diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-10 15:54:52 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-10 15:55:30 +0200 |
commit | 4891854461d58c79c0b5a1901c0acfcf30460f1f (patch) | |
tree | dfc0cc91fcd0f266bd07d513618efab9926f2790 | |
parent | 3f31ce86cf75dfc712d4d73c8bb058726a8bfcb3 (diff) | |
download | gnutls-4891854461d58c79c0b5a1901c0acfcf30460f1f.tar.gz |
mark functions that are only available under FIPS140 mode
-rw-r--r-- | lib/crypto-selftests-pk.c | 2 | ||||
-rw-r--r-- | lib/crypto-selftests.c | 6 | ||||
-rw-r--r-- | lib/libgnutls.map | 33 |
3 files changed, 22 insertions, 19 deletions
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 762a6688c9..64390686b4 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -663,7 +663,7 @@ cleanup: * * Returns: Zero or a negative error code on error. * - * Since: 3.3.0 + * Since: 3.3.0-FIPS140 **/ int gnutls_pk_self_test(unsigned all, gnutls_pk_algorithm_t pk) { diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c index 7dd415ce09..60cce4f480 100644 --- a/lib/crypto-selftests.c +++ b/lib/crypto-selftests.c @@ -677,7 +677,7 @@ static int test_mac(gnutls_mac_algorithm_t mac, * * Returns: Zero or a negative error code on error. * - * Since: 3.3.0 + * Since: 3.3.0-FIPS140 **/ int gnutls_cipher_self_test(unsigned all, gnutls_cipher_algorithm_t cipher) { @@ -719,7 +719,7 @@ int gnutls_cipher_self_test(unsigned all, gnutls_cipher_algorithm_t cipher) * * Returns: Zero or a negative error code on error. * - * Since: 3.3.0 + * Since: 3.3.0-FIPS140 **/ int gnutls_mac_self_test(unsigned all, gnutls_mac_algorithm_t mac) { @@ -754,7 +754,7 @@ int gnutls_mac_self_test(unsigned all, gnutls_mac_algorithm_t mac) * * Returns: Zero or a negative error code on error. * - * Since: 3.3.0 + * Since: 3.3.0-FIPS140 **/ int gnutls_digest_self_test(unsigned all, gnutls_digest_algorithm_t digest) { diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 303e77dde9..36ab29d775 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -921,10 +921,6 @@ GNUTLS_3_1_0 { gnutls_mac_get_nonce_size; gnutls_x509_crl_get_raw_issuer_dn; gnutls_certificate_get_crt_raw; - gnutls_cipher_self_test; - gnutls_pk_self_test; - gnutls_mac_self_test; - gnutls_digest_self_test; gnutls_privkey_generate; gnutls_fips140_mode_enabled; gnutls_record_check_corked; @@ -1013,6 +1009,24 @@ GNUTLS_3_1_0 { gnutls_certificate_verify_peers; } GNUTLS_3_0_0; +GNUTLS_FIPS140 { + gnutls_cipher_self_test; + gnutls_pk_self_test; + gnutls_mac_self_test; + gnutls_digest_self_test; + #for FIPS140-2 validation + rbg_aes_reseed; + drbg_aes_init; + drbg_aes_generate; + _dsa_generate_dss_pq; + _dsa_generate_dss_g; + _dsa_validate_dss_g; + _dsa_validate_dss_pq; + dsa_generate_dss_keypair; + _gnutls_encode_ber_rs_raw; + _rsa_generate_fips186_4_keypair; +}; + GNUTLS_PRIVATE { global: # Internal symbols needed by libgnutls-extra: @@ -1063,17 +1077,6 @@ GNUTLS_PRIVATE { # Internal symbols needed by tests/pkcs12_s2k: _gnutls_pkcs12_string_to_key; _gnutls_bin2hex; - #for FIPS140-2 validation - drbg_aes_reseed; - drbg_aes_init; - drbg_aes_generate; - _dsa_generate_dss_pq; - _dsa_generate_dss_g; - _dsa_validate_dss_g; - _dsa_validate_dss_pq; - dsa_generate_dss_keypair; - _gnutls_encode_ber_rs_raw; - _rsa_generate_fips186_4_keypair; local: *; }; |