diff options
author | Daiki Ueno <ueno@gnu.org> | 2022-06-03 15:43:00 +0900 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2022-06-09 20:52:36 +0900 |
commit | 036fb360e5775f01ef25f5e712024a29930c462e (patch) | |
tree | 364d8eec29f12483d640fe109714c0096db40de0 /lib/libgnutls.map | |
parent | dbfbaade59c63a7838e50a44377f05e787be5f7f (diff) | |
download | gnutls-036fb360e5775f01ef25f5e712024a29930c462e.tar.gz |
fips: provide function to manually run FIPS self-tests
FIPS140-3 IG 10.3.E Periodic Self-Testing says:
At security levels 1 and 2, acceptable means for initiating the
periodic self-tests include a provided service, resetting, rebooting
or power cycling.
Neither resetting, rebooting, nor power-cycling is suitable because
those involve operations outside of the module. Therefore this patch
adds a new API to manually run the substance of FIPS140 self-tests.
Suggeested by Richard Costa and Stephan Mueller in:
https://gitlab.com/gnutls/gnutls/-/issues/1364
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'lib/libgnutls.map')
-rw-r--r-- | lib/libgnutls.map | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 0241946c8a..f42d5f9fae 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1399,6 +1399,14 @@ GNUTLS_3_7_5 *; } GNUTLS_3_7_4; +GNUTLS_3_7_7 +{ + global: + gnutls_fips140_run_self_tests; + local: + *; +} GNUTLS_3_7_5; + GNUTLS_FIPS140_3_4 { global: gnutls_cipher_self_test; |