projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 25e60144 | 1 | /* |
| da1c088f | 2 | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. |
| 25e60144 SL |
3 | * |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
| 5 | * this file except in compliance with the License. You can obtain a copy | |
| 6 | * in the file LICENSE in the source distribution or at | |
| 7 | * https://www.openssl.org/source/license.html | |
| 8 | */ | |
| 9 | ||
| ae4186b0 DMSP |
10 | #ifndef OPENSSL_FIPS_NAMES_H |
| 11 | # define OPENSSL_FIPS_NAMES_H | |
| d59068bd | 12 | # pragma once |
| 25e60144 SL |
13 | |
| 14 | # ifdef __cplusplus | |
| 15 | extern "C" { | |
| 16 | # endif | |
| 17 | ||
| 18 | /* | |
| 19 | * Parameter names that the FIPS Provider defines | |
| 20 | */ | |
| 21 | ||
| 22 | /* | |
| 23 | * The calculated MAC of the module file (Used for FIPS Self Testing) | |
| 24 | * Type: OSSL_PARAM_UTF8_STRING | |
| 25 | */ | |
| fb420afc | 26 | # define OSSL_PROV_FIPS_PARAM_MODULE_MAC "module-mac" |
| 25e60144 SL |
27 | /* |
| 28 | * A version number for the fips install process (Used for FIPS Self Testing) | |
| 29 | * Type: OSSL_PARAM_UTF8_STRING | |
| 30 | */ | |
| 31 | # define OSSL_PROV_FIPS_PARAM_INSTALL_VERSION "install-version" | |
| 32 | /* | |
| 33 | * The calculated MAC of the install status indicator (Used for FIPS Self Testing) | |
| 34 | * Type: OSSL_PARAM_UTF8_STRING | |
| 35 | */ | |
| fb420afc | 36 | # define OSSL_PROV_FIPS_PARAM_INSTALL_MAC "install-mac" |
| 25e60144 SL |
37 | /* |
| 38 | * The install status indicator (Used for FIPS Self Testing) | |
| 39 | * Type: OSSL_PARAM_UTF8_STRING | |
| 40 | */ | |
| 41 | # define OSSL_PROV_FIPS_PARAM_INSTALL_STATUS "install-status" | |
| 42 | ||
| 35e6ea3b SL |
43 | /* |
| 44 | * A boolean that determines if the FIPS conditional test errors result in | |
| 45 | * the module entering an error state. | |
| 46 | * Type: OSSL_PARAM_UTF8_STRING | |
| 47 | */ | |
| 48 | # define OSSL_PROV_FIPS_PARAM_CONDITIONAL_ERRORS "conditional-errors" | |
| 49 | ||
| 991a6bb5 SL |
50 | /* |
| 51 | * A boolean that determines if the runtime FIPS security checks are performed. | |
| 83ccf81b | 52 | * This is enabled by default. |
| 991a6bb5 SL |
53 | * Type: OSSL_PARAM_UTF8_STRING |
| 54 | */ | |
| 55 | # define OSSL_PROV_FIPS_PARAM_SECURITY_CHECKS "security-checks" | |
| 56 | ||
| 50ea5cdc | 57 | /* |
| 58 | * A boolean that determines if the runtime FIPS check for TLS1_PRF EMS is performed. | |
| 59 | * This is disabled by default. | |
| 50ea5cdc | 60 | * Type: OSSL_PARAM_UTF8_STRING |
| 61 | */ | |
| 62 | # define OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check" | |
| 63 | ||
| 83ccf81b P |
64 | /* |
| 65 | * A boolean that determines if truncated digests can be used with Hash and HMAC | |
| 66 | * DRBGs. FIPS 140-3 IG D.R disallows such use for efficiency rather than | |
| 67 | * security reasons. | |
| 68 | * This is disabled by default. | |
| 69 | * Type: OSSL_PARAM_UTF8_STRING | |
| 70 | */ | |
| 71 | # define OSSL_PROV_FIPS_PARAM_DRBG_TRUNC_DIGEST "drbg-no-trunc-md" | |
| 72 | ||
| 25e60144 SL |
73 | # ifdef __cplusplus |
| 74 | } | |
| 75 | # endif | |
| 76 | ||
| ae4186b0 | 77 | #endif /* OPENSSL_FIPS_NAMES_H */ |