1 files changed, 1 insertions, 27 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index f59beb4320..9876e82a6f 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.48 2022/11/26 16:08:56 tb Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.49 2024/02/03 15:58:34 beck Exp $ */
 /*
 * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
@@ -41,14 +41,6 @@ const struct ssl_sigalg sigalgs[] = {
                .security_level = 5,
                .group_nid = NID_secp521r1,
        },
-#ifndef OPENSSL_NO_GOST
-        {
-                .value = SIGALG_GOSTR12_512_STREEBOG_512,
-                .key_type = EVP_PKEY_GOSTR12_512,
-                .md = EVP_streebog512,
-                .security_level = 0,
-        },
-#endif
        {
                .value = SIGALG_RSA_PKCS1_SHA384,
                .key_type = EVP_PKEY_RSA,
@@ -75,20 +67,6 @@ const struct ssl_sigalg sigalgs[] = {
                .security_level = 3,
                .group_nid = NID_X9_62_prime256v1,
        },
-#ifndef OPENSSL_NO_GOST
-        {
-                .value = SIGALG_GOSTR12_256_STREEBOG_256,
-                .key_type = EVP_PKEY_GOSTR12_256,
-                .md = EVP_streebog256,
-                .security_level = 0,
-        },
-        {
-                .value = SIGALG_GOSTR01_GOST94,
-                .key_type = EVP_PKEY_GOSTR01,
-                .md = EVP_gostr341194,
-                .security_level = 0, /* XXX */
-        },
-#endif
        {
                .value = SIGALG_RSA_PSS_RSAE_SHA256,
                .key_type = EVP_PKEY_RSA,
@@ -283,10 +261,6 @@ ssl_sigalg_for_legacy(SSL *s, EVP_PKEY *pkey)
                return ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
        case EVP_PKEY_EC:
                return ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
-#ifndef OPENSSL_NO_GOST
-        case EVP_PKEY_GOSTR01:
-                return ssl_sigalg_lookup(SIGALG_GOSTR01_GOST94);
-#endif
        }
        SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
        return NULL;

diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index f59beb4320..9876e82a6f 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sigalgs.c,v 1.48 2022/11/26 16:08:56 tb Exp $ */	1	/* $OpenBSD: ssl_sigalgs.c,v 1.49 2024/02/03 15:58:34 beck Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
4	* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>	4	* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
@@ -41,14 +41,6 @@ const struct ssl_sigalg sigalgs[] = {
41	.security_level = 5,	41	.security_level = 5,
42	.group_nid = NID_secp521r1,	42	.group_nid = NID_secp521r1,
43	},	43	},
44	#ifndef OPENSSL_NO_GOST
45	{
46	.value = SIGALG_GOSTR12_512_STREEBOG_512,
47	.key_type = EVP_PKEY_GOSTR12_512,
48	.md = EVP_streebog512,
49	.security_level = 0,
50	},
51	#endif
52	{	44	{
53	.value = SIGALG_RSA_PKCS1_SHA384,	45	.value = SIGALG_RSA_PKCS1_SHA384,
54	.key_type = EVP_PKEY_RSA,	46	.key_type = EVP_PKEY_RSA,
@@ -75,20 +67,6 @@ const struct ssl_sigalg sigalgs[] = {
75	.security_level = 3,	67	.security_level = 3,
76	.group_nid = NID_X9_62_prime256v1,	68	.group_nid = NID_X9_62_prime256v1,
77	},	69	},
78	#ifndef OPENSSL_NO_GOST
79	{
80	.value = SIGALG_GOSTR12_256_STREEBOG_256,
81	.key_type = EVP_PKEY_GOSTR12_256,
82	.md = EVP_streebog256,
83	.security_level = 0,
84	},
85	{
86	.value = SIGALG_GOSTR01_GOST94,
87	.key_type = EVP_PKEY_GOSTR01,
88	.md = EVP_gostr341194,
89	.security_level = 0, /* XXX */
90	},
91	#endif
92	{	70	{
93	.value = SIGALG_RSA_PSS_RSAE_SHA256,	71	.value = SIGALG_RSA_PSS_RSAE_SHA256,
94	.key_type = EVP_PKEY_RSA,	72	.key_type = EVP_PKEY_RSA,
@@ -283,10 +261,6 @@ ssl_sigalg_for_legacy(SSL s, EVP_PKEY pkey)
283	return ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);	261	return ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
284	case EVP_PKEY_EC:	262	case EVP_PKEY_EC:
285	return ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);	263	return ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
286	#ifndef OPENSSL_NO_GOST
287	case EVP_PKEY_GOSTR01:
288	return ssl_sigalg_lookup(SIGALG_GOSTR01_GOST94);
289	#endif
290	}	264	}
291	SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);	265	SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
292	return NULL;	266	return NULL;