6 files changed, 11 insertions, 54 deletions
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
index 7fb5254b62..e61c539812 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
+++ b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
@@ -238,7 +238,6 @@ void ERR_load_ECDSA_strings(void);
 /* Error codes for the ECDSA functions. */
 
 /* Function codes. */
-#define ECDSA_F_ECDSA_CHECK				 104
 #define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
 #define ECDSA_F_ECDSA_DO_SIGN				 101
 #define ECDSA_F_ECDSA_DO_VERIFY				 102
@@ -250,7 +249,6 @@ void ERR_load_ECDSA_strings(void);
 #define ECDSA_R_ERR_EC_LIB				 102
 #define ECDSA_R_MISSING_PARAMETERS			 103
 #define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
-#define ECDSA_R_NON_FIPS_METHOD				 107
 #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
 #define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
 
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
index 537bb30362..54cfb8c753 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
@@ -262,7 +262,6 @@ int x9_62_tests(BIO *out)
 		"3238135532097973577080787768312505059318910517550078427819"
 		"78505179448783"))
 		goto x962_err;
-#ifndef OPENSSL_NO_EC2M
 	if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
 		"87194383164871543355722284926904419997237591535066528048",
 		"308992691965804947361541664549085895292153777025772063598"))
@@ -273,7 +272,7 @@ int x9_62_tests(BIO *out)
 		"1970303740007316867383349976549972270528498040721988191026"
 		"49413465737174"))
 		goto x962_err;
-#endif
+
 	ret = 1;
 x962_err:
 	if (!restore_rand())
@@ -290,8 +289,7 @@ int test_builtin(BIO *out)
 	ECDSA_SIG	*ecdsa_sig = NULL;
 	unsigned char	digest[20], wrong_digest[20];
 	unsigned char	*signature = NULL;
-	const unsigned char	*sig_ptr;
-	unsigned char	*sig_ptr2;
+	unsigned char	*sig_ptr;
 	unsigned char	*raw_buf = NULL;
 	unsigned int	sig_len, degree, r_len, s_len, bn_len, buf_len;
 	int		nid, ret =  0;
@@ -466,8 +464,8 @@ int test_builtin(BIO *out)
 			(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
 			goto builtin_err;
 
-		sig_ptr2 = signature;
-		sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+		sig_ptr = signature;
+		sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
 		if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
 			{
 			BIO_printf(out, " failed\n");
@@ -479,8 +477,8 @@ int test_builtin(BIO *out)
 			(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
 			goto builtin_err;
 
-		sig_ptr2 = signature;
-		sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+		sig_ptr = signature;
+		sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
 		if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
 			{
 			BIO_printf(out, " failed\n");
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
index 81542e6d15..98e38d537f 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
@@ -1,6 +1,6 @@
 /* crypto/ecdsa/ecs_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -70,7 +70,6 @@
 
 static ERR_STRING_DATA ECDSA_str_functs[]=
 	{
-{ERR_FUNC(ECDSA_F_ECDSA_CHECK),	"ECDSA_CHECK"},
 {ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_NEW_METHOD"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),	"ECDSA_do_sign"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),	"ECDSA_do_verify"},
@@ -85,7 +84,6 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
 {ERR_REASON(ECDSA_R_ERR_EC_LIB)          ,"err ec lib"},
 {ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  ,"missing parameters"},
 {ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
-{ERR_REASON(ECDSA_R_NON_FIPS_METHOD)     ,"non fips method"},
 {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
 {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
 {0,NULL}
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
index 814a6bf404..2ebae3aa27 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
@@ -60,9 +60,6 @@
 #endif
 #include <openssl/err.h>
 #include <openssl/bn.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
 
@@ -80,16 +77,7 @@ void ECDSA_set_default_method(const ECDSA_METHOD *meth)
 const ECDSA_METHOD *ECDSA_get_default_method(void)
 {
 	if(!default_ECDSA_method) 
-		{
-#ifdef OPENSSL_FIPS
-		if (FIPS_mode())
-			return FIPS_ecdsa_openssl();
-		else
-			return ECDSA_OpenSSL();
-#else
 		default_ECDSA_method = ECDSA_OpenSSL();
-#endif
-		}
 	return default_ECDSA_method;
 }
 
@@ -200,26 +188,12 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
 		ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
 		if (ecdsa_data == NULL)
 			return NULL;
-		data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
-			   ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
-		if (data != NULL)
-			{
-			/* Another thread raced us to install the key_method
-			 * data and won. */
-			ecdsa_data_free(ecdsa_data);
-			ecdsa_data = (ECDSA_DATA *)data;
-			}
+		EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
+			ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
 	}
 	else
 		ecdsa_data = (ECDSA_DATA *)data;
-#ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
-			&& !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW))
-		{
-		ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
-		return NULL;
-		}
-#endif
+	
 
 	return ecdsa_data;
 }
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
index cb3be13cfc..3a69a840e2 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
@@ -82,14 +82,6 @@ struct ecdsa_method
 	char *app_data;
 	};
 
-/* If this flag is set the ECDSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define ECDSA_FLAG_FIPS_METHOD	0x1
-
 typedef struct ecdsa_data_st {
 	/* EC_KEY_METH_DATA part */
 	int (*init)(EC_KEY *);
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
index 7725935610..1bbf328de5 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
@@ -167,7 +167,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 				goto err;
 			}
 		}
-#ifndef OPENSSL_NO_EC2M
 		else /* NID_X9_62_characteristic_two_field */
 		{
 			if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -177,7 +176,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 				goto err;
 			}
 		}
-#endif
 		if (!BN_nnmod(r, X, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
@@ -456,7 +454,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 			goto err;
 		}
 	}
-#ifndef OPENSSL_NO_EC2M
 	else /* NID_X9_62_characteristic_two_field */
 	{
 		if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -466,7 +463,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 			goto err;
 		}
 	}
-#endif	
+	
 	if (!BN_nnmod(u1, X, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);