[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Wed Dec 2 17:52:14 UTC 2015
The branch master has been updated
via df04754be7a73cbe813cb58f2f7b42d8e3402c56 (commit)
via 7f572e958b13041056f377a62d3219633cfb1e8a (commit)
from 0aca86b313d286be979629a3193a12e17bf7171a (commit)
- Log -----------------------------------------------------------------
commit df04754be7a73cbe813cb58f2f7b42d8e3402c56
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Wed Dec 2 17:03:20 2015 +0000
make update
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/a_sign.c | 19 +++---
crypto/engine/eng_openssl.c | 1 -
crypto/evp/Makefile | 24 +------
crypto/evp/c_alld.c | 9 ---
crypto/evp/m_dss1.c | 102 ----------------------------
crypto/evp/m_ecdsa.c | 151 ------------------------------------------
crypto/evp/m_md4.c | 1 -
crypto/evp/m_md5.c | 1 -
crypto/evp/m_md5_sha1.c | 1 -
crypto/evp/m_mdc2.c | 1 -
crypto/evp/m_null.c | 1 -
crypto/evp/m_ripemd.c | 1 -
crypto/evp/m_sha1.c | 15 ++---
crypto/evp/m_wp.c | 1 -
crypto/evp/p_sign.c | 52 +++++----------
crypto/evp/p_verify.c | 47 ++++---------
crypto/rsa/rsa_pmeth.c | 27 +++++++-
doc/crypto/EVP_DigestInit.pod | 14 ++--
engines/ccgost/gost_crypt.c | 3 -
engines/ccgost/gost_md.c | 5 +-
engines/e_dasync.c | 3 +-
engines/e_ossltest.c | 13 ++--
include/openssl/evp.h | 61 -----------------
ssl/ssl_algs.c | 9 ---
test/ecdsatest.c | 2 +-
util/libeay.num | 4 +-
26 files changed, 80 insertions(+), 488 deletions(-)
delete mode 100644 crypto/evp/m_dss1.c
delete mode 100644 crypto/evp/m_ecdsa.c
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index ab1959e..18923b1 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -260,17 +260,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
rv = 2;
if (rv == 2) {
- if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- if (!pkey->ameth ||
- !OBJ_find_sigid_by_algs(&signid,
- EVP_MD_nid(type),
- pkey->ameth->pkey_id)) {
- ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
- ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
- return 0;
- }
- } else
- signid = type->pkey_type;
+ if (!pkey->ameth ||
+ !OBJ_find_sigid_by_algs(&signid,
+ EVP_MD_nid(type),
+ pkey->ameth->pkey_id)) {
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
+ ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+ return 0;
+ }
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
paramtype = V_ASN1_NULL;
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index 41754f7..ba9adf0 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -363,7 +363,6 @@ static const EVP_MD test_sha_md = {
test_sha1_final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
SHA_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA_CTX),
};
diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile
index c672296..ee0998d 100644
--- a/crypto/evp/Makefile
+++ b/crypto/evp/Makefile
@@ -20,7 +20,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
- m_md5_sha1.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+ m_md5_sha1.c m_mdc2.c m_ripemd.c \
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
@@ -33,7 +33,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
- m_md5_sha1.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+ m_md5_sha1.o m_mdc2.o m_ripemd.o \
p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
@@ -460,26 +460,6 @@ evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
evp_pkey.o: ../include/internal/asn1_int.h ../include/internal/cryptlib.h
evp_pkey.o: evp_pkey.c
-m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../include/internal/cryptlib.h m_dss1.c
-m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_ecdsa.o: ../include/internal/cryptlib.h m_ecdsa.c
m_md2.o: ../../e_os.h ../../include/openssl/bio.h
m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index 0c68bad..70e462d 100644
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -75,15 +75,6 @@ void OpenSSL_add_all_digests(void)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-# ifndef OPENSSL_NO_DSA
- EVP_add_digest(EVP_dss1());
- EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
- EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
- EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-# endif
-# ifndef OPENSSL_NO_EC
- EVP_add_digest(EVP_ecdsa());
-# endif
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
EVP_add_digest(EVP_mdc2());
#endif
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
deleted file mode 100644
index 77a10cf..0000000
--- a/crypto/evp/m_dss1.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-static int init(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dss1_md = {
- NID_dsa,
- NID_dsaWithSHA1,
- SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_PKEY_DIGEST,
- init,
- update,
- final,
- NULL,
- NULL,
- EVP_PKEY_NULL_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_dss1(void)
-{
- return (&dss1_md);
-}
diff --git a/crypto/evp/m_ecdsa.c b/crypto/evp/m_ecdsa.c
deleted file mode 100644
index 745752d..0000000
--- a/crypto/evp/m_ecdsa.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* crypto/evp/m_ecdsa.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-static int init(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ecdsa_md = {
- NID_ecdsa_with_SHA1,
- NID_ecdsa_with_SHA1,
- SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_PKEY_DIGEST,
- init,
- update,
- final,
- NULL,
- NULL,
- EVP_PKEY_NULL_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_ecdsa(void)
-{
- return (&ecdsa_md);
-}
diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c
index 2ef3023..80021b6 100644
--- a/crypto/evp/m_md4.c
+++ b/crypto/evp/m_md4.c
@@ -94,7 +94,6 @@ static const EVP_MD md4_md = {
final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
MD4_CBLOCK,
sizeof(EVP_MD *) + sizeof(MD4_CTX),
};
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
index cd021f5..4ada7d1 100644
--- a/crypto/evp/m_md5.c
+++ b/crypto/evp/m_md5.c
@@ -94,7 +94,6 @@ static const EVP_MD md5_md = {
final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
MD5_CBLOCK,
sizeof(EVP_MD *) + sizeof(MD5_CTX),
};
diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c
index 2504e95..22cd7ce 100644
--- a/crypto/evp/m_md5_sha1.c
+++ b/crypto/evp/m_md5_sha1.c
@@ -171,7 +171,6 @@ static const EVP_MD md5_sha1_md = {
final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
MD5_CBLOCK,
sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx),
ctrl
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
index 272d9cb..ffd1b0e 100644
--- a/crypto/evp/m_mdc2.c
+++ b/crypto/evp/m_mdc2.c
@@ -94,7 +94,6 @@ static const EVP_MD mdc2_md = {
final,
NULL,
NULL,
- EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
MDC2_BLOCK,
sizeof(EVP_MD *) + sizeof(MDC2_CTX),
};
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
index 7374e69..c91f6cb 100644
--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -87,7 +87,6 @@ static const EVP_MD null_md = {
final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
0,
sizeof(EVP_MD *),
};
diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c
index 30046c8..f1c745c 100644
--- a/crypto/evp/m_ripemd.c
+++ b/crypto/evp/m_ripemd.c
@@ -94,7 +94,6 @@ static const EVP_MD ripemd160_md = {
final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
RIPEMD160_CBLOCK,
sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
};
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index 42e986d..c913cae 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -139,13 +139,12 @@ static const EVP_MD sha1_md = {
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
init,
update,
final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA_CTX),
ctrl
@@ -185,13 +184,12 @@ static const EVP_MD sha224_md = {
NID_sha224,
NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
init224,
update256,
final256,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA256_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};
@@ -205,13 +203,12 @@ static const EVP_MD sha256_md = {
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
init256,
update256,
final256,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA256_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};
@@ -246,13 +243,12 @@ static const EVP_MD sha384_md = {
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
init384,
update512,
final512,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA512_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
@@ -266,13 +262,12 @@ static const EVP_MD sha512_md = {
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
init512,
update512,
final512,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA512_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
diff --git a/crypto/evp/m_wp.c b/crypto/evp/m_wp.c
index 76258b6..9ab3c62 100644
--- a/crypto/evp/m_wp.c
+++ b/crypto/evp/m_wp.c
@@ -35,7 +35,6 @@ static const EVP_MD whirlpool_md = {
final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
WHIRLPOOL_BBLOCK / 8,
sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
};
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index df507a5..808d0de 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -67,7 +67,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
- int i = 0, ok = 0, v = 0;
+ int i = 0;
+ size_t sltmp;
EVP_PKEY_CTX *pkctx = NULL;
*siglen = 0;
@@ -86,43 +87,20 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
return 0;
}
- if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- size_t sltmp = (size_t)EVP_PKEY_size(pkey);
- i = 0;
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (pkctx == NULL)
- goto err;
- if (EVP_PKEY_sign_init(pkctx) <= 0)
- goto err;
- if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
- goto err;
- if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
- goto err;
- *siglen = sltmp;
- i = 1;
+ sltmp = (size_t)EVP_PKEY_size(pkey);
+ i = 0;
+ pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (pkctx == NULL)
+ goto err;
+ if (EVP_PKEY_sign_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+ goto err;
+ *siglen = sltmp;
+ i = 1;
err:
EVP_PKEY_CTX_free(pkctx);
return i;
- }
-
- for (i = 0; i < 4; i++) {
- v = ctx->digest->required_pkey_type[i];
- if (v == 0)
- break;
- if (pkey->type == v) {
- ok = 1;
- break;
- }
- }
- if (!ok) {
- EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return (0);
- }
-
- if (ctx->digest->sign == NULL) {
- EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
- return (0);
- }
- return ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
- pkey->pkey.ptr);
}
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 892c646..9802dcc 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -67,7 +67,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
- int i = 0, ok = 0, v = 0;
+ int i = 0;
EVP_PKEY_CTX *pkctx = NULL;
if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
@@ -85,39 +85,16 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
return 0;
}
- if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- i = -1;
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (pkctx == NULL)
- goto err;
- if (EVP_PKEY_verify_init(pkctx) <= 0)
- goto err;
- if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
- goto err;
- i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+ i = -1;
+ pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (pkctx == NULL)
+ goto err;
+ if (EVP_PKEY_verify_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
err:
- EVP_PKEY_CTX_free(pkctx);
- return i;
- }
-
- for (i = 0; i < 4; i++) {
- v = ctx->digest->required_pkey_type[i];
- if (v == 0)
- break;
- if (pkey->type == v) {
- ok = 1;
- break;
- }
- }
- if (!ok) {
- EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return (-1);
- }
- if (ctx->digest->verify == NULL) {
- EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
- return (0);
- }
-
- return (ctx->digest->verify(ctx->digest->type, m, m_len,
- sigbuf, siglen, pkey->pkey.ptr));
+ EVP_PKEY_CTX_free(pkctx);
+ return i;
}
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index a2022bb..8c8e0e8 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -377,20 +377,43 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
static int check_padding_md(const EVP_MD *md, int padding)
{
+ int mdnid;
if (!md)
return 1;
+ mdnid = EVP_MD_type(md);
+
if (padding == RSA_NO_PADDING) {
RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
return 0;
}
if (padding == RSA_X931_PADDING) {
- if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
+ if (RSA_X931_hash_id(mdnid) == -1) {
RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST);
return 0;
}
- return 1;
+ } else {
+ switch(mdnid) {
+ /* List of all supported RSA digests */
+ case NID_sha1:
+ case NID_sha224:
+ case NID_sha256:
+ case NID_sha384:
+ case NID_sha512:
+ case NID_md5:
+ case NID_md5_sha1:
+ case NID_md2:
+ case NID_md4:
+ case NID_mdc2:
+ case NID_ripemd160:
+ return 1;
+
+ default:
+ RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_DIGEST);
+ return 0;
+
+ }
}
return 1;
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 1616309..cfb9e14 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -7,7 +7,7 @@ EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type,
EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1,
-EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss1, EVP_mdc2,
+EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_mdc2,
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
EVP digest routines
@@ -50,7 +50,6 @@ EVP digest routines
const EVP_MD *EVP_md2(void);
const EVP_MD *EVP_md5(void);
const EVP_MD *EVP_sha1(void);
- const EVP_MD *EVP_dss1(void);
const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void);
@@ -137,11 +136,6 @@ EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
and RIPEMD160 digest algorithms respectively.
-EVP_dss1() returns B<EVP_MD> an structure the SHA1 digest
-algorithm but using DSS (DSA) for the signature algorithm. Note: there is
-no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
-however retained for compatibility.
-
EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
returns is of zero length.
@@ -164,7 +158,7 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
EVP_MD_CTX_block_size() return the digest or block size in bytes.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
+EVP_mdc2() and EVP_ripemd160() return pointers to the
corresponding EVP_MD structures.
EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
@@ -261,7 +255,7 @@ L<evp(3)>
=head1 HISTORY
The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
-later, so now EVP_sha1() can be used with RSA and DSA; there is no need to
-use EVP_dss1() any more.
+later, so now EVP_sha1() can be used with RSA and DSA. The legacy EVP_dss1()
+was removed in OpenSSL 1.1.0
=cut
diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c
index e2a2ff6..fb066d9 100644
--- a/engines/ccgost/gost_crypt.c
+++ b/engines/ccgost/gost_crypt.c
@@ -95,9 +95,6 @@ EVP_MD imit_gost_cpa = {
gost_imit_final,
gost_imit_copy,
gost_imit_cleanup,
- NULL,
- NULL,
- {0, 0, 0, 0, 0},
8,
sizeof(struct ossl_gost_imit_ctx),
gost_imit_ctrl
diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c
index 1ccc6be..6c96a1b 100644
--- a/engines/ccgost/gost_md.c
+++ b/engines/ccgost/gost_md.c
@@ -23,15 +23,12 @@ EVP_MD digest_gost = {
NID_id_GostR3411_94,
NID_undef,
32,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ 0,
gost_digest_init,
gost_digest_update,
gost_digest_final,
gost_digest_copy,
gost_digest_cleanup,
- NULL,
- NULL,
- {NID_undef, NID_undef, 0, 0, 0},
32,
sizeof(struct ossl_gost_digest_ctx),
NULL
diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index 04f72a4..c31b43a 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -94,13 +94,12 @@ static const EVP_MD dasync_sha1 = {
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
dasync_sha1_init,
dasync_sha1_update,
dasync_sha1_final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA_CTX),
};
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
index b3b9bc0..94e53cd 100644
--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -107,7 +107,6 @@ static const EVP_MD digest_md5 = {
digest_md5_final,
NULL,
NULL,
- EVP_PKEY_RSA_method,
MD5_CBLOCK,
sizeof(EVP_MD *) + sizeof(MD5_CTX),
};
@@ -122,13 +121,12 @@ static const EVP_MD digest_sha1 = {
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
digest_sha1_init,
digest_sha1_update,
digest_sha1_final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA_CTX),
};
@@ -143,13 +141,12 @@ static const EVP_MD digest_sha256 = {
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
digest_sha256_init,
digest_sha256_update,
digest_sha256_final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA256_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};
@@ -166,13 +163,12 @@ static const EVP_MD digest_sha384 = {
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
digest_sha384_init,
digest_sha512_update,
digest_sha384_final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA512_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
@@ -181,13 +177,12 @@ static const EVP_MD digest_sha512 = {
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+ EVP_MD_FLAG_DIGALGID_ABSENT,
digest_sha512_init,
digest_sha512_update,
digest_sha512_final,
NULL,
NULL,
- EVP_PKEY_NULL_method,
SHA512_CBLOCK,
sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index c9659b3..910f39b 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -158,42 +158,15 @@ struct evp_md_st {
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
int (*cleanup) (EVP_MD_CTX *ctx);
- /* FIXME: prototype these some day */
- int (*sign) (int type, const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, void *key);
- int (*verify) (int type, const unsigned char *m, unsigned int m_length,
- const unsigned char *sigbuf, unsigned int siglen,
- void *key);
- int required_pkey_type[5]; /* EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
/* control function */
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
} /* EVP_MD */ ;
-typedef int evp_sign_method(int type, const unsigned char *m,
- unsigned int m_length, unsigned char *sigret,
- unsigned int *siglen, void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
- unsigned int m_length,
- const unsigned char *sigbuf,
- unsigned int siglen, void *key);
-
/* digest can only handle a single block */
# define EVP_MD_FLAG_ONESHOT 0x0001
-/*
- * digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc
- */
-# define EVP_MD_FLAG_PKEY_DIGEST 0x0002
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-# define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
-
/* DigestAlgorithmIdentifier flags... */
# define EVP_MD_FLAG_DIGALGID_MASK 0x0018
@@ -222,38 +195,6 @@ typedef int evp_verify_method(int type, const unsigned char *m,
# define EVP_MD_CTRL_ALG_CTRL 0x1000
-# define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
-
-# ifndef OPENSSL_NO_DSA
-# define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
- (evp_verify_method *)DSA_verify, \
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
- EVP_PKEY_DSA4,0}
-# else
-# define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
-# endif
-
-# ifndef OPENSSL_NO_EC
-# define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
- (evp_verify_method *)ECDSA_verify, \
- {EVP_PKEY_EC,0,0,0}
-# else
-# define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
-# endif
-
-# ifndef OPENSSL_NO_RSA
-# define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
- (evp_verify_method *)RSA_verify, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
- (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
- (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-# else
-# define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
-# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-# endif
-
# endif /* !EVP_MD */
struct evp_md_ctx_st {
@@ -772,8 +713,6 @@ const EVP_MD *EVP_md5(void);
const EVP_MD *EVP_md5_sha1(void);
# endif
const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void);
const EVP_MD *EVP_sha384(void);
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 9c12e19..9a7f155 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -121,15 +121,6 @@ int SSL_library_init(void)
EVP_add_digest(EVP_sha256());
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
-#if !defined(OPENSSL_NO_DSA)
- EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
- EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
- EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
- EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-#endif
-#ifndef OPENSSL_NO_EC
- EVP_add_digest(EVP_ecdsa());
-#endif
#ifndef OPENSSL_NO_COMP
/*
* This will initialise the built-in compression algorithms. The value
diff --git a/test/ecdsatest.c b/test/ecdsatest.c
index 9754869..d56836f 100644
--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -196,7 +196,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
EVP_MD_CTX_init(&md_ctx);
/* get the message digest */
- if (!EVP_DigestInit(&md_ctx, EVP_ecdsa())
+ if (!EVP_DigestInit(&md_ctx, EVP_sha1())
|| !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
|| !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
goto x962_int_err;
diff --git a/util/libeay.num b/util/libeay.num
index 4e2ac48..f6bbf06 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -302,7 +302,7 @@ EVP_des_ede_ofb 309 EXIST::FUNCTION:DES
EVP_des_ofb 310 EXIST::FUNCTION:DES
EVP_desx_cbc 311 EXIST::FUNCTION:DES
EVP_dss 312 NOEXIST::FUNCTION:
-EVP_dss1 313 EXIST::FUNCTION:DSA
+EVP_dss1 313 NOEXIST::FUNCTION:
EVP_enc_null 314 EXIST::FUNCTION:
EVP_get_cipherbyname 315 EXIST::FUNCTION:
EVP_get_digestbyname 316 EXIST::FUNCTION:
@@ -3320,7 +3320,7 @@ X509_policy_check 3720 EXIST::FUNCTION:
EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION:
STORE_set_ex_data 3722 NOEXIST::FUNCTION:
ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE
-EVP_ecdsa 3724 EXIST::FUNCTION:
+EVP_ecdsa 3724 NOEXIST::FUNCTION:
BN_BLINDING_get_flags 3725 EXIST::FUNCTION:
PKCS12_add_cert 3726 EXIST::FUNCTION:
STORE_OBJECT_new 3727 NOEXIST::FUNCTION:
More information about the openssl-commits
mailing list