From bec15f210923f7b408232748c0d81fb4d524d21f Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 28 Jun 2004 20:33:35 +0000 Subject: [PATCH] Make sure the FIPS stuff is only really compiled when in FIPS mode. --- fips/dh/fips_dh_check.c | 6 ++++++ fips/dh/fips_dh_gen.c | 8 ++++++-- fips/dh/fips_dh_key.c | 8 ++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/fips/dh/fips_dh_check.c b/fips/dh/fips_dh_check.c index 5b9d8da58b..874920b466 100644 --- a/fips/dh/fips_dh_check.c +++ b/fips/dh/fips_dh_check.c @@ -58,8 +58,11 @@ #include #include +#ifndef OPENSSL_NO_DH #include +#ifdef OPENSSL_FIPS + /* Check that p is a safe prime and * if g is 2, 3 or 5, check that is is a suitable generator * where @@ -117,3 +120,6 @@ err: if (q != NULL) BN_free(q); return(ok); } + +#endif +#endif diff --git a/fips/dh/fips_dh_gen.c b/fips/dh/fips_dh_gen.c index db5b2910f4..09fbc4d53f 100644 --- a/fips/dh/fips_dh_gen.c +++ b/fips/dh/fips_dh_gen.c @@ -60,9 +60,14 @@ #include #include #include +#ifndef OPENSSL_NO_DH #include +#endif #include +#ifndef OPENSSL_NO_DH +#ifdef OPENSSL_FIPS + /* We generate DH parameters as follows * find a prime q which is prime_len/2 bits long. * p=(2*q)+1 or (p-1)/2 = q @@ -89,8 +94,6 @@ * order-q subgroup. */ -#ifdef OPENSSL_FIPS - DH *DH_generate_parameters(int prime_len, int generator, void (*callback)(int,int,void *), void *cb_arg) { @@ -180,3 +183,4 @@ err: } #endif +#endif diff --git a/fips/dh/fips_dh_key.c b/fips/dh/fips_dh_key.c index 447d5b3841..41e3a661c0 100644 --- a/fips/dh/fips_dh_key.c +++ b/fips/dh/fips_dh_key.c @@ -59,9 +59,14 @@ #include #include #include +#ifndef OPENSSL_NO_RAND #include +#endif +#ifndef OPENSSL_NO_DH #include +#ifdef OPENSSL_FIPS + static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -220,3 +225,6 @@ static int dh_finish(DH *dh) BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); return(1); } + +#endif +#endif -- 2.25.1