From d1a72a60fbd3d6dadffddba3c8b5d6caf10bfdb4 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Sat, 20 Jun 2015 01:07:25 +0000
Subject: Remove obsolete MDC-2DES from libcrypto.

ok deraadt@ jsing@ miod@
---
 src/lib/libcrypto/rsa/rsa_pmeth.c | 15 ++-------------
 src/lib/libcrypto/rsa/rsa_sign.c  | 17 +----------------
 2 files changed, 3 insertions(+), 29 deletions(-)

(limited to 'src/lib/libcrypto/rsa')

diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c
index 09166e105b..0b648138ee 100644
--- a/src/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -178,18 +178,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 			return -1;
 		}
 
-		if (EVP_MD_type(rctx->md) == NID_mdc2) {
-			unsigned int sltmp;
-
-			if (rctx->pad_mode != RSA_PKCS1_PADDING)
-				return -1;
-			ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen,
-			    sig, &sltmp, rsa);
-
-			if (ret <= 0)
-				return ret;
-			ret = sltmp;
-		} else if (rctx->pad_mode == RSA_X931_PADDING) {
+		if (rctx->pad_mode == RSA_X931_PADDING) {
 			if (!setup_tbuf(rctx, ctx))
 				return -1;
 			memcpy(rctx->tbuf, tbs, tbslen);
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index a446b563b3..09d8ef329d 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_sign.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.23 2015/06/20 01:07:25 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -180,21 +180,6 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
 	if (i <= 0)
 		goto err;
 
-	/*
-	 * Oddball MDC2 case: signature can be OCTET STRING.
-	 * check for correct tag and length octets.
-	 */
-	if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
-		if (rm) {
-			memcpy(rm, s + 2, 16);
-			*prm_len = 16;
-			ret = 1;
-		} else if (memcmp(m, s + 2, 16))
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-		else
-			ret = 1;
-	}
-
 	/* Special case: SSL signature */
 	if (dtype == NID_md5_sha1) {
 		if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH))
-- 
cgit v1.2.3-55-g6feb