4 * Copyright (C) 2011-2012, Red Hat, Inc. All rights reserved.
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 #include "libcryptsetup.h"
25 #include "utils_fips.h"
29 int crypt_fips_mode(void) { return 0; }
30 void crypt_fips_libcryptsetup_check(struct crypt_device *cd) {}
31 void crypt_fips_self_check(struct crypt_device *cd) {}
33 #include <fipscheck.h>
35 int crypt_fips_mode(void)
37 return FIPSCHECK_kernel_fips_mode();
40 static void crypt_fips_verify(struct crypt_device *cd,
41 const char *name, const char *function)
43 if (!crypt_fips_mode())
46 if (!FIPSCHECK_verify(name, function)) {
47 crypt_log(cd, CRYPT_LOG_ERROR, _("FIPS checksum verification failed.\n"));
51 crypt_log(cd, CRYPT_LOG_VERBOSE, _("Running in FIPS mode.\n"));
54 void crypt_fips_libcryptsetup_check(struct crypt_device *cd)
56 crypt_fips_verify(cd, LIBCRYPTSETUP_VERSION_FIPS, "crypt_init");
59 void crypt_fips_self_check(struct crypt_device *cd)
61 crypt_fips_verify(cd, NULL, NULL);
63 #endif /* ENABLE_FIPS */
projects / platform / upstream / cryptsetup.git / blob