diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-12-02 13:57:04 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-02 17:52:01 +0000 |
commit | 7f572e958b13041056f377a62d3219633cfb1e8a (patch) | |
tree | e25e20a9a52529c804812272317c7fbc03e5d978 /crypto/asn1/a_sign.c | |
parent | 0aca86b313d286be979629a3193a12e17bf7171a (diff) | |
download | openssl-7f572e958b13041056f377a62d3219633cfb1e8a.tar.gz |
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/asn1/a_sign.c')
-rw-r--r-- | crypto/asn1/a_sign.c | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index ab1959e812..18923b153e 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -260,17 +260,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, rv = 2; if (rv == 2) { - if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { - if (!pkey->ameth || - !OBJ_find_sigid_by_algs(&signid, - EVP_MD_nid(type), - pkey->ameth->pkey_id)) { - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, - ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - return 0; - } - } else - signid = type->pkey_type; + if (!pkey->ameth || + !OBJ_find_sigid_by_algs(&signid, + EVP_MD_nid(type), + pkey->ameth->pkey_id)) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, + ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + return 0; + } if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) paramtype = V_ASN1_NULL; |