Merge pull request #600 from ibmruntimes/revert-590-addFipsMode

Revert "FIPS Support for Linux x86 RHEL"

closed/make/CopyFiles.gmk

@@ -1,5 +1,5 @@
 # ===========================================================================
-# (c) Copyright IBM Corp. 2017, 2022 All Rights Reserved
+# (c) Copyright IBM Corp. 2017, 2020 All Rights Reserved
 # ===========================================================================
 # 
 # This code is free software; you can redistribute it and/or modify it
@@ -30,15 +30,3 @@ $(JDK_OUTPUTDIR)/include/ibmjvmti.h: $(SRC_ROOT)/openj9/runtime/include/ibmjvmti
  $(call install-file)
 
 COPY_FILES += $(JDK_OUTPUTDIR)/include/ibmjvmti.h
-
-# Copy the nss.fips.cfg only on x86 linux
-
-ifeq ($(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH), linux-x86)
- NSS_FIPS_CFG_SRC := $(TOPDIR)/closed/adds/jdk/src/share/conf/security/nss.fips.cfg
- NSS_FIPS_CFG_DST := $(JDK_OUTPUTDIR)/lib/security/nss.fips.cfg
-
- $(NSS_FIPS_CFG_DST) : $(NSS_FIPS_CFG_SRC)
- $(call install-file)
-
- COPY_FILES += $(NSS_FIPS_CFG_DST)
-endif

jdk/src/share/classes/java/security/SecureRandom.java

@@ -23,12 +23,6 @@
  * questions.
  */
 
-/*
- * ===========================================================================
- * (c) Copyright IBM Corp. 2022, 2022 All Rights Reserved
- * ===========================================================================
- */
-
 package java.security;
 
 import java.util.*;
@@ -40,8 +34,6 @@
 import sun.security.jca.GetInstance.Instance;
 import sun.security.util.Debug;
 
-import openj9.internal.security.FIPSConfigurator;
-
 /**
  * This class provides a cryptographically strong random number
  * generator (RNG).
@@ -199,23 +191,7 @@ public SecureRandom(byte seed[]) {
  }
 
  private void getDefaultPRNG(boolean setSeed, byte[] seed) {
- String prng;
-
- // If in FIPS mode, use the SecureRandom from the FIPS provider.
- if (FIPSConfigurator.enableFIPS()) {
- Provider p = Security.getProvider("SunPKCS11-NSS-FIPS");
- prng = "PKCS11";
- if (p == null) {
- throw new RuntimeException("could not find SunPKCS11-NSS-FIPS provider for FIPS mode");
- }
- Service prngService = p.getService("SecureRandom", prng);
- if (prngService == null) {
- throw new RuntimeException("could not find SecureRandom implementation from SunPKCS11-NSS-FIPS");
- }
- } else {
- prng = getPrngAlgorithm();
- }
-
+ String prng = getPrngAlgorithm();
  if (prng == null) {
  // bummer, get the SUN implementation
  prng = "SHA1PRNG";

jdk/src/share/classes/java/security/Security.java

@@ -23,12 +23,6 @@
  * questions.
  */
 
-/*
- * ===========================================================================
- * (c) Copyright IBM Corp. 2022, 2022 All Rights Reserved
- * ===========================================================================
- */
-
 package java.security;
 
 import java.lang.reflect.*;
@@ -41,8 +35,6 @@
 
 import sun.security.jca.*;
 
-import openj9.internal.security.FIPSConfigurator;
-
 /**
  * <p>This class centralizes all security properties and common security
  * methods. One of its primary uses is to manage providers.
@@ -195,17 +187,6 @@ private static void initialize() {
  }
  }
 
- // Load FIPS properties
- if (loadedProps) {
- boolean fipsEnabled = FIPSConfigurator.configureFIPS(props);
- if (sdebug != null) {
- if (fipsEnabled) {
- sdebug.println("FIPS mode enabled.");
- } else {
- sdebug.println("FIPS mode disabled.");
- }
- }
- }
  }
 
  /*