Remove RSA_FLAG_SIGN_VER flag.
Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary compatibility after RSA_METHOD was extended to include rsa_sign and rsa_verify fields. It is no longer needed. Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
parent
a1d3f3d1d0
commit
19c6d3ea2d
4 changed files with 4 additions and 19 deletions
|
@ -77,7 +77,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
|
||||||
const unsigned char *s = NULL;
|
const unsigned char *s = NULL;
|
||||||
X509_ALGOR algor;
|
X509_ALGOR algor;
|
||||||
ASN1_OCTET_STRING digest;
|
ASN1_OCTET_STRING digest;
|
||||||
if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) {
|
if (rsa->meth->rsa_sign) {
|
||||||
return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
|
return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
|
||||||
}
|
}
|
||||||
/* Special case: SSL signature, just check the length */
|
/* Special case: SSL signature, just check the length */
|
||||||
|
@ -271,7 +271,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
|
||||||
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
|
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
|
||||||
{
|
{
|
||||||
|
|
||||||
if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
|
if (rsa->meth->rsa_verify) {
|
||||||
return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
|
return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -115,22 +115,15 @@ the default method is used.
|
||||||
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
|
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
|
||||||
* operations, even if p,q,dmp1,dmq1,iqmp
|
* operations, even if p,q,dmp1,dmq1,iqmp
|
||||||
* are NULL
|
* are NULL
|
||||||
* RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
|
|
||||||
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
|
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
|
||||||
*/
|
*/
|
||||||
int flags;
|
int flags;
|
||||||
|
|
||||||
char *app_data; /* ?? */
|
char *app_data; /* ?? */
|
||||||
|
|
||||||
/* sign. For backward compatibility, this is used only
|
|
||||||
* if (flags & RSA_FLAG_SIGN_VER)
|
|
||||||
*/
|
|
||||||
int (*rsa_sign)(int type,
|
int (*rsa_sign)(int type,
|
||||||
const unsigned char *m, unsigned int m_length,
|
const unsigned char *m, unsigned int m_length,
|
||||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||||
/* verify. For backward compatibility, this is used only
|
|
||||||
* if (flags & RSA_FLAG_SIGN_VER)
|
|
||||||
*/
|
|
||||||
int (*rsa_verify)(int dtype,
|
int (*rsa_verify)(int dtype,
|
||||||
const unsigned char *m, unsigned int m_length,
|
const unsigned char *m, unsigned int m_length,
|
||||||
const unsigned char *sigbuf, unsigned int siglen,
|
const unsigned char *sigbuf, unsigned int siglen,
|
||||||
|
|
|
@ -436,7 +436,7 @@ static RSA_METHOD capi_rsa_method = {
|
||||||
0, /* bn_mod_exp */
|
0, /* bn_mod_exp */
|
||||||
0, /* init */
|
0, /* init */
|
||||||
capi_rsa_free, /* finish */
|
capi_rsa_free, /* finish */
|
||||||
RSA_FLAG_SIGN_VER, /* flags */
|
0, /* flags */
|
||||||
NULL, /* app_data */
|
NULL, /* app_data */
|
||||||
capi_rsa_sign, /* rsa_sign */
|
capi_rsa_sign, /* rsa_sign */
|
||||||
0 /* rsa_verify */
|
0 /* rsa_verify */
|
||||||
|
|
|
@ -107,9 +107,7 @@ struct rsa_meth_st {
|
||||||
* New sign and verify functions: some libraries don't allow arbitrary
|
* New sign and verify functions: some libraries don't allow arbitrary
|
||||||
* data to be signed/verified: this allows them to be used. Note: for
|
* data to be signed/verified: this allows them to be used. Note: for
|
||||||
* this to work the RSA_public_decrypt() and RSA_private_encrypt() should
|
* this to work the RSA_public_decrypt() and RSA_private_encrypt() should
|
||||||
* *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
|
* *NOT* be used RSA_sign(), RSA_verify() should be used instead.
|
||||||
* for backwards compatibility this functionality is only enabled if the
|
|
||||||
* RSA_FLAG_SIGN_VER option is set in 'flags'.
|
|
||||||
*/
|
*/
|
||||||
int (*rsa_sign) (int type,
|
int (*rsa_sign) (int type,
|
||||||
const unsigned char *m, unsigned int m_length,
|
const unsigned char *m, unsigned int m_length,
|
||||||
|
@ -195,12 +193,6 @@ struct rsa_st {
|
||||||
*/
|
*/
|
||||||
# define RSA_FLAG_EXT_PKEY 0x0020
|
# define RSA_FLAG_EXT_PKEY 0x0020
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
|
|
||||||
* functions.
|
|
||||||
*/
|
|
||||||
# define RSA_FLAG_SIGN_VER 0x0040
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* new with 0.9.6j and 0.9.7b; the built-in
|
* new with 0.9.6j and 0.9.7b; the built-in
|
||||||
* RSA implementation now uses blinding by
|
* RSA implementation now uses blinding by
|
||||||
|
|
Loading…
Reference in a new issue