diff options
| author | tb <> | 2022-01-14 08:38:06 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-14 08:38:06 +0000 |
| commit | d5bd2d64a9d8dacaf683f88f953d25c96a7009ff (patch) | |
| tree | c82726f940ee4796d12475c7295f11404867aae9 /src/lib/libcrypto/asn1 | |
| parent | 0264d15b2db8e92add54fc0b024d5430c53683d3 (diff) | |
| download | openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.tar.gz openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.tar.bz2 openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.zip | |
Remove legacy sign/verify from EVP_MD.
This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding
public API EVP_{dss,dss1,ecdsa}().
This is basically the following OpenSSL commit. The mentioned change in
RSA is already present in rsa/rsa_pmeth.c.
ok inoguchi jsing
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
Diffstat (limited to 'src/lib/libcrypto/asn1')
| -rw-r--r-- | src/lib/libcrypto/asn1/asn1_item.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/src/lib/libcrypto/asn1/asn1_item.c b/src/lib/libcrypto/asn1/asn1_item.c index 7dad8e0df1..108f272b8c 100644 --- a/src/lib/libcrypto/asn1/asn1_item.c +++ b/src/lib/libcrypto/asn1/asn1_item.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_item.c,v 1.3 2021/12/25 13:17:48 jsing Exp $ */ | 1 | /* $OpenBSD: asn1_item.c,v 1.4 2022/01/14 08:38:05 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -265,15 +265,12 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 265 | rv = 2; | 265 | rv = 2; |
| 266 | 266 | ||
| 267 | if (rv == 2) { | 267 | if (rv == 2) { |
| 268 | if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { | 268 | if (!pkey->ameth || |
| 269 | if (!pkey->ameth || | 269 | !OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), |
| 270 | !OBJ_find_sigid_by_algs(&signid, | 270 | pkey->ameth->pkey_id)) { |
| 271 | EVP_MD_nid(type), pkey->ameth->pkey_id)) { | 271 | ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
| 272 | ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); | 272 | return 0; |
| 273 | return 0; | 273 | } |
| 274 | } | ||
| 275 | } else | ||
| 276 | signid = type->pkey_type; | ||
| 277 | 274 | ||
| 278 | if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) | 275 | if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) |
| 279 | paramtype = V_ASN1_NULL; | 276 | paramtype = V_ASN1_NULL; |