eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-18 06:10:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

tests: use utility to detect FIPS mode

Browse Source 
Also try to use crypto lib/kernel check where appropriate.

This can be useful for local testing (non-FIPS kernel) byt
should not break real FIPS systems.
This commit is contained in:
Milan Broz
2025-11-13 22:06:52 +01:00
parent e4c498d15b
commit 11a4fc6790
12 changed files with 25 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/test_utils.c
View File

@@ -165,20 +165,12 @@ int t_set_readahead(const char *device, unsigned value)
int fips_mode(void)
{
int fd;
char buf = 0;
return _system("./crypto-check fips_mode", 1) == 0;
}
fd = open("/proc/sys/crypto/fips_enabled", O_RDONLY);
if (fd < 0)
return 0;
if (read(fd, &buf, 1) != 1)
buf = '0';
close(fd);
return (buf == '1');
int fips_mode_kernel(void)
{
return _system("./crypto-check fips_mode_kernel", 1) == 0;
}
/*