commit 754106713fd349be267ec0dfe6f4f8a97c1b3cdb
author Alexandre Savard <alexandre.savard@savoirfairelinux.com> Wed Aug 08 09:50:01 2012 -0400
committer Alexandre Savard <alexandre.savard@savoirfairelinux.com> Wed Aug 08 09:50:01 2012 -0400
tree 767702dc681aea550f7c8c626e936e019981b7dc
parent ace91efcc58b8704c3e8e9c03e33afc1a59aecc3

#14465: Update openssl to tag android-4.0.4_r2.1

jni/openssl/crypto/dh/dh_key.c

diff --git a/jni/openssl/crypto/dh/dh_key.c b/jni/openssl/crypto/dh/dh_key.c
index 89a74db..e7db440 100644
--- a/jni/openssl/crypto/dh/dh_key.c
+++ b/jni/openssl/crypto/dh/dh_key.c
@@ -73,27 +73,11 @@
 
 int DH_generate_key(DH *dh)
 	{
-#ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
-			&& !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
-		{
-		DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
-		return 0;
-		}
-#endif
 	return dh->meth->generate_key(dh);
 	}
 
 int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	{
-#ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
-			&& !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
-		{
-		DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
-		return 0;
-		}
-#endif
 	return dh->meth->compute_key(key, pub_key, dh);
 	}
 
@@ -154,21 +138,8 @@
 
 	if (generate_new_key)
 		{
-		if (dh->q)
-			{
-			do
-				{
-				if (!BN_rand_range(priv_key, dh->q))
-					goto err;
-				}
-			while (BN_is_zero(priv_key) || BN_is_one(priv_key));
-			}
-		else
-			{
-			/* secret exponent length */
-			l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
-			if (!BN_rand(priv_key, l, 0, 0)) goto err;
-			}
+		l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
+		if (!BN_rand(priv_key, l, 0, 0)) goto err;
 		}
 
 	{