Source File
fips140.go
Belonging Package
crypto/internal/fips140
// Copyright 2024 The Go Authors. All rights reserved.// Use of this source code is governed by a BSD-style// license that can be found in the LICENSE file.package fips140import ()var Enabled boolvar debug boolfunc init() {:= godebug.Value("#fips140")switch {case "on", "only":Enabled = truecase "debug":Enabled = truedebug = truecase "off", "":default:panic("fips140: unknown GODEBUG setting fips140=" + )}}// Supported returns an error if FIPS 140-3 mode can't be enabled.func () error {// Keep this in sync with fipsSupported in cmd/dist/test.go.// ASAN disapproves of reading swaths of global memory in fips140/check.// One option would be to expose runtime.asanunpoison through// crypto/internal/fips140deps and then call it to unpoison the range// before reading it, but it is unclear whether that would then cause// false negatives. For now, FIPS+ASAN doesn't need to work.if asanEnabled {return errors.New("FIPS 140-3 mode is incompatible with ASAN")}// See EnableFIPS in cmd/internal/obj/fips.go for commentary.switch {case runtime.GOARCH == "wasm",runtime.GOOS == "windows" && runtime.GOARCH == "386",runtime.GOOS == "windows" && runtime.GOARCH == "arm",runtime.GOOS == "openbsd", // due to -fexecute-only, see #70880runtime.GOOS == "aix":return errors.New("FIPS 140-3 mode is not supported on " + runtime.GOOS + "-" + runtime.GOARCH)}if boringEnabled {return errors.New("FIPS 140-3 mode is incompatible with GOEXPERIMENT=boringcrypto")}return nil}func () string {return "Go Cryptographic Module"}func () string {return "v1.0"}
 |
The pages are generated with Golds v0.7.6-preview. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |