-# $OpenBSD: Makefile,v 1.70 2022/01/14 08:12:31 tb Exp $
+# $OpenBSD: Makefile,v 1.71 2022/01/14 08:38:05 tb Exp $
LIB= crypto
LIBREBUILD=y
SRCS+= e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c
SRCS+= e_rc4.c e_aes.c names.c
SRCS+= e_xcbc_d.c e_rc2.c e_cast.c
-SRCS+= m_null.c m_md4.c m_md5.c m_sha1.c m_sm3.c m_wp.c
-SRCS+= m_dss.c m_dss1.c m_ripemd.c m_ecdsa.c
+SRCS+= m_null.c m_md4.c m_md5.c m_ripemd.c m_sha1.c m_sm3.c m_wp.c
SRCS+= p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c
SRCS+= bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c
SRCS+= c_all.c evp_lib.c
-/* $OpenBSD: asn1_item.c,v 1.3 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: asn1_item.c,v 1.4 2022/01/14 08:38:05 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
rv = 2;
if (rv == 2) {
- if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- if (!pkey->ameth ||
- !OBJ_find_sigid_by_algs(&signid,
- EVP_MD_nid(type), pkey->ameth->pkey_id)) {
- ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
- return 0;
- }
- } else
- signid = type->pkey_type;
+ if (!pkey->ameth ||
+ !OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type),
+ pkey->ameth->pkey_id)) {
+ ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+ return 0;
+ }
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
paramtype = V_ASN1_NULL;
-/* $OpenBSD: c_all.c,v 1.26 2019/03/17 18:07:41 tb Exp $ */
+/* $OpenBSD: c_all.c,v 1.27 2022/01/14 08:38:05 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
EVP_add_digest_alias(SN_md5, "ssl3-md5");
#endif
-#if !defined(OPENSSL_NO_SHA)
-#ifndef OPENSSL_NO_DSA
- EVP_add_digest(EVP_dss());
-#endif
-#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-#ifndef OPENSSL_NO_DSA
- EVP_add_digest(EVP_dss1());
- EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
- EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
- EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-#endif
-#ifndef OPENSSL_NO_ECDSA
- EVP_add_digest(EVP_ecdsa());
-#endif
#endif
#ifndef OPENSSL_NO_GOST
-/* $OpenBSD: evp.h,v 1.98 2022/01/14 08:04:14 tb Exp $ */
+/* $OpenBSD: evp.h,v 1.99 2022/01/14 08:38:05 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
* block */
-#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc */
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
-
/* DigestAlgorithmIdentifier flags... */
#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
#define EVP_MD_CTRL_ALG_CTRL 0x1000
-#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
-
-#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
- (evp_verify_method *)DSA_verify, \
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
- EVP_PKEY_DSA4,0}
-#else
-#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
-#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
- (evp_verify_method *)ECDSA_verify, \
- {EVP_PKEY_EC,0,0,0}
-#else
-#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
-#endif
-
-#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
- (evp_verify_method *)RSA_verify, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
- (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
- (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
- {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#else
-#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#endif
-
#endif /* !EVP_MD */
/* values for EVP_MD_CTX flags */
#endif
#ifndef OPENSSL_NO_SHA
const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
#endif
#ifndef OPENSSL_NO_SHA256
const EVP_MD *EVP_sha224(void);
-/* $OpenBSD: evp_locl.h,v 1.21 2022/01/14 08:04:14 tb Exp $ */
+/* $OpenBSD: evp_locl.h,v 1.22 2022/01/14 08:38:05 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
int (*cleanup)(EVP_MD_CTX *ctx);
- evp_sign_method *sign;
- evp_verify_method *verify;
- int required_pkey_type[5]; /*EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
/* control function */
+++ /dev/null
-/* $OpenBSD: m_dss.c,v 1.17 2021/12/12 21:30:13 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#include "evp_locl.h"
-
-#ifndef OPENSSL_NO_SHA
-
-static int
-init(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dsa_md = {
- .type = NID_dsaWithSHA,
- .pkey_type = NID_dsaWithSHA,
- .md_size = SHA_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_DIGEST,
- .init = init,
- .update = update,
- .final = final,
- .copy = NULL,
- .cleanup = NULL,
-#ifndef OPENSSL_NO_DSA
- .sign = (evp_sign_method *)DSA_sign,
- .verify = (evp_verify_method *)DSA_verify,
- .required_pkey_type = {
- EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
- },
-#endif
- .block_size = SHA_CBLOCK,
- .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_dss(void)
-{
- return (&dsa_md);
-}
-#endif
+++ /dev/null
-/* $OpenBSD: m_dss1.c,v 1.17 2021/12/12 21:30:13 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_SHA
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#include "evp_locl.h"
-
-static int
-init(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dss1_md = {
- .type = NID_dsa,
- .pkey_type = NID_dsaWithSHA1,
- .md_size = SHA_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_DIGEST,
- .init = init,
- .update = update,
- .final = final,
- .copy = NULL,
- .cleanup = NULL,
-#ifndef OPENSSL_NO_DSA
- .sign = (evp_sign_method *)DSA_sign,
- .verify = (evp_verify_method *)DSA_verify,
- .required_pkey_type = {
- EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
- },
-#endif
- .block_size = SHA_CBLOCK,
- .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_dss1(void)
-{
- return (&dss1_md);
-}
-#endif
+++ /dev/null
-/* $OpenBSD: m_ecdsa.c,v 1.9 2021/12/12 21:30:13 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-#ifndef OPENSSL_NO_SHA
-
-static int
-init(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ecdsa_md = {
- .type = NID_ecdsa_with_SHA1,
- .pkey_type = NID_ecdsa_with_SHA1,
- .md_size = SHA_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_DIGEST,
- .init = init,
- .update = update,
- .final = final,
- .copy = NULL,
- .cleanup = NULL,
-#ifndef OPENSSL_NO_ECDSA
- .sign = (evp_sign_method *)ECDSA_sign,
- .verify = (evp_verify_method *)ECDSA_verify,
- .required_pkey_type = {
- EVP_PKEY_EC, 0, 0, 0,
- },
-#endif
- .block_size = SHA_CBLOCK,
- .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_ecdsa(void)
-{
- return (&ecdsa_md);
-}
-#endif
-/* $OpenBSD: m_gostr341194.c,v 1.3 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_gostr341194.c,v 1.4 2022/01/14 08:38:05 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
.type = NID_id_GostR3411_94,
.pkey_type = NID_undef,
.md_size = GOSTR341194_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ .flags = 0,
.init = gostr341194_init,
.update = gostr341194_update,
.final = gostr341194_final,
-/* $OpenBSD: m_md4.c,v 1.17 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_md4.c,v 1.18 2022/01/14 08:38:05 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.final = final,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = MD4_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX),
};
-/* $OpenBSD: m_md5.c,v 1.16 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_md5.c,v 1.17 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.final = final,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = MD5_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(MD5_CTX),
};
-/* $OpenBSD: m_md5_sha1.c,v 1.3 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_md5_sha1.c,v 1.4 2022/01/14 08:38:06 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
*
.final = md5_sha1_final,
.block_size = MD5_CBLOCK, /* MD5_CBLOCK == SHA_CBLOCK */
.ctx_size = sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx),
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
};
const EVP_MD *
-/* $OpenBSD: m_null.c,v 1.10 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_null.c,v 1.11 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.final = final,
.copy = NULL,
.cleanup = NULL,
- .sign = NULL,
- .verify = NULL,
- .required_pkey_type = {
- 0, 0, 0, 0,
- },
.block_size = 0,
.ctx_size = sizeof(EVP_MD *),
};
-/* $OpenBSD: m_ripemd.c,v 1.13 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_ripemd.c,v 1.14 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.final = final,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = RIPEMD160_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
};
-/* $OpenBSD: m_sha1.c,v 1.18 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_sha1.c,v 1.19 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.type = NID_sha1,
.pkey_type = NID_sha1WithRSAEncryption,
.md_size = SHA_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = init,
.update = update,
.final = final,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SHA_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
};
.type = NID_sha224,
.pkey_type = NID_sha224WithRSAEncryption,
.md_size = SHA224_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = init224,
.update = update256,
.final = final256,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SHA256_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};
.type = NID_sha256,
.pkey_type = NID_sha256WithRSAEncryption,
.md_size = SHA256_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = init256,
.update = update256,
.final = final256,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SHA256_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
};
.type = NID_sha384,
.pkey_type = NID_sha384WithRSAEncryption,
.md_size = SHA384_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = init384,
.update = update512,
.final = final512,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SHA512_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
.type = NID_sha512,
.pkey_type = NID_sha512WithRSAEncryption,
.md_size = SHA512_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = init512,
.update = update512,
.final = final512,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SHA512_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
};
-/* $OpenBSD: m_sm3.c,v 1.2 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_sm3.c,v 1.3 2022/01/14 08:38:06 tb Exp $ */
/*
* Copyright (c) 2018, Ribose Inc
*
.type = NID_sm3,
.pkey_type = NID_sm3WithRSAEncryption,
.md_size = SM3_DIGEST_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
+ .flags = EVP_MD_FLAG_DIGALGID_ABSENT,
.init = sm3_init,
.update = sm3_update,
.final = sm3_final,
.copy = NULL,
.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign,
- .verify = (evp_verify_method *)RSA_verify,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
.block_size = SM3_CBLOCK,
.ctx_size = sizeof(EVP_MD *) + sizeof(SM3_CTX),
};
-/* $OpenBSD: m_streebog.c,v 1.3 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_streebog.c,v 1.4 2022/01/14 08:38:06 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
.type = NID_id_tc26_gost3411_2012_256,
.pkey_type = NID_undef,
.md_size = STREEBOG256_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ .flags = 0,
.init = streebog_init256,
.update = streebog_update256,
.final = streebog_final256,
.type = NID_id_tc26_gost3411_2012_512,
.pkey_type = NID_undef,
.md_size = STREEBOG512_LENGTH,
- .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ .flags = 0,
.init = streebog_init512,
.update = streebog_update512,
.final = streebog_final512,
-/* $OpenBSD: m_wp.c,v 1.9 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_wp.c,v 1.10 2022/01/14 08:38:06 tb Exp $ */
#include <stdio.h>
.final = final,
.copy = NULL,
.cleanup = NULL,
- .sign = NULL,
- .verify = NULL,
- .required_pkey_type = {
- 0, 0, 0, 0,
- },
.block_size = WHIRLPOOL_BBLOCK / 8,
.ctx_size = sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
};
-/* $OpenBSD: p_sign.c,v 1.15 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_sign.c,v 1.16 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i = 0, ok = 0, v;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;
+ size_t sltmp;
+ int ret = 0;
*siglen = 0;
EVP_MD_CTX_init(&tmp_ctx);
goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
- if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- size_t sltmp = (size_t)EVP_PKEY_size(pkey);
- i = 0;
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!pkctx)
- goto err;
- if (EVP_PKEY_sign_init(pkctx) <= 0)
- goto err;
- if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
- goto err;
- if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
- goto err;
- *siglen = sltmp;
- i = 1;
-err:
- EVP_PKEY_CTX_free(pkctx);
- return i;
- }
+ sltmp = (size_t)EVP_PKEY_size(pkey);
- for (i = 0; i < 4; i++) {
- v = ctx->digest->required_pkey_type[i];
- if (v == 0)
- break;
- if (pkey->type == v) {
- ok = 1;
- break;
- }
- }
- if (!ok) {
- EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return (0);
- }
+ if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
+ goto err;
+ if (EVP_PKEY_sign_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+ goto err;
+ *siglen = sltmp;
+
+ ret = 1;
- if (ctx->digest->sign == NULL) {
- EVPerror(EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
- return (0);
- }
- return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
- pkey->pkey.ptr));
+ err:
+ EVP_PKEY_CTX_free(pkctx);
+ return ret;
}
-/* $OpenBSD: p_verify.c,v 1.14 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_verify.c,v 1.15 2022/01/14 08:38:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i = 0, ok = 0, v;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;
+ int ret = 0;
EVP_MD_CTX_init(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
- if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
- i = -1;
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!pkctx)
- goto err;
- if (EVP_PKEY_verify_init(pkctx) <= 0)
- goto err;
- if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
- goto err;
- i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
-err:
- EVP_PKEY_CTX_free(pkctx);
- return i;
- }
-
- for (i = 0; i < 4; i++) {
- v = ctx->digest->required_pkey_type[i];
- if (v == 0)
- break;
- if (pkey->type == v) {
- ok = 1;
- break;
- }
- }
- if (!ok) {
- EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);
- return (-1);
- }
- if (ctx->digest->verify == NULL) {
- EVPerror(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
- return (0);
- }
+ ret = -1;
+ if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL)
+ goto err;
+ if (EVP_PKEY_verify_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ ret = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
- return(ctx->digest->verify(ctx->digest->type, m, m_len,
- sigbuf, siglen, pkey->pkey.ptr));
+ err:
+ EVP_PKEY_CTX_free(pkctx);
+ return ret;
}
projects / openbsd / commitdiff