From f7d2427ac3404ce1ed555bf61885eeb0432b5789 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Tue, 15 Jun 2021 14:07:51 +1000
Subject: apps: remove AEAD/mode checks that are now redundant

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)
---
 apps/enc.c     | 14 +++-----------
 apps/genpkey.c | 11 ++---------
 2 files changed, 5 insertions(+), 20 deletions(-)

diff --git a/apps/enc.c b/apps/enc.c
index f136c3f8df..3dd6098563 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -300,14 +300,6 @@ int enc_main(int argc, char **argv)
         if (!opt_cipher(ciphername, &cipher))
             goto opthelp;
     }
-    if (cipher && EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-        BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
-        goto end;
-    }
-    if (cipher && (EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE)) {
-        BIO_printf(bio_err, "%s XTS ciphers not supported\n", prog);
-        goto end;
-    }
     if (digestname != NULL) {
         if (!opt_md(digestname, &dgst))
             goto opthelp;
@@ -660,9 +652,9 @@ static void show_ciphers(const OBJ_NAME *name, void *arg)
 
     /* Filter out ciphers that we cannot use */
     cipher = EVP_get_cipherbyname(name->name);
-    if (cipher == NULL ||
-            (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 ||
-            EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE)
+    if (cipher == NULL
+            || (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0
+            || EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE)
         return;
 
     BIO_printf(dec->bio, "-%-25s", name->name);
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 5cde41b98b..d327bcab07 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -70,7 +70,7 @@ int genpkey_main(int argc, char **argv)
     EVP_CIPHER *cipher = NULL;
     OPTION_CHOICE o;
     int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0;
-    int private = 0, i, m;
+    int private = 0, i;
     OSSL_LIB_CTX *libctx = app_get0_libctx();
     STACK_OF(OPENSSL_STRING) *keyopt = NULL;
 
@@ -163,16 +163,9 @@ int genpkey_main(int argc, char **argv)
             goto end;
         }
     }
-    if (ciphername != NULL) {
+    if (ciphername != NULL)
         if (!opt_cipher(ciphername, &cipher) || do_param == 1)
             goto opthelp;
-        m = EVP_CIPHER_get_mode(cipher);
-        if (m == EVP_CIPH_GCM_MODE || m == EVP_CIPH_CCM_MODE
-                || m == EVP_CIPH_XTS_MODE || m == EVP_CIPH_OCB_MODE) {
-            BIO_printf(bio_err, "%s: cipher mode not supported\n", prog);
-            goto end;
-        }
-    }
 
     private = do_param ? 0 : 1;
 
-- 
cgit v1.2.3