diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-12-02 13:57:04 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-02 17:52:01 +0000 |
| commit | 7f572e958b13041056f377a62d3219633cfb1e8a (patch) | |
| tree | e25e20a9a52529c804812272317c7fbc03e5d978 /crypto/evp/p_sign.c | |
| parent | 0aca86b313d286be979629a3193a12e17bf7171a (diff) | |
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/evp/p_sign.c')
| -rw-r--r-- | crypto/evp/p_sign.c | 52 |
1 files changed, 15 insertions, 37 deletions
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index df507a5178..808d0de013 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -67,7 +67,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; - int i = 0, ok = 0, v = 0; + int i = 0; + size_t sltmp; EVP_PKEY_CTX *pkctx = NULL; *siglen = 0; @@ -86,43 +87,20 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, return 0; } - if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { - size_t sltmp = (size_t)EVP_PKEY_size(pkey); - i = 0; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); - if (pkctx == NULL) - goto err; - if (EVP_PKEY_sign_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) - goto err; - if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) - goto err; - *siglen = sltmp; - i = 1; + sltmp = (size_t)EVP_PKEY_size(pkey); + i = 0; + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (pkctx == NULL) + goto err; + if (EVP_PKEY_sign_init(pkctx) <= 0) + goto err; + if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) + goto err; + if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) + goto err; + *siglen = sltmp; + i = 1; err: EVP_PKEY_CTX_free(pkctx); return i; - } - - for (i = 0; i < 4; i++) { - v = ctx->digest->required_pkey_type[i]; - if (v == 0) - break; - if (pkey->type == v) { - ok = 1; - break; - } - } - if (!ok) { - EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); - return (0); - } - - if (ctx->digest->sign == NULL) { - EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED); - return (0); - } - return ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen, - pkey->pkey.ptr); } |