Remove FIPS module code from crypto/dh

Reviewed-by: Tim Hudson <tjh@openssl.org>

1 files changed, 0 insertions, 26 deletions

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index e296f453bb..cfe365c6ea 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -63,9 +63,6 @@
 #include <openssl/bn.h>
 #include <openssl/rand.h>
 #include <openssl/dh.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 static int generate_key(DH *dh);
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
@@ -127,14 +124,6 @@ static int generate_key(DH *dh)
 	BN_MONT_CTX *mont=NULL;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
-#ifdef OPENSSL_FIPS
-	if (FIPS_module_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
-		{
-		DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
-		return 0;
-		}
-#endif
-
 	ctx = BN_CTX_new();
 	if (ctx == NULL) goto err;
 
@@ -226,14 +215,6 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 		goto err;
 		}
 
-#ifdef OPENSSL_FIPS
-	if (FIPS_module_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
-		{
-		DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
-		goto err;
-		}
-#endif
-
 	ctx = BN_CTX_new();
 	if (ctx == NULL) goto err;
 	BN_CTX_start(ctx);
@@ -300,13 +281,6 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
 
 static int dh_init(DH *dh)
 	{
-#ifdef OPENSSL_FIPS
-	if(FIPS_selftest_failed())
-		{
-		FIPSerr(FIPS_F_DH_INIT,FIPS_R_FIPS_SELFTEST_FAILED);
-		return 0;
-		}
-#endif
 	dh->flags |= DH_FLAG_CACHE_MONT_P;
 	return(1);
 	}