"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/lib/utils_fips.c" (13 Jan 2022, 1480 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "utils_fips.c" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 2.4.0_vs_2.4.1.

    1 /*
    2  * FIPS mode utilities
    3  *
    4  * Copyright (C) 2011-2021 Red Hat, Inc. All rights reserved.
    5  *
    6  * This program is free software; you can redistribute it and/or
    7  * modify it under the terms of the GNU General Public License
    8  * as published by the Free Software Foundation; either version 2
    9  * of the License, or (at your option) any later version.
   10  *
   11  * This program is distributed in the hope that it will be useful,
   12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14  * GNU General Public License for more details.
   15  *
   16  * You should have received a copy of the GNU General Public License
   17  * along with this program; if not, write to the Free Software
   18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
   19  */
   20 
   21 #include <unistd.h>
   22 #include <fcntl.h>
   23 #include <errno.h>
   24 #include "utils_fips.h"
   25 
   26 #if !ENABLE_FIPS
   27 bool crypt_fips_mode(void) { return false; }
   28 #else
   29 static bool fips_checked = false;
   30 static bool fips_mode = false;
   31 
   32 static bool kernel_fips_mode(void)
   33 {
   34     int fd;
   35     char buf[1] = "";
   36 
   37     if ((fd = open("/proc/sys/crypto/fips_enabled", O_RDONLY)) >= 0) {
   38         while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR);
   39         close(fd);
   40     }
   41 
   42     return (buf[0] == '1');
   43 }
   44 
   45 bool crypt_fips_mode(void)
   46 {
   47     if (fips_checked)
   48         return fips_mode;
   49 
   50     fips_mode = kernel_fips_mode() && !access("/etc/system-fips", F_OK);
   51     fips_checked = true;
   52 
   53     return fips_mode;
   54 }
   55 #endif /* ENABLE_FIPS */