]>
Commit | Line | Data |
---|---|---|
25e60144 | 1 | /* |
da1c088f | 2 | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. |
25e60144 SL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
ae4186b0 DMSP |
10 | #ifndef OPENSSL_FIPS_NAMES_H |
11 | # define OPENSSL_FIPS_NAMES_H | |
d59068bd | 12 | # pragma once |
25e60144 SL |
13 | |
14 | # ifdef __cplusplus | |
15 | extern "C" { | |
16 | # endif | |
17 | ||
18 | /* | |
19 | * Parameter names that the FIPS Provider defines | |
20 | */ | |
21 | ||
22 | /* | |
23 | * The calculated MAC of the module file (Used for FIPS Self Testing) | |
24 | * Type: OSSL_PARAM_UTF8_STRING | |
25 | */ | |
fb420afc | 26 | # define OSSL_PROV_FIPS_PARAM_MODULE_MAC "module-mac" |
25e60144 SL |
27 | /* |
28 | * A version number for the fips install process (Used for FIPS Self Testing) | |
29 | * Type: OSSL_PARAM_UTF8_STRING | |
30 | */ | |
31 | # define OSSL_PROV_FIPS_PARAM_INSTALL_VERSION "install-version" | |
32 | /* | |
33 | * The calculated MAC of the install status indicator (Used for FIPS Self Testing) | |
34 | * Type: OSSL_PARAM_UTF8_STRING | |
35 | */ | |
fb420afc | 36 | # define OSSL_PROV_FIPS_PARAM_INSTALL_MAC "install-mac" |
25e60144 SL |
37 | /* |
38 | * The install status indicator (Used for FIPS Self Testing) | |
39 | * Type: OSSL_PARAM_UTF8_STRING | |
40 | */ | |
41 | # define OSSL_PROV_FIPS_PARAM_INSTALL_STATUS "install-status" | |
42 | ||
35e6ea3b SL |
43 | /* |
44 | * A boolean that determines if the FIPS conditional test errors result in | |
45 | * the module entering an error state. | |
46 | * Type: OSSL_PARAM_UTF8_STRING | |
47 | */ | |
48 | # define OSSL_PROV_FIPS_PARAM_CONDITIONAL_ERRORS "conditional-errors" | |
49 | ||
991a6bb5 SL |
50 | /* |
51 | * A boolean that determines if the runtime FIPS security checks are performed. | |
83ccf81b | 52 | * This is enabled by default. |
991a6bb5 SL |
53 | * Type: OSSL_PARAM_UTF8_STRING |
54 | */ | |
55 | # define OSSL_PROV_FIPS_PARAM_SECURITY_CHECKS "security-checks" | |
56 | ||
50ea5cdc | 57 | /* |
58 | * A boolean that determines if the runtime FIPS check for TLS1_PRF EMS is performed. | |
59 | * This is disabled by default. | |
50ea5cdc | 60 | * Type: OSSL_PARAM_UTF8_STRING |
61 | */ | |
62 | # define OSSL_PROV_FIPS_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check" | |
63 | ||
83ccf81b P |
64 | /* |
65 | * A boolean that determines if truncated digests can be used with Hash and HMAC | |
66 | * DRBGs. FIPS 140-3 IG D.R disallows such use for efficiency rather than | |
67 | * security reasons. | |
68 | * This is disabled by default. | |
69 | * Type: OSSL_PARAM_UTF8_STRING | |
70 | */ | |
71 | # define OSSL_PROV_FIPS_PARAM_DRBG_TRUNC_DIGEST "drbg-no-trunc-md" | |
72 | ||
25e60144 SL |
73 | # ifdef __cplusplus |
74 | } | |
75 | # endif | |
76 | ||
ae4186b0 | 77 | #endif /* OPENSSL_FIPS_NAMES_H */ |