#ifndef H_FIPS
#define H_FIPS

#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <math.h>
#include "audit.h"

#define TYPE_RSA    0x01
#define TYPE_X509   0x02

#define RSA_FORMAT_PKCS1    0x1
#define RSA_FORMAT_SPKI      0x2

#define BUF_SIZE_RESULT     256

#define ALGO_RSA    0x01
#define ALGO_EC     0x02

struct audit_fips{
    struct st_audit audit_keysize;
    struct st_audit audit_exponent;
};

struct rsa{
    RSA *rsa;
    BIO *bio;
#if OPENSSL_VERSION_NUMBER > 0x03000000f
    EVP_PKEY *evp;
#endif
};

struct keyinfo{
    int keysize;
    unsigned long exponent;
    int format;
    char *key;
    int algo;
};

int fips(const char *, struct audit_fips *, struct keyinfo *, const int, const int, const int);
/* RSA */
static int fips_pubkey_rsa(struct audit_fips *, struct keyinfo *, const char *, const int);
static int fips_privkey_rsa(struct audit_fips *, struct keyinfo *, const char *, const int);
static int loadkeys_rsa_v1(struct rsa **, const char *, int *format);
static int loadkeys_rsa_v3(struct rsa **, const char *, int *format);
static int load_priv_rsa_keys_v1(struct rsa **, const char *);
static int load_priv_rsa_keys_v3(struct rsa **, const char *);
static void audit_rsa_keys(struct rsa *, struct audit_fips *, struct keyinfo *, const char *);

/* X509 */
static int fips_x509_v1(struct audit_fips *, struct keyinfo *, const char *, const int);
static int fips_x509_v3(struct audit_fips *, struct keyinfo *, const char *, const int);

static int check_exponent(const BIGNUM *, char *, unsigned long *);
static void clean_rsa_st(struct rsa *);
static int openssl_version();
static void print_error();

#endif