CheckCompliance parses the ELF executable represented by reader and located at path -- which should be the source of the running executable image -- and performs the following checks: 1.

Compliant opens the current executable and then performs checks in CheckCompliance; any failure is logged to standard out with an "go_ensurefips: " prefix and then forces the process to exit with -1.

boringCryptoSymbolToken matches the pattern BoringCrypto symbols should match as described in https://go.googlesource.com/go/+/refs/heads/dev.boringcrypto.go1.12/misc/boring/ and https://github.com/golang/go/blob/d003f0850a7d22a2047c1cd6830fca07944f18d1/src/crypto/internal/boring/goboringcrypto.h#L5-L9.

WriteFIPSMessage describes a function that can be passed to CheckCompliance to output a FIPS success message.