From 01a9a7592e332cf4853bc84c33407d384a1a14ba Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 4 Jul 2011 23:38:16 +0000
Subject: [PATCH] Add functions to return FIPS module version.

---
 CHANGES                |  4 ++++
 fips/fips.c            | 10 ++++++++++
 fips/fips.h            |  3 +++
 fips/fips_locl.h       |  3 +++
 fips/fips_test_suite.c |  4 +++-
 5 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 246c1fecb3..4ba53d3493 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Add functions FIPS_module_version() and FIPS_module_version_text()
+     to return numberical and string versions of the FIPS module number.
+     [Steve Henson]
+
   *) Rename FIPS_mode_set and FIPS_mode to FIPS_module_mode_set and
      FIPS_module_mode. FIPS_mode and FIPS_mode_set will be implmeneted
      outside the validated module in the FIPS capable OpenSSL.
diff --git a/fips/fips.c b/fips/fips.c
index 09accac835..ef9c0bddaa 100644
--- a/fips/fips.c
+++ b/fips/fips.c
@@ -365,6 +365,16 @@ unsigned char *fips_signature_witness(void)
 	return FIPS_signature;
 	}
 
+unsigned long FIPS_module_version(void)
+	{
+	return FIPS_MODULE_VERSION_NUMBER;
+	}
+
+const char *FIPS_module_version_text(void)
+	{
+	return FIPS_MODULE_VERSION_TEXT;
+	}
+
 #if 0
 /* The purpose of this is to ensure the error code exists and the function
  * name is to keep the error checking script quiet
diff --git a/fips/fips.h b/fips/fips.h
index 3b679411f2..c8a766e37a 100644
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -78,6 +78,9 @@ struct dh_method;
 struct CMAC_CTX_st;
 struct hmac_ctx_st;
 
+unsigned long FIPS_module_version(void);
+const char *FIPS_module_version_text(void);
+
 int FIPS_module_mode_set(int onoff);
 int FIPS_module_mode(void);
 const void *FIPS_rand_check(void);
diff --git a/fips/fips_locl.h b/fips/fips_locl.h
index 1b29176ae0..df3863f91e 100644
--- a/fips/fips_locl.h
+++ b/fips/fips_locl.h
@@ -67,6 +67,9 @@ int fips_post_failed(int id, int subid, void *ex);
 int fips_post_corrupt(int id, int subid, void *ex);
 int fips_post_status(void);
 
+#define FIPS_MODULE_VERSION_NUMBER	0x20000000L
+#define FIPS_MODULE_VERSION_TEXT	"FIPS 2.0-dev unvalidated test module xx XXX xxxx"
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c
index 5290cb2587..bfd34c1924 100644
--- a/fips/fips_test_suite.c
+++ b/fips/fips_test_suite.c
@@ -874,7 +874,9 @@ int main(int argc,char **argv)
 
     FIPS_post_set_callback(post_cb);
 
-    printf("\tFIPS-mode test application\n\n");
+    printf("\tFIPS-mode test application\n");
+
+    printf("\t%s\n\n", FIPS_module_version_text());
 
     if (argv[1]) {
         /* Corrupted KAT tests */
-- 
GitLab