return 1;
}
-BLOCK_CIPHER_generic_pack(NID_aes,128,EVP_CIPH_FLAG_FIPS)
-BLOCK_CIPHER_generic_pack(NID_aes,192,EVP_CIPH_FLAG_FIPS)
-BLOCK_CIPHER_generic_pack(NID_aes,256,EVP_CIPH_FLAG_FIPS)
+BLOCK_CIPHER_generic_pack(NID_aes,128,0)
+BLOCK_CIPHER_generic_pack(NID_aes,192,0)
+BLOCK_CIPHER_generic_pack(NID_aes,256,0)
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
{
case EVP_CTRL_GCM_SET_IVLEN:
if (arg <= 0)
return 0;
-#ifdef OPENSSL_FIPS
- if (FIPS_module_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
- && arg < 12)
- return 0;
-#endif
/* Allocate memory for IV if needed */
if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen))
{
| EVP_CIPH_CUSTOM_COPY)
BLOCK_CIPHER_custom(NID_aes,128,1,12,gcm,GCM,
- EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+ EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
BLOCK_CIPHER_custom(NID_aes,192,1,12,gcm,GCM,
- EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+ EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM,
- EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+ EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
return 0;
if (!out || !in || len<AES_BLOCK_SIZE)
return 0;
-#ifdef OPENSSL_FIPS
- /* Requirement of SP800-38E */
- if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
- (len > (1UL<<20)*16))
- {
- EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
- return 0;
- }
-#endif
if (xctx->stream)
(*xctx->stream)(in, out, len,
xctx->xts.key1, xctx->xts.key2, ctx->iv);
| EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
| EVP_CIPH_CUSTOM_COPY)
-BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
-BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,XTS_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,XTS_FLAGS)
static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
#define aes_ccm_cleanup NULL
-BLOCK_CIPHER_custom(NID_aes,128,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes,192,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes,256,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,128,1,12,ccm,CCM,CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,192,1,12,ccm,CCM,CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,256,1,12,ccm,CCM,CUSTOM_FLAGS)
typedef struct
{
#define des_ede3_ecb_cipher des_ede_ecb_cipher
BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
- EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_DEFAULT_ASN1,
des_ede3_init_key, NULL, NULL, NULL,
des3_ctrl)
BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
- EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_DEFAULT_ASN1,
des_ede3_init_key, NULL, NULL, NULL,
des3_ctrl)
BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
- EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
+ EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_DEFAULT_ASN1,
des_ede3_init_key, NULL, NULL, NULL,
des3_ctrl)
#include <openssl/rsa.h>
#endif
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
-
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
init,
update,
final,
NID_sha224,
NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
init224,
update256,
final256,
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
init256,
update256,
final256,
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
init384,
update512,
final512,
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
init512,
update512,
final512,