On 03/18/2016 09:14 AM, Andrew Cagney wrote:
Yes, SECMOD_DeleteInternalModule() is a toggle which switches NSS between FIPS and non-FIPS. If you don't have a database open, or the database is open readOnly, the change only affects the running program.Is it possible to put NSS (softtoken) in FIPS mode (PK11_IsFIPS()) without a "modutil -fips true" database?By FIPS mode I guess I really mean confirm that NSS has performed some sort of FIPS self-check. An earlier thread mentioned some way of toggling things using SECMOD_DeleteInternalModule()?
bob
Andrew
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto