pub fn run_post() -> Result<(), SelfTestError>Expand description
Run every per-algorithm self-test once and return Ok(()) only if all
pass. Aborts at the first failure (do not continue with a broken
cryptographic module). Designed to be called once at process start.
Cost: a single hybrid KEM keygen + encap/decap + a single hybrid signature gen + sign + verify, plus one or two AEAD round-trips and one HKDF expansion. Around 1-5 ms on a modern host; FIPS-mandated regardless.
Under --features fips only the FIPS-approved AEAD (AES-256-GCM)
is exercised; CryptoSession::with_suite rejects ChaCha20-Poly1305
in that configuration, and the POST refuses to run a primitive the
production build cannot use.