fips140.mx raw

   1  // Copyright 2024 The Go Authors. All rights reserved.
   2  // Use of this source code is governed by a BSD-style
   3  // license that can be found in the LICENSE file.
   4  
   5  package fips140
   6  
   7  import (
   8  	"crypto/internal/fips140"
   9  	"crypto/internal/fips140/check"
  10  )
  11  
  12  // Enabled reports whether the cryptography libraries are operating in FIPS
  13  // 140-3 mode.
  14  //
  15  // It can be controlled at runtime using the GODEBUG setting "fips140". If set
  16  // to "on", FIPS 140-3 mode is enabled. If set to "only", non-approved
  17  // cryptography functions will additionally return errors or panic.
  18  //
  19  // This can't be changed after the program has started.
  20  func Enabled() bool {
  21  	if fips140.Enabled && !check.Verified {
  22  		panic("crypto/fips140: FIPS 140-3 mode enabled, but integrity check didn't pass")
  23  	}
  24  	return fips140.Enabled
  25  }
  26