remove FIPS mode support. people who require FIPS can buy something that

meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
author: tedu <> 2014-04-15 20:06:10 +0000
committer: tedu <> 2014-04-15 20:06:10 +0000
commit: f88d9acb16e601adf96b4de4b1041d52d0d846da (patch)
tree: 11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/dsa/dsa_vrf.c
parent: e3275129dc02b842088cee9974244d4933cd72c6 (diff)
download: openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.tar.gz
openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.tar.bz2
openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.zip
1 files changed, 0 insertions, 8 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
index 674cb5fa5f..286ed28cfa 100644
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,13 +64,5 @@
 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                  DSA *dsa)
        {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
-                        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
-                {
-                DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
-                return -1;
-                }
-#endif
        return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
        }
author	tedu <>	2014-04-15 20:06:10 +0000
committer	tedu <>	2014-04-15 20:06:10 +0000
commit	f88d9acb16e601adf96b4de4b1041d52d0d846da (patch)
tree	11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/dsa/dsa_vrf.c
parent	e3275129dc02b842088cee9974244d4933cd72c6 (diff)
download	openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.tar.gz openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.tar.bz2 openbsd-f88d9acb16e601adf96b4de4b1041d52d0d846da.zip

diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index 674cb5fa5f..286ed28cfa 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,13 +64,5 @@
64	int DSA_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,	64	int DSA_do_verify(const unsigned char dgst, int dgst_len, DSA_SIG sig,
65	DSA *dsa)	65	DSA *dsa)
66	{	66	{
67	#ifdef OPENSSL_FIPS
68	if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
69	&& !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
70	{
71	DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
72	return -1;
73	}
74	#endif
75	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);	67	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
76	}	68	}