FIPS mode support

Closes #818
author: Steven Fackler <[email protected]> 2018-01-06 08:50:50 -0800
committer: Steven Fackler <[email protected]> 2018-01-06 08:51:20 -0800
commit: 45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74 (patch)
tree: 0ab929a5b9ad4b5bf5be5ef8537c9ff368da1322 /openssl/src/fips.rs
parent: Merge pull request #811 from apeduru/x509-docs (diff)
download: rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.tar.xz
rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.zip
1 files changed, 22 insertions, 0 deletions
diff --git a/openssl/src/fips.rs b/openssl/src/fips.rs
new file mode 100644
index 00000000..374a8299
--- /dev/null
+++ b/openssl/src/fips.rs
@@ -0,0 +1,22 @@
+//! FIPS 140-2 support.
+//!
+//! See [OpenSSL's documentation] for details.
+//!
+//! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
+use cvt;
+use error::ErrorStack;
+use ffi;
+
+/// Moves the library into or out of the FIPS 140-2 mode of operation.
+///
+/// This corresponds to `FIPS_mode_set`.
+pub fn enable(enabled: bool) -> Result<(), ErrorStack> {
+    unsafe { cvt(ffi::FIPS_mode_set(enabled as _)).map(|_| ()) }
+}
+
+/// Determines if the library is running in the FIPS 140-2 mode of operation.
+///
+/// This corresponds to `FIPS_mode`.
+pub fn enabled() -> bool {
+    unsafe { ffi::FIPS_mode() != 0 }
+}
author	Steven Fackler <[email protected]>	2018-01-06 08:50:50 -0800
committer	Steven Fackler <[email protected]>	2018-01-06 08:51:20 -0800
commit	45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74 (patch)
tree	0ab929a5b9ad4b5bf5be5ef8537c9ff368da1322 /openssl/src/fips.rs
parent	Merge pull request #811 from apeduru/x509-docs (diff)
download	rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.tar.xz rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.zip