diff options
author | Matt Caswell <matt@openssl.org> | 2020-05-18 14:11:06 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-06-19 10:19:31 +0100 |
commit | 72bfc9585891cffd29eb683ae5fb3181d62b9d33 (patch) | |
tree | d0aa468eff53efd75fe95b5210c2387acf7903ca /include | |
parent | edeaa96ae6aa9b5e0ba5fe98a7258086767a7887 (diff) |
Add the concept of "Capabilities" to the default and fips providers
With capabilities we can query a provider about what it can do.
Initially we support a "TLS-GROUP" capability.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/core_names.h | 13 | ||||
-rw-r--r-- | include/openssl/core_numbers.h | 11 |
2 files changed, 20 insertions, 4 deletions
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index fa6b7a9547..96b9d7e684 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -384,6 +384,19 @@ extern "C" { #define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2" #define OSSL_SIGNATURE_PARAM_KAT "kat" +/* Capabilities */ + +/* TLS-GROUP Capbility */ +#define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name" +#define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal" +#define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id" +#define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg" +#define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits" +#define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls" +#define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls" +#define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls" +#define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls" + # ifdef __cplusplus } # endif diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h index f7025d1c1d..667bb21ffb 100644 --- a/include/openssl/core_numbers.h +++ b/include/openssl/core_numbers.h @@ -154,20 +154,23 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK ** void **cbarg)) /* Functions provided by the provider to the Core, reserved numbers 1024-1535 */ -# define OSSL_FUNC_PROVIDER_TEARDOWN 1024 +# define OSSL_FUNC_PROVIDER_TEARDOWN 1024 OSSL_CORE_MAKE_FUNC(void,provider_teardown,(void *provctx)) -# define OSSL_FUNC_PROVIDER_GETTABLE_PARAMS 1025 +# define OSSL_FUNC_PROVIDER_GETTABLE_PARAMS 1025 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, provider_gettable_params,(void *provctx)) -# define OSSL_FUNC_PROVIDER_GET_PARAMS 1026 +# define OSSL_FUNC_PROVIDER_GET_PARAMS 1026 OSSL_CORE_MAKE_FUNC(int,provider_get_params,(void *provctx, OSSL_PARAM params[])) -# define OSSL_FUNC_PROVIDER_QUERY_OPERATION 1027 +# define OSSL_FUNC_PROVIDER_QUERY_OPERATION 1027 OSSL_CORE_MAKE_FUNC(const OSSL_ALGORITHM *,provider_query_operation, (void *provctx, int operation_id, int *no_store)) # define OSSL_FUNC_PROVIDER_GET_REASON_STRINGS 1028 OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,provider_get_reason_strings, (void *provctx)) +# define OSSL_FUNC_PROVIDER_GET_CAPABILITIES 1029 +OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx, + const char *capability, OSSL_CALLBACK *cb, void *arg)) /* Operations */ |