module ChefConfig
def self.fips?
def self.fips? if ChefUtils.windows? begin require "win32/registry" unless defined?(Win32::Registry) rescue LoadError return false end # from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx reg_type = case ::RbConfig::CONFIG["target_cpu"] when "i386" Win32::Registry::KEY_READ | 0x100 when "x86_64" Win32::Registry::KEY_READ | 0x200 else Win32::Registry::KEY_READ end begin Win32::Registry::HKEY_LOCAL_MACHINE.open('System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy', reg_type) do |policy| policy["Enabled"] != 0 end rescue Win32::Registry::Error false end else fips_path = "/proc/sys/crypto/fips_enabled" File.exist?(fips_path) && File.read(fips_path).chomp != "0" end end