From: Pauli Date: Wed, 19 Feb 2025 23:41:56 +0000 (+1100) Subject: fips: add function to detect if the self tests are running X-Git-Tag: openssl-3.5.0-alpha1~130 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e36d00e53b0eef2ac08a9b81cdb892039c7ffae9;p=thirdparty%2Fopenssl.git fips: add function to detect if the self tests are running Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/26838) --- diff --git a/include/internal/fips.h b/include/internal/fips.h new file mode 100644 index 00000000000..3f70c0de93c --- /dev/null +++ b/include/internal/fips.h @@ -0,0 +1,21 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_INTERNAL_FIPS_H +# define OSSL_INTERNAL_FIPS_H +# pragma once + +# ifdef FIPS_MODULE + +/* Return 1 if the FIPS self tests are running and 0 otherwise */ +int ossl_fips_self_testing(void); + +# endif /* FIPS_MODULE */ + +#endif diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index c966f24b362..5938b55b46e 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -17,6 +17,7 @@ #include #include #include "internal/e_os.h" +#include "internal/fips.h" #include "internal/tsan_assist.h" #include "prov/providercommon.h" #include "crypto/rand.h" @@ -301,6 +302,12 @@ static void set_fips_state(int state) tsan_store(&FIPS_state, state); } +/* Return 1 if the FIPS self tests are running and 0 otherwise */ +int ossl_fips_self_testing(void) +{ + return tsan_load(&FIPS_state) == FIPS_STATE_SELFTEST; +} + /* This API is triggered either on loading of the FIPS module or on demand */ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) {