* be used for all exponents.\r
*/\r
\r
+/* If this flag is set the DH method is FIPS compliant and can be used\r
+ * in FIPS mode. This is set in the validated module method. If an\r
+ * application sets this flag in its own methods it is its reposibility\r
+ * to ensure the result is compliant.\r
+ */\r
+\r
+#define DH_FLAG_FIPS_METHOD 0x0400\r
+\r
+/* If this flag is set the operations normally disabled in FIPS mode are\r
+ * permitted it is then the applications responsibility to ensure that the\r
+ * usage is compliant.\r
+ */\r
+\r
+#define DH_FLAG_NON_FIPS_ALLOW 0x0400\r
+\r
#ifdef __cplusplus\r
extern "C" {\r
#endif\r
#define DH_F_COMPUTE_KEY 102\r
#define DH_F_DHPARAMS_PRINT_FP 101\r
#define DH_F_DH_BUILTIN_GENPARAMS 106\r
+#define DH_F_DH_COMPUTE_KEY 114\r
+#define DH_F_DH_GENERATE_KEY 115\r
+#define DH_F_DH_GENERATE_PARAMETERS_EX 116\r
#define DH_F_DH_NEW_METHOD 105\r
#define DH_F_DH_PARAM_DECODE 107\r
#define DH_F_DH_PRIV_DECODE 110\r
#define DH_R_DECODE_ERROR 104\r
#define DH_R_INVALID_PUBKEY 102\r
#define DH_R_KEYS_NOT_SET 108\r
+#define DH_R_KEY_SIZE_TOO_SMALL 110\r
#define DH_R_MODULUS_TOO_LARGE 103\r
+#define DH_R_NON_FIPS_METHOD 111\r
#define DH_R_NO_PARAMETERS_SET 107\r
#define DH_R_NO_PRIVATE_VALUE 100\r
#define DH_R_PARAMETER_ENCODING_ERROR 105\r