1// Copyright 2017 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5//go:build boringcrypto 6 7// Package fipstls allows control over whether crypto/tls requires FIPS-approved settings. 8// This package only exists with GOEXPERIMENT=boringcrypto, but the effects are independent 9// of the use of BoringCrypto. 10package fipstls 11 12import ( 13 "internal/stringslite" 14 "sync/atomic" 15) 16 17var required atomic.Bool 18 19// Force forces crypto/tls to restrict TLS configurations to FIPS-approved settings. 20// By design, this call is impossible to undo (except in tests). 21// 22// Note that this call has an effect even in programs using 23// standard crypto (that is, even when Enabled = false). 24func Force() { 25 required.Store(true) 26} 27 28// Abandon allows non-FIPS-approved settings. 29// If called from a non-test binary, it panics. 30func Abandon() { 31 // Note: Not using boring.UnreachableExceptTests because we want 32 // this test to happen even when boring.Enabled = false. 33 name := runtime_arg0() 34 // Allow _test for Go command, .test for Bazel, 35 // NaClMain for NaCl (where all binaries run as NaClMain), 36 // and empty string for Windows (where runtime_arg0 can't easily find the name). 37 // Since this is an internal package, testing that this isn't used on the 38 // other operating systems should suffice to catch any mistakes. 39 if !stringslite.HasSuffix(name, "_test") && !stringslite.HasSuffix(name, ".test") && name != "NaClMain" && name != "" { 40 panic("fipstls: invalid use of Abandon in " + name) 41 } 42 required.Store(false) 43} 44 45// provided by runtime 46func runtime_arg0() string 47 48// Required reports whether FIPS-approved settings are required. 49func Required() bool { 50 return required.Load() 51} 52