diff options
author | Doug Hogan <doug@cvs.openbsd.org> | 2015-06-20 01:07:26 +0000 |
---|---|---|
committer | Doug Hogan <doug@cvs.openbsd.org> | 2015-06-20 01:07:26 +0000 |
commit | 811b82a7004019fe01b0effefbf87dedcfbb1d63 (patch) | |
tree | 4bc4eefc57948fa77fa69a4e8e7029610ed7595b | |
parent | 2efa7300fb7d762cd4fcd6d6e6f4854f6969d6a2 (diff) |
Remove obsolete MDC-2DES from libcrypto.
ok deraadt@ jsing@ miod@
32 files changed, 43 insertions, 720 deletions
diff --git a/lib/libcrypto/crypto/Makefile b/lib/libcrypto/crypto/Makefile index a4e65fd6a6d..d523e8029d1 100644 --- a/lib/libcrypto/crypto/Makefile +++ b/lib/libcrypto/crypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.57 2015/04/11 16:16:15 deraadt Exp $ +# $OpenBSD: Makefile,v 1.58 2015/06/20 01:07:24 doug Exp $ LIB= crypto @@ -146,7 +146,7 @@ SRCS+= e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c SRCS+= e_rc4.c e_aes.c names.c SRCS+= e_xcbc_d.c e_rc2.c e_cast.c SRCS+= m_null.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c -SRCS+= m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c +SRCS+= m_dss.c m_dss1.c m_ripemd.c m_ecdsa.c SRCS+= p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c SRCS+= bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c SRCS+= c_all.c evp_lib.c @@ -180,9 +180,6 @@ SRCS+= md4_dgst.c md4_one.c # md5/ SRCS+= md5_dgst.c md5_one.c -# mdc2/ -SRCS+= mdc2dgst.c mdc2_one.c - # modes/ SRCS+= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c @@ -292,7 +289,6 @@ SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c ${LCRYPTO_SRC}/lhash \ ${LCRYPTO_SRC}/md4 \ ${LCRYPTO_SRC}/md5 \ - ${LCRYPTO_SRC}/mdc2 \ ${LCRYPTO_SRC}/modes \ ${LCRYPTO_SRC}/objects \ ${LCRYPTO_SRC}/ocsp \ @@ -352,7 +348,6 @@ HDRS=\ crypto/lhash/lhash.h \ crypto/md4/md4.h \ crypto/md5/md5.h \ - crypto/mdc2/mdc2.h \ crypto/modes/modes.h \ crypto/objects/objects.h \ crypto/ocsp/ocsp.h \ diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 872391db3ef..c968943cc03 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.20 2015/05/24 15:44:52 schwarze Exp $ +# $OpenBSD: Makefile,v 1.21 2015/06/20 01:07:24 doug Exp $ .include <bsd.own.mk> # for NOMAN @@ -645,7 +645,6 @@ MLINKS+=\ EVP_DigestInit.3 EVP_md2.3 \ EVP_DigestInit.3 EVP_md5.3 \ EVP_DigestInit.3 EVP_md_null.3 \ - EVP_DigestInit.3 EVP_mdc2.3 \ EVP_DigestInit.3 EVP_ripemd160.3 \ EVP_DigestInit.3 EVP_sha.3 \ EVP_DigestInit.3 EVP_sha1.3 \ diff --git a/lib/libssl/src/crypto/evp/c_all.c b/lib/libssl/src/crypto/evp/c_all.c index d794629ca87..5f9df3a7ad8 100644 --- a/lib/libssl/src/crypto/evp/c_all.c +++ b/lib/libssl/src/crypto/evp/c_all.c @@ -1,4 +1,4 @@ -/* $OpenBSD: c_all.c,v 1.16 2015/02/10 11:45:09 jsing Exp $ */ +/* $OpenBSD: c_all.c,v 1.17 2015/06/20 01:07:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -265,9 +265,6 @@ OpenSSL_add_all_digests(void) EVP_add_digest(EVP_streebog256()); EVP_add_digest(EVP_streebog512()); #endif -#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) - EVP_add_digest(EVP_mdc2()); -#endif #ifndef OPENSSL_NO_RIPEMD EVP_add_digest(EVP_ripemd160()); EVP_add_digest_alias(SN_ripemd160, "ripemd"); diff --git a/lib/libssl/src/crypto/evp/evp.h b/lib/libssl/src/crypto/evp/evp.h index 330e01e0e6d..57f8753ced1 100644 --- a/lib/libssl/src/crypto/evp/evp.h +++ b/lib/libssl/src/crypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.44 2015/02/10 11:45:09 jsing Exp $ */ +/* $OpenBSD: evp.h,v 1.45 2015/06/20 01:07:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -669,9 +669,6 @@ const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); #endif -#ifndef OPENSSL_NO_MDC2 -const EVP_MD *EVP_mdc2(void); -#endif #ifndef OPENSSL_NO_RIPEMD const EVP_MD *EVP_ripemd160(void); #endif diff --git a/lib/libssl/src/crypto/evp/m_mdc2.c b/lib/libssl/src/crypto/evp/m_mdc2.c deleted file mode 100644 index cfbdfc38523..00000000000 --- a/lib/libssl/src/crypto/evp/m_mdc2.c +++ /dev/null @@ -1,118 +0,0 @@ -/* $OpenBSD: m_mdc2.c,v 1.15 2014/07/13 09:30:02 miod Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_MDC2 - -#include <openssl/evp.h> -#include <openssl/mdc2.h> -#include <openssl/objects.h> -#include <openssl/x509.h> - -#ifndef OPENSSL_NO_RSA -#include <openssl/rsa.h> -#endif - -static int -init(EVP_MD_CTX *ctx) -{ - return MDC2_Init(ctx->md_data); -} - -static int -update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return MDC2_Update(ctx->md_data, data, count); -} - -static int -final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return MDC2_Final(md, ctx->md_data); -} - -static const EVP_MD mdc2_md = { - .type = NID_mdc2, - .pkey_type = NID_mdc2WithRSA, - .md_size = MDC2_DIGEST_LENGTH, - .flags = 0, - .init = init, - .update = update, - .final = final, - .copy = NULL, - .cleanup = NULL, -#ifndef OPENSSL_NO_RSA - .sign = (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, - .verify = (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, - .required_pkey_type = { - EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0, - }, -#endif - .block_size = MDC2_BLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(MDC2_CTX), -}; - -const EVP_MD * -EVP_mdc2(void) -{ - return (&mdc2_md); -} -#endif diff --git a/lib/libssl/src/crypto/mdc2/mdc2.h b/lib/libssl/src/crypto/mdc2/mdc2.h deleted file mode 100644 index 9128eeb8781..00000000000 --- a/lib/libssl/src/crypto/mdc2/mdc2.h +++ /dev/null @@ -1,97 +0,0 @@ -/* $OpenBSD: mdc2.h,v 1.13 2014/07/10 22:45:57 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_MDC2_H -#define HEADER_MDC2_H - -#include <openssl/opensslconf.h> - -#include <openssl/des.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_MDC2 -#error MDC2 is disabled. -#endif - -#define MDC2_BLOCK 8 -#define MDC2_DIGEST_LENGTH 16 - -typedef struct mdc2_ctx_st - { - unsigned int num; - unsigned char data[MDC2_BLOCK]; - DES_cblock h,hh; - int pad_type; /* either 1 or 2, default 1 */ - } MDC2_CTX; - - -int MDC2_Init(MDC2_CTX *c); -int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); -int MDC2_Final(unsigned char *md, MDC2_CTX *c); -unsigned char *MDC2(const unsigned char *d, size_t n, - unsigned char *md); - -#ifdef __cplusplus -} -#endif - -#endif - diff --git a/lib/libssl/src/crypto/mdc2/mdc2_one.c b/lib/libssl/src/crypto/mdc2/mdc2_one.c deleted file mode 100644 index 8f922b1c7d3..00000000000 --- a/lib/libssl/src/crypto/mdc2/mdc2_one.c +++ /dev/null @@ -1,77 +0,0 @@ -/* $OpenBSD: mdc2_one.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> - -#include <openssl/crypto.h> -#include <openssl/mdc2.h> - -unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md) - { - MDC2_CTX c; - static unsigned char m[MDC2_DIGEST_LENGTH]; - - if (md == NULL) md=m; - if (!MDC2_Init(&c)) - return NULL; - MDC2_Update(&c,d,n); - MDC2_Final(md,&c); - OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ - return(md); - } - diff --git a/lib/libssl/src/crypto/mdc2/mdc2dgst.c b/lib/libssl/src/crypto/mdc2/mdc2dgst.c deleted file mode 100644 index b4b0068d59b..00000000000 --- a/lib/libssl/src/crypto/mdc2/mdc2dgst.c +++ /dev/null @@ -1,179 +0,0 @@ -/* $OpenBSD: mdc2dgst.c,v 1.7 2014/10/28 07:35:59 jsg Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/des.h> -#include <openssl/mdc2.h> - -#undef c2l -#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<<24L) - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len); -int MDC2_Init(MDC2_CTX *c) - { - c->num=0; - c->pad_type=1; - memset(&(c->h[0]),0x52,MDC2_BLOCK); - memset(&(c->hh[0]),0x25,MDC2_BLOCK); - return 1; - } - -int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len) - { - size_t i,j; - - i=c->num; - if (i != 0) - { - if (i+len < MDC2_BLOCK) - { - /* partial block */ - memcpy(&(c->data[i]),in,len); - c->num+=(int)len; - return 1; - } - else - { - /* filled one */ - j=MDC2_BLOCK-i; - memcpy(&(c->data[i]),in,j); - len-=j; - in+=j; - c->num=0; - mdc2_body(c,&(c->data[0]),MDC2_BLOCK); - } - } - i=len&~((size_t)MDC2_BLOCK-1); - if (i > 0) mdc2_body(c,in,i); - j=len-i; - if (j > 0) - { - memcpy(&(c->data[0]),&(in[i]),j); - c->num=(int)j; - } - return 1; - } - -static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len) - { - DES_LONG tin0,tin1; - DES_LONG ttin0,ttin1; - DES_LONG d[2],dd[2]; - DES_key_schedule k; - unsigned char *p; - size_t i; - - for (i=0; i<len; i+=8) - { - c2l(in,tin0); d[0]=dd[0]=tin0; - c2l(in,tin1); d[1]=dd[1]=tin1; - c->h[0]=(c->h[0]&0x9f)|0x40; - c->hh[0]=(c->hh[0]&0x9f)|0x20; - - DES_set_odd_parity(&c->h); - DES_set_key_unchecked(&c->h,&k); - DES_encrypt1(d,&k,1); - - DES_set_odd_parity(&c->hh); - DES_set_key_unchecked(&c->hh,&k); - DES_encrypt1(dd,&k,1); - - ttin0=tin0^dd[0]; - ttin1=tin1^dd[1]; - tin0^=d[0]; - tin1^=d[1]; - - p=c->h; - l2c(tin0,p); - l2c(ttin1,p); - p=c->hh; - l2c(ttin0,p); - l2c(tin1,p); - } - } - -int MDC2_Final(unsigned char *md, MDC2_CTX *c) - { - unsigned int i; - int j; - - i=c->num; - j=c->pad_type; - if ((i > 0) || (j == 2)) - { - if (j == 2) - c->data[i++]=0x80; - memset(&(c->data[i]),0,MDC2_BLOCK-i); - mdc2_body(c,c->data,MDC2_BLOCK); - } - memcpy(md,(char *)c->h,MDC2_BLOCK); - memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK); - return 1; - } diff --git a/lib/libssl/src/crypto/opensslfeatures.h b/lib/libssl/src/crypto/opensslfeatures.h index 811fac610fe..a0fcc0078ef 100644 --- a/lib/libssl/src/crypto/opensslfeatures.h +++ b/lib/libssl/src/crypto/opensslfeatures.h @@ -6,6 +6,7 @@ # define OPENSSL_NO_JPAKE # define OPENSSL_NO_KRB5 # define OPENSSL_NO_MD2 +# define OPENSSL_NO_MDC2 # define OPENSSL_NO_PSK # define OPENSSL_NO_RC5 # define OPENSSL_NO_RFC3779 diff --git a/lib/libssl/src/crypto/rsa/rsa_pmeth.c b/lib/libssl/src/crypto/rsa/rsa_pmeth.c index 09166e105b7..0b648138ee8 100644 --- a/lib/libssl/src/crypto/rsa/rsa_pmeth.c +++ b/lib/libssl/src/crypto/rsa/rsa_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pmeth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */ +/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -178,18 +178,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, return -1; } - if (EVP_MD_type(rctx->md) == NID_mdc2) { - unsigned int sltmp; - - if (rctx->pad_mode != RSA_PKCS1_PADDING) - return -1; - ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen, - sig, &sltmp, rsa); - - if (ret <= 0) - return ret; - ret = sltmp; - } else if (rctx->pad_mode == RSA_X931_PADDING) { + if (rctx->pad_mode == RSA_X931_PADDING) { if (!setup_tbuf(rctx, ctx)) return -1; memcpy(rctx->tbuf, tbs, tbslen); diff --git a/lib/libssl/src/crypto/rsa/rsa_sign.c b/lib/libssl/src/crypto/rsa/rsa_sign.c index a446b563b32..09d8ef329db 100644 --- a/lib/libssl/src/crypto/rsa/rsa_sign.c +++ b/lib/libssl/src/crypto/rsa/rsa_sign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_sign.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_sign.c,v 1.23 2015/06/20 01:07:25 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -180,21 +180,6 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, if (i <= 0) goto err; - /* - * Oddball MDC2 case: signature can be OCTET STRING. - * check for correct tag and length octets. - */ - if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) { - if (rm) { - memcpy(rm, s + 2, 16); - *prm_len = 16; - ret = 1; - } else if (memcmp(m, s + 2, 16)) - RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE); - else - ret = 1; - } - /* Special case: SSL signature */ if (dtype == NID_md5_sha1) { if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH)) diff --git a/lib/libssl/src/doc/apps/ca.pod b/lib/libssl/src/doc/apps/ca.pod index 7294627d163..ecbe7954d65 100644 --- a/lib/libssl/src/doc/apps/ca.pod +++ b/lib/libssl/src/doc/apps/ca.pod @@ -159,7 +159,7 @@ the number of days to certify the certificate for. =item B<-md alg> -the message digest to use. Possible values include md5, sha1 and mdc2. +the message digest to use. Possible values include md5 and sha1. This option also applies to CRLs. =item B<-policy arg> diff --git a/lib/libssl/src/doc/apps/dgst.pod b/lib/libssl/src/doc/apps/dgst.pod index da690472a3a..d8b2abc6fbd 100644 --- a/lib/libssl/src/doc/apps/dgst.pod +++ b/lib/libssl/src/doc/apps/dgst.pod @@ -2,12 +2,12 @@ =head1 NAME -dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests +dgst, md5, md4, md2, sha1, sha, ripemd160 - message digests =head1 SYNOPSIS B<openssl> B<dgst> -[B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>] +[B<-md5|-md4|-md2|-sha1|-sha|-ripemd160|-dss1>] [B<-c>] [B<-d>] [B<-hex>] @@ -22,7 +22,7 @@ B<openssl> B<dgst> [B<-hmac key>] [B<file...>] -[B<md5|md4|md2|sha1|sha|mdc2|ripemd160>] +[B<md5|md4|md2|sha1|sha|ripemd160>] [B<-c>] [B<-d>] [B<file...>] diff --git a/lib/libssl/src/doc/apps/openssl.pod b/lib/libssl/src/doc/apps/openssl.pod index c40b50d950b..718d679dbbc 100644 --- a/lib/libssl/src/doc/apps/openssl.pod +++ b/lib/libssl/src/doc/apps/openssl.pod @@ -271,10 +271,6 @@ MD2 Digest MD5 Digest -=item B<mdc2> - -MDC2 Digest - =item B<rmd160> RMD-160 Digest diff --git a/lib/libssl/src/doc/apps/req.pod b/lib/libssl/src/doc/apps/req.pod index 4f6d64766d0..3d556bd9686 100644 --- a/lib/libssl/src/doc/apps/req.pod +++ b/lib/libssl/src/doc/apps/req.pod @@ -387,7 +387,7 @@ option. For compatibility B<encrypt_rsa_key> is an equivalent option. =item B<default_md> This option specifies the digest algorithm to use. Possible values -include B<md5 sha1 mdc2>. If not present then MD5 is used. This +include B<md5 sha1>. If not present then MD5 is used. This option can be overridden on the command line. =item B<string_mask> diff --git a/lib/libssl/src/doc/apps/speed.pod b/lib/libssl/src/doc/apps/speed.pod index 1cd1998d167..c309d9a0603 100644 --- a/lib/libssl/src/doc/apps/speed.pod +++ b/lib/libssl/src/doc/apps/speed.pod @@ -9,7 +9,6 @@ speed - test library performance B<openssl speed> [B<-engine id>] [B<md2>] -[B<mdc2>] [B<md5>] [B<hmac>] [B<sha1>] diff --git a/lib/libssl/src/doc/apps/ts.pod b/lib/libssl/src/doc/apps/ts.pod index 1abf9df566c..3075b6887a2 100644 --- a/lib/libssl/src/doc/apps/ts.pod +++ b/lib/libssl/src/doc/apps/ts.pod @@ -12,7 +12,7 @@ B<-query> [B<-config> configfile] [B<-data> file_to_hash] [B<-digest> digest_bytes] -[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>] +[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>] [B<-policy> object_id] [B<-no_nonce>] [B<-cert>] @@ -124,7 +124,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or 1AF601...). The number of bytes must match the message digest algorithm in use. (Optional) -=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...> +=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...> The message digest to apply to the data file, it supports all the message digest algorithms that are supported by the openssl B<dgst> command. diff --git a/lib/libssl/src/doc/apps/x509.pod b/lib/libssl/src/doc/apps/x509.pod index e6ea9cd9d24..25471736a0e 100644 --- a/lib/libssl/src/doc/apps/x509.pod +++ b/lib/libssl/src/doc/apps/x509.pod @@ -50,7 +50,7 @@ B<openssl> B<x509> [B<-CAserial filename>] [B<-text>] [B<-C>] -[B<-md2|-md5|-sha1|-mdc2>] +[B<-md2|-md5|-sha1>] [B<-clrext>] [B<-extfile filename>] [B<-extensions section>] @@ -96,7 +96,7 @@ if this option is not specified. This specifies the output filename to write to or standard output by default. -=item B<-md2|-md5|-sha1|-mdc2> +=item B<-md2|-md5|-sha1> the digest to use. This affects any signing or display option that uses a message digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not diff --git a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod index 4b48080b4a4..ccb19fc0a78 100644 --- a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod @@ -8,7 +8,7 @@ EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, -EVP_mdc2, EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, +EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines =head1 SYNOPSIS @@ -53,7 +53,6 @@ EVP_get_digestbyobj - EVP digest routines const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_dss(void); const EVP_MD *EVP_dss1(void); - const EVP_MD *EVP_mdc2(void); const EVP_MD *EVP_ripemd160(void); const EVP_MD *EVP_sha224(void); @@ -134,8 +133,8 @@ algorithms are no longer linked this function is only retained for compatibility reasons. EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(), -EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD> -structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 +EVP_sha384(), EVP_sha512() and EVP_ripemd160() return B<EVP_MD> +structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512 and RIPEMD160 digest algorithms respectively. EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest @@ -165,7 +164,7 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and EVP_MD_CTX_block_size() return the digest or block size in bytes. EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), -EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the +EVP_dss1() and EVP_ripemd160() return pointers to the corresponding EVP_MD structures. EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj() @@ -253,7 +252,7 @@ digest name passed on the command line. =head1 SEE ALSO L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> =head1 HISTORY @@ -266,7 +265,7 @@ EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex() and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7. EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), -EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were +EVP_dss(), EVP_dss1() and EVP_ripemd160() were changed to return truely const EVP_MD * in OpenSSL 0.9.7. The link between digests and signing algorithms was fixed in OpenSSL 1.0 and diff --git a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod index e70b88a4a9a..7fd4c22e795 100644 --- a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod @@ -74,7 +74,7 @@ which indicates the maximum possible signature for any set of parameters. L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> =head1 HISTORY diff --git a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod index 9eebb15d223..0817cf0b025 100644 --- a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod @@ -69,7 +69,7 @@ will occur. L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> =head1 HISTORY diff --git a/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/lib/libssl/src/doc/crypto/EVP_SignInit.pod index 5a1b67e0061..9aafa3d63aa 100644 --- a/lib/libssl/src/doc/crypto/EVP_SignInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_SignInit.pod @@ -89,7 +89,7 @@ The previous two bugs are fixed in the newer EVP_SignDigest*() function. L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> =head1 HISTORY diff --git a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod index c665ee2ebc9..b0d3f8e4c9e 100644 --- a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod @@ -83,7 +83,7 @@ L<evp(3)|evp(3)>, L<EVP_SignInit(3)|EVP_SignInit(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> =head1 HISTORY diff --git a/lib/libssl/src/doc/crypto/crypto.pod b/lib/libssl/src/doc/crypto/crypto.pod index 2349014fce5..bbd6ce9ea97 100644 --- a/lib/libssl/src/doc/crypto/crypto.pod +++ b/lib/libssl/src/doc/crypto/crypto.pod @@ -41,7 +41,7 @@ L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)> =item AUTHENTICATION CODES, HASH FUNCTIONS L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>, -L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, +L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>, L<sha(3)|sha(3)> =item AUXILIARY FUNCTIONS diff --git a/regress/lib/libcrypto/Makefile b/regress/lib/libcrypto/Makefile index 3836a55d983..b2247a7b291 100644 --- a/regress/lib/libcrypto/Makefile +++ b/regress/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.17 2014/11/18 21:52:43 miod Exp $ +# $OpenBSD: Makefile,v 1.18 2015/06/20 01:07:25 doug Exp $ SUBDIR= \ aead \ @@ -26,7 +26,6 @@ SUBDIR= \ ige \ md4 \ md5 \ - mdc2 \ pbkdf2 \ pkcs7 \ poly1305 \ diff --git a/regress/lib/libcrypto/mdc2/Makefile b/regress/lib/libcrypto/mdc2/Makefile deleted file mode 100644 index 67764ec7df5..00000000000 --- a/regress/lib/libcrypto/mdc2/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $ - -PROG= mdc2test -LDADD= -lcrypto -DPADD= ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -.include <bsd.regress.mk> diff --git a/regress/lib/libcrypto/mdc2/mdc2test.c b/regress/lib/libcrypto/mdc2/mdc2test.c deleted file mode 100644 index aa84a3a00b7..00000000000 --- a/regress/lib/libcrypto/mdc2/mdc2test.c +++ /dev/null @@ -1,123 +0,0 @@ -/* crypto/mdc2/mdc2test.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <openssl/evp.h> -#include <openssl/mdc2.h> - -static unsigned char pad1[16]={ - 0x42,0xE5,0x0C,0xD2,0x24,0xBA,0xCE,0xBA, - 0x76,0x0B,0xDD,0x2B,0xD4,0x09,0x28,0x1A - }; - -static unsigned char pad2[16]={ - 0x2E,0x46,0x79,0xB5,0xAD,0xD9,0xCA,0x75, - 0x35,0xD8,0x7A,0xFE,0xAB,0x33,0xBE,0xE2 - }; - -int main(int argc, char *argv[]) - { - int ret=0; - unsigned char md[MDC2_DIGEST_LENGTH]; - int i; - EVP_MD_CTX c; - static char *text="Now is the time for all "; - - EVP_MD_CTX_init(&c); - EVP_DigestInit_ex(&c,EVP_mdc2(), NULL); - EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); - EVP_DigestFinal_ex(&c,&(md[0]),NULL); - - if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0) - { - for (i=0; i<MDC2_DIGEST_LENGTH; i++) - printf("%02X",md[i]); - printf(" <- generated\n"); - for (i=0; i<MDC2_DIGEST_LENGTH; i++) - printf("%02X",pad1[i]); - printf(" <- correct\n"); - ret=1; - } - else - printf("pad1 - ok\n"); - - EVP_DigestInit_ex(&c,EVP_mdc2(), NULL); - /* FIXME: use a ctl function? */ - ((MDC2_CTX *)c.md_data)->pad_type=2; - EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); - EVP_DigestFinal_ex(&c,&(md[0]),NULL); - - if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0) - { - for (i=0; i<MDC2_DIGEST_LENGTH; i++) - printf("%02X",md[i]); - printf(" <- generated\n"); - for (i=0; i<MDC2_DIGEST_LENGTH; i++) - printf("%02X",pad2[i]); - printf(" <- correct\n"); - ret=1; - } - else - printf("pad2 - ok\n"); - - EVP_MD_CTX_cleanup(&c); - exit(ret); - } diff --git a/usr.bin/openssl/openssl.1 b/usr.bin/openssl/openssl.1 index c90d998cb68..51069436404 100644 --- a/usr.bin/openssl/openssl.1 +++ b/usr.bin/openssl/openssl.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: openssl.1,v 1.14 2015/06/18 11:38:41 jmc Exp $ +.\" $OpenBSD: openssl.1,v 1.15 2015/06/20 01:07:25 doug Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" @@ -112,7 +112,7 @@ .\" .\" OPENSSL .\" -.Dd $Mdocdate: June 18 2015 $ +.Dd $Mdocdate: June 20 2015 $ .Dt OPENSSL 1 .Os .Sh NAME @@ -389,8 +389,6 @@ GOST R 34.11-94 digest. MD4 digest. .It Cm md5 MD5 digest. -.It Cm mdc2 -MDC-2 digest. .It Cm ripemd160 RIPEMD-160 digest. .It Cm sha @@ -1814,7 +1812,7 @@ install user certificates and CAs in MSIE using the Xenroll control. .Bk -words .Oo .Fl gost-mac | streebog256 | streebog512 | md_gost94 | -.Fl md4 | md5 | mdc2 | ripemd160 | sha | sha1 | +.Fl md4 | md5 | ripemd160 | sha | sha1 | .Fl sha224 | sha256 | sha384 | sha512 | whirlpool .Oc .Op Fl binary @@ -1838,7 +1836,7 @@ install user certificates and CAs in MSIE using the Xenroll control. .Pp .Nm openssl .Cm gost-mac | streebog256 | streebog512 | md_gost94 | -.Cm md4 | md5 | mdc2 | ripemd160 | sha | sha1 | +.Cm md4 | md5 | ripemd160 | sha | sha1 | .Cm sha224 | sha256 | sha384 | sha512 | whirlpool .Op Fl c .Op Fl d diff --git a/usr.bin/openssl/req.c b/usr.bin/openssl/req.c index 1d505240522..93742971ff9 100644 --- a/usr.bin/openssl/req.c +++ b/usr.bin/openssl/req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: req.c,v 1.4 2014/10/16 10:43:54 jsing Exp $ */ +/* $OpenBSD: req.c,v 1.5 2015/06/20 01:07:25 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -379,7 +379,7 @@ bad: BIO_printf(bio_err, " -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err, " -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); BIO_printf(bio_err, " -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); - BIO_printf(bio_err, " -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n"); + BIO_printf(bio_err, " -[digest] Digest to sign with (md5, sha1, md4)\n"); BIO_printf(bio_err, " -config file request template file.\n"); BIO_printf(bio_err, " -subj arg set or modify request subject\n"); BIO_printf(bio_err, " -multivalue-rdn enable support for multivalued RDNs\n"); diff --git a/usr.bin/openssl/speed.c b/usr.bin/openssl/speed.c index 8795d6c4346..236e0267bba 100644 --- a/usr.bin/openssl/speed.c +++ b/usr.bin/openssl/speed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: speed.c,v 1.5 2015/02/08 10:22:45 doug Exp $ */ +/* $OpenBSD: speed.c,v 1.6 2015/06/20 01:07:25 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -124,9 +124,6 @@ #ifndef OPENSSL_NO_IDEA #include <openssl/idea.h> #endif -#ifndef OPENSSL_NO_MDC2 -#include <openssl/mdc2.h> -#endif #ifndef OPENSSL_NO_MD4 #include <openssl/md4.h> #endif @@ -179,7 +176,7 @@ static int do_multi(int multi); #define MAX_ECDH_SIZE 256 static const char *names[ALGOR_NUM] = { - "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4", + "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc", "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", @@ -241,9 +238,6 @@ speed_main(int argc, char **argv) long rsa_count; unsigned rsa_num; unsigned char md[EVP_MAX_MD_SIZE]; -#ifndef OPENSSL_NO_MDC2 - unsigned char mdc2[MDC2_DIGEST_LENGTH]; -#endif #ifndef OPENSSL_NO_MD4 unsigned char md4[MD4_DIGEST_LENGTH]; #endif @@ -331,7 +325,6 @@ speed_main(int argc, char **argv) CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3; #endif #define D_MD2 0 -#define D_MDC2 1 #define D_MD4 2 #define D_MD5 3 #define D_HMAC 4 @@ -586,11 +579,6 @@ speed_main(int argc, char **argv) j--; /* Otherwise, -mr gets confused with an * algorithm. */ } else -#ifndef OPENSSL_NO_MDC2 - if (strcmp(*argv, "mdc2") == 0) - doit[D_MDC2] = 1; - else -#endif #ifndef OPENSSL_NO_MD4 if (strcmp(*argv, "md4") == 0) doit[D_MD4] = 1; @@ -844,9 +832,6 @@ speed_main(int argc, char **argv) BIO_printf(bio_err, "Error: bad option or value\n"); BIO_printf(bio_err, "\n"); BIO_printf(bio_err, "Available values:\n"); -#ifndef OPENSSL_NO_MDC2 - BIO_printf(bio_err, "mdc2 "); -#endif #ifndef OPENSSL_NO_MD4 BIO_printf(bio_err, "md4 "); #endif @@ -871,7 +856,7 @@ speed_main(int argc, char **argv) #ifndef OPENSSL_NO_RIPEMD160 BIO_printf(bio_err, "rmd160"); #endif -#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \ +#if !defined(OPENSSL_NO_MD2) || \ !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \ !defined(OPENSSL_NO_WHIRLPOOL) @@ -1042,19 +1027,6 @@ speed_main(int argc, char **argv) #define COUNT(d) (count) signal(SIGALRM, sig_done); -#ifndef OPENSSL_NO_MDC2 - if (doit[D_MDC2]) { - for (j = 0; j < SIZE_NUM; j++) { - print_message(names[D_MDC2], c[D_MDC2][j], lengths[j]); - Time_F(START); - for (count = 0, run = 1; COND(c[D_MDC2][j]); count++) - EVP_Digest(buf, (unsigned long) lengths[j], &(mdc2[0]), NULL, EVP_mdc2(), NULL); - d = Time_F(STOP); - print_result(D_MDC2, j, count, d); - } - } -#endif - #ifndef OPENSSL_NO_MD4 if (doit[D_MD4]) { for (j = 0; j < SIZE_NUM; j++) { diff --git a/usr.bin/openssl/ts.c b/usr.bin/openssl/ts.c index cd7d9cc81e0..341d9395c76 100644 --- a/usr.bin/openssl/ts.c +++ b/usr.bin/openssl/ts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */ +/* $OpenBSD: ts.c,v 1.4 2015/06/20 01:07:25 doug Exp $ */ /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL * project 2002. */ @@ -306,7 +306,7 @@ usage: BIO_printf(bio_err, "usage:\n" "ts -query [-config configfile] " "[-data file_to_hash] [-digest digest_bytes]" - "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] " + "[-md2|-md4|-md5|-sha|-sha1|-ripemd160] " "[-policy object_id] [-no_nonce] [-cert] " "[-in request.tsq] [-out request.tsq] [-text]\n"); BIO_printf(bio_err, "or\n" diff --git a/usr.bin/openssl/x509.c b/usr.bin/openssl/x509.c index db3173e74d2..0e4d7dcd775 100644 --- a/usr.bin/openssl/x509.c +++ b/usr.bin/openssl/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */ +/* $OpenBSD: x509.c,v 1.3 2015/06/20 01:07:25 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -135,7 +135,7 @@ static const char *x509_usage[] = { " -set_serial - serial number to use\n", " -text - print the certificate in text form\n", " -C - print out C code forms\n", - " -md2/-md5/-sha1/-mdc2 - digest to use\n", + " -md2/-md5/-sha1 - digest to use\n", " -extfile - configuration file with X509V3 extensions to add\n", " -extensions - section from config file with X509V3 extensions to add\n", " -clrext - delete extensions before signing and input certificate\n", |