Drop MD2 support
Patch partly from Guillaume Rousse
This commit is contained in:
Love Hornquist Astrand
@@ -13,7 +13,6 @@
|
||||
#include <openssl/des.h>
|
||||
#include <openssl/rc4.h>
|
||||
#include <openssl/rc2.h>
|
||||
#include <openssl/md2.h>
|
||||
#include <openssl/md4.h>
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/sha.h>
|
||||
@@ -39,7 +38,6 @@
|
||||
|
||||
#include <hcrypto/evp.h>
|
||||
#include <hcrypto/des.h>
|
||||
#include <hcrypto/md2.h>
|
||||
#include <hcrypto/md4.h>
|
||||
#include <hcrypto/md5.h>
|
||||
#include <hcrypto/sha.h>
|
||||
|
||||
@@ -149,11 +149,6 @@ const AlgorithmIdentifier _hx509_signature_md5_data = {
|
||||
{ 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid)
|
||||
};
|
||||
|
||||
static const unsigned md2_oid_tree[] = { 1, 2, 840, 113549, 2, 2 };
|
||||
const AlgorithmIdentifier _hx509_signature_md2_data = {
|
||||
{ 6, rk_UNCONST(md2_oid_tree) }, rk_UNCONST(&null_entry_oid)
|
||||
};
|
||||
|
||||
static const unsigned ecPublicKey[] ={ 1, 2, 840, 10045, 2, 1 };
|
||||
const AlgorithmIdentifier _hx509_signature_ecPublicKey = {
|
||||
{ 6, rk_UNCONST(ecPublicKey) }, NULL
|
||||
@@ -194,11 +189,6 @@ const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = {
|
||||
{ 7, rk_UNCONST(rsa_with_md5_oid) }, NULL
|
||||
};
|
||||
|
||||
static const unsigned rsa_with_md2_oid[] ={ 1, 2, 840, 113549, 1, 1, 2 };
|
||||
const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = {
|
||||
{ 7, rk_UNCONST(rsa_with_md2_oid) }, NULL
|
||||
};
|
||||
|
||||
static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 };
|
||||
const AlgorithmIdentifier _hx509_signature_rsa_data = {
|
||||
{ 7, rk_UNCONST(rsa_oid) }, NULL
|
||||
@@ -1290,19 +1280,6 @@ static const struct signature_alg rsa_with_md5_alg = {
|
||||
rsa_create_signature
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_md2_alg = {
|
||||
"rsa-with-md2",
|
||||
&asn1_oid_id_pkcs1_md2WithRSAEncryption,
|
||||
&_hx509_signature_rsa_with_md2_data,
|
||||
&asn1_oid_id_pkcs1_rsaEncryption,
|
||||
&_hx509_signature_md2_data,
|
||||
PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG,
|
||||
1230739889,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
};
|
||||
|
||||
static const struct signature_alg dsa_sha1_alg = {
|
||||
"dsa-with-sha1",
|
||||
&asn1_oid_id_dsa_with_sha1,
|
||||
@@ -1355,19 +1332,6 @@ static const struct signature_alg md5_alg = {
|
||||
NULL
|
||||
};
|
||||
|
||||
static const struct signature_alg md2_alg = {
|
||||
"rsa-md2",
|
||||
&asn1_oid_id_rsa_digest_md2,
|
||||
&_hx509_signature_md2_data,
|
||||
NULL,
|
||||
NULL,
|
||||
SIG_DIGEST,
|
||||
0,
|
||||
EVP_md2,
|
||||
evp_md_verify_signature,
|
||||
NULL
|
||||
};
|
||||
|
||||
/*
|
||||
* Order matter in this structure, "best" first for each "key
|
||||
* compatible" type (type is ECDSA, RSA, DSA, none, etc)
|
||||
@@ -1382,13 +1346,11 @@ static const struct signature_alg *sig_algs[] = {
|
||||
&rsa_with_sha1_alg,
|
||||
&pkcs1_rsa_sha1_alg,
|
||||
&rsa_with_md5_alg,
|
||||
&rsa_with_md2_alg,
|
||||
&heim_rsa_pkcs1_x509,
|
||||
&dsa_sha1_alg,
|
||||
&sha256_alg,
|
||||
&sha1_alg,
|
||||
&md5_alg,
|
||||
&md2_alg,
|
||||
NULL
|
||||
};
|
||||
|
||||
@@ -1844,10 +1806,6 @@ const AlgorithmIdentifier *
|
||||
hx509_signature_md5(void)
|
||||
{ return &_hx509_signature_md5_data; }
|
||||
|
||||
const AlgorithmIdentifier *
|
||||
hx509_signature_md2(void)
|
||||
{ return &_hx509_signature_md2_data; }
|
||||
|
||||
const AlgorithmIdentifier *
|
||||
hx509_signature_ecPublicKey(void)
|
||||
{ return &_hx509_signature_ecPublicKey; }
|
||||
@@ -1880,10 +1838,6 @@ const AlgorithmIdentifier *
|
||||
hx509_signature_rsa_with_md5(void)
|
||||
{ return &_hx509_signature_rsa_with_md5_data; }
|
||||
|
||||
const AlgorithmIdentifier *
|
||||
hx509_signature_rsa_with_md2(void)
|
||||
{ return &_hx509_signature_rsa_with_md2_data; }
|
||||
|
||||
const AlgorithmIdentifier *
|
||||
hx509_signature_rsa(void)
|
||||
{ return &_hx509_signature_rsa_data; }
|
||||
|
||||
@@ -1139,7 +1139,6 @@ p11_printinfo(hx509_context context,
|
||||
MECHNAME(CKM_SHA256, "sha256");
|
||||
MECHNAME(CKM_SHA_1, "sha1");
|
||||
MECHNAME(CKM_MD5, "md5");
|
||||
MECHNAME(CKM_MD2, "md2");
|
||||
MECHNAME(CKM_RIPEMD160, "ripemd-160");
|
||||
MECHNAME(CKM_DES_ECB, "des-ecb");
|
||||
MECHNAME(CKM_DES_CBC, "des-cbc");
|
||||
|
||||
@@ -198,10 +198,8 @@ EXPORTS
|
||||
hx509_revoke_verify
|
||||
hx509_set_error_string
|
||||
hx509_set_error_stringv
|
||||
hx509_signature_md2
|
||||
hx509_signature_md5
|
||||
hx509_signature_rsa
|
||||
hx509_signature_rsa_with_md2
|
||||
hx509_signature_rsa_with_md5
|
||||
hx509_signature_rsa_with_sha1
|
||||
hx509_signature_rsa_with_sha256
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
2.16.840.1.101.3.4.2.1
|
||||
1.3.14.3.2.26
|
||||
1.2.840.113549.2.5
|
||||
1.2.840.113549.2.2
|
||||
|
||||
@@ -201,10 +201,8 @@ HEIMDAL_X509_1.2 {
|
||||
hx509_revoke_verify;
|
||||
hx509_set_error_string;
|
||||
hx509_set_error_stringv;
|
||||
hx509_signature_md2;
|
||||
hx509_signature_md5;
|
||||
hx509_signature_rsa;
|
||||
hx509_signature_rsa_with_md2;
|
||||
hx509_signature_rsa_with_md5;
|
||||
hx509_signature_rsa_with_sha1;
|
||||
hx509_signature_rsa_with_sha256;
|
||||
|
||||
Reference in New Issue
Block a user