diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2012-04-04 14:17:09 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2012-04-04 16:11:37 +0200 |
commit | 90e49a11733bfba9c3c505ac487282d35757f682 (patch) | |
tree | 7c4696e2ced4e66469095885bef94bef23efd112 /src/fips.c | |
parent | 70cca617ed75ea292e1fed769114dda5cc1d76f1 (diff) | |
download | libgcrypt-90e49a11733bfba9c3c505ac487282d35757f682.tar.gz |
Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command.
* doc/gcrypt.texi: Add documentation of the new command.
* src/fips.c (_gcry_enforced_fips_mode): Report the enforced fips mode
only when fips mode is enabled.
(_gcry_set_enforced_fips_mode): New function.
* src/g10lib.h: Add the _gcry_set_enforced_fips_mode prototype.
* src/gcrypt.h.in: Add the GCRYCTL_SET_ENFORCED_FIPS_FLAG.
* src/global.c (_gcry_vcontrol): Handle the new command.
Diffstat (limited to 'src/fips.c')
-rw-r--r-- | src/fips.c | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -274,9 +274,17 @@ _gcry_fips_mode (void) int _gcry_enforced_fips_mode (void) { + if (!_gcry_fips_mode ()) + return 0; return enforced_fips_mode; } +/* Set a flag telling whether we are in the enforced fips mode. */ +void +_gcry_set_enforced_fips_mode (void) +{ + enforced_fips_mode = 1; +} /* If we do not want to enforce the fips mode, we can set a flag so that the application may check whether it is still in fips mode. |