cloudflare/cloudflared
Publicmirrored from https://github.com/cloudflare/cloudflaredAvailable
check-fips.sh
15lines · modecode
| 1 | # Pass the path to the executable to check for FIPS compliance |
| 2 | exe=$1 |
| 3 | |
| 4 | if [ "$(go tool nm "${exe}" | grep -c '_Cfunc__goboringcrypto_')" -eq 0 ]; then |
| 5 | # Asserts that executable is using FIPS-compliant boringcrypto |
| 6 | echo "${exe}: missing goboring symbols" >&2 |
| 7 | exit 1 |
| 8 | fi |
| 9 | if [ "$(go tool nm "${exe}" | grep -c 'crypto/internal/boring/sig.FIPSOnly')" -eq 0 ]; then |
| 10 | # Asserts that executable is using FIPS-only schemes |
| 11 | echo "${exe}: missing fipsonly symbols" >&2 |
| 12 | exit 1 |
| 13 | fi |
| 14 | |
| 15 | echo "${exe} is FIPS-compliant" |
| 16 | |