openssl/fips.rs
1//! FIPS 140-2 support.
2//!
3//! See [OpenSSL's documentation] for details.
4//!
5//! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
6use crate::cvt;
7use crate::error::ErrorStack;
8use openssl_macros::corresponds;
9
10/// Moves the library into or out of the FIPS 140-2 mode of operation.
11#[corresponds(FIPS_mode_set)]
12pub fn enable(enabled: bool) -> Result<(), ErrorStack> {
13 ffi::init();
14 unsafe { cvt(ffi::FIPS_mode_set(enabled as _)).map(|_| ()) }
15}
16
17/// Determines if the library is running in the FIPS 140-2 mode of operation.
18#[corresponds(FIPS_mode)]
19pub fn enabled() -> bool {
20 unsafe { ffi::FIPS_mode() != 0 }
21}