remove FIPS mode support. people who require FIPS can buy something that

meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
author: tedu <> 2014-04-15 20:06:10 +0000
committer: tedu <> 2014-04-15 20:06:10 +0000
commit: 3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree: 11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/rsa/rsa_crpt.c
parent: 4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download: openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip
1 files changed, 0 insertions, 32 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index d3e44785dc..7750366613 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -75,56 +75,24 @@ int RSA_size(const RSA *r)
 int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
             RSA *rsa, int padding)
        {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-                        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
-                {
-                RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-                return -1;
-                }
-#endif
        return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
        }
 int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
             RSA *rsa, int padding)
        {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-                        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
-                {
-                RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-                return -1;
-                }
-#endif
        return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
        }
 int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
             RSA *rsa, int padding)
        {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-                        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
-                {
-                RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-                return -1;
-                }
-#endif
        return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
        }
 int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
             RSA *rsa, int padding)
        {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-                        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
-                {
-                RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-                return -1;
-                }
-#endif
        return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
        }
author	tedu <>	2014-04-15 20:06:10 +0000
committer	tedu <>	2014-04-15 20:06:10 +0000
commit	3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree	11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/rsa/rsa_crpt.c
parent	4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download	openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2 openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip

diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c index d3e44785dc..7750366613 100644 --- a/src/lib/libcrypto/rsa/rsa_crpt.c +++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -75,56 +75,24 @@ int RSA_size(const RSA *r)
75	int RSA_public_encrypt(int flen, const unsigned char from, unsigned char to,	75	int RSA_public_encrypt(int flen, const unsigned char from, unsigned char to,
76	RSA *rsa, int padding)	76	RSA *rsa, int padding)
77	{	77	{
78	#ifdef OPENSSL_FIPS
79	if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
80	&& !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
81	{
82	RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
83	return -1;
84	}
85	#endif
86	return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));	78	return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
87	}	79	}
88		80
89	int RSA_private_encrypt(int flen, const unsigned char from, unsigned char to,	81	int RSA_private_encrypt(int flen, const unsigned char from, unsigned char to,
90	RSA *rsa, int padding)	82	RSA *rsa, int padding)
91	{	83	{
92	#ifdef OPENSSL_FIPS
93	if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
94	&& !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
95	{
96	RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
97	return -1;
98	}
99	#endif
100	return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));	84	return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
101	}	85	}
102		86
103	int RSA_private_decrypt(int flen, const unsigned char from, unsigned char to,	87	int RSA_private_decrypt(int flen, const unsigned char from, unsigned char to,
104	RSA *rsa, int padding)	88	RSA *rsa, int padding)
105	{	89	{
106	#ifdef OPENSSL_FIPS
107	if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
108	&& !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
109	{
110	RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
111	return -1;
112	}
113	#endif
114	return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));	90	return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
115	}	91	}
116		92
117	int RSA_public_decrypt(int flen, const unsigned char from, unsigned char to,	93	int RSA_public_decrypt(int flen, const unsigned char from, unsigned char to,
118	RSA *rsa, int padding)	94	RSA *rsa, int padding)
119	{	95	{
120	#ifdef OPENSSL_FIPS
121	if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
122	&& !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
123	{
124	RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
125	return -1;
126	}
127	#endif
128	return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));	96	return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
129	}	97	}
130		98