diff options
| author |   tedu <tedu@openbsd.org> | 2014-04-15 20:06:09 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-04-15 20:06:09 +0000 |
| commit | 68c0184592b044f3976f88a8512516f3a3780200 (patch) | |
| tree | 91f93963a9f8d67c5ab9bcc88fe6c0dfdbb5f400 /lib/libcrypto/rsa/rsa_crpt.c | |
| parent | Q: How would you like your lies, sir? (diff) | |
| download | wireguard-openbsd-68c0184592b044f3976f88a8512516f3a3780200.tar.xz wireguard-openbsd-68c0184592b044f3976f88a8512516f3a3780200.zip | |
remove FIPS mode support. people who require FIPS can buy something that
meets their needs, but dumping it in here only penalizes the rest of us.
ok beck deraadt
Diffstat (limited to 'lib/libcrypto/rsa/rsa_crpt.c')
| -rw-r--r-- | lib/libcrypto/rsa/rsa_crpt.c | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c index d3e44785dcf..7750366613b 100644 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ b/lib/libcrypto/rsa/rsa_crpt.c @@ -75,56 +75,24 @@ int RSA_size(const RSA *r) int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) - && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD); - return -1; - } -#endif return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); } int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) - && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD); - return -1; - } -#endif return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); } int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) - && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD); - return -1; - } -#endif return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); } int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) - && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) - { - RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD); - return -1; - } -#endif return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); } |