OpenSSL: Remove md5_vector() from CONFIG_FIPS=y builds
MD5 is not allowed in such builds, so comment out md5_vector() from the build to force compile time failures for cases that cannot be supported instead of failing the MD5 operations at runtime. This makes it easier to detect and fix accidental cases where MD5 could still be used in some older protocols. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
835c89a16b
commit
4a26972dfc
1 changed files with 2 additions and 0 deletions
|
@ -157,10 +157,12 @@ out:
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_FIPS
|
||||||
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
{
|
{
|
||||||
return openssl_digest_vector(EVP_md5(), num_elem, addr, len, mac);
|
return openssl_digest_vector(EVP_md5(), num_elem, addr, len, mac);
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_FIPS */
|
||||||
|
|
||||||
|
|
||||||
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
|
|
Loading…
Reference in a new issue