1 files changed, 1 insertions, 60 deletions
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
index 4d1dfac7f1..273bc5e3f8 100644
--- a/src/lib/libcrypto/crypto.h
+++ b/src/lib/libcrypto/crypto.h
@@ -128,9 +128,7 @@ extern "C" {
 #define CRYPTO_LOCK_ENGINE              30
 #define CRYPTO_LOCK_UI                  31
 #define CRYPTO_LOCK_HWCRHK              32 /* This is a HACK which will disappear in 0.9.8 */
-#define CRYPTO_LOCK_FIPS                33
+#define CRYPTO_NUM_LOCKS                33
-#define CRYPTO_LOCK_FIPS2               34
-#define CRYPTO_NUM_LOCKS                35
 #define CRYPTO_LOCK             1
 #define CRYPTO_UNLOCK           2
@@ -436,63 +434,6 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
 void OpenSSLDie(const char *file,int line,const char *assertion);
 #define OPENSSL_assert(e)       ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
-#ifdef OPENSSL_FIPS
-int FIPS_mode(void);
-void *FIPS_rand_check(void);
-#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
-                alg " previous FIPS forbidden algorithm error ignored");
-#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
-                #alg " Algorithm forbidden in FIPS mode");
-#ifdef OPENSSL_FIPS_STRICT
-#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
-#else
-#define FIPS_BAD_ALGORITHM(alg) \
-        { \
-        FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
-        ERR_add_error_data(2, "Algorithm=", #alg); \
-        return 0; \
-        }
-#endif
-/* Low level digest API blocking macro */
-#define FIPS_NON_FIPS_MD_Init(alg) \
-        int alg##_Init(alg##_CTX *c) \
-                { \
-                if (FIPS_mode()) \
-                        FIPS_BAD_ALGORITHM(alg) \
-                return private_##alg##_Init(c); \
-                } \
-        int private_##alg##_Init(alg##_CTX *c)
-/* For ciphers the API often varies from cipher to cipher and each needs to
- * be treated as a special case. Variable key length ciphers (Blowfish, RC4,
- * CAST) however are very similar and can use a blocking macro.
- */
-#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
-        void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \
-                { \
-                if (FIPS_mode()) \
-                        FIPS_BAD_ABORT(alg) \
-                private_##alg##_set_key(key, len, data); \
-                } \
-        void private_##alg##_set_key(alg##_KEY *key, int len, \
-                                        const unsigned char *data)
-#else
-#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
-        void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data)
-#define FIPS_NON_FIPS_MD_Init(alg) \
-        int alg##_Init(alg##_CTX *c) 
-#endif /* def OPENSSL_FIPS */
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
 * made after this point may be overwritten when the script is next run.

diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index 4d1dfac7f1..273bc5e3f8 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h
@@ -128,9 +128,7 @@ extern "C" {
128	#define CRYPTO_LOCK_ENGINE 30	128	#define CRYPTO_LOCK_ENGINE 30
129	#define CRYPTO_LOCK_UI 31	129	#define CRYPTO_LOCK_UI 31
130	#define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */	130	#define CRYPTO_LOCK_HWCRHK 32 /* This is a HACK which will disappear in 0.9.8 */
131	#define CRYPTO_LOCK_FIPS 33	131	#define CRYPTO_NUM_LOCKS 33
132	#define CRYPTO_LOCK_FIPS2 34
133	#define CRYPTO_NUM_LOCKS 35
134		132
135	#define CRYPTO_LOCK 1	133	#define CRYPTO_LOCK 1
136	#define CRYPTO_UNLOCK 2	134	#define CRYPTO_UNLOCK 2
@@ -436,63 +434,6 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
436	void OpenSSLDie(const char file,int line,const char assertion);	434	void OpenSSLDie(const char file,int line,const char assertion);
437	#define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))	435	#define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
438		436
439	#ifdef OPENSSL_FIPS
440	int FIPS_mode(void);
441	void *FIPS_rand_check(void);
442
443	#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
444	alg " previous FIPS forbidden algorithm error ignored");
445
446	#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
447	#alg " Algorithm forbidden in FIPS mode");
448
449	#ifdef OPENSSL_FIPS_STRICT
450	#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
451	#else
452	#define FIPS_BAD_ALGORITHM(alg) \
453	{ \
454	FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
455	ERR_add_error_data(2, "Algorithm=", #alg); \
456	return 0; \
457	}
458	#endif
459
460	/* Low level digest API blocking macro */
461
462	#define FIPS_NON_FIPS_MD_Init(alg) \
463	int alg##_Init(alg##_CTX *c) \
464	{ \
465	if (FIPS_mode()) \
466	FIPS_BAD_ALGORITHM(alg) \
467	return private_##alg##_Init(c); \
468	} \
469	int private_##alg##_Init(alg##_CTX *c)
470
471	/* For ciphers the API often varies from cipher to cipher and each needs to
472	* be treated as a special case. Variable key length ciphers (Blowfish, RC4,
473	* CAST) however are very similar and can use a blocking macro.
474	*/
475
476	#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
477	void alg##_set_key(alg##_KEY key, int len, const unsigned char data) \
478	{ \
479	if (FIPS_mode()) \
480	FIPS_BAD_ABORT(alg) \
481	private_##alg##_set_key(key, len, data); \
482	} \
483	void private_##alg##_set_key(alg##_KEY *key, int len, \
484	const unsigned char *data)
485
486	#else
487
488	#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
489	void alg##_set_key(alg##_KEY key, int len, const unsigned char data)
490
491	#define FIPS_NON_FIPS_MD_Init(alg) \
492	int alg##_Init(alg##_CTX *c)
493
494	#endif /* def OPENSSL_FIPS */
495
496	/* BEGIN ERROR CODES */	437	/* BEGIN ERROR CODES */
497	/* The following lines are auto generated by the script mkerr.pl. Any changes	438	/* The following lines are auto generated by the script mkerr.pl. Any changes
498	* made after this point may be overwritten when the script is next run.	439	* made after this point may be overwritten when the script is next run.