OpenSSL: Remove md5_vector() from CONFIG_FIPS=y builds

MD5 is not allowed in such builds, so comment out md5_vector() from the
build to force compile time failures for cases that cannot be supported
instead of failing the MD5 operations at runtime. This makes it easier
to detect and fix accidental cases where MD5 could still be used in some
older protocols.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-01 16:53:55 +03:00
parent 835c89a16b
commit 4a26972dfc

View file

@ -157,10 +157,12 @@ out:
} }
#ifndef CONFIG_FIPS
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{ {
return openssl_digest_vector(EVP_md5(), num_elem, addr, len, mac); return openssl_digest_vector(EVP_md5(), num_elem, addr, len, mac);
} }
#endif /* CONFIG_FIPS */
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)