summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem
diff options
context:
space:
mode:
authortedu <>2014-04-15 20:06:10 +0000
committertedu <>2014-04-15 20:06:10 +0000
commit3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/pem
parent4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
downloadopenbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip
remove FIPS mode support. people who require FIPS can buy something that
meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
Diffstat (limited to 'src/lib/libcrypto/pem')
-rw-r--r--src/lib/libcrypto/pem/pem_all.c157
1 files changed, 0 insertions, 157 deletions
diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c
index eac0460e3e..6ff6be7fbe 100644
--- a/src/lib/libcrypto/pem/pem_all.c
+++ b/src/lib/libcrypto/pem/pem_all.c
@@ -193,61 +193,8 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
193 193
194#endif 194#endif
195 195
196#ifdef OPENSSL_FIPS
197
198int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
199 unsigned char *kstr, int klen,
200 pem_password_cb *cb, void *u)
201{
202 if (FIPS_mode())
203 {
204 EVP_PKEY *k;
205 int ret;
206 k = EVP_PKEY_new();
207 if (!k)
208 return 0;
209 EVP_PKEY_set1_RSA(k, x);
210
211 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
212 EVP_PKEY_free(k);
213 return ret;
214 }
215 else
216 return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
217 PEM_STRING_RSA,bp,x,enc,kstr,klen,cb,u);
218}
219
220#ifndef OPENSSL_NO_FP_API
221int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
222 unsigned char *kstr, int klen,
223 pem_password_cb *cb, void *u)
224{
225 if (FIPS_mode())
226 {
227 EVP_PKEY *k;
228 int ret;
229 k = EVP_PKEY_new();
230 if (!k)
231 return 0;
232
233 EVP_PKEY_set1_RSA(k, x);
234
235 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
236 EVP_PKEY_free(k);
237 return ret;
238 }
239 else
240 return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
241 PEM_STRING_RSA,fp,x,enc,kstr,klen,cb,u);
242}
243#endif
244
245#else
246
247IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) 196IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
248 197
249#endif
250
251IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) 198IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
252IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) 199IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
253 200
@@ -277,59 +224,8 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
277 return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ 224 return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
278} 225}
279 226
280#ifdef OPENSSL_FIPS
281
282int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
283 unsigned char *kstr, int klen,
284 pem_password_cb *cb, void *u)
285{
286 if (FIPS_mode())
287 {
288 EVP_PKEY *k;
289 int ret;
290 k = EVP_PKEY_new();
291 if (!k)
292 return 0;
293 EVP_PKEY_set1_DSA(k, x);
294
295 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
296 EVP_PKEY_free(k);
297 return ret;
298 }
299 else
300 return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
301 PEM_STRING_DSA,bp,x,enc,kstr,klen,cb,u);
302}
303
304#ifndef OPENSSL_NO_FP_API
305int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
306 unsigned char *kstr, int klen,
307 pem_password_cb *cb, void *u)
308{
309 if (FIPS_mode())
310 {
311 EVP_PKEY *k;
312 int ret;
313 k = EVP_PKEY_new();
314 if (!k)
315 return 0;
316 EVP_PKEY_set1_DSA(k, x);
317 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
318 EVP_PKEY_free(k);
319 return ret;
320 }
321 else
322 return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
323 PEM_STRING_DSA,fp,x,enc,kstr,klen,cb,u);
324}
325#endif
326
327#else
328
329IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) 227IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
330 228
331#endif
332
333IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) 229IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
334 230
335#ifndef OPENSSL_NO_FP_API 231#ifndef OPENSSL_NO_FP_API
@@ -377,61 +273,8 @@ IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKPa
377 273
378 274
379 275
380#ifdef OPENSSL_FIPS
381
382int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
383 unsigned char *kstr, int klen,
384 pem_password_cb *cb, void *u)
385{
386 if (FIPS_mode())
387 {
388 EVP_PKEY *k;
389 int ret;
390 k = EVP_PKEY_new();
391 if (!k)
392 return 0;
393 EVP_PKEY_set1_EC_KEY(k, x);
394
395 ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
396 EVP_PKEY_free(k);
397 return ret;
398 }
399 else
400 return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
401 PEM_STRING_ECPRIVATEKEY,
402 bp,x,enc,kstr,klen,cb,u);
403}
404
405#ifndef OPENSSL_NO_FP_API
406int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
407 unsigned char *kstr, int klen,
408 pem_password_cb *cb, void *u)
409{
410 if (FIPS_mode())
411 {
412 EVP_PKEY *k;
413 int ret;
414 k = EVP_PKEY_new();
415 if (!k)
416 return 0;
417 EVP_PKEY_set1_EC_KEY(k, x);
418 ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
419 EVP_PKEY_free(k);
420 return ret;
421 }
422 else
423 return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
424 PEM_STRING_ECPRIVATEKEY,
425 fp,x,enc,kstr,klen,cb,u);
426}
427#endif
428
429#else
430
431IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) 276IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
432 277
433#endif
434
435IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) 278IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
436 279
437#ifndef OPENSSL_NO_FP_API 280#ifndef OPENSSL_NO_FP_API