diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2022-01-11 14:31:55 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-01-11 14:31:55 +0900 |
commit | 2a8b3fed1a80e74dfb12c03e426373a300407eda (patch) | |
tree | bb2ae4be8f57bc1f649f6729b491c3de835d3042 /tests/t-ed25519.c | |
parent | 383866f014f2ae8487d15e3fd99fe688b489d364 (diff) | |
download | libgcrypt-2a8b3fed1a80e74dfb12c03e426373a300407eda.tar.gz |
fips: Provide a mechanizm to put libgcrypt in non-FIPS mode.
* doc/gcrypt.texi (Disabling FIPS mode): Add.
* src/gcrypt.h.in (GCRYCTL_NO_FIPS_MODE): New.
* src/global.c (_gcry_vcontrol): Support GCRYCTL_NO_FIPS_MODE.
* tests/t-ed25519.c: Add --no-fips option to test non-FIPS mode.
--
GnuPG-bug-id: 5747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'tests/t-ed25519.c')
-rw-r--r-- | tests/t-ed25519.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/t-ed25519.c b/tests/t-ed25519.c index 160bf980..cc129761 100644 --- a/tests/t-ed25519.c +++ b/tests/t-ed25519.c @@ -35,6 +35,7 @@ static int sign_with_pk; static int no_verify; +static int no_fips; static int custom_data_file; static int in_fips_mode; @@ -474,6 +475,11 @@ main (int argc, char **argv) argc--; argv++; } } + else if (!strcmp (*argv, "--no-fips")) + { + no_fips = 1; + argc--; argv++; + } else if (!strncmp (*argv, "--", 2)) die ("unknown option '%s'", *argv); @@ -489,6 +495,11 @@ main (int argc, char **argv) die ("version mismatch\n"); if (debug) xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0)); + if (no_fips) + { + xgcry_control ((GCRYCTL_NO_FIPS_MODE, 0)); + xgcry_control ((GCRYCTL_FIPS_MODE_P, 0)); + } xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0)); xgcry_control ((GCRYCTL_INITIALIZATION_FINISHED, 0)); |