summaryrefslogtreecommitdiff
path: root/usr/src/lib/libcryptoutil/common/config_parsing.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/libcryptoutil/common/config_parsing.c')
-rw-r--r--usr/src/lib/libcryptoutil/common/config_parsing.c62
1 files changed, 0 insertions, 62 deletions
diff --git a/usr/src/lib/libcryptoutil/common/config_parsing.c b/usr/src/lib/libcryptoutil/common/config_parsing.c
index b2c8f7f05a..83e5cd9a3f 100644
--- a/usr/src/lib/libcryptoutil/common/config_parsing.c
+++ b/usr/src/lib/libcryptoutil/common/config_parsing.c
@@ -599,65 +599,3 @@ is_fips(char *name)
return (B_FALSE);
}
}
-
-CK_RV
-get_fips_mode(int *mode)
-{
- FILE *pfile = NULL;
- char buffer[BUFSIZ];
- int len;
- CK_RV rc = CKR_OK;
- int found = 0;
- char *token1;
- boolean_t fips_mode = B_FALSE;
-
- if ((pfile = fopen(_PATH_PKCS11_CONF, "r")) == NULL) {
- cryptoerror(LOG_DEBUG,
- "failed to open the pkcs11.conf file for read only.");
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- return (CKR_OK);
- }
-
- while (fgets(buffer, BUFSIZ, pfile) != NULL) {
- if (buffer[0] == '#' || buffer[0] == ' ' ||
- buffer[0] == '\n'|| buffer[0] == '\t') {
- continue; /* ignore comment lines */
- }
-
- len = strlen(buffer);
- if (buffer[len - 1] == '\n') { /* get rid of trailing '\n' */
- len--;
- }
- buffer[len] = '\0';
-
- /* Get provider name */
- if ((token1 = strtok(buffer, SEP_COLON)) ==
- NULL) { /* buf is NULL */
- return (CKR_FUNCTION_FAILED);
- };
-
- if (is_fips(token1)) {
- if ((rc = parse_fips_mode(buffer + strlen(token1) + 1,
- &fips_mode)) != CKR_OK) {
- goto out;
- } else {
- found++;
- if (fips_mode == B_TRUE)
- *mode = CRYPTO_FIPS_MODE_ENABLED;
- else
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- break;
- }
- } else {
- continue;
- }
- }
-
- if (!found) {
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- }
-
-out:
- (void) fclose(pfile);
- return (rc);
-}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-11 05:02:47 +0000