Drop MD2 support
Patch partly from Guillaume Rousse
This commit is contained in:
		| @@ -13,7 +13,6 @@ | |||||||
| #include <openssl/des.h> | #include <openssl/des.h> | ||||||
| #include <openssl/rc4.h> | #include <openssl/rc4.h> | ||||||
| #include <openssl/rc2.h> | #include <openssl/rc2.h> | ||||||
| #include <openssl/md2.h> |  | ||||||
| #include <openssl/md4.h> | #include <openssl/md4.h> | ||||||
| #include <openssl/md5.h> | #include <openssl/md5.h> | ||||||
| #include <openssl/sha.h> | #include <openssl/sha.h> | ||||||
| @@ -39,7 +38,6 @@ | |||||||
|  |  | ||||||
| #include <hcrypto/evp.h> | #include <hcrypto/evp.h> | ||||||
| #include <hcrypto/des.h> | #include <hcrypto/des.h> | ||||||
| #include <hcrypto/md2.h> |  | ||||||
| #include <hcrypto/md4.h> | #include <hcrypto/md4.h> | ||||||
| #include <hcrypto/md5.h> | #include <hcrypto/md5.h> | ||||||
| #include <hcrypto/sha.h> | #include <hcrypto/sha.h> | ||||||
|   | |||||||
| @@ -149,11 +149,6 @@ const AlgorithmIdentifier _hx509_signature_md5_data = { | |||||||
|     { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) |     { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) | ||||||
| }; | }; | ||||||
|  |  | ||||||
| static const unsigned md2_oid_tree[] = { 1, 2, 840, 113549, 2, 2 }; |  | ||||||
| const AlgorithmIdentifier _hx509_signature_md2_data = { |  | ||||||
|     { 6, rk_UNCONST(md2_oid_tree) }, rk_UNCONST(&null_entry_oid) |  | ||||||
| }; |  | ||||||
|  |  | ||||||
| static const unsigned ecPublicKey[] ={ 1, 2, 840, 10045, 2, 1 }; | static const unsigned ecPublicKey[] ={ 1, 2, 840, 10045, 2, 1 }; | ||||||
| const AlgorithmIdentifier _hx509_signature_ecPublicKey = { | const AlgorithmIdentifier _hx509_signature_ecPublicKey = { | ||||||
|     { 6, rk_UNCONST(ecPublicKey) }, NULL |     { 6, rk_UNCONST(ecPublicKey) }, NULL | ||||||
| @@ -194,11 +189,6 @@ const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { | |||||||
|     { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL |     { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL | ||||||
| }; | }; | ||||||
|  |  | ||||||
| static const unsigned rsa_with_md2_oid[] ={ 1, 2, 840, 113549, 1, 1, 2 }; |  | ||||||
| const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = { |  | ||||||
|     { 7, rk_UNCONST(rsa_with_md2_oid) }, NULL |  | ||||||
| }; |  | ||||||
|  |  | ||||||
| static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; | static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; | ||||||
| const AlgorithmIdentifier _hx509_signature_rsa_data = { | const AlgorithmIdentifier _hx509_signature_rsa_data = { | ||||||
|     { 7, rk_UNCONST(rsa_oid) }, NULL |     { 7, rk_UNCONST(rsa_oid) }, NULL | ||||||
| @@ -1290,19 +1280,6 @@ static const struct signature_alg rsa_with_md5_alg = { | |||||||
|     rsa_create_signature |     rsa_create_signature | ||||||
| }; | }; | ||||||
|  |  | ||||||
| static const struct signature_alg rsa_with_md2_alg = { |  | ||||||
|     "rsa-with-md2", |  | ||||||
|     &asn1_oid_id_pkcs1_md2WithRSAEncryption, |  | ||||||
|     &_hx509_signature_rsa_with_md2_data, |  | ||||||
|     &asn1_oid_id_pkcs1_rsaEncryption, |  | ||||||
|     &_hx509_signature_md2_data, |  | ||||||
|     PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, |  | ||||||
|     1230739889, |  | ||||||
|     NULL, |  | ||||||
|     rsa_verify_signature, |  | ||||||
|     rsa_create_signature |  | ||||||
| }; |  | ||||||
|  |  | ||||||
| static const struct signature_alg dsa_sha1_alg = { | static const struct signature_alg dsa_sha1_alg = { | ||||||
|     "dsa-with-sha1", |     "dsa-with-sha1", | ||||||
|     &asn1_oid_id_dsa_with_sha1, |     &asn1_oid_id_dsa_with_sha1, | ||||||
| @@ -1355,19 +1332,6 @@ static const struct signature_alg md5_alg = { | |||||||
|     NULL |     NULL | ||||||
| }; | }; | ||||||
|  |  | ||||||
| static const struct signature_alg md2_alg = { |  | ||||||
|     "rsa-md2", |  | ||||||
|     &asn1_oid_id_rsa_digest_md2, |  | ||||||
|     &_hx509_signature_md2_data, |  | ||||||
|     NULL, |  | ||||||
|     NULL, |  | ||||||
|     SIG_DIGEST, |  | ||||||
|     0, |  | ||||||
|     EVP_md2, |  | ||||||
|     evp_md_verify_signature, |  | ||||||
|     NULL |  | ||||||
| }; |  | ||||||
|  |  | ||||||
| /* | /* | ||||||
|  * Order matter in this structure, "best" first for each "key |  * Order matter in this structure, "best" first for each "key | ||||||
|  * compatible" type (type is ECDSA, RSA, DSA, none, etc) |  * compatible" type (type is ECDSA, RSA, DSA, none, etc) | ||||||
| @@ -1382,13 +1346,11 @@ static const struct signature_alg *sig_algs[] = { | |||||||
|     &rsa_with_sha1_alg, |     &rsa_with_sha1_alg, | ||||||
|     &pkcs1_rsa_sha1_alg, |     &pkcs1_rsa_sha1_alg, | ||||||
|     &rsa_with_md5_alg, |     &rsa_with_md5_alg, | ||||||
|     &rsa_with_md2_alg, |  | ||||||
|     &heim_rsa_pkcs1_x509, |     &heim_rsa_pkcs1_x509, | ||||||
|     &dsa_sha1_alg, |     &dsa_sha1_alg, | ||||||
|     &sha256_alg, |     &sha256_alg, | ||||||
|     &sha1_alg, |     &sha1_alg, | ||||||
|     &md5_alg, |     &md5_alg, | ||||||
|     &md2_alg, |  | ||||||
|     NULL |     NULL | ||||||
| }; | }; | ||||||
|  |  | ||||||
| @@ -1844,10 +1806,6 @@ const AlgorithmIdentifier * | |||||||
| hx509_signature_md5(void) | hx509_signature_md5(void) | ||||||
| { return &_hx509_signature_md5_data; } | { return &_hx509_signature_md5_data; } | ||||||
|  |  | ||||||
| const AlgorithmIdentifier * |  | ||||||
| hx509_signature_md2(void) |  | ||||||
| { return &_hx509_signature_md2_data; } |  | ||||||
|  |  | ||||||
| const AlgorithmIdentifier * | const AlgorithmIdentifier * | ||||||
| hx509_signature_ecPublicKey(void) | hx509_signature_ecPublicKey(void) | ||||||
| { return &_hx509_signature_ecPublicKey; } | { return &_hx509_signature_ecPublicKey; } | ||||||
| @@ -1880,10 +1838,6 @@ const AlgorithmIdentifier * | |||||||
| hx509_signature_rsa_with_md5(void) | hx509_signature_rsa_with_md5(void) | ||||||
| { return &_hx509_signature_rsa_with_md5_data; } | { return &_hx509_signature_rsa_with_md5_data; } | ||||||
|  |  | ||||||
| const AlgorithmIdentifier * |  | ||||||
| hx509_signature_rsa_with_md2(void) |  | ||||||
| { return &_hx509_signature_rsa_with_md2_data; } |  | ||||||
|  |  | ||||||
| const AlgorithmIdentifier * | const AlgorithmIdentifier * | ||||||
| hx509_signature_rsa(void) | hx509_signature_rsa(void) | ||||||
| { return &_hx509_signature_rsa_data; } | { return &_hx509_signature_rsa_data; } | ||||||
|   | |||||||
| @@ -1139,7 +1139,6 @@ p11_printinfo(hx509_context context, | |||||||
| 		MECHNAME(CKM_SHA256, "sha256"); | 		MECHNAME(CKM_SHA256, "sha256"); | ||||||
| 		MECHNAME(CKM_SHA_1, "sha1"); | 		MECHNAME(CKM_SHA_1, "sha1"); | ||||||
| 		MECHNAME(CKM_MD5, "md5"); | 		MECHNAME(CKM_MD5, "md5"); | ||||||
| 		MECHNAME(CKM_MD2, "md2"); |  | ||||||
| 		MECHNAME(CKM_RIPEMD160, "ripemd-160"); | 		MECHNAME(CKM_RIPEMD160, "ripemd-160"); | ||||||
| 		MECHNAME(CKM_DES_ECB, "des-ecb"); | 		MECHNAME(CKM_DES_ECB, "des-ecb"); | ||||||
| 		MECHNAME(CKM_DES_CBC, "des-cbc"); | 		MECHNAME(CKM_DES_CBC, "des-cbc"); | ||||||
|   | |||||||
| @@ -198,10 +198,8 @@ EXPORTS | |||||||
| 	hx509_revoke_verify | 	hx509_revoke_verify | ||||||
| 	hx509_set_error_string | 	hx509_set_error_string | ||||||
| 	hx509_set_error_stringv | 	hx509_set_error_stringv | ||||||
| 	hx509_signature_md2 |  | ||||||
| 	hx509_signature_md5 | 	hx509_signature_md5 | ||||||
| 	hx509_signature_rsa | 	hx509_signature_rsa | ||||||
| 	hx509_signature_rsa_with_md2 |  | ||||||
| 	hx509_signature_rsa_with_md5 | 	hx509_signature_rsa_with_md5 | ||||||
| 	hx509_signature_rsa_with_sha1 | 	hx509_signature_rsa_with_sha1 | ||||||
| 	hx509_signature_rsa_with_sha256 | 	hx509_signature_rsa_with_sha256 | ||||||
|   | |||||||
| @@ -1,4 +1,3 @@ | |||||||
| 2.16.840.1.101.3.4.2.1 | 2.16.840.1.101.3.4.2.1 | ||||||
| 1.3.14.3.2.26 | 1.3.14.3.2.26 | ||||||
| 1.2.840.113549.2.5 | 1.2.840.113549.2.5 | ||||||
| 1.2.840.113549.2.2 |  | ||||||
|   | |||||||
| @@ -201,10 +201,8 @@ HEIMDAL_X509_1.2 { | |||||||
| 		hx509_revoke_verify; | 		hx509_revoke_verify; | ||||||
| 		hx509_set_error_string; | 		hx509_set_error_string; | ||||||
| 		hx509_set_error_stringv; | 		hx509_set_error_stringv; | ||||||
| 		hx509_signature_md2; |  | ||||||
| 		hx509_signature_md5; | 		hx509_signature_md5; | ||||||
| 		hx509_signature_rsa; | 		hx509_signature_rsa; | ||||||
| 		hx509_signature_rsa_with_md2; |  | ||||||
| 		hx509_signature_rsa_with_md5; | 		hx509_signature_rsa_with_md5; | ||||||
| 		hx509_signature_rsa_with_sha1; | 		hx509_signature_rsa_with_sha1; | ||||||
| 		hx509_signature_rsa_with_sha256; | 		hx509_signature_rsa_with_sha256; | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Love Hornquist Astrand
					Love Hornquist Astrand