remove FIPS mode support. people who require FIPS can buy something that

meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
author: tedu <> 2014-04-15 20:06:10 +0000
committer: tedu <> 2014-04-15 20:06:10 +0000
commit: 3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree: 11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/crypto.h
parent: 4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download: openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip
1 files changed, 0 insertions, 16 deletions
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
index 351ccfd35b..56c5dfadb8 100644
--- a/src/lib/libcrypto/crypto.h
+++ b/src/lib/libcrypto/crypto.h
@@ -538,25 +538,9 @@ void OPENSSL_init(void);
 #define fips_md_init(alg) fips_md_init_ctx(alg, alg)
-#ifdef OPENSSL_FIPS
-#define fips_md_init_ctx(alg, cx) \
-        int alg##_Init(cx##_CTX *c) \
-        { \
-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-                "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
-        return private_##alg##_Init(c); \
-        } \
-        int private_##alg##_Init(cx##_CTX *c)
-#define fips_cipher_abort(alg) \
-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-                "Low level API call to cipher " #alg " forbidden in FIPS mode!")
-#else
 #define fips_md_init_ctx(alg, cx) \
        int alg##_Init(cx##_CTX *c)
 #define fips_cipher_abort(alg) while(0)
-#endif
 /* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
 * takes an amount of time dependent on |len|, but independent of the contents
author	tedu <>	2014-04-15 20:06:10 +0000
committer	tedu <>	2014-04-15 20:06:10 +0000
commit	3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree	11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/crypto.h
parent	4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download	openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2 openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip

diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index 351ccfd35b..56c5dfadb8 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h
@@ -538,25 +538,9 @@ void OPENSSL_init(void);
538		538
539	#define fips_md_init(alg) fips_md_init_ctx(alg, alg)	539	#define fips_md_init(alg) fips_md_init_ctx(alg, alg)
540		540
541	#ifdef OPENSSL_FIPS
542	#define fips_md_init_ctx(alg, cx) \
543	int alg##_Init(cx##_CTX *c) \
544	{ \
545	if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
546	"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
547	return private_##alg##_Init(c); \
548	} \
549	int private_##alg##_Init(cx##_CTX *c)
550
551	#define fips_cipher_abort(alg) \
552	if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
553	"Low level API call to cipher " #alg " forbidden in FIPS mode!")
554
555	#else
556	#define fips_md_init_ctx(alg, cx) \	541	#define fips_md_init_ctx(alg, cx) \
557	int alg##_Init(cx##_CTX *c)	542	int alg##_Init(cx##_CTX *c)
558	#define fips_cipher_abort(alg) while(0)	543	#define fips_cipher_abort(alg) while(0)
559	#endif
560		544
561	/* CRYPTO_memcmp returns zero iff the \|len\| bytes at \|a\| and \|b\| are equal. It	545	/* CRYPTO_memcmp returns zero iff the \|len\| bytes at \|a\| and \|b\| are equal. It
562	* takes an amount of time dependent on \|len\|, but independent of the contents	546	* takes an amount of time dependent on \|len\|, but independent of the contents