diff options
| author | Adam Langley <agl@imperialviolet.org> | 2024-05-19 23:41:16 +0000 |
|---|---|---|
| committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2024-05-20 19:35:02 +0000 |
| commit | c798e3a54912a1bfbf1c846630e2bb86e9b543a7 (patch) | |
| tree | d222852e9e1ffa8b90f0b9834f1b7ca3a4c76e75 /crypto | |
| parent | ba62c812f01fb379f49f94a08a2d1282ce46e678 (diff) | |
| download | boringssl-c798e3a54912a1bfbf1c846630e2bb86e9b543a7.zip boringssl-c798e3a54912a1bfbf1c846630e2bb86e9b543a7.tar.gz boringssl-c798e3a54912a1bfbf1c846630e2bb86e9b543a7.tar.bz2 | |
Expose the FIPS module hash at build- and run-time.
In order to provide evidence that a given build is being used when
testing the module (as part of validation), this change prints the
module hash during the build process and makes it available for logging
at run time.
Change-Id: Ib128858cc429655e86444ee86dd04f1467abc735
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/68528
Reviewed-by: David Benjamin <davidben@google.com>
Auto-Submit: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/fipsmodule/bcm.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c index 9d9227d..4b9b64f 100644 --- a/crypto/fipsmodule/bcm.c +++ b/crypto/fipsmodule/bcm.c @@ -263,6 +263,11 @@ int BORINGSSL_integrity_test(void) { OPENSSL_cleanse(result, sizeof(result)); // FIPS 140-3, AS05.10. return 1; } + +const uint8_t* FIPS_module_hash(void) { + return BORINGSSL_bcm_text_hash; +} + #endif // OPENSSL_ASAN void BORINGSSL_FIPS_abort(void) { |