Excise AES-XTS FIPS check.

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9255)
author: Pauli <paul.dale@oracle.com> 2019-06-25 03:37:17 +1000
committer: Pauli <paul.dale@oracle.com> 2019-06-25 03:37:17 +1000
commit: 58ae5a47da1e4843b0cd1846eb297b341d0e7201 (patch)
tree: 9ac47e70f9319f1ac6ed04f826bc3cf3900c6cfb /crypto
parent: 915430a0a9b3602017689cdd65934b3582ea1e01 (diff)
1 files changed, 3 insertions, 14 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index e60d736b9c..e77ad5c616 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -59,12 +59,6 @@ typedef struct {
                     const unsigned char iv[16]);
 } EVP_AES_XTS_CTX;
 
-#ifdef FIPS_MODE
-static const int allow_insecure_decrypt = 0;
-#else
-static const int allow_insecure_decrypt = 1;
-#endif
-
 typedef struct {
     union {
         double align;
@@ -396,7 +390,6 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     if (key) {
         /* The key is two half length keys in reality */
         const int bytes = EVP_CIPHER_CTX_key_length(ctx) / 2;
-        const int bits = bytes * 8;
 
         /*
          * Verify that the two keys are different.
@@ -404,8 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
          * This addresses Rogaway's vulnerability.
          * See comment in aes_xts_init_key() below.
          */
-        if ((!allow_insecure_decrypt || enc)
-                && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+        if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
             EVPerr(EVP_F_AESNI_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
             return 0;
         }
@@ -825,8 +817,7 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
          * This addresses Rogaway's vulnerability.
          * See comment in aes_xts_init_key() below.
          */
-        if ((!allow_insecure_decrypt || enc)
-                && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+        if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
             EVPerr(EVP_F_AES_T4_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
             return 0;
         }
@@ -3360,7 +3351,6 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         do {
             /* The key is two half length keys in reality */
             const int bytes = EVP_CIPHER_CTX_key_length(ctx) / 2;
-            const int bits = bytes * 8;
 
             /*
              * Verify that the two keys are different.
@@ -3378,8 +3368,7 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
              *       BEFORE using the keys in the XTS-AES algorithm to process
              *       data with them."
              */
-            if ((!allow_insecure_decrypt || enc)
-                    && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+            if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
                 EVPerr(EVP_F_AES_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
                 return 0;
             }
author	Pauli <paul.dale@oracle.com>	2019-06-25 03:37:17 +1000
committer	Pauli <paul.dale@oracle.com>	2019-06-25 03:37:17 +1000
commit	58ae5a47da1e4843b0cd1846eb297b341d0e7201 (patch)
tree	9ac47e70f9319f1ac6ed04f826bc3cf3900c6cfb /crypto
parent	915430a0a9b3602017689cdd65934b3582ea1e01 (diff)