From fce8311caeb792d01855b9eb828dedf46a4d04d9 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 19 Oct 2014 01:06:56 +0100
Subject: [PATCH] remove FIPS module code from crypto/dsa

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 crypto/dsa/dsa.h      |  15 ------
 crypto/dsa/dsa_gen.c  | 105 ------------------------------------------
 crypto/dsa/dsa_key.c  |  43 -----------------
 crypto/dsa/dsa_ossl.c |  35 --------------
 4 files changed, 198 deletions(-)

diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index add452b27c..34d070421e 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -213,21 +213,6 @@ void	DSA_set_default_method(const DSA_METHOD *);
 const DSA_METHOD *DSA_get_default_method(void);
 int	DSA_set_method(DSA *dsa, const DSA_METHOD *);
 
-#ifdef OPENSSL_FIPS
-DSA *	FIPS_dsa_new(void);
-void	FIPS_dsa_free (DSA *r);
-DSA_SIG * FIPS_dsa_sign_digest(DSA *dsa, const unsigned char *dig, int dlen);
-DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx);
-int FIPS_dsa_verify_digest(DSA *dsa,
-				const unsigned char *dig, int dlen, DSA_SIG *s);
-int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s);
-int FIPS_dsa_verify(DSA *dsa, const unsigned char *msg, size_t msglen,
-			const EVP_MD *mhash, DSA_SIG *s);
-DSA_SIG * FIPS_dsa_sign(DSA *dsa, const unsigned char *msg, size_t msglen,
-			const EVP_MD *mhash);
-
-#endif
-
 DSA *	DSA_new(void);
 DSA *	DSA_new_method(ENGINE *engine);
 void	DSA_free (DSA *r);
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index aae860e194..a3725d5914 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -81,10 +81,6 @@
 #include <openssl/bn.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#include <openssl/fips_rand.h>
-#endif
 
 #include "dsa_locl.h"
 
@@ -134,21 +130,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
 	BN_CTX *ctx=NULL;
 	unsigned int h=2;
 
-#ifdef OPENSSL_FIPS
-	if(FIPS_selftest_failed())
-	    {
-	    FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN, FIPS_R_FIPS_SELFTEST_FAILED);
-	    goto err;
-	    }
-
-	if (FIPS_module_mode() && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW) 
-			&& (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
-		{
-		DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL);
-		goto err;
-		}
-#endif
-
 	if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
 	    qsize != SHA256_DIGEST_LENGTH)
 		/* invalid q size */
@@ -372,80 +353,6 @@ err:
 	return ok;
 	}
 
-#ifdef OPENSSL_FIPS
-
-/* Security strength of parameter values for (L,N): see FIPS186-3 4.2
- * and SP800-131A
- */
-
-
-static int fips_ffc_strength(size_t L, size_t N)
-	{
-	if (L >= 15360 && N >= 512)
-		return 256;
-	if (L >= 7680 && N >= 384)
-		return 192;
-	if (L >= 3072 && N >= 256)
-		return 128;
-	if (L >= 2048 && N >= 224)
-		return 112;
-	if (L >= 1024 && N >= 160)
-		return  80;
-	return 0;
-	}
-
-/* Valid DSA2 parameters from FIPS 186-3 */
-
-static int dsa2_valid_parameters(size_t L, size_t N)
-	{
-	if (L == 1024 && N == 160)
-		return 80;
-	if (L == 2048 && N == 224)
-		return 112;
-	if (L == 2048 && N == 256)
-		return 112;
-	if (L == 3072 && N == 256)
-		return 128;
-	return 0;
-	}
-
-int fips_check_dsa_prng(DSA *dsa, size_t L, size_t N)
-	{
-	int strength;
-	if (!FIPS_module_mode())
-		return 1;
-
-	if (dsa->flags & (DSA_FLAG_NON_FIPS_ALLOW|DSA_FLAG_FIPS_CHECKED))
-		return 1;
-
-	if (!L || !N)
-		{
-		L = BN_num_bits(dsa->p);
-		N = BN_num_bits(dsa->q);
-		}
-	if (!dsa2_valid_parameters(L, N))
-		{
-		FIPSerr(FIPS_F_FIPS_CHECK_DSA_PRNG, FIPS_R_INVALID_PARAMETERS);
-		return 0;
-		}
-
-	strength = fips_ffc_strength(L, N);
-
-	if (!strength)
-		{
-	    	FIPSerr(FIPS_F_FIPS_CHECK_DSA_PRNG,FIPS_R_KEY_TOO_SHORT);
-		return 0;
-		}
-
-	if (FIPS_rand_strength() >= strength)
-		return 1;
-
-	FIPSerr(FIPS_F_FIPS_CHECK_DSA_PRNG,FIPS_R_PRNG_STRENGTH_TOO_LOW);
-	return 0;
-
-	}
-#endif /* OPENSSL_FIPS */
-
 /* This is a parameter generation algorithm for the DSA2 algorithm as
  * described in FIPS 186-3.
  */
@@ -471,18 +378,6 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
 
 	EVP_MD_CTX_init(&mctx);
 
-#ifdef OPENSSL_FIPS
-	if(FIPS_selftest_failed())
-	    {
-	    FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN2,
-		    FIPS_R_FIPS_SELFTEST_FAILED);
-	    goto err;
-	    }
-
-	if (!fips_check_dsa_prng(ret, L, N))
-		goto err;
-#endif
-
 	if (evpmd == NULL)
 		{
 		if (N == 160)
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 0c47ac45b9..96f74c18fe 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -66,30 +66,6 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 
-#ifdef OPENSSL_FIPS
-
-#include <openssl/fips.h>
-#include <openssl/evp.h>
-
-static int fips_check_dsa(DSA *dsa)
-	{
-	EVP_PKEY pk;
-	unsigned char tbs[] = "DSA Pairwise Check Data";
-    	pk.type = EVP_PKEY_DSA;
-    	pk.pkey.dsa = dsa;
-
-	if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE,
-					&pk, tbs, 0, NULL, 0, NULL, 0, NULL))
-		{
-		FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
-		fips_set_selftest_fail();
-		return 0;
-		}
-	return 1;
-	}
-
-#endif
-
 static int dsa_builtin_keygen(DSA *dsa);
 
 int DSA_generate_key(DSA *dsa)
@@ -105,17 +81,6 @@ static int dsa_builtin_keygen(DSA *dsa)
 	BN_CTX *ctx=NULL;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
-#ifdef OPENSSL_FIPS
-	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
-		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
-		{
-		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
-		goto err;
-		}
-	if (!fips_check_dsa_prng(dsa, 0, 0))
-		goto err;
-#endif
-
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 
 	if (dsa->priv_key == NULL)
@@ -154,14 +119,6 @@ static int dsa_builtin_keygen(DSA *dsa)
 
 	dsa->priv_key=priv_key;
 	dsa->pub_key=pub_key;
-#ifdef OPENSSL_FIPS
-	if(!fips_check_dsa(dsa))
-		{
-		dsa->pub_key = NULL;
-		dsa->priv_key = NULL;
-	    	goto err;
-		}
-#endif
 	ok=1;
 
 err:
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 846e16275b..bec13541b9 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -67,9 +67,6 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
@@ -146,23 +143,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	DSA_SIG *ret=NULL;
 	int noredo = 0;
 
-#ifdef OPENSSL_FIPS
-	if(FIPS_selftest_failed())
-	    {
-	    FIPSerr(FIPS_F_DSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
-	    return NULL;
-	    }
-
-	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
-		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
-		{
-		DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL);
-		return NULL;
-		}
-	if (!fips_check_dsa_prng(dsa, 0, 0))
-		goto err;
-#endif
-
 	BN_init(&m);
 	BN_init(&xr);
 
@@ -372,21 +352,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		return -1;
 		}
 
-#ifdef OPENSSL_FIPS
-	if(FIPS_selftest_failed())
-	    {
-	    FIPSerr(FIPS_F_DSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
-	    return -1;
-	    }
-
-	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
-		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
-		{
-		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL);
-		return -1;
-		}
-#endif
-
 	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
 		{
 		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
-- 
2.40.0