Loading crypto/dh/dh.h +15 −0 Original line number Diff line number Diff line Loading @@ -88,6 +88,21 @@ * be used for all exponents. */ /* If this flag is set the DH method is FIPS compliant and can be used * in FIPS mode. This is set in the validated module method. If an * application sets this flag in its own methods it is its reposibility * to ensure the result is compliant. */ #define DH_FLAG_FIPS_METHOD 0x0400 /* If this flag is set the operations normally disabled in FIPS mode are * permitted it is then the applications responsibility to ensure that the * usage is compliant. */ #define DH_FLAG_NON_FIPS_ALLOW 0x0400 #ifdef __cplusplus extern "C" { #endif Loading crypto/dh/dh_key.c +1 −1 Original line number Diff line number Diff line Loading @@ -108,7 +108,7 @@ compute_key, dh_bn_mod_exp, dh_init, dh_finish, 0, DH_FLAG_FIPS_METHOD, NULL, NULL }; Loading fips/fips.h +9 −6 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ struct evp_cipher_st; struct evp_cipher_ctx_st; struct ec_method_st; struct ecdsa_method; struct dh_method; int FIPS_module_mode_set(int onoff); int FIPS_module_mode(void); Loading Loading @@ -275,16 +276,18 @@ const EVP_MD *FIPS_evp_ecdsa(void); const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void); int FIPS_rsa_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); struct ec_method_st *fips_ec_gf2m_simple_method(void); struct ec_method_st *fips_ec_gfp_simple_method(void); struct ec_method_st *fips_ec_gfp_mont_method(void); struct ec_method_st *fips_ec_gfp_nist_method(void); const struct ec_method_st *fips_ec_gf2m_simple_method(void); const struct ec_method_st *fips_ec_gfp_simple_method(void); const struct ec_method_st *fips_ec_gfp_mont_method(void); const struct ec_method_st *fips_ec_gfp_nist_method(void); struct ecdsa_method *FIPS_ecdsa_openssl(void); struct ecdh_method *FIPS_ecdh_openssl(void); const struct ecdsa_method *FIPS_ecdsa_openssl(void); const struct ecdh_method *FIPS_ecdh_openssl(void); int FIPS_ec_key_generate_key(struct ec_key_st *key); const struct dh_method *FIPS_dh_openssl(void); #endif /* Where necessary redirect standard OpenSSL APIs to FIPS versions */ Loading Loading
crypto/dh/dh.h +15 −0 Original line number Diff line number Diff line Loading @@ -88,6 +88,21 @@ * be used for all exponents. */ /* If this flag is set the DH method is FIPS compliant and can be used * in FIPS mode. This is set in the validated module method. If an * application sets this flag in its own methods it is its reposibility * to ensure the result is compliant. */ #define DH_FLAG_FIPS_METHOD 0x0400 /* If this flag is set the operations normally disabled in FIPS mode are * permitted it is then the applications responsibility to ensure that the * usage is compliant. */ #define DH_FLAG_NON_FIPS_ALLOW 0x0400 #ifdef __cplusplus extern "C" { #endif Loading
crypto/dh/dh_key.c +1 −1 Original line number Diff line number Diff line Loading @@ -108,7 +108,7 @@ compute_key, dh_bn_mod_exp, dh_init, dh_finish, 0, DH_FLAG_FIPS_METHOD, NULL, NULL }; Loading
fips/fips.h +9 −6 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ struct evp_cipher_st; struct evp_cipher_ctx_st; struct ec_method_st; struct ecdsa_method; struct dh_method; int FIPS_module_mode_set(int onoff); int FIPS_module_mode(void); Loading Loading @@ -275,16 +276,18 @@ const EVP_MD *FIPS_evp_ecdsa(void); const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void); int FIPS_rsa_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); struct ec_method_st *fips_ec_gf2m_simple_method(void); struct ec_method_st *fips_ec_gfp_simple_method(void); struct ec_method_st *fips_ec_gfp_mont_method(void); struct ec_method_st *fips_ec_gfp_nist_method(void); const struct ec_method_st *fips_ec_gf2m_simple_method(void); const struct ec_method_st *fips_ec_gfp_simple_method(void); const struct ec_method_st *fips_ec_gfp_mont_method(void); const struct ec_method_st *fips_ec_gfp_nist_method(void); struct ecdsa_method *FIPS_ecdsa_openssl(void); struct ecdh_method *FIPS_ecdh_openssl(void); const struct ecdsa_method *FIPS_ecdsa_openssl(void); const struct ecdh_method *FIPS_ecdh_openssl(void); int FIPS_ec_key_generate_key(struct ec_key_st *key); const struct dh_method *FIPS_dh_openssl(void); #endif /* Where necessary redirect standard OpenSSL APIs to FIPS versions */ Loading
