16 files changed, 4 insertions, 245 deletions

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 8ed79c3d55..3d2e7510cf 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -387,15 +387,7 @@ ssl23_client_hello(SSL *s)
                 } else if (version == TLS1_VERSION) {
                         version_major = TLS1_VERSION_MAJOR;
                         version_minor = TLS1_VERSION_MINOR;
-                }
-#ifdef OPENSSL_FIPS
-                else if (FIPS_mode()) {
-                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                        return -1;
-                }
-#endif
-                else if (version == SSL3_VERSION) {
+                } else if (version == SSL3_VERSION) {
                         version_major = SSL3_VERSION_MAJOR;
                         version_minor = SSL3_VERSION_MINOR;
                 } else if (version == SSL2_VERSION) {
@@ -671,13 +663,6 @@ ssl23_get_server_hello(SSL *s)
 
                 if ((p[2] == SSL3_VERSION_MINOR) &&
                     !(s->options & SSL_OP_NO_SSLv3)) {
-#ifdef OPENSSL_FIPS
-                        if (FIPS_mode()) {
-                                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-                                SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                                goto err;
-                        }
-#endif
                         s->version = SSL3_VERSION;
                         s->method = SSLv3_client_method();
                 } else if ((p[2] == TLS1_VERSION_MINOR) &&
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 2aad21e93c..ca95d4e636 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -115,9 +115,6 @@
 #include <openssl/rand.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
@@ -388,14 +385,6 @@ ssl23_get_client_hello(SSL *s)
                 }
         }
 
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && (s->version < TLS1_VERSION)) {
-                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-                    SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                goto err;
-        }
-#endif
-
         if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
                 /* we have SSLv3/TLSv1 in an SSLv2 header
                  * (other cases skip this state) */
diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c
index d6cc9b4771..964266e5b2 100644
--- a/src/lib/libssl/s3_cbc.c
+++ b/src/lib/libssl/s3_cbc.c
@@ -386,10 +386,6 @@ tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
 char
 ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
 {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-                return 0;
-#endif
         switch (EVP_MD_CTX_type(ctx)) {
         case NID_md5:
         case NID_sha1:
@@ -710,50 +706,3 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char* md_out,
                 *md_out_size = md_out_size_u;
         EVP_MD_CTX_cleanup(&md_ctx);
 }
-
-#ifdef OPENSSL_FIPS
-
-/* Due to the need to use EVP in FIPS mode we can't reimplement digests but
- * we can ensure the number of blocks processed is equal for all cases
- * by digesting additional data.
- */
-
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
-    EVP_MD_CTX *mac_ctx, const unsigned char *data, size_t data_len,
-    size_t orig_len)
-{
-        size_t block_size, digest_pad, blocks_data, blocks_orig;
-        if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
-                return;
-        block_size = EVP_MD_CTX_block_size(mac_ctx);
-        /* We are in FIPS mode if we get this far so we know we have only SHA*
-         * digests and TLS to deal with.
-         * Minimum digest padding length is 17 for SHA384/SHA512 and 9
-         * otherwise.
-         * Additional header is 13 bytes. To get the number of digest blocks
-         * processed round up the amount of data plus padding to the nearest
-         * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
-         * So we have:
-         * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
-         * equivalently:
-         * blocks = (payload_len + digest_pad + 12)/block_size + 1
-         * HMAC adds a constant overhead.
-         * We're ultimately only interested in differences so this becomes
-         * blocks = (payload_len + 29)/128
-         * for SHA384/SHA512 and
-         * blocks = (payload_len + 21)/64
-         * otherwise.
-         */
-        digest_pad = block_size == 64 ? 21 : 29;
-        blocks_orig = (orig_len + digest_pad)/block_size;
-        blocks_data = (data_len + digest_pad)/block_size;
-        /* MAC enough blocks to make up the difference between the original
-         * and actual lengths plus one extra block to ensure this is never a
-         * no op. The "data" pointer should always have enough space to
-         * perform this operation as it is large enough for a maximum
-         * length TLS buffer. 
-         */
-        EVP_DigestSignUpdate(mac_ctx, data,
-        (blocks_orig - blocks_data + 1) * block_size);
-}
-#endif
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index c1460266fe..88be294ab7 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -156,9 +156,6 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 8ed79c3d55..3d2e7510cf 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -387,15 +387,7 @@ ssl23_client_hello(SSL *s)
                 } else if (version == TLS1_VERSION) {
                         version_major = TLS1_VERSION_MAJOR;
                         version_minor = TLS1_VERSION_MINOR;
-                }
-#ifdef OPENSSL_FIPS
-                else if (FIPS_mode()) {
-                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                        return -1;
-                }
-#endif
-                else if (version == SSL3_VERSION) {
+                } else if (version == SSL3_VERSION) {
                         version_major = SSL3_VERSION_MAJOR;
                         version_minor = SSL3_VERSION_MINOR;
                 } else if (version == SSL2_VERSION) {
@@ -671,13 +663,6 @@ ssl23_get_server_hello(SSL *s)
 
                 if ((p[2] == SSL3_VERSION_MINOR) &&
                     !(s->options & SSL_OP_NO_SSLv3)) {
-#ifdef OPENSSL_FIPS
-                        if (FIPS_mode()) {
-                                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-                                SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                                goto err;
-                        }
-#endif
                         s->version = SSL3_VERSION;
                         s->method = SSLv3_client_method();
                 } else if ((p[2] == TLS1_VERSION_MINOR) &&
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 2aad21e93c..ca95d4e636 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -115,9 +115,6 @@
 #include <openssl/rand.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
@@ -388,14 +385,6 @@ ssl23_get_client_hello(SSL *s)
                 }
         }
 
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && (s->version < TLS1_VERSION)) {
-                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-                    SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                goto err;
-        }
-#endif
-
         if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
                 /* we have SSLv3/TLSv1 in an SSLv2 header
                  * (other cases skip this state) */
diff --git a/src/lib/libssl/src/ssl/s3_cbc.c b/src/lib/libssl/src/ssl/s3_cbc.c
index d6cc9b4771..964266e5b2 100644
--- a/src/lib/libssl/src/ssl/s3_cbc.c
+++ b/src/lib/libssl/src/ssl/s3_cbc.c
@@ -386,10 +386,6 @@ tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
 char
 ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
 {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-                return 0;
-#endif
         switch (EVP_MD_CTX_type(ctx)) {
         case NID_md5:
         case NID_sha1:
@@ -710,50 +706,3 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char* md_out,
                 *md_out_size = md_out_size_u;
         EVP_MD_CTX_cleanup(&md_ctx);
 }
-
-#ifdef OPENSSL_FIPS
-
-/* Due to the need to use EVP in FIPS mode we can't reimplement digests but
- * we can ensure the number of blocks processed is equal for all cases
- * by digesting additional data.
- */
-
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
-    EVP_MD_CTX *mac_ctx, const unsigned char *data, size_t data_len,
-    size_t orig_len)
-{
-        size_t block_size, digest_pad, blocks_data, blocks_orig;
-        if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
-                return;
-        block_size = EVP_MD_CTX_block_size(mac_ctx);
-        /* We are in FIPS mode if we get this far so we know we have only SHA*
-         * digests and TLS to deal with.
-         * Minimum digest padding length is 17 for SHA384/SHA512 and 9
-         * otherwise.
-         * Additional header is 13 bytes. To get the number of digest blocks
-         * processed round up the amount of data plus padding to the nearest
-         * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
-         * So we have:
-         * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
-         * equivalently:
-         * blocks = (payload_len + digest_pad + 12)/block_size + 1
-         * HMAC adds a constant overhead.
-         * We're ultimately only interested in differences so this becomes
-         * blocks = (payload_len + 29)/128
-         * for SHA384/SHA512 and
-         * blocks = (payload_len + 21)/64
-         * otherwise.
-         */
-        digest_pad = block_size == 64 ? 21 : 29;
-        blocks_orig = (orig_len + digest_pad)/block_size;
-        blocks_data = (data_len + digest_pad)/block_size;
-        /* MAC enough blocks to make up the difference between the original
-         * and actual lengths plus one extra block to ensure this is never a
-         * no op. The "data" pointer should always have enough space to
-         * perform this operation as it is large enough for a maximum
-         * length TLS buffer. 
-         */
-        EVP_DigestSignUpdate(mac_ctx, data,
-        (blocks_orig - blocks_data + 1) * block_size);
-}
-#endif
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index c1460266fe..88be294ab7 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -156,9 +156,6 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index 9ed5850e73..bfd40b3d11 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -591,12 +591,6 @@ ssl3_digest_cached_records(SSL *s)
         for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
                 if ((mask & ssl_get_algorithm2(s)) && md) {
                         s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
-#ifdef OPENSSL_FIPS
-                        if (EVP_MD_nid(md) == NID_md5) {
-                                EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
-                                EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-                        }
-#endif
                         EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL);
                         EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, hdatalen);
                 } else {
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
index ed2e78bdcc..ed5ac725a2 100644
--- a/src/lib/libssl/src/ssl/ssl_ciph.c
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -617,11 +617,6 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                         s->ssl_version < TLS1_VERSION)
                 return 1;
 
-#ifdef OPENSSL_FIPS
-                if (FIPS_mode())
-                        return 1;
-#endif
-
                 if (c->algorithm_enc == SSL_RC4 &&
                         c->algorithm_mac == SSL_MD5 &&
                 (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
@@ -798,9 +793,6 @@ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
                 c = ssl_method->get_cipher(i);
                 /* drop those that use any of that is not available */
                 if ((c != NULL) && c->valid &&
-#ifdef OPENSSL_FIPS
-                (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
-#endif
                 !(c->algorithm_mkey & disabled_mkey) &&
                 !(c->algorithm_auth & disabled_auth) &&
                 !(c->algorithm_enc & disabled_enc) &&
@@ -1461,12 +1453,7 @@ const char *rule_str)
          * to the resulting precedence to the STACK_OF(SSL_CIPHER).
          */
         for (curr = head; curr != NULL; curr = curr->next) {
-#ifdef OPENSSL_FIPS
-                if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
-#else
-                if (curr->active)
-#endif
-                {
+                if (curr->active) {
                         sk_SSL_CIPHER_push(cipherstack, curr->cipher);
 #ifdef CIPHER_DEBUG
                         printf("<%s>\n", curr->cipher->name);
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 98764b82aa..b5ba0f4aac 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1708,13 +1708,6 @@ SSL_CTX
                 return (NULL);
         }
 
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
-                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                return NULL;
-        }
-#endif
-
         if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
                 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
                 goto err;
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index 664147cb6a..ea236df44d 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -299,9 +299,6 @@ sv_usage(void)
 {
         fprintf(stderr, "usage: ssltest [args ...]\n");
         fprintf(stderr, "\n");
-#ifdef OPENSSL_FIPS
-        fprintf(stderr, "-F             - run test in FIPS mode\n");
-#endif
         fprintf(stderr, " -server_auth  - check server certificate\n");
         fprintf(stderr, " -client_auth  - do client authentication\n");
         fprintf(stderr, " -proxy        - allow proxy certificates\n");
@@ -526,9 +523,6 @@ main(int argc, char *argv[])
         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
 #endif
         int test_cipherlist = 0;
-#ifdef OPENSSL_FIPS
-        int fips_mode = 0;
-#endif
 
         verbose = 0;
         debug = 0;
@@ -558,12 +552,8 @@ main(int argc, char *argv[])
 
         while (argc >= 1) {
                 if (!strcmp(*argv, "-F")) {
-#ifdef OPENSSL_FIPS
-                        fips_mode = 1;
-#else
                         fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n");
                         exit(0);
-#endif
                 } else if (strcmp(*argv, "-server_auth") == 0)
                         server_auth = 1;
                 else if (strcmp(*argv, "-client_auth") == 0)
@@ -739,17 +729,6 @@ bad:
                 exit(1);
         }
 
-#ifdef OPENSSL_FIPS
-        if (fips_mode) {
-                if (!FIPS_mode_set(1)) {
-                        ERR_load_crypto_strings();
-                        ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
-                        exit(1);
-                } else
-                        fprintf(stderr, "*** IN FIPS MODE ***\n");
-        }
-#endif
-
         if (print_time) {
                 if (!bio_pair) {
                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index e59e883424..71d9f164b4 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -981,13 +981,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
                 EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
                 t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
                 OPENSSL_assert(t > 0);
-#ifdef OPENSSL_FIPS
-                if (!send && FIPS_mode())
-                        tls_fips_digest_extra(
-                ssl->enc_read_ctx,
-                mac_ctx, rec->input,
-                rec->length, orig_len);
-#endif
         }
 
         if (!stream_mac)
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index ed2e78bdcc..ed5ac725a2 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -617,11 +617,6 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                         s->ssl_version < TLS1_VERSION)
                 return 1;
 
-#ifdef OPENSSL_FIPS
-                if (FIPS_mode())
-                        return 1;
-#endif
-
                 if (c->algorithm_enc == SSL_RC4 &&
                         c->algorithm_mac == SSL_MD5 &&
                 (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
@@ -798,9 +793,6 @@ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
                 c = ssl_method->get_cipher(i);
                 /* drop those that use any of that is not available */
                 if ((c != NULL) && c->valid &&
-#ifdef OPENSSL_FIPS
-                (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
-#endif
                 !(c->algorithm_mkey & disabled_mkey) &&
                 !(c->algorithm_auth & disabled_auth) &&
                 !(c->algorithm_enc & disabled_enc) &&
@@ -1461,12 +1453,7 @@ const char *rule_str)
          * to the resulting precedence to the STACK_OF(SSL_CIPHER).
          */
         for (curr = head; curr != NULL; curr = curr->next) {
-#ifdef OPENSSL_FIPS
-                if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
-#else
-                if (curr->active)
-#endif
-                {
+                if (curr->active) {
                         sk_SSL_CIPHER_push(cipherstack, curr->cipher);
 #ifdef CIPHER_DEBUG
                         printf("<%s>\n", curr->cipher->name);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 98764b82aa..b5ba0f4aac 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1708,13 +1708,6 @@ SSL_CTX
                 return (NULL);
         }
 
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
-                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                return NULL;
-        }
-#endif
-
         if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
                 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
                 goto err;
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index e59e883424..71d9f164b4 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -981,13 +981,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
                 EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
                 t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
                 OPENSSL_assert(t > 0);
-#ifdef OPENSSL_FIPS
-                if (!send && FIPS_mode())
-                        tls_fips_digest_extra(
-                ssl->enc_read_ctx,
-                mac_ctx, rec->input,
-                rec->length, orig_len);
-#endif
         }
 
         if (!stream_mac)