diff options
-rw-r--r-- | cipher/md.c | 22 | ||||
-rw-r--r-- | src/fips.c | 52 | ||||
-rw-r--r-- | src/g10lib.h | 3 | ||||
-rw-r--r-- | src/global.c | 12 |
4 files changed, 6 insertions, 83 deletions
diff --git a/cipher/md.c b/cipher/md.c index 5f1c05b4..428959b2 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1189,17 +1189,6 @@ _gcry_md_hash_buffer (int algo, void *digest, return; } - if (algo == GCRY_MD_MD5 && fips_mode ()) - { - _gcry_inactivate_fips_mode ("MD5 used"); - if (_gcry_enforced_fips_mode () ) - { - /* We should never get to here because we do not register - MD5 in enforced fips mode. */ - _gcry_fips_noreturn (); - } - } - if (spec->hash_buffers != NULL) { gcry_buffer_t iov; @@ -1271,17 +1260,6 @@ _gcry_md_hash_buffers_extract (int algo, unsigned int flags, void *digest, return GPG_ERR_DIGEST_ALGO; } - if (algo == GCRY_MD_MD5 && fips_mode ()) - { - _gcry_inactivate_fips_mode ("MD5 used"); - if (_gcry_enforced_fips_mode () ) - { - /* We should never get to here because we do not register - MD5 in enforced fips mode. */ - _gcry_fips_noreturn (); - } - } - if (spec->mdlen > 0 && digestlen != -1 && digestlen != spec->mdlen) return GPG_ERR_DIGEST_ALGO; if (spec->mdlen == 0 && digestlen == -1) @@ -61,11 +61,6 @@ int _gcry_no_fips_mode_required; /* Flag to indicate that we are in the enforced FIPS mode. */ static int enforced_fips_mode; -/* If this flag is set, the application may no longer assume that the - process is running in FIPS mode. This flag is protected by the - FSM_LOCK. */ -static int inactive_fips_mode; - /* This is the lock we use to protect the FSM. */ GPGRT_LOCK_DEFINE (fsm_lock); @@ -270,53 +265,6 @@ _gcry_set_enforced_fips_mode (void) enforced_fips_mode = 1; } -/* If we do not want to enforce the fips mode, we can set a flag so - that the application may check whether it is still in fips mode. - TEXT will be printed as part of a syslog message. This function - may only be be called if in fips mode. */ -void -_gcry_inactivate_fips_mode (const char *text) -{ - gcry_assert (fips_mode ()); - - if (_gcry_enforced_fips_mode () ) - { - /* Get us into the error state. */ - fips_signal_error (text); - return; - } - - lock_fsm (); - if (!inactive_fips_mode) - { - inactive_fips_mode = 1; - unlock_fsm (); -#ifdef HAVE_SYSLOG - syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " - "%s - FIPS mode inactivated", text); -#endif /*HAVE_SYSLOG*/ - } - else - unlock_fsm (); -} - - -/* Return the FIPS mode inactive flag. If it is true the FIPS mode is - not anymore active. */ -int -_gcry_is_fips_mode_inactive (void) -{ - int flag; - - if (!fips_mode ()) - return 0; - lock_fsm (); - flag = inactive_fips_mode; - unlock_fsm (); - return flag; -} - - static const char * state2str (enum module_states state) diff --git a/src/g10lib.h b/src/g10lib.h index ed908742..74de3653 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -439,9 +439,6 @@ int _gcry_enforced_fips_mode (void); void _gcry_set_enforced_fips_mode (void); -void _gcry_inactivate_fips_mode (const char *text); -int _gcry_is_fips_mode_inactive (void); - void _gcry_fips_signal_error (const char *srcfile, int srcline, diff --git a/src/global.c b/src/global.c index ffc62488..bebd0818 100644 --- a/src/global.c +++ b/src/global.c @@ -698,8 +698,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_FIPS_MODE_P: - if (fips_mode () - && !_gcry_is_fips_mode_inactive ()) + if (fips_mode ()) rc = GPG_ERR_GENERAL; /* Used as TRUE value */ break; @@ -862,10 +861,11 @@ _gcry_set_allocation_handler (gcry_handler_alloc_t new_alloc_func, if (fips_mode ()) { - /* We do not want to enforce the fips mode, but merely set a - flag so that the application may check whether it is still in - fips mode. */ - _gcry_inactivate_fips_mode ("custom allocation handler"); + /* In FIPS mode, we can not use custom allocation handlers because + * fips requires explicit zeroization and we can not guarantee that + * with custom free functions (and we can not do it transparently as + * in free we do not know the zize). */ + return; } alloc_func = new_alloc_func; |