summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_sigalgs.h
diff options
context:
space:
mode:
authorbeck <>2024-02-03 15:58:34 +0000
committerbeck <>2024-02-03 15:58:34 +0000
commitfeaf10d0a7eb5e59e69c058b10c91c45d2b1b0e3 (patch)
treedc1f0834366a35df8a6de61e2722798629d7c4c2 /src/lib/libssl/ssl_sigalgs.h
parenta931b9fe4c471545a30c6975c303fa27abc695af (diff)
downloadopenbsd-feaf10d0a7eb5e59e69c058b10c91c45d2b1b0e3.tar.gz
openbsd-feaf10d0a7eb5e59e69c058b10c91c45d2b1b0e3.tar.bz2
openbsd-feaf10d0a7eb5e59e69c058b10c91c45d2b1b0e3.zip
Remove GOST and STREEBOG support from libssl.
This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_sigalgs.h10
1 files changed, 1 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h
index 21a54d642b..5211ec6b62 100644
--- a/src/lib/libssl/ssl_sigalgs.h
+++ b/src/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sigalgs.h,v 1.26 2022/07/02 16:00:12 tb Exp $ */ 1/* $OpenBSD: ssl_sigalgs.h,v 1.27 2024/02/03 15:58:34 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -47,14 +47,6 @@ __BEGIN_HIDDEN_DECLS
47#define SIGALG_PRIVATE_START 0xFE00 47#define SIGALG_PRIVATE_START 0xFE00
48#define SIGALG_PRIVATE_END 0xFFFF 48#define SIGALG_PRIVATE_END 0xFFFF
49 49
50/*
51 * If Russia can elect the US President, surely
52 * IANA could fix this problem.
53 */
54#define SIGALG_GOSTR12_512_STREEBOG_512 0xEFEF
55#define SIGALG_GOSTR12_256_STREEBOG_256 0xEEEE
56#define SIGALG_GOSTR01_GOST94 0xEDED
57
58/* Legacy sigalg for < TLSv1.2 same value as BoringSSL uses. */ 50/* Legacy sigalg for < TLSv1.2 same value as BoringSSL uses. */
59#define SIGALG_RSA_PKCS1_MD5_SHA1 0xFF01 51#define SIGALG_RSA_PKCS1_MD5_SHA1 0xFF01
60 52
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 16:48:25 +0000