OpenSSL: Remove md4_vector() from CONFIG_FIPS=y builds

MD4 is not allowed in such builds, so comment out md4_vector() from the
build to force compile time failures for cases that cannot be supported
instead of failing the MD¤ operations at runtime. This makes it easier
to detect and fix accidental cases where MD4 could still be used in some
older protocols.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-01 21:06:03 +03:00
parent 4549607b04
commit e234c7c010

View file

@ -93,10 +93,12 @@ static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
} }
#ifndef CONFIG_FIPS
int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{ {
return openssl_digest_vector(EVP_md4(), num_elem, addr, len, mac); return openssl_digest_vector(EVP_md4(), num_elem, addr, len, mac);
} }
#endif /* CONFIG_FIPS */
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)