providers/common/include/prov/securitycheck.h

   1 /*
   2  * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "crypto/types.h"
  11
  12 /* Functions that are common */
  13 int ossl_rsa_check_key(OSSL_LIB_CTX *ctx, const RSA *rsa, int operation);
  14 int ossl_ec_check_key(OSSL_LIB_CTX *ctx, const EC_KEY *ec, int protect);
  15 int ossl_dsa_check_key(OSSL_LIB_CTX *ctx, const DSA *dsa, int sign);
  16 int ossl_dh_check_key(OSSL_LIB_CTX *ctx, const DH *dh);
  17
  18 int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md);
  19 /* With security check enabled it can return -1 to indicate disallowed md */
  20 int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
  21                                            int sha1_allowed);
  22
  23 /* Functions that are common */
  24 int ossl_digest_md_to_nid(const EVP_MD *md, const OSSL_ITEM *it, size_t it_len);
  25 int ossl_digest_get_approved_nid(const EVP_MD *md);
  26
  27 /* Functions that have different implementations for the FIPS_MODULE */
  28 int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
  29                                     int sha1_allowed);
  30 int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx);
  31 int ossl_tls1_prf_ems_check_enabled(OSSL_LIB_CTX *libctx);