From 1f79baa55ee00c64372397292ab9c88b5c373d93 Mon Sep 17 00:00:00 2001
From: Pauli <ppzgs1@gmail.com>
Date: Tue, 16 Mar 2021 10:06:29 +1000
Subject: Remove TODOs from digest.c

They aren't relevant:
. Digest Sign isn't supported in the FIPS provider.
. Remove legacy NID use.

Fixes #14394
Fixes #14395

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14565)
---
 crypto/evp/digest.c | 10 ----------
 1 file changed, 10 deletions(-)

(limited to 'crypto/evp/digest.c')

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index dbbc44f046..d256cbe140 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -65,7 +65,6 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
         return 1;
 
 #ifndef FIPS_MODULE
-    /* TODO(3.0): Temporarily no support for EVP_DigestSign* in FIPS module */
     /*
      * pctx should be freed by the user of EVP_MD_CTX
      * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set
@@ -322,10 +321,6 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
  skip_to_init:
 #endif
 #ifndef FIPS_MODULE
-    /*
-     * TODO(3.0): Temporarily no support for EVP_DigestSign* inside FIPS module
-     * or when using providers.
-     */
     if (ctx->pctx != NULL
             && (!EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
                  || ctx->pctx->op.sig.signature == NULL)) {
@@ -541,7 +536,6 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
     /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
     EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
 #ifndef FIPS_MODULE
-    /* TODO(3.0): Temporarily no support for EVP_DigestSign* in FIPS module */
     if (in->pctx != NULL) {
         out->pctx = EVP_PKEY_CTX_dup(in->pctx);
         if (out->pctx == NULL) {
@@ -598,7 +592,6 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
     out->update = in->update;
 
 #ifndef FIPS_MODULE
-    /* TODO(3.0): Temporarily no support for EVP_DigestSign* in FIPS module */
     if (in->pctx) {
         out->pctx = EVP_PKEY_CTX_dup(in->pctx);
         if (!out->pctx) {
@@ -758,7 +751,6 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
     return NULL;
 }
 
-/* TODO(3.0): Remove legacy code below - only used by engines & DigestSign */
 int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
 {
     int ret = EVP_CTRL_RET_UNSUPPORTED;
@@ -834,7 +826,6 @@ EVP_MD *evp_md_new(void)
  * NIDs or any functionality that use them.
  */
 #ifndef FIPS_MODULE
-/* TODO(3.x) get rid of the need for legacy NIDs */
 static void set_legacy_nid(const char *name, void *vlegacy_nid)
 {
     int nid;
@@ -901,7 +892,6 @@ static void *evp_md_from_dispatch(int name_id,
     }
 
 #ifndef FIPS_MODULE
-    /* TODO(3.x) get rid of the need for legacy NIDs */
     md->type = NID_undef;
     if (!evp_names_do_all(prov, name_id, set_legacy_nid, &md->type)
             || md->type == -1) {
-- 
cgit v1.2.3