From fce8311caeb792d01855b9eb828dedf46a4d04d9 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 19 Oct 2014 01:06:56 +0100 Subject: remove FIPS module code from crypto/dsa Reviewed-by: Tim Hudson --- crypto/dsa/dsa_ossl.c | 35 ----------------------------------- 1 file changed, 35 deletions(-) (limited to 'crypto/dsa/dsa_ossl.c') diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 846e16275b..bec13541b9 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -67,9 +67,6 @@ #include #include #include -#ifdef OPENSSL_FIPS -#include -#endif static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); @@ -146,23 +143,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) DSA_SIG *ret=NULL; int noredo = 0; -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED); - return NULL; - } - - if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) - && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) - { - DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL); - return NULL; - } - if (!fips_check_dsa_prng(dsa, 0, 0)) - goto err; -#endif - BN_init(&m); BN_init(&xr); @@ -372,21 +352,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, return -1; } -#ifdef OPENSSL_FIPS - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED); - return -1; - } - - if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) - && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) - { - DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); - return -1; - } -#endif - if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); -- cgit v1.2.3