package fips140

Import Path
	crypto/internal/fips140 (on go.dev)

Dependency Relation
	imports 6 packages, and imported by 20 packages

Involved Source Files

	    cast.go
	    fips140.go
	    indicator.go
	    notasan.go
	    notboring.go
Package-Level Type Names (only one)

	/* sort by: alphabet | popularity */
	 type Hash = hash.Hash (interface)
		Hash is a legacy compatibility alias for hash.Hash.
		
		It's only here because [crypto/internal/fips140/ecdsa.TestingOnlyNewDRBG]
		takes a "func() fips140.Hash" in v1.0.0, instead of being generic.


Package-Level Functions (total 9)

	 func CAST(name string, f func() error)
		CAST runs the named Cryptographic Algorithm Self-Test (if operated in FIPS
		mode) and aborts the program (stopping the module input/output and entering
		the "error state") if the self-test fails.
		
		CASTs are mandatory self-checks that must be performed by FIPS 140-3 modules
		before the algorithm is used. See Implementation Guidance 10.3.A.
		
		The name must not contain commas, colons, hashes, or equal signs.
		
		If a package p calls CAST from its init function, an import of p should also
		be added to crypto/internal/fips140test. If a package p calls CAST on the first
		use of the algorithm, an invocation of that algorithm should be added to
		fipstest.TestConditionals.

	 func Name() string
	 func PCT(name string, f func() error) error
		PCT runs the named Pairwise Consistency Test (if operated in FIPS mode) and
		returns any errors. If an error is returned, the key must not be used.
		
		PCTs are mandatory for every key pair that is generated/imported, including
		ephemeral keys (which effectively doubles the cost of key establishment). See
		Implementation Guidance 10.3.A Additional Comment 1.
		
		The name must not contain commas, colons, hashes, or equal signs.
		
		If a package p calls PCT during key generation, an invocation of that
		function should be added to fipstest.TestConditionals.

	 func RecordApproved()
		RecordApproved is an internal function that records the use of an approved
		service. It does not override RecordNonApproved calls in the same span.
		
		It should be called by exposed functions that perform a whole cryptographic
		alrgorithm (e.g. by Sum, not by New, unless a cryptographic Instantiate
		algorithm is performed) and should be called after any checks that may cause
		the function to error out or panic.

	 func RecordNonApproved()
		RecordNonApproved is an internal function that records the use of a
		non-approved service. It overrides any RecordApproved calls in the same span.

	 func ResetServiceIndicator()
		ResetServiceIndicator clears the service indicator for the running goroutine.

	 func ServiceIndicator() bool
		ServiceIndicator returns true if and only if all services invoked by this
		goroutine since the last ResetServiceIndicator call are approved.
		
		If ResetServiceIndicator was not called before by this goroutine, its return
		value is undefined.

	 func Supported() error
		Supported returns an error if FIPS 140-3 mode can't be enabled.

	 func Version() string
		Version returns the formal version (such as "v1.0") if building against a
		frozen module with GOFIPS140. Otherwise, it returns "latest".


Package-Level Variables (only one)

	  var Enabled bool

The pages are generated with Golds v0.7.7-preview. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds.