X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;ds=sidebyside;f=fips%2Ffips.h;h=b6263575c3cc37ad021f78370de76b42b16004be;hb=0f817d3b2705f315f4c8c22b5dfee0218848f37a;hp=c8a766e37a6b015903c358dffe7609cf508c9d5a;hpb=01a9a7592e332cf4853bc84c33407d384a1a14ba;p=oweals%2Fopenssl.git

diff --git a/fips/fips.h b/fips/fips.h
index c8a766e37a..b6263575c3 100644
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -81,7 +81,7 @@ struct hmac_ctx_st;
 unsigned long FIPS_module_version(void);
 const char *FIPS_module_version_text(void);
 
-int FIPS_module_mode_set(int onoff);
+int FIPS_module_mode_set(int onoff, const char *auth);
 int FIPS_module_mode(void);
 const void *FIPS_rand_check(void);
 int FIPS_selftest(void);
@@ -96,12 +96,13 @@ int FIPS_selftest_des(void);
 int FIPS_selftest_rsa(void);
 int FIPS_selftest_dsa(void);
 int FIPS_selftest_ecdsa(void);
-void FIPS_corrupt_drbg(void);
-void FIPS_x931_stick(void);
-void FIPS_drbg_stick(void);
+int FIPS_selftest_ecdh(void);
+void FIPS_x931_stick(int onoff);
+void FIPS_drbg_stick(int onoff);
 int FIPS_selftest_x931(void);
 int FIPS_selftest_hmac(void);
 int FIPS_selftest_drbg(void);
+int FIPS_selftest_drbg_all(void);
 int FIPS_selftest_cmac(void);
 
 unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len);
@@ -169,6 +170,11 @@ void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
 #define FIPS_TEST_PAIRWISE	12
 /* Continuous PRNG test */
 #define FIPS_TEST_CONTINUOUS	13
+/* ECDH test */
+#define FIPS_TEST_ECDH		14
+
+/* Minimum authorisation string length */
+#define FIPS_AUTH_MIN_LEN	16
 
 void FIPS_post_set_callback(
 	int (*post_cb)(int op, int id, int subid, void *ex));
@@ -192,6 +198,8 @@ int fips_cipher_test(int id, struct evp_cipher_ctx_st *ctx,
 
 const struct env_md_st *FIPS_get_digestbynid(int nid);
 
+const struct evp_cipher_st *FIPS_get_cipherbynid(int nid);
+
 struct rsa_st *FIPS_rsa_new(void);
 void FIPS_rsa_free(struct rsa_st *r);
 int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
@@ -215,6 +223,16 @@ int FIPS_rsa_verify_digest(struct rsa_st *rsa,
 			const struct env_md_st *mgf1Hash,
 			const unsigned char *sigbuf, unsigned int siglen);
 
+int FIPS_rsa_sign(struct rsa_st *rsa, const unsigned char *msg, int msglen,
+			const struct env_md_st *mhash, int rsa_pad_mode,
+			int saltlen, const struct env_md_st *mgf1Hash,
+			unsigned char *sigret, unsigned int *siglen);
+
+int FIPS_rsa_verify(struct rsa_st *rsa, const unsigned char *msg, int msglen,
+			const struct env_md_st *mhash, int rsa_pad_mode,
+			int saltlen, const struct env_md_st *mgf1Hash,
+			const unsigned char *sigbuf, unsigned int siglen);
+
 #ifdef OPENSSL_FIPSCAPABLE
 
 int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -335,10 +353,15 @@ void ERR_load_FIPS_strings(void);
 /* Function codes. */
 #define FIPS_F_DH_BUILTIN_GENPARAMS			 100
 #define FIPS_F_DH_INIT					 148
+#define FIPS_F_DRBG_RESEED				 162
 #define FIPS_F_DSA_BUILTIN_PARAMGEN			 101
 #define FIPS_F_DSA_BUILTIN_PARAMGEN2			 102
 #define FIPS_F_DSA_DO_SIGN				 103
 #define FIPS_F_DSA_DO_VERIFY				 104
+#define FIPS_F_ECDH_COMPUTE_KEY				 163
+#define FIPS_F_ECDSA_DO_SIGN				 164
+#define FIPS_F_ECDSA_DO_VERIFY				 165
+#define FIPS_F_EC_KEY_GENERATE_KEY			 166
 #define FIPS_F_FIPS_CHECK_DSA				 105
 #define FIPS_F_FIPS_CHECK_DSA_PRNG			 151
 #define FIPS_F_FIPS_CHECK_EC				 106
@@ -355,8 +378,8 @@ void ERR_load_FIPS_strings(void);
 #define FIPS_F_FIPS_DRBG_BYTES				 111
 #define FIPS_F_FIPS_DRBG_CHECK				 146
 #define FIPS_F_FIPS_DRBG_CPRNG_TEST			 112
+#define FIPS_F_FIPS_DRBG_ERROR_CHECK			 114
 #define FIPS_F_FIPS_DRBG_GENERATE			 113
-#define FIPS_F_FIPS_DRBG_HEALTH_CHECK			 114
 #define FIPS_F_FIPS_DRBG_INIT				 115
 #define FIPS_F_FIPS_DRBG_INSTANTIATE			 116
 #define FIPS_F_FIPS_DRBG_NEW				 117
@@ -397,9 +420,12 @@ void ERR_load_FIPS_strings(void);
 #define FIPS_F_RSA_X931_GENERATE_KEY_EX			 143
 
 /* Reason codes. */
+#define FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED	 150
 #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG		 100
 #define FIPS_R_ALREADY_INSTANTIATED			 101
+#define FIPS_R_AUTHENTICATION_FAILURE			 151
 #define FIPS_R_CONTRADICTING_EVIDENCE			 102
+#define FIPS_R_DRBG_NOT_INITIALISED			 152
 #define FIPS_R_DRBG_STUCK				 103
 #define FIPS_R_ENTROPY_ERROR_UNDETECTED			 104
 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED		 105
@@ -424,12 +450,17 @@ void ERR_load_FIPS_strings(void);
 #define FIPS_R_INVALID_PARAMETERS			 144
 #define FIPS_R_IN_ERROR_STATE				 123
 #define FIPS_R_KEY_TOO_SHORT				 124
+#define FIPS_R_NONCE_ERROR_UNDETECTED			 149
 #define FIPS_R_NON_FIPS_METHOD				 125
+#define FIPS_R_NOPR_TEST1_FAILURE			 145
+#define FIPS_R_NOPR_TEST2_FAILURE			 146
 #define FIPS_R_NOT_INSTANTIATED				 126
 #define FIPS_R_PAIRWISE_TEST_FAILED			 127
 #define FIPS_R_PERSONALISATION_ERROR_UNDETECTED		 128
 #define FIPS_R_PERSONALISATION_STRING_TOO_LONG		 129
 #define FIPS_R_PRNG_STRENGTH_TOO_LOW			 143
+#define FIPS_R_PR_TEST1_FAILURE				 147
+#define FIPS_R_PR_TEST2_FAILURE				 148
 #define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED		 130
 #define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG		 131
 #define FIPS_R_RESEED_COUNTER_ERROR			 132