diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-09-05 13:08:27 +1000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-09-18 14:20:50 +0100 |
commit | 991a6bb58182d4d2077a68eb813c897b7de73462 (patch) | |
tree | 738fc724534be090323181dc445cf19e442b827c /include | |
parent | 7a810fac866c6c1d93015999633ee2a29f17b3d2 (diff) |
Add option to fipsinstall to disable fips security checks at run time.
Changes merged from a patch by @richsalz.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12745)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/core_names.h | 1 | ||||
-rw-r--r-- | include/openssl/fips_names.h | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 932dae932e..9a6cc2c03d 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -24,6 +24,7 @@ extern "C" { #define OSSL_PROV_PARAM_VERSION "version" /* utf8_string */ #define OSSL_PROV_PARAM_BUILDINFO "buildinfo" /* utf8_string */ #define OSSL_PROV_PARAM_STATUS "status" /* uint */ +#define OSSL_PROV_PARAM_SECURITY_CHECKS "security-checks" /* uint */ /* Self test callback parameters */ #define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase" /* utf8_string */ diff --git a/include/openssl/fips_names.h b/include/openssl/fips_names.h index 7dec75fcea..b42fe503f9 100644 --- a/include/openssl/fips_names.h +++ b/include/openssl/fips_names.h @@ -46,6 +46,12 @@ extern "C" { */ # define OSSL_PROV_FIPS_PARAM_CONDITIONAL_ERRORS "conditional-errors" +/* + * A boolean that determines if the runtime FIPS security checks are performed. + * Type: OSSL_PARAM_UTF8_STRING + */ +# define OSSL_PROV_FIPS_PARAM_SECURITY_CHECKS "security-checks" + # ifdef __cplusplus } # endif |