ica_fips_status
Purpose
Queries and returns a FIPS status that indicates, which self-tests were passed or failed, and whether libica is running in FIPS mode.
The output is an integer, which is interpreted as a series of 32 bits, where each bit is a flag. Each flag, if set, corresponds to one of the defined constants as described in FIPS mode constants. Each constant, in return indicates either a status, or whether a certain test has passed (flag or constant is not set) or failed (flag or constant is set).
For example, look at the following returned integer as a bitmap, where only the 12 rightmost bits are considered:
... 0001 0000 1000
| |
2^8=256 2^3=8
In this example, we see that bits with values 8 and 256 are set, which means, that
ICA_FIPS_CRITICALFUNC 8 and ICA_FIPS_BYPASS 256 are set. This in
turn means, that the Critical functions test and the Bypass test failed.
Format
int ica_fips_status(void);
Return codes
- 1
- libica is running in FIPS mode.
- 0
- libica is not running in FIPS mode.
- integer other than 0 or 1
- Flags indicating the module status. See FIPS mode constants.