diff options
| author | miod <> | 2014-04-15 20:19:57 +0000 |
|---|---|---|
| committer | miod <> | 2014-04-15 20:19:57 +0000 |
| commit | f6394a1bd8f61db79694977e8d0afdfd4e4ff1a1 (patch) | |
| tree | 3b957c0020405f9f6e90af181b1ebb5124c6e68a /src/lib/libcrypto/asn1/a_sign.c | |
| parent | 2125ec026993d82b51335463dc7fc5b899a4057a (diff) | |
| download | openbsd-f6394a1bd8f61db79694977e8d0afdfd4e4ff1a1.tar.gz openbsd-f6394a1bd8f61db79694977e8d0afdfd4e4ff1a1.tar.bz2 openbsd-f6394a1bd8f61db79694977e8d0afdfd4e4ff1a1.zip | |
The NO_ASN1_OLD define was introduced in 0.9.7, 8 years ago, to allow for
obsolete (and mostly internal) routines to be compiled out.
We don't expect any reasonable software to stick to these interfaces, so better
clean up the view and unifdef -DNO_ASN1_OLD.
The astute reader will notice the existence of NO_OLD_ASN1 which serves a
similar purpose, but is more entangled. Its time will come, soon.
Diffstat (limited to 'src/lib/libcrypto/asn1/a_sign.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/a_sign.c | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c index 7b4a193d6b..01b6292b65 100644 --- a/src/lib/libcrypto/asn1/a_sign.c +++ b/src/lib/libcrypto/asn1/a_sign.c | |||
| @@ -125,94 +125,6 @@ | |||
| 125 | #include <openssl/buffer.h> | 125 | #include <openssl/buffer.h> |
| 126 | #include "asn1_locl.h" | 126 | #include "asn1_locl.h" |
| 127 | 127 | ||
| 128 | #ifndef NO_ASN1_OLD | ||
| 129 | |||
| 130 | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, | ||
| 131 | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, | ||
| 132 | const EVP_MD *type) | ||
| 133 | { | ||
| 134 | EVP_MD_CTX ctx; | ||
| 135 | unsigned char *p,*buf_in=NULL,*buf_out=NULL; | ||
| 136 | int i,inl=0,outl=0,outll=0; | ||
| 137 | X509_ALGOR *a; | ||
| 138 | |||
| 139 | EVP_MD_CTX_init(&ctx); | ||
| 140 | for (i=0; i<2; i++) | ||
| 141 | { | ||
| 142 | if (i == 0) | ||
| 143 | a=algor1; | ||
| 144 | else | ||
| 145 | a=algor2; | ||
| 146 | if (a == NULL) continue; | ||
| 147 | if (type->pkey_type == NID_dsaWithSHA1) | ||
| 148 | { | ||
| 149 | /* special case: RFC 2459 tells us to omit 'parameters' | ||
| 150 | * with id-dsa-with-sha1 */ | ||
| 151 | ASN1_TYPE_free(a->parameter); | ||
| 152 | a->parameter = NULL; | ||
| 153 | } | ||
| 154 | else if ((a->parameter == NULL) || | ||
| 155 | (a->parameter->type != V_ASN1_NULL)) | ||
| 156 | { | ||
| 157 | ASN1_TYPE_free(a->parameter); | ||
| 158 | if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err; | ||
| 159 | a->parameter->type=V_ASN1_NULL; | ||
| 160 | } | ||
| 161 | ASN1_OBJECT_free(a->algorithm); | ||
| 162 | a->algorithm=OBJ_nid2obj(type->pkey_type); | ||
| 163 | if (a->algorithm == NULL) | ||
| 164 | { | ||
| 165 | ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); | ||
| 166 | goto err; | ||
| 167 | } | ||
| 168 | if (a->algorithm->length == 0) | ||
| 169 | { | ||
| 170 | ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | ||
| 171 | goto err; | ||
| 172 | } | ||
| 173 | } | ||
| 174 | inl=i2d(data,NULL); | ||
| 175 | buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl); | ||
| 176 | outll=outl=EVP_PKEY_size(pkey); | ||
| 177 | buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl); | ||
| 178 | if ((buf_in == NULL) || (buf_out == NULL)) | ||
| 179 | { | ||
| 180 | outl=0; | ||
| 181 | ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); | ||
| 182 | goto err; | ||
| 183 | } | ||
| 184 | p=buf_in; | ||
| 185 | |||
| 186 | i2d(data,&p); | ||
| 187 | if (!EVP_SignInit_ex(&ctx,type, NULL) | ||
| 188 | || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl) | ||
| 189 | || !EVP_SignFinal(&ctx,(unsigned char *)buf_out, | ||
| 190 | (unsigned int *)&outl,pkey)) | ||
| 191 | { | ||
| 192 | outl=0; | ||
| 193 | ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); | ||
| 194 | goto err; | ||
| 195 | } | ||
| 196 | if (signature->data != NULL) OPENSSL_free(signature->data); | ||
| 197 | signature->data=buf_out; | ||
| 198 | buf_out=NULL; | ||
| 199 | signature->length=outl; | ||
| 200 | /* In the interests of compatibility, I'll make sure that | ||
| 201 | * the bit string has a 'not-used bits' value of 0 | ||
| 202 | */ | ||
| 203 | signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | ||
| 204 | signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; | ||
| 205 | err: | ||
| 206 | EVP_MD_CTX_cleanup(&ctx); | ||
| 207 | if (buf_in != NULL) | ||
| 208 | { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } | ||
| 209 | if (buf_out != NULL) | ||
| 210 | { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } | ||
| 211 | return(outl); | ||
| 212 | } | ||
| 213 | |||
| 214 | #endif | ||
| 215 | |||
| 216 | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | 128 | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, |
| 217 | ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, | 129 | ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, |
| 218 | const EVP_MD *type) | 130 | const EVP_MD *type) |