diff options
| author | Steven Fackler <[email protected]> | 2018-01-06 08:50:50 -0800 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2018-01-06 08:51:20 -0800 |
| commit | 45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74 (patch) | |
| tree | 0ab929a5b9ad4b5bf5be5ef8537c9ff368da1322 /openssl/src | |
| parent | Merge pull request #811 from apeduru/x509-docs (diff) | |
| download | rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.tar.xz rust-openssl-45c15a65ad6fd66b5bb5d018b79a6cc8a76c4d74.zip | |
FIPS mode support
Closes #818
Diffstat (limited to 'openssl/src')
| -rw-r--r-- | openssl/src/fips.rs | 22 | ||||
| -rw-r--r-- | openssl/src/lib.rs | 2 |
2 files changed, 24 insertions, 0 deletions
diff --git a/openssl/src/fips.rs b/openssl/src/fips.rs new file mode 100644 index 00000000..374a8299 --- /dev/null +++ b/openssl/src/fips.rs @@ -0,0 +1,22 @@ +//! FIPS 140-2 support. +//! +//! See [OpenSSL's documentation] for details. +//! +//! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf +use cvt; +use error::ErrorStack; +use ffi; + +/// Moves the library into or out of the FIPS 140-2 mode of operation. +/// +/// This corresponds to `FIPS_mode_set`. +pub fn enable(enabled: bool) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::FIPS_mode_set(enabled as _)).map(|_| ()) } +} + +/// Determines if the library is running in the FIPS 140-2 mode of operation. +/// +/// This corresponds to `FIPS_mode`. +pub fn enabled() -> bool { + unsafe { ffi::FIPS_mode() != 0 } +} diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs index 2302b7a4..7c366aba 100644 --- a/openssl/src/lib.rs +++ b/openssl/src/lib.rs @@ -41,6 +41,8 @@ pub mod dsa; pub mod ec; pub mod error; pub mod ex_data; +#[cfg(not(libressl))] +pub mod fips; pub mod hash; pub mod memcmp; pub mod nid; |