsa(void); int FIPS_selftest_ecdsa(void); int FIPS_selftest_ecdh(void); -void FIPS_corrupt_drbg(void); -void FIPS_x931_stick(void); -void FIPS_drbg_stick(void); +void FIPS_x931_stick(int onoff); +void FIPS_drbg_stick(int onoff); int FIPS_selftest_x931(void); int FIPS_selftest_hmac(void); int FIPS_selftest_drbg(void); @@ -174,6 +173,9 @@ void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); /* ECDH test */ #define FIPS_TEST_ECDH 14 +/* Minimum authorisation string length */ +#define FIPS_AUTH_MIN_LEN 16 + void FIPS_post_set_callback( int (*post_cb)(int op, int id, int subid, void *ex)); @@ -221,6 +223,16 @@ int FIPS_rsa_verify_digest(struct rsa_st *rsa, const struct env_md_st *mgf1Hash, const unsigned char *sigbuf, unsigned int siglen); +int FIPS_rsa_sign(struct rsa_st *rsa, const unsigned char *msg, int msglen, + const struct env_md_st *mhash, int rsa_pad_mode, + int saltlen, const struct env_md_st *mgf1Hash, + unsigned char *sigret, unsigned int *siglen); + +int FIPS_rsa_verify(struct rsa_st *rsa, const unsigned char *msg, int msglen, + const struct env_md_st *mhash, int rsa_pad_mode, + int saltlen, const struct env_md_st *mgf1Hash, + const unsigned char *sigbuf, unsigned int siglen); + #ifdef OPENSSL_FIPSCAPABLE int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type); @@ -341,10 +353,15 @@ void ERR_load_FIPS_strings(void); /* Function codes. */ #define FIPS_F_DH_BUILTIN_GENPARAMS 100 #define FIPS_F_DH_INIT 148 +#define FIPS_F_DRBG_RESEED 162 #define FIPS_F_DSA_BUILTIN_PARAMGEN 101 #define FIPS_F_DSA_BUILTIN_PARAMGEN2 102 #define FIPS_F_DSA_DO_SIGN 103 #define FIPS_F_DSA_DO_VERIFY 104 +#define FIPS_F_ECDH_COMPUTE_KEY 163 +#define FIPS_F_ECDSA_DO_SIGN 164 +#define FIPS_F_ECDSA_DO_VERIFY 165 +#define FIPS_F_EC_KEY_GENERATE_KEY 166 #define FIPS_F_FIPS_CHECK_DSA 105 #define FIPS_F_FIPS_CHECK_DSA_PRNG 151 #define FIPS_F_FIPS_CHECK_EC 106 @@ -361,8 +378,8 @@ void ERR_load_FIPS_strings(void); #define FIPS_F_FIPS_DRBG_BYTES 111 #define FIPS_F_FIPS_DRBG_CHECK 146 #define FIPS_F_FIPS_DRBG_CPRNG_TEST 112 +#define FIPS_F_FIPS_DRBG_ERROR_CHECK 114 #define FIPS_F_FIPS_DRBG_GENERATE 113 -#define FIPS_F_FIPS_DRBG_HEALTH_CHECK 114 #define FIPS_F_FIPS_DRBG_INIT 115 #define FIPS_F_FIPS_DRBG_INSTANTIATE 116 #define FIPS_F_FIPS_DRBG_NEW 117 @@ -406,7 +423,9 @@ void ERR_load_FIPS_strings(void); #define FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED 150 #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 100 #define FIPS_R_ALREADY_INSTANTIATED 101 +#define FIPS_R_AUTHENTICATION_FAILURE 151 #define FIPS_R_CONTRADICTING_EVIDENCE 102 +#define FIPS_R_DRBG_NOT_INITIALISED 152 #define FIPS_R_DRBG_STUCK 103 #define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105