summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDoug Hogan <doug@cvs.openbsd.org>2015-06-20 01:07:26 +0000
committerDoug Hogan <doug@cvs.openbsd.org>2015-06-20 01:07:26 +0000
commit811b82a7004019fe01b0effefbf87dedcfbb1d63 (patch)
tree4bc4eefc57948fa77fa69a4e8e7029610ed7595b
parent2efa7300fb7d762cd4fcd6d6e6f4854f6969d6a2 (diff)
Remove obsolete MDC-2DES from libcrypto.
ok deraadt@ jsing@ miod@
-rw-r--r--lib/libcrypto/crypto/Makefile9
-rw-r--r--lib/libcrypto/man/Makefile3
-rw-r--r--lib/libssl/src/crypto/evp/c_all.c5
-rw-r--r--lib/libssl/src/crypto/evp/evp.h5
-rw-r--r--lib/libssl/src/crypto/evp/m_mdc2.c118
-rw-r--r--lib/libssl/src/crypto/mdc2/mdc2.h97
-rw-r--r--lib/libssl/src/crypto/mdc2/mdc2_one.c77
-rw-r--r--lib/libssl/src/crypto/mdc2/mdc2dgst.c179
-rw-r--r--lib/libssl/src/crypto/opensslfeatures.h1
-rw-r--r--lib/libssl/src/crypto/rsa/rsa_pmeth.c15
-rw-r--r--lib/libssl/src/crypto/rsa/rsa_sign.c17
-rw-r--r--lib/libssl/src/doc/apps/ca.pod2
-rw-r--r--lib/libssl/src/doc/apps/dgst.pod6
-rw-r--r--lib/libssl/src/doc/apps/openssl.pod4
-rw-r--r--lib/libssl/src/doc/apps/req.pod2
-rw-r--r--lib/libssl/src/doc/apps/speed.pod1
-rw-r--r--lib/libssl/src/doc/apps/ts.pod4
-rw-r--r--lib/libssl/src/doc/apps/x509.pod4
-rw-r--r--lib/libssl/src/doc/crypto/EVP_DigestInit.pod13
-rw-r--r--lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod2
-rw-r--r--lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod2
-rw-r--r--lib/libssl/src/doc/crypto/EVP_SignInit.pod2
-rw-r--r--lib/libssl/src/doc/crypto/EVP_VerifyInit.pod2
-rw-r--r--lib/libssl/src/doc/crypto/crypto.pod2
-rw-r--r--regress/lib/libcrypto/Makefile3
-rw-r--r--regress/lib/libcrypto/mdc2/Makefile9
-rw-r--r--regress/lib/libcrypto/mdc2/mdc2test.c123
-rw-r--r--usr.bin/openssl/openssl.110
-rw-r--r--usr.bin/openssl/req.c4
-rw-r--r--usr.bin/openssl/speed.c34
-rw-r--r--usr.bin/openssl/ts.c4
-rw-r--r--usr.bin/openssl/x509.c4
32 files changed, 43 insertions, 720 deletions
diff --git a/lib/libcrypto/crypto/Makefile b/lib/libcrypto/crypto/Makefile
index a4e65fd6a6d..d523e8029d1 100644
--- a/lib/libcrypto/crypto/Makefile
+++ b/lib/libcrypto/crypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.57 2015/04/11 16:16:15 deraadt Exp $
+# $OpenBSD: Makefile,v 1.58 2015/06/20 01:07:24 doug Exp $
LIB= crypto
@@ -146,7 +146,7 @@ SRCS+= e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c
SRCS+= e_rc4.c e_aes.c names.c
SRCS+= e_xcbc_d.c e_rc2.c e_cast.c
SRCS+= m_null.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c
-SRCS+= m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c
+SRCS+= m_dss.c m_dss1.c m_ripemd.c m_ecdsa.c
SRCS+= p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c
SRCS+= bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c
SRCS+= c_all.c evp_lib.c
@@ -180,9 +180,6 @@ SRCS+= md4_dgst.c md4_one.c
# md5/
SRCS+= md5_dgst.c md5_one.c
-# mdc2/
-SRCS+= mdc2dgst.c mdc2_one.c
-
# modes/
SRCS+= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c
@@ -292,7 +289,6 @@ SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
${LCRYPTO_SRC}/lhash \
${LCRYPTO_SRC}/md4 \
${LCRYPTO_SRC}/md5 \
- ${LCRYPTO_SRC}/mdc2 \
${LCRYPTO_SRC}/modes \
${LCRYPTO_SRC}/objects \
${LCRYPTO_SRC}/ocsp \
@@ -352,7 +348,6 @@ HDRS=\
crypto/lhash/lhash.h \
crypto/md4/md4.h \
crypto/md5/md5.h \
- crypto/mdc2/mdc2.h \
crypto/modes/modes.h \
crypto/objects/objects.h \
crypto/ocsp/ocsp.h \
diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index 872391db3ef..c968943cc03 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.20 2015/05/24 15:44:52 schwarze Exp $
+# $OpenBSD: Makefile,v 1.21 2015/06/20 01:07:24 doug Exp $
.include <bsd.own.mk> # for NOMAN
@@ -645,7 +645,6 @@ MLINKS+=\
EVP_DigestInit.3 EVP_md2.3 \
EVP_DigestInit.3 EVP_md5.3 \
EVP_DigestInit.3 EVP_md_null.3 \
- EVP_DigestInit.3 EVP_mdc2.3 \
EVP_DigestInit.3 EVP_ripemd160.3 \
EVP_DigestInit.3 EVP_sha.3 \
EVP_DigestInit.3 EVP_sha1.3 \
diff --git a/lib/libssl/src/crypto/evp/c_all.c b/lib/libssl/src/crypto/evp/c_all.c
index d794629ca87..5f9df3a7ad8 100644
--- a/lib/libssl/src/crypto/evp/c_all.c
+++ b/lib/libssl/src/crypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.16 2015/02/10 11:45:09 jsing Exp $ */
+/* $OpenBSD: c_all.c,v 1.17 2015/06/20 01:07:24 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -265,9 +265,6 @@ OpenSSL_add_all_digests(void)
EVP_add_digest(EVP_streebog256());
EVP_add_digest(EVP_streebog512());
#endif
-#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
- EVP_add_digest(EVP_mdc2());
-#endif
#ifndef OPENSSL_NO_RIPEMD
EVP_add_digest(EVP_ripemd160());
EVP_add_digest_alias(SN_ripemd160, "ripemd");
diff --git a/lib/libssl/src/crypto/evp/evp.h b/lib/libssl/src/crypto/evp/evp.h
index 330e01e0e6d..57f8753ced1 100644
--- a/lib/libssl/src/crypto/evp/evp.h
+++ b/lib/libssl/src/crypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.44 2015/02/10 11:45:09 jsing Exp $ */
+/* $OpenBSD: evp.h,v 1.45 2015/06/20 01:07:24 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -669,9 +669,6 @@ const EVP_MD *EVP_sha256(void);
const EVP_MD *EVP_sha384(void);
const EVP_MD *EVP_sha512(void);
#endif
-#ifndef OPENSSL_NO_MDC2
-const EVP_MD *EVP_mdc2(void);
-#endif
#ifndef OPENSSL_NO_RIPEMD
const EVP_MD *EVP_ripemd160(void);
#endif
diff --git a/lib/libssl/src/crypto/evp/m_mdc2.c b/lib/libssl/src/crypto/evp/m_mdc2.c
deleted file mode 100644
index cfbdfc38523..00000000000
--- a/lib/libssl/src/crypto/evp/m_mdc2.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: m_mdc2.c,v 1.15 2014/07/13 09:30:02 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_MDC2
-
-#include <openssl/evp.h>
-#include <openssl/mdc2.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
- return MDC2_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return MDC2_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return MDC2_Final(md, ctx->md_data);
-}
-
-static const EVP_MD mdc2_md = {
- .type = NID_mdc2,
- .pkey_type = NID_mdc2WithRSA,
- .md_size = MDC2_DIGEST_LENGTH,
- .flags = 0,
- .init = init,
- .update = update,
- .final = final,
- .copy = NULL,
- .cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
- .sign = (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING,
- .verify = (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING,
- .required_pkey_type = {
- EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
- },
-#endif
- .block_size = MDC2_BLOCK,
- .ctx_size = sizeof(EVP_MD *) + sizeof(MDC2_CTX),
-};
-
-const EVP_MD *
-EVP_mdc2(void)
-{
- return (&mdc2_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/mdc2/mdc2.h b/lib/libssl/src/crypto/mdc2/mdc2.h
deleted file mode 100644
index 9128eeb8781..00000000000
--- a/lib/libssl/src/crypto/mdc2/mdc2.h
+++ /dev/null
@@ -1,97 +0,0 @@
-/* $OpenBSD: mdc2.h,v 1.13 2014/07/10 22:45:57 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MDC2_H
-#define HEADER_MDC2_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/des.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MDC2
-#error MDC2 is disabled.
-#endif
-
-#define MDC2_BLOCK 8
-#define MDC2_DIGEST_LENGTH 16
-
-typedef struct mdc2_ctx_st
- {
- unsigned int num;
- unsigned char data[MDC2_BLOCK];
- DES_cblock h,hh;
- int pad_type; /* either 1 or 2, default 1 */
- } MDC2_CTX;
-
-
-int MDC2_Init(MDC2_CTX *c);
-int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
-int MDC2_Final(unsigned char *md, MDC2_CTX *c);
-unsigned char *MDC2(const unsigned char *d, size_t n,
- unsigned char *md);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/lib/libssl/src/crypto/mdc2/mdc2_one.c b/lib/libssl/src/crypto/mdc2/mdc2_one.c
deleted file mode 100644
index 8f922b1c7d3..00000000000
--- a/lib/libssl/src/crypto/mdc2/mdc2_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: mdc2_one.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/crypto.h>
-#include <openssl/mdc2.h>
-
-unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md)
- {
- MDC2_CTX c;
- static unsigned char m[MDC2_DIGEST_LENGTH];
-
- if (md == NULL) md=m;
- if (!MDC2_Init(&c))
- return NULL;
- MDC2_Update(&c,d,n);
- MDC2_Final(md,&c);
- OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
- return(md);
- }
-
diff --git a/lib/libssl/src/crypto/mdc2/mdc2dgst.c b/lib/libssl/src/crypto/mdc2/mdc2dgst.c
deleted file mode 100644
index b4b0068d59b..00000000000
--- a/lib/libssl/src/crypto/mdc2/mdc2dgst.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* $OpenBSD: mdc2dgst.c,v 1.7 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/des.h>
-#include <openssl/mdc2.h>
-
-#undef c2l
-#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<<24L)
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-int MDC2_Init(MDC2_CTX *c)
- {
- c->num=0;
- c->pad_type=1;
- memset(&(c->h[0]),0x52,MDC2_BLOCK);
- memset(&(c->hh[0]),0x25,MDC2_BLOCK);
- return 1;
- }
-
-int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
- {
- size_t i,j;
-
- i=c->num;
- if (i != 0)
- {
- if (i+len < MDC2_BLOCK)
- {
- /* partial block */
- memcpy(&(c->data[i]),in,len);
- c->num+=(int)len;
- return 1;
- }
- else
- {
- /* filled one */
- j=MDC2_BLOCK-i;
- memcpy(&(c->data[i]),in,j);
- len-=j;
- in+=j;
- c->num=0;
- mdc2_body(c,&(c->data[0]),MDC2_BLOCK);
- }
- }
- i=len&~((size_t)MDC2_BLOCK-1);
- if (i > 0) mdc2_body(c,in,i);
- j=len-i;
- if (j > 0)
- {
- memcpy(&(c->data[0]),&(in[i]),j);
- c->num=(int)j;
- }
- return 1;
- }
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
- {
- DES_LONG tin0,tin1;
- DES_LONG ttin0,ttin1;
- DES_LONG d[2],dd[2];
- DES_key_schedule k;
- unsigned char *p;
- size_t i;
-
- for (i=0; i<len; i+=8)
- {
- c2l(in,tin0); d[0]=dd[0]=tin0;
- c2l(in,tin1); d[1]=dd[1]=tin1;
- c->h[0]=(c->h[0]&0x9f)|0x40;
- c->hh[0]=(c->hh[0]&0x9f)|0x20;
-
- DES_set_odd_parity(&c->h);
- DES_set_key_unchecked(&c->h,&k);
- DES_encrypt1(d,&k,1);
-
- DES_set_odd_parity(&c->hh);
- DES_set_key_unchecked(&c->hh,&k);
- DES_encrypt1(dd,&k,1);
-
- ttin0=tin0^dd[0];
- ttin1=tin1^dd[1];
- tin0^=d[0];
- tin1^=d[1];
-
- p=c->h;
- l2c(tin0,p);
- l2c(ttin1,p);
- p=c->hh;
- l2c(ttin0,p);
- l2c(tin1,p);
- }
- }
-
-int MDC2_Final(unsigned char *md, MDC2_CTX *c)
- {
- unsigned int i;
- int j;
-
- i=c->num;
- j=c->pad_type;
- if ((i > 0) || (j == 2))
- {
- if (j == 2)
- c->data[i++]=0x80;
- memset(&(c->data[i]),0,MDC2_BLOCK-i);
- mdc2_body(c,c->data,MDC2_BLOCK);
- }
- memcpy(md,(char *)c->h,MDC2_BLOCK);
- memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK);
- return 1;
- }
diff --git a/lib/libssl/src/crypto/opensslfeatures.h b/lib/libssl/src/crypto/opensslfeatures.h
index 811fac610fe..a0fcc0078ef 100644
--- a/lib/libssl/src/crypto/opensslfeatures.h
+++ b/lib/libssl/src/crypto/opensslfeatures.h
@@ -6,6 +6,7 @@
# define OPENSSL_NO_JPAKE
# define OPENSSL_NO_KRB5
# define OPENSSL_NO_MD2
+# define OPENSSL_NO_MDC2
# define OPENSSL_NO_PSK
# define OPENSSL_NO_RC5
# define OPENSSL_NO_RFC3779
diff --git a/lib/libssl/src/crypto/rsa/rsa_pmeth.c b/lib/libssl/src/crypto/rsa/rsa_pmeth.c
index 09166e105b7..0b648138ee8 100644
--- a/lib/libssl/src/crypto/rsa/rsa_pmeth.c
+++ b/lib/libssl/src/crypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@@ -178,18 +178,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
return -1;
}
- if (EVP_MD_type(rctx->md) == NID_mdc2) {
- unsigned int sltmp;
-
- if (rctx->pad_mode != RSA_PKCS1_PADDING)
- return -1;
- ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen,
- sig, &sltmp, rsa);
-
- if (ret <= 0)
- return ret;
- ret = sltmp;
- } else if (rctx->pad_mode == RSA_X931_PADDING) {
+ if (rctx->pad_mode == RSA_X931_PADDING) {
if (!setup_tbuf(rctx, ctx))
return -1;
memcpy(rctx->tbuf, tbs, tbslen);
diff --git a/lib/libssl/src/crypto/rsa/rsa_sign.c b/lib/libssl/src/crypto/rsa/rsa_sign.c
index a446b563b32..09d8ef329db 100644
--- a/lib/libssl/src/crypto/rsa/rsa_sign.c
+++ b/lib/libssl/src/crypto/rsa/rsa_sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_sign.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.23 2015/06/20 01:07:25 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -180,21 +180,6 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
if (i <= 0)
goto err;
- /*
- * Oddball MDC2 case: signature can be OCTET STRING.
- * check for correct tag and length octets.
- */
- if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
- if (rm) {
- memcpy(rm, s + 2, 16);
- *prm_len = 16;
- ret = 1;
- } else if (memcmp(m, s + 2, 16))
- RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
- else
- ret = 1;
- }
-
/* Special case: SSL signature */
if (dtype == NID_md5_sha1) {
if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH))
diff --git a/lib/libssl/src/doc/apps/ca.pod b/lib/libssl/src/doc/apps/ca.pod
index 7294627d163..ecbe7954d65 100644
--- a/lib/libssl/src/doc/apps/ca.pod
+++ b/lib/libssl/src/doc/apps/ca.pod
@@ -159,7 +159,7 @@ the number of days to certify the certificate for.
=item B<-md alg>
-the message digest to use. Possible values include md5, sha1 and mdc2.
+the message digest to use. Possible values include md5 and sha1.
This option also applies to CRLs.
=item B<-policy arg>
diff --git a/lib/libssl/src/doc/apps/dgst.pod b/lib/libssl/src/doc/apps/dgst.pod
index da690472a3a..d8b2abc6fbd 100644
--- a/lib/libssl/src/doc/apps/dgst.pod
+++ b/lib/libssl/src/doc/apps/dgst.pod
@@ -2,12 +2,12 @@
=head1 NAME
-dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests
+dgst, md5, md4, md2, sha1, sha, ripemd160 - message digests
=head1 SYNOPSIS
B<openssl> B<dgst>
-[B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>]
+[B<-md5|-md4|-md2|-sha1|-sha|-ripemd160|-dss1>]
[B<-c>]
[B<-d>]
[B<-hex>]
@@ -22,7 +22,7 @@ B<openssl> B<dgst>
[B<-hmac key>]
[B<file...>]
-[B<md5|md4|md2|sha1|sha|mdc2|ripemd160>]
+[B<md5|md4|md2|sha1|sha|ripemd160>]
[B<-c>]
[B<-d>]
[B<file...>]
diff --git a/lib/libssl/src/doc/apps/openssl.pod b/lib/libssl/src/doc/apps/openssl.pod
index c40b50d950b..718d679dbbc 100644
--- a/lib/libssl/src/doc/apps/openssl.pod
+++ b/lib/libssl/src/doc/apps/openssl.pod
@@ -271,10 +271,6 @@ MD2 Digest
MD5 Digest
-=item B<mdc2>
-
-MDC2 Digest
-
=item B<rmd160>
RMD-160 Digest
diff --git a/lib/libssl/src/doc/apps/req.pod b/lib/libssl/src/doc/apps/req.pod
index 4f6d64766d0..3d556bd9686 100644
--- a/lib/libssl/src/doc/apps/req.pod
+++ b/lib/libssl/src/doc/apps/req.pod
@@ -387,7 +387,7 @@ option. For compatibility B<encrypt_rsa_key> is an equivalent option.
=item B<default_md>
This option specifies the digest algorithm to use. Possible values
-include B<md5 sha1 mdc2>. If not present then MD5 is used. This
+include B<md5 sha1>. If not present then MD5 is used. This
option can be overridden on the command line.
=item B<string_mask>
diff --git a/lib/libssl/src/doc/apps/speed.pod b/lib/libssl/src/doc/apps/speed.pod
index 1cd1998d167..c309d9a0603 100644
--- a/lib/libssl/src/doc/apps/speed.pod
+++ b/lib/libssl/src/doc/apps/speed.pod
@@ -9,7 +9,6 @@ speed - test library performance
B<openssl speed>
[B<-engine id>]
[B<md2>]
-[B<mdc2>]
[B<md5>]
[B<hmac>]
[B<sha1>]
diff --git a/lib/libssl/src/doc/apps/ts.pod b/lib/libssl/src/doc/apps/ts.pod
index 1abf9df566c..3075b6887a2 100644
--- a/lib/libssl/src/doc/apps/ts.pod
+++ b/lib/libssl/src/doc/apps/ts.pod
@@ -12,7 +12,7 @@ B<-query>
[B<-config> configfile]
[B<-data> file_to_hash]
[B<-digest> digest_bytes]
-[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>]
+[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>]
[B<-policy> object_id]
[B<-no_nonce>]
[B<-cert>]
@@ -124,7 +124,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
1AF601...). The number of bytes must match the message digest algorithm
in use. (Optional)
-=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>
+=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>
The message digest to apply to the data file, it supports all the message
digest algorithms that are supported by the openssl B<dgst> command.
diff --git a/lib/libssl/src/doc/apps/x509.pod b/lib/libssl/src/doc/apps/x509.pod
index e6ea9cd9d24..25471736a0e 100644
--- a/lib/libssl/src/doc/apps/x509.pod
+++ b/lib/libssl/src/doc/apps/x509.pod
@@ -50,7 +50,7 @@ B<openssl> B<x509>
[B<-CAserial filename>]
[B<-text>]
[B<-C>]
-[B<-md2|-md5|-sha1|-mdc2>]
+[B<-md2|-md5|-sha1>]
[B<-clrext>]
[B<-extfile filename>]
[B<-extensions section>]
@@ -96,7 +96,7 @@ if this option is not specified.
This specifies the output filename to write to or standard output by
default.
-=item B<-md2|-md5|-sha1|-mdc2>
+=item B<-md2|-md5|-sha1>
the digest to use. This affects any signing or display option that uses a message
digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index 4b48080b4a4..ccb19fc0a78 100644
--- a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -8,7 +8,7 @@ EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type,
EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha,
EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1,
-EVP_mdc2, EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid,
+EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid,
EVP_get_digestbyobj - EVP digest routines
=head1 SYNOPSIS
@@ -53,7 +53,6 @@ EVP_get_digestbyobj - EVP digest routines
const EVP_MD *EVP_sha1(void);
const EVP_MD *EVP_dss(void);
const EVP_MD *EVP_dss1(void);
- const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void);
const EVP_MD *EVP_sha224(void);
@@ -134,8 +133,8 @@ algorithms are no longer linked this function is only retained for
compatibility reasons.
EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
-EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
-structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
+EVP_sha384(), EVP_sha512() and EVP_ripemd160() return B<EVP_MD>
+structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512
and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
@@ -165,7 +164,7 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
EVP_MD_CTX_block_size() return the digest or block size in bytes.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
+EVP_dss1() and EVP_ripemd160() return pointers to the
corresponding EVP_MD structures.
EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
@@ -253,7 +252,7 @@ digest name passed on the command line.
=head1 SEE ALSO
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
@@ -266,7 +265,7 @@ EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
-EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
+EVP_dss(), EVP_dss1() and EVP_ripemd160() were
changed to return truely const EVP_MD * in OpenSSL 0.9.7.
The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod
index e70b88a4a9a..7fd4c22e795 100644
--- a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod
@@ -74,7 +74,7 @@ which indicates the maximum possible signature for any set of parameters.
L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod
index 9eebb15d223..0817cf0b025 100644
--- a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod
@@ -69,7 +69,7 @@ will occur.
L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
diff --git a/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/lib/libssl/src/doc/crypto/EVP_SignInit.pod
index 5a1b67e0061..9aafa3d63aa 100644
--- a/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_SignInit.pod
@@ -89,7 +89,7 @@ The previous two bugs are fixed in the newer EVP_SignDigest*() function.
L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
diff --git a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
index c665ee2ebc9..b0d3f8e4c9e 100644
--- a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
@@ -83,7 +83,7 @@ L<evp(3)|evp(3)>,
L<EVP_SignInit(3)|EVP_SignInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
diff --git a/lib/libssl/src/doc/crypto/crypto.pod b/lib/libssl/src/doc/crypto/crypto.pod
index 2349014fce5..bbd6ce9ea97 100644
--- a/lib/libssl/src/doc/crypto/crypto.pod
+++ b/lib/libssl/src/doc/crypto/crypto.pod
@@ -41,7 +41,7 @@ L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)>
=item AUTHENTICATION CODES, HASH FUNCTIONS
L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>
=item AUXILIARY FUNCTIONS
diff --git a/regress/lib/libcrypto/Makefile b/regress/lib/libcrypto/Makefile
index 3836a55d983..b2247a7b291 100644
--- a/regress/lib/libcrypto/Makefile
+++ b/regress/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.17 2014/11/18 21:52:43 miod Exp $
+# $OpenBSD: Makefile,v 1.18 2015/06/20 01:07:25 doug Exp $
SUBDIR= \
aead \
@@ -26,7 +26,6 @@ SUBDIR= \
ige \
md4 \
md5 \
- mdc2 \
pbkdf2 \
pkcs7 \
poly1305 \
diff --git a/regress/lib/libcrypto/mdc2/Makefile b/regress/lib/libcrypto/mdc2/Makefile
deleted file mode 100644
index 67764ec7df5..00000000000
--- a/regress/lib/libcrypto/mdc2/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
-# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $
-
-PROG= mdc2test
-LDADD= -lcrypto
-DPADD= ${LIBCRYPTO}
-WARNINGS= Yes
-CFLAGS+= -DLIBRESSL_INTERNAL -Werror
-
-.include <bsd.regress.mk>
diff --git a/regress/lib/libcrypto/mdc2/mdc2test.c b/regress/lib/libcrypto/mdc2/mdc2test.c
deleted file mode 100644
index aa84a3a00b7..00000000000
--- a/regress/lib/libcrypto/mdc2/mdc2test.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/mdc2/mdc2test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-#include <openssl/mdc2.h>
-
-static unsigned char pad1[16]={
- 0x42,0xE5,0x0C,0xD2,0x24,0xBA,0xCE,0xBA,
- 0x76,0x0B,0xDD,0x2B,0xD4,0x09,0x28,0x1A
- };
-
-static unsigned char pad2[16]={
- 0x2E,0x46,0x79,0xB5,0xAD,0xD9,0xCA,0x75,
- 0x35,0xD8,0x7A,0xFE,0xAB,0x33,0xBE,0xE2
- };
-
-int main(int argc, char *argv[])
- {
- int ret=0;
- unsigned char md[MDC2_DIGEST_LENGTH];
- int i;
- EVP_MD_CTX c;
- static char *text="Now is the time for all ";
-
- EVP_MD_CTX_init(&c);
- EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
- EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
- EVP_DigestFinal_ex(&c,&(md[0]),NULL);
-
- if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
- {
- for (i=0; i<MDC2_DIGEST_LENGTH; i++)
- printf("%02X",md[i]);
- printf(" <- generated\n");
- for (i=0; i<MDC2_DIGEST_LENGTH; i++)
- printf("%02X",pad1[i]);
- printf(" <- correct\n");
- ret=1;
- }
- else
- printf("pad1 - ok\n");
-
- EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
- /* FIXME: use a ctl function? */
- ((MDC2_CTX *)c.md_data)->pad_type=2;
- EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
- EVP_DigestFinal_ex(&c,&(md[0]),NULL);
-
- if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
- {
- for (i=0; i<MDC2_DIGEST_LENGTH; i++)
- printf("%02X",md[i]);
- printf(" <- generated\n");
- for (i=0; i<MDC2_DIGEST_LENGTH; i++)
- printf("%02X",pad2[i]);
- printf(" <- correct\n");
- ret=1;
- }
- else
- printf("pad2 - ok\n");
-
- EVP_MD_CTX_cleanup(&c);
- exit(ret);
- }
diff --git a/usr.bin/openssl/openssl.1 b/usr.bin/openssl/openssl.1
index c90d998cb68..51069436404 100644
--- a/usr.bin/openssl/openssl.1
+++ b/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.14 2015/06/18 11:38:41 jmc Exp $
+.\" $OpenBSD: openssl.1,v 1.15 2015/06/20 01:07:25 doug Exp $
.\" ====================================================================
.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
.\"
@@ -112,7 +112,7 @@
.\"
.\" OPENSSL
.\"
-.Dd $Mdocdate: June 18 2015 $
+.Dd $Mdocdate: June 20 2015 $
.Dt OPENSSL 1
.Os
.Sh NAME
@@ -389,8 +389,6 @@ GOST R 34.11-94 digest.
MD4 digest.
.It Cm md5
MD5 digest.
-.It Cm mdc2
-MDC-2 digest.
.It Cm ripemd160
RIPEMD-160 digest.
.It Cm sha
@@ -1814,7 +1812,7 @@ install user certificates and CAs in MSIE using the Xenroll control.
.Bk -words
.Oo
.Fl gost-mac | streebog256 | streebog512 | md_gost94 |
-.Fl md4 | md5 | mdc2 | ripemd160 | sha | sha1 |
+.Fl md4 | md5 | ripemd160 | sha | sha1 |
.Fl sha224 | sha256 | sha384 | sha512 | whirlpool
.Oc
.Op Fl binary
@@ -1838,7 +1836,7 @@ install user certificates and CAs in MSIE using the Xenroll control.
.Pp
.Nm openssl
.Cm gost-mac | streebog256 | streebog512 | md_gost94 |
-.Cm md4 | md5 | mdc2 | ripemd160 | sha | sha1 |
+.Cm md4 | md5 | ripemd160 | sha | sha1 |
.Cm sha224 | sha256 | sha384 | sha512 | whirlpool
.Op Fl c
.Op Fl d
diff --git a/usr.bin/openssl/req.c b/usr.bin/openssl/req.c
index 1d505240522..93742971ff9 100644
--- a/usr.bin/openssl/req.c
+++ b/usr.bin/openssl/req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: req.c,v 1.4 2014/10/16 10:43:54 jsing Exp $ */
+/* $OpenBSD: req.c,v 1.5 2015/06/20 01:07:25 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -379,7 +379,7 @@ bad:
BIO_printf(bio_err, " -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
BIO_printf(bio_err, " -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
BIO_printf(bio_err, " -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n");
- BIO_printf(bio_err, " -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
+ BIO_printf(bio_err, " -[digest] Digest to sign with (md5, sha1, md4)\n");
BIO_printf(bio_err, " -config file request template file.\n");
BIO_printf(bio_err, " -subj arg set or modify request subject\n");
BIO_printf(bio_err, " -multivalue-rdn enable support for multivalued RDNs\n");
diff --git a/usr.bin/openssl/speed.c b/usr.bin/openssl/speed.c
index 8795d6c4346..236e0267bba 100644
--- a/usr.bin/openssl/speed.c
+++ b/usr.bin/openssl/speed.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: speed.c,v 1.5 2015/02/08 10:22:45 doug Exp $ */
+/* $OpenBSD: speed.c,v 1.6 2015/06/20 01:07:25 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -124,9 +124,6 @@
#ifndef OPENSSL_NO_IDEA
#include <openssl/idea.h>
#endif
-#ifndef OPENSSL_NO_MDC2
-#include <openssl/mdc2.h>
-#endif
#ifndef OPENSSL_NO_MD4
#include <openssl/md4.h>
#endif
@@ -179,7 +176,7 @@ static int do_multi(int multi);
#define MAX_ECDH_SIZE 256
static const char *names[ALGOR_NUM] = {
- "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
+ "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
"des cbc", "des ede3", "idea cbc", "seed cbc",
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
@@ -241,9 +238,6 @@ speed_main(int argc, char **argv)
long rsa_count;
unsigned rsa_num;
unsigned char md[EVP_MAX_MD_SIZE];
-#ifndef OPENSSL_NO_MDC2
- unsigned char mdc2[MDC2_DIGEST_LENGTH];
-#endif
#ifndef OPENSSL_NO_MD4
unsigned char md4[MD4_DIGEST_LENGTH];
#endif
@@ -331,7 +325,6 @@ speed_main(int argc, char **argv)
CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
#endif
#define D_MD2 0
-#define D_MDC2 1
#define D_MD4 2
#define D_MD5 3
#define D_HMAC 4
@@ -586,11 +579,6 @@ speed_main(int argc, char **argv)
j--; /* Otherwise, -mr gets confused with an
* algorithm. */
} else
-#ifndef OPENSSL_NO_MDC2
- if (strcmp(*argv, "mdc2") == 0)
- doit[D_MDC2] = 1;
- else
-#endif
#ifndef OPENSSL_NO_MD4
if (strcmp(*argv, "md4") == 0)
doit[D_MD4] = 1;
@@ -844,9 +832,6 @@ speed_main(int argc, char **argv)
BIO_printf(bio_err, "Error: bad option or value\n");
BIO_printf(bio_err, "\n");
BIO_printf(bio_err, "Available values:\n");
-#ifndef OPENSSL_NO_MDC2
- BIO_printf(bio_err, "mdc2 ");
-#endif
#ifndef OPENSSL_NO_MD4
BIO_printf(bio_err, "md4 ");
#endif
@@ -871,7 +856,7 @@ speed_main(int argc, char **argv)
#ifndef OPENSSL_NO_RIPEMD160
BIO_printf(bio_err, "rmd160");
#endif
-#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
+#if !defined(OPENSSL_NO_MD2) || \
!defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
!defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
!defined(OPENSSL_NO_WHIRLPOOL)
@@ -1042,19 +1027,6 @@ speed_main(int argc, char **argv)
#define COUNT(d) (count)
signal(SIGALRM, sig_done);
-#ifndef OPENSSL_NO_MDC2
- if (doit[D_MDC2]) {
- for (j = 0; j < SIZE_NUM; j++) {
- print_message(names[D_MDC2], c[D_MDC2][j], lengths[j]);
- Time_F(START);
- for (count = 0, run = 1; COND(c[D_MDC2][j]); count++)
- EVP_Digest(buf, (unsigned long) lengths[j], &(mdc2[0]), NULL, EVP_mdc2(), NULL);
- d = Time_F(STOP);
- print_result(D_MDC2, j, count, d);
- }
- }
-#endif
-
#ifndef OPENSSL_NO_MD4
if (doit[D_MD4]) {
for (j = 0; j < SIZE_NUM; j++) {
diff --git a/usr.bin/openssl/ts.c b/usr.bin/openssl/ts.c
index cd7d9cc81e0..341d9395c76 100644
--- a/usr.bin/openssl/ts.c
+++ b/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */
+/* $OpenBSD: ts.c,v 1.4 2015/06/20 01:07:25 doug Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
@@ -306,7 +306,7 @@ usage:
BIO_printf(bio_err, "usage:\n"
"ts -query [-config configfile] "
"[-data file_to_hash] [-digest digest_bytes]"
- "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
+ "[-md2|-md4|-md5|-sha|-sha1|-ripemd160] "
"[-policy object_id] [-no_nonce] [-cert] "
"[-in request.tsq] [-out request.tsq] [-text]\n");
BIO_printf(bio_err, "or\n"
diff --git a/usr.bin/openssl/x509.c b/usr.bin/openssl/x509.c
index db3173e74d2..0e4d7dcd775 100644
--- a/usr.bin/openssl/x509.c
+++ b/usr.bin/openssl/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */
+/* $OpenBSD: x509.c,v 1.3 2015/06/20 01:07:25 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -135,7 +135,7 @@ static const char *x509_usage[] = {
" -set_serial - serial number to use\n",
" -text - print the certificate in text form\n",
" -C - print out C code forms\n",
- " -md2/-md5/-sha1/-mdc2 - digest to use\n",
+ " -md2/-md5/-sha1 - digest to use\n",
" -extfile - configuration file with X509V3 extensions to add\n",
" -extensions - section from config file with X509V3 extensions to add\n",
" -clrext - delete extensions before signing and input certificate\n",