def self.fips?
if ChefConfig.windows?
begin
require "win32/registry"
rescue LoadError
return false
end
reg_type =
case ::RbConfig::CONFIG["target_cpu"]
when "i386"
Win32::Registry::KEY_READ | 0x100
when "x86_64"
Win32::Registry::KEY_READ | 0x200
else
Win32::Registry::KEY_READ
end
begin
Win32::Registry::HKEY_LOCAL_MACHINE.open('System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy', reg_type) do |policy|
policy["Enabled"] != 0
end
rescue Win32::Registry::Error
false
end
else
fips_path = "/proc/sys/crypto/fips_enabled"
File.exist?(fips_path) && File.read(fips_path).chomp != "0"
end
end