diff options
| author | tb <> | 2022-01-14 08:38:06 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-14 08:38:06 +0000 |
| commit | d5bd2d64a9d8dacaf683f88f953d25c96a7009ff (patch) | |
| tree | c82726f940ee4796d12475c7295f11404867aae9 /src/lib/libcrypto/evp/m_sha1.c | |
| parent | 0264d15b2db8e92add54fc0b024d5430c53683d3 (diff) | |
| download | openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.tar.gz openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.tar.bz2 openbsd-d5bd2d64a9d8dacaf683f88f953d25c96a7009ff.zip | |
Remove legacy sign/verify from EVP_MD.
This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding
public API EVP_{dss,dss1,ecdsa}().
This is basically the following OpenSSL commit. The mentioned change in
RSA is already present in rsa/rsa_pmeth.c.
ok inoguchi jsing
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
Diffstat (limited to 'src/lib/libcrypto/evp/m_sha1.c')
| -rw-r--r-- | src/lib/libcrypto/evp/m_sha1.c | 47 |
1 files changed, 6 insertions, 41 deletions
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c index 396f00aa13..a6fb53641e 100644 --- a/src/lib/libcrypto/evp/m_sha1.c +++ b/src/lib/libcrypto/evp/m_sha1.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: m_sha1.c,v 1.18 2021/12/12 21:30:13 tb Exp $ */ | 1 | /* $OpenBSD: m_sha1.c,v 1.19 2022/01/14 08:38:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -94,19 +94,12 @@ static const EVP_MD sha1_md = { | |||
| 94 | .type = NID_sha1, | 94 | .type = NID_sha1, |
| 95 | .pkey_type = NID_sha1WithRSAEncryption, | 95 | .pkey_type = NID_sha1WithRSAEncryption, |
| 96 | .md_size = SHA_DIGEST_LENGTH, | 96 | .md_size = SHA_DIGEST_LENGTH, |
| 97 | .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, | 97 | .flags = EVP_MD_FLAG_DIGALGID_ABSENT, |
| 98 | .init = init, | 98 | .init = init, |
| 99 | .update = update, | 99 | .update = update, |
| 100 | .final = final, | 100 | .final = final, |
| 101 | .copy = NULL, | 101 | .copy = NULL, |
| 102 | .cleanup = NULL, | 102 | .cleanup = NULL, |
| 103 | #ifndef OPENSSL_NO_RSA | ||
| 104 | .sign = (evp_sign_method *)RSA_sign, | ||
| 105 | .verify = (evp_verify_method *)RSA_verify, | ||
| 106 | .required_pkey_type = { | ||
| 107 | EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, | ||
| 108 | }, | ||
| 109 | #endif | ||
| 110 | .block_size = SHA_CBLOCK, | 103 | .block_size = SHA_CBLOCK, |
| 111 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX), | 104 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX), |
| 112 | }; | 105 | }; |
| @@ -151,19 +144,12 @@ static const EVP_MD sha224_md = { | |||
| 151 | .type = NID_sha224, | 144 | .type = NID_sha224, |
| 152 | .pkey_type = NID_sha224WithRSAEncryption, | 145 | .pkey_type = NID_sha224WithRSAEncryption, |
| 153 | .md_size = SHA224_DIGEST_LENGTH, | 146 | .md_size = SHA224_DIGEST_LENGTH, |
| 154 | .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, | 147 | .flags = EVP_MD_FLAG_DIGALGID_ABSENT, |
| 155 | .init = init224, | 148 | .init = init224, |
| 156 | .update = update256, | 149 | .update = update256, |
| 157 | .final = final256, | 150 | .final = final256, |
| 158 | .copy = NULL, | 151 | .copy = NULL, |
| 159 | .cleanup = NULL, | 152 | .cleanup = NULL, |
| 160 | #ifndef OPENSSL_NO_RSA | ||
| 161 | .sign = (evp_sign_method *)RSA_sign, | ||
| 162 | .verify = (evp_verify_method *)RSA_verify, | ||
| 163 | .required_pkey_type = { | ||
| 164 | EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, | ||
| 165 | }, | ||
| 166 | #endif | ||
| 167 | .block_size = SHA256_CBLOCK, | 153 | .block_size = SHA256_CBLOCK, |
| 168 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), | 154 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), |
| 169 | }; | 155 | }; |
| @@ -178,19 +164,12 @@ static const EVP_MD sha256_md = { | |||
| 178 | .type = NID_sha256, | 164 | .type = NID_sha256, |
| 179 | .pkey_type = NID_sha256WithRSAEncryption, | 165 | .pkey_type = NID_sha256WithRSAEncryption, |
| 180 | .md_size = SHA256_DIGEST_LENGTH, | 166 | .md_size = SHA256_DIGEST_LENGTH, |
| 181 | .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, | 167 | .flags = EVP_MD_FLAG_DIGALGID_ABSENT, |
| 182 | .init = init256, | 168 | .init = init256, |
| 183 | .update = update256, | 169 | .update = update256, |
| 184 | .final = final256, | 170 | .final = final256, |
| 185 | .copy = NULL, | 171 | .copy = NULL, |
| 186 | .cleanup = NULL, | 172 | .cleanup = NULL, |
| 187 | #ifndef OPENSSL_NO_RSA | ||
| 188 | .sign = (evp_sign_method *)RSA_sign, | ||
| 189 | .verify = (evp_verify_method *)RSA_verify, | ||
| 190 | .required_pkey_type = { | ||
| 191 | EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, | ||
| 192 | }, | ||
| 193 | #endif | ||
| 194 | .block_size = SHA256_CBLOCK, | 173 | .block_size = SHA256_CBLOCK, |
| 195 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), | 174 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), |
| 196 | }; | 175 | }; |
| @@ -231,19 +210,12 @@ static const EVP_MD sha384_md = { | |||
| 231 | .type = NID_sha384, | 210 | .type = NID_sha384, |
| 232 | .pkey_type = NID_sha384WithRSAEncryption, | 211 | .pkey_type = NID_sha384WithRSAEncryption, |
| 233 | .md_size = SHA384_DIGEST_LENGTH, | 212 | .md_size = SHA384_DIGEST_LENGTH, |
| 234 | .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, | 213 | .flags = EVP_MD_FLAG_DIGALGID_ABSENT, |
| 235 | .init = init384, | 214 | .init = init384, |
| 236 | .update = update512, | 215 | .update = update512, |
| 237 | .final = final512, | 216 | .final = final512, |
| 238 | .copy = NULL, | 217 | .copy = NULL, |
| 239 | .cleanup = NULL, | 218 | .cleanup = NULL, |
| 240 | #ifndef OPENSSL_NO_RSA | ||
| 241 | .sign = (evp_sign_method *)RSA_sign, | ||
| 242 | .verify = (evp_verify_method *)RSA_verify, | ||
| 243 | .required_pkey_type = { | ||
| 244 | EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, | ||
| 245 | }, | ||
| 246 | #endif | ||
| 247 | .block_size = SHA512_CBLOCK, | 219 | .block_size = SHA512_CBLOCK, |
| 248 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), | 220 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), |
| 249 | }; | 221 | }; |
| @@ -258,19 +230,12 @@ static const EVP_MD sha512_md = { | |||
| 258 | .type = NID_sha512, | 230 | .type = NID_sha512, |
| 259 | .pkey_type = NID_sha512WithRSAEncryption, | 231 | .pkey_type = NID_sha512WithRSAEncryption, |
| 260 | .md_size = SHA512_DIGEST_LENGTH, | 232 | .md_size = SHA512_DIGEST_LENGTH, |
| 261 | .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, | 233 | .flags = EVP_MD_FLAG_DIGALGID_ABSENT, |
| 262 | .init = init512, | 234 | .init = init512, |
| 263 | .update = update512, | 235 | .update = update512, |
| 264 | .final = final512, | 236 | .final = final512, |
| 265 | .copy = NULL, | 237 | .copy = NULL, |
| 266 | .cleanup = NULL, | 238 | .cleanup = NULL, |
| 267 | #ifndef OPENSSL_NO_RSA | ||
| 268 | .sign = (evp_sign_method *)RSA_sign, | ||
| 269 | .verify = (evp_verify_method *)RSA_verify, | ||
| 270 | .required_pkey_type = { | ||
| 271 | EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, | ||
| 272 | }, | ||
| 273 | #endif | ||
| 274 | .block_size = SHA512_CBLOCK, | 239 | .block_size = SHA512_CBLOCK, |
| 275 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), | 240 | .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), |
| 276 | }; | 241 | }; |