xref: /freebsd/crypto/openssl/providers/common/include/prov/securitycheck.h (revision fe75646a0234a261c0013bf1840fdac4acaf0cec)
1 /*
2  * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "crypto/types.h"
11 
12 /* Functions that are common */
13 int ossl_rsa_check_key(OSSL_LIB_CTX *ctx, const RSA *rsa, int operation);
14 int ossl_ec_check_key(OSSL_LIB_CTX *ctx, const EC_KEY *ec, int protect);
15 int ossl_dsa_check_key(OSSL_LIB_CTX *ctx, const DSA *dsa, int sign);
16 int ossl_dh_check_key(OSSL_LIB_CTX *ctx, const DH *dh);
17 
18 int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md);
19 /* With security check enabled it can return -1 to indicate disallowed md */
20 int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
21                                            int sha1_allowed);
22 
23 /* Functions that are common */
24 int ossl_digest_md_to_nid(const EVP_MD *md, const OSSL_ITEM *it, size_t it_len);
25 int ossl_digest_get_approved_nid(const EVP_MD *md);
26 
27 /* Functions that have different implementations for the FIPS_MODULE */
28 int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
29                                     int sha1_allowed);
30 int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx);
31