Skip to content

Commit

Permalink
Remove boring::fips::enable (fixes #150)
Browse files Browse the repository at this point in the history 
In boringssl, FIPS_mode_set is more or less useless, and
it doesn't even set an error stack at all on failure,
so there is no point using it instead of FIPS_mode.
  • Loading branch information
@nox @ghedo
nox authored and ghedo committed Oct 10, 2023
1 parent ea96015 commit 6c681a4
Showing 1 changed file with 0 additions and 9 deletions.
9 changes: 0 additions & 9 deletions boring/src/fips.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,8 @@
//! See [OpenSSL's documentation] for details.
//!
//! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
use crate::cvt;
use crate::error::ErrorStack;
use crate::ffi;

/// Moves the library into or out of the FIPS 140-2 mode of operation.
///
/// This corresponds to `FIPS_mode_set`.
pub fn enable(enabled: bool) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::FIPS_mode_set(enabled as _)).map(|_| ()) }
}

/// Determines if the library is running in the FIPS 140-2 mode of operation.
///
/// This corresponds to `FIPS_mode`.
Expand Down

0 comments on commit 6c681a4

Please sign in to comment.