diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-10-19 01:11:59 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-12-08 13:25:38 +0000 |
commit | dbfbe10a1ffe6bf0ce53caf9814f624d1dd36276 (patch) | |
tree | ea0275866c6cd4a2ae9f71afe263fd974d866916 /crypto/ecdsa | |
parent | 1bfffe9bd013e73436fcaed0a8bf91f4e7f09560 (diff) |
remove FIPS module code from crypto/ecdsa
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/ecdsa')
-rw-r--r-- | crypto/ecdsa/ecdsa.h | 16 | ||||
-rw-r--r-- | crypto/ecdsa/ecs_ossl.c | 26 |
2 files changed, 0 insertions, 42 deletions
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 4f8197c334..28a4d1c847 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -228,22 +228,6 @@ int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); void *ECDSA_get_ex_data(EC_KEY *d, int idx); -#ifdef OPENSSL_FIPS -/* Standalone FIPS signature operations */ -ECDSA_SIG * FIPS_ecdsa_sign_digest(EC_KEY *key, - const unsigned char *dig, int dlen); -ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx); -int FIPS_ecdsa_verify_digest(EC_KEY *key, - const unsigned char *dig, int dlen, ECDSA_SIG *s); -int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s); -int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen, - const EVP_MD *mhash, ECDSA_SIG *s); -ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key, - const unsigned char *msg, size_t msglen, - const EVP_MD *mhash); -#endif - - /** Allocates and initialize a ECDSA_METHOD structure * \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL) * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index ec8e252342..af5d4c2468 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -144,11 +144,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, goto err; } -#ifdef OPENSSL_FIPS - if (!fips_check_ec_prng(eckey)) - goto err; -#endif - do { /* get random k */ @@ -289,14 +284,6 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA_DATA *ecdsa; const BIGNUM *priv_key; -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED); - return NULL; - } -#endif - ecdsa = ecdsa_check(eckey); group = EC_KEY_get0_group(eckey); priv_key = EC_KEY_get0_private_key(eckey); @@ -307,11 +294,6 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, return NULL; } -#ifdef OPENSSL_FIPS - if (!fips_check_ec_prng(eckey)) - return NULL; -#endif - ret = ECDSA_SIG_new(); if (!ret) { @@ -432,14 +414,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const EC_GROUP *group; const EC_POINT *pub_key; -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED); - return -1; - } -#endif - /* check input values */ if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) |