libgcrypt FSM shutdown state -- what does this mean?

Werner Koch wk at
Wed Oct 14 11:19:39 CEST 2015

On Wed, 14 Oct 2015 05:45, xxiao8 at said:

> if anything went wrong it enters to Shutdown state, what does this
> mean to a library? I have cryptsetup that uses this library? how do I
> know libgcrypt has shutdown? Is there a way to monitor libgcrypt that

The whole state machinery is more for documentary purposes because we
can't map the FIPS required states onto our processing model.  Thus you
won't see all states and in particular not the shutdown state.  Instead
we end up here

  _gcry_fips_noreturn (void)
  #ifdef HAVE_SYSLOG
    syslog (LOG_USER|LOG_ERR, "Libgcrypt terminated the application");
  #endif /*HAVE_SYSLOG*/
    fflush (NULL);
    abort ();

for severe errors.

What you can do is to check wether libgcrypt is in operational mode
(selftests done and not in an error state or not runnign in FIPS mode):

      if (gcry_control (GCRYCTL_OPERATIONAL_P, 0))
        puts ("Libgcrypt is operational");


Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list