fips: provide function to manually run FIPS self-tests

FIPS140-3 IG 10.3.E Periodic Self-Testing says: At security levels 1 and 2, acceptable means for initiating the periodic self-tests include a provided service, resetting, rebooting or power cycling. Neither resetting, rebooting, nor power-cycling is suitable because those involve operations outside of the module. Therefore this patch adds a new API to manually run the substance of FIPS140 self-tests. Suggeested by Richard Costa and Stephan Mueller in: https://gitlab.com/gnutls/gnutls/-/issues/1364 Signed-off-by: Daiki Ueno <ueno@gnu.org>
author: Daiki Ueno <ueno@gnu.org> 2022-06-03 15:43:00 +0900
committer: Daiki Ueno <ueno@gnu.org> 2022-06-09 20:52:36 +0900
commit: 036fb360e5775f01ef25f5e712024a29930c462e (patch)
tree: 364d8eec29f12483d640fe109714c0096db40de0 /lib/libgnutls.map
parent: dbfbaade59c63a7838e50a44377f05e787be5f7f (diff)
download: gnutls-036fb360e5775f01ef25f5e712024a29930c462e.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 0241946c8a..f42d5f9fae 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1399,6 +1399,14 @@ GNUTLS_3_7_5
 	*;
 } GNUTLS_3_7_4;
 
+GNUTLS_3_7_7
+{
+ global:
+	gnutls_fips140_run_self_tests;
+ local:
+	*;
+} GNUTLS_3_7_5;
+
 GNUTLS_FIPS140_3_4 {
   global:
 	gnutls_cipher_self_test;
author	Daiki Ueno <ueno@gnu.org>	2022-06-03 15:43:00 +0900
committer	Daiki Ueno <ueno@gnu.org>	2022-06-09 20:52:36 +0900
commit	036fb360e5775f01ef25f5e712024a29930c462e (patch)
tree	364d8eec29f12483d640fe109714c0096db40de0 /lib/libgnutls.map
parent	dbfbaade59c63a7838e50a44377f05e787be5f7f (diff)
download	gnutls-036fb360e5775f01ef25f5e712024a29930c462e.tar.gz