Skip to content

Commit 7f572e9

Browse files
snhensonsnhenson
committed
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <[email protected]>
1 parent 0aca86b commit 7f572e9

25 files changed

Lines changed: 78 additions & 486 deletions

crypto/asn1/a_sign.c

Lines changed: 8 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -260,17 +260,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
260260
rv = 2;
261261

262262
if (rv == 2) {
263-
if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
264-
if (!pkey->ameth ||
265-
!OBJ_find_sigid_by_algs(&signid,
266-
EVP_MD_nid(type),
267-
pkey->ameth->pkey_id)) {
268-
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
269-
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
270-
return 0;
271-
}
272-
} else
273-
signid = type->pkey_type;
263+
if (!pkey->ameth ||
264+
!OBJ_find_sigid_by_algs(&signid,
265+
EVP_MD_nid(type),
266+
pkey->ameth->pkey_id)) {
267+
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
268+
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
269+
return 0;
270+
}
274271

275272
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
276273
paramtype = V_ASN1_NULL;

crypto/engine/eng_openssl.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -363,7 +363,6 @@ static const EVP_MD test_sha_md = {
363363
test_sha1_final,
364364
NULL,
365365
NULL,
366-
EVP_PKEY_RSA_method,
367366
SHA_CBLOCK,
368367
sizeof(EVP_MD *) + sizeof(SHA_CTX),
369368
};

crypto/evp/Makefile

Lines changed: 2 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
2020
e_rc4.c e_aes.c names.c e_seed.c \
2121
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
2222
m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
23-
m_md5_sha1.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
23+
m_md5_sha1.c m_mdc2.c m_ripemd.c \
2424
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
2525
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
2626
c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
@@ -33,7 +33,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
3333
e_rc4.o e_aes.o names.o e_seed.o \
3434
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
3535
m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
36-
m_md5_sha1.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
36+
m_md5_sha1.o m_mdc2.o m_ripemd.o \
3737
p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
3838
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
3939
c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
@@ -460,26 +460,6 @@ evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
460460
evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
461461
evp_pkey.o: ../include/internal/asn1_int.h ../include/internal/cryptlib.h
462462
evp_pkey.o: evp_pkey.c
463-
m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
464-
m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
465-
m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
466-
m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
467-
m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
468-
m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
469-
m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
470-
m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
471-
m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
472-
m_dss1.o: ../include/internal/cryptlib.h m_dss1.c
473-
m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
474-
m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
475-
m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
476-
m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
477-
m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
478-
m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
479-
m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
480-
m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
481-
m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
482-
m_ecdsa.o: ../include/internal/cryptlib.h m_ecdsa.c
483463
m_md2.o: ../../e_os.h ../../include/openssl/bio.h
484464
m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
485465
m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

crypto/evp/c_alld.c

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -75,15 +75,6 @@ void OpenSSL_add_all_digests(void)
7575
EVP_add_digest(EVP_sha1());
7676
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
7777
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
78-
# ifndef OPENSSL_NO_DSA
79-
EVP_add_digest(EVP_dss1());
80-
EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
81-
EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
82-
EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
83-
# endif
84-
# ifndef OPENSSL_NO_EC
85-
EVP_add_digest(EVP_ecdsa());
86-
# endif
8778
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
8879
EVP_add_digest(EVP_mdc2());
8980
#endif

crypto/evp/m_dss1.c

Lines changed: 0 additions & 102 deletions
This file was deleted.

crypto/evp/m_ecdsa.c

Lines changed: 0 additions & 151 deletions
This file was deleted.

crypto/evp/m_md4.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,6 @@ static const EVP_MD md4_md = {
9494
final,
9595
NULL,
9696
NULL,
97-
EVP_PKEY_RSA_method,
9897
MD4_CBLOCK,
9998
sizeof(EVP_MD *) + sizeof(MD4_CTX),
10099
};

crypto/evp/m_md5.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,6 @@ static const EVP_MD md5_md = {
9494
final,
9595
NULL,
9696
NULL,
97-
EVP_PKEY_RSA_method,
9897
MD5_CBLOCK,
9998
sizeof(EVP_MD *) + sizeof(MD5_CTX),
10099
};

crypto/evp/m_md5_sha1.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -171,7 +171,6 @@ static const EVP_MD md5_sha1_md = {
171171
final,
172172
NULL,
173173
NULL,
174-
EVP_PKEY_RSA_method,
175174
MD5_CBLOCK,
176175
sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx),
177176
ctrl

crypto/evp/m_mdc2.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,6 @@ static const EVP_MD mdc2_md = {
9494
final,
9595
NULL,
9696
NULL,
97-
EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
9897
MDC2_BLOCK,
9998
sizeof(EVP_MD *) + sizeof(MDC2_CTX),
10099
};

0 commit comments

Comments
 (0)