Source file src/crypto/internal/fips140only/fips140only.go

     1  // Copyright 2024 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package fips140only
     6  
     7  import (
     8  	"crypto/internal/fips140/drbg"
     9  	"crypto/internal/fips140/sha256"
    10  	"crypto/internal/fips140/sha3"
    11  	"crypto/internal/fips140/sha512"
    12  	"hash"
    13  	"internal/godebug"
    14  	"io"
    15  )
    16  
    17  // Enabled reports whether FIPS 140-only mode is enabled, in which non-approved
    18  // cryptography returns an error or panics.
    19  var Enabled = godebug.New("#fips140").Value() == "only"
    20  
    21  func ApprovedHash(h hash.Hash) bool {
    22  	switch h.(type) {
    23  	case *sha256.Digest, *sha512.Digest, *sha3.Digest:
    24  		return true
    25  	default:
    26  		return false
    27  	}
    28  }
    29  
    30  func ApprovedRandomReader(r io.Reader) bool {
    31  	_, ok := r.(drbg.DefaultReader)
    32  	return ok
    33  }
    34  

View as plain text