X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fecdh%2Fech_locl.h;h=d61ef80c6ba04b4ea3a353de15e411d62b106cbf;hb=e8dfb5bf8e525c9799820d01b2df5fde098a9c4c;hp=f658526a7e3a86545da3f28f8cd041016872aa5d;hpb=9dd84053419aa220b5e66a5f9fcf809dbd6d9369;p=oweals%2Fopenssl.git

diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h
index f658526a7e..d61ef80c6b 100644
--- a/crypto/ecdh/ech_locl.h
+++ b/crypto/ecdh/ech_locl.h
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -54,35 +54,41 @@
  */
 
 #ifndef HEADER_ECH_LOCL_H
-#define HEADER_ECH_LOCL_H
+# define HEADER_ECH_LOCL_H
 
-#include <openssl/ecdh.h>
+# include <openssl/ecdh.h>
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-struct ecdh_method 
-	{
-	const char *name;
-	int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-	                   void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-#if 0
-	int (*init)(EC_KEY *eckey);
-	int (*finish)(EC_KEY *eckey);
-#endif
-	int flags;
-	char *app_data;
-	};
+struct ecdh_method {
+    const char *name;
+    int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
+                        EC_KEY *ecdh, void *(*KDF) (const void *in,
+                                                    size_t inlen, void *out,
+                                                    size_t *outlen));
+    int flags;
+    char *app_data;
+};
+
+/*
+ * If this flag is set the ECDH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDH_FLAG_FIPS_METHOD   0x1
 
 typedef struct ecdh_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	/* method specific part */
-	ENGINE	*engine;
-	int	flags;
-	const ECDH_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
+    /* EC_KEY_METH_DATA part */
+    int (*init) (EC_KEY *);
+    /* method specific part */
+    ENGINE *engine;
+    int flags;
+    const ECDH_METHOD *meth;
+    CRYPTO_EX_DATA ex_data;
 } ECDH_DATA;
 
 ECDH_DATA *ecdh_check(EC_KEY *);
@@ -91,4 +97,4 @@ ECDH_DATA *ecdh_check(EC_KEY *);
 }
 #endif
 
-#endif /* HEADER_ECH_LOCL_H */
+#endif                          /* HEADER_ECH_LOCL_H */