summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--apps/pkcs12.c2
-rw-r--r--apps/progs.h14
-rw-r--r--apps/progs.pl34
-rw-r--r--apps/speed.c50
-rw-r--r--crypto/asn1/x_crl.c2
-rw-r--r--crypto/bn/bn_rand.c2
-rw-r--r--crypto/dsa/dsa_depr.c33
-rw-r--r--crypto/dsa/dsa_gen.c30
-rw-r--r--crypto/dsa/dsa_key.c8
-rw-r--r--crypto/dsa/dsa_ossl.c5
-rw-r--r--crypto/ecdh/ecdhtest.c7
-rw-r--r--crypto/ecdsa/ecs_ossl.c5
-rw-r--r--crypto/engine/eng_openssl.c7
-rw-r--r--crypto/evp/Makefile17
-rw-r--r--crypto/evp/c_allc.c4
-rw-r--r--crypto/evp/c_alld.c12
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha1.c2
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha256.c2
-rw-r--r--crypto/evp/e_des3.c4
-rw-r--r--crypto/evp/evp.h12
-rw-r--r--crypto/evp/m_dss.c2
-rw-r--r--crypto/evp/m_dss1.c15
-rw-r--r--crypto/evp/m_ecdsa.c3
-rw-r--r--crypto/evp/m_sha.c105
-rw-r--r--crypto/evp/m_sha1.c19
-rw-r--r--crypto/evp/p5_crpt2.c2
-rw-r--r--crypto/evp/p5_crpt2_test.c15
-rw-r--r--crypto/lhash/lhash.h4
-rw-r--r--crypto/ocsp/ocsp_lib.c2
-rw-r--r--crypto/rand/rand_lcl.h12
-rw-r--r--crypto/rsa/rsa_eay.c4
-rw-r--r--crypto/rsa/rsa_oaep.c21
-rw-r--r--crypto/sha/Makefile15
-rw-r--r--crypto/sha/sha.h45
-rw-r--r--crypto/sha/sha1_one.c2
-rw-r--r--crypto/sha/sha1dgst.c6
-rw-r--r--crypto/sha/sha1test.c44
-rw-r--r--crypto/sha/sha256.c64
-rw-r--r--crypto/sha/sha256t.c9
-rw-r--r--crypto/sha/sha512.c169
-rw-r--r--crypto/sha/sha512t.c9
-rw-r--r--crypto/sha/sha_dgst.c74
-rw-r--r--crypto/sha/sha_locl.h38
-rw-r--r--crypto/sha/sha_one.c79
-rw-r--r--crypto/sha/shatest.c174
-rw-r--r--crypto/x509/x509.h8
-rw-r--r--crypto/x509/x509_cmp.c4
-rw-r--r--crypto/x509v3/v3_purp.c2
-rw-r--r--doc/crypto/EVP_DigestInit.pod11
-rw-r--r--engines/e_sureware.c2
-rwxr-xr-xmakevms.com6
-rw-r--r--ssl/s3_cbc.c21
-rw-r--r--ssl/s3_clnt.c4
-rw-r--r--ssl/s3_srvr.c2
-rw-r--r--ssl/ssl_algs.c17
-rw-r--r--ssl/ssl_locl.h5
-rw-r--r--ssl/t1_lib.c22
-rwxr-xr-xutil/mk1mf.pl13
-rwxr-xr-xutil/mkdef.pl1
59 files changed, 240 insertions, 1062 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 1e26c1333b..0de46f008d 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -58,7 +58,7 @@
*/
#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+#if !defined(OPENSSL_NO_DES)
# include <stdio.h>
# include <stdlib.h>
diff --git a/apps/progs.h b/apps/progs.h
index c66da3036b..9a8a1923ee 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -128,7 +128,7 @@ FUNCTION functions[] = {
{FUNC_TYPE_GENERAL, "ciphers", ciphers_main},
#endif
{FUNC_TYPE_GENERAL, "nseq", nseq_main},
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+#if !defined(OPENSSL_NO_DES)
{FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main},
#endif
{FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main},
@@ -158,30 +158,18 @@ FUNCTION functions[] = {
#ifndef OPENSSL_NO_MD5
{FUNC_TYPE_MD, "md5", dgst_main},
#endif
-#ifndef OPENSSL_NO_SHA
{FUNC_TYPE_MD, "sha", dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA1
{FUNC_TYPE_MD, "sha1", dgst_main},
-#endif
#ifndef OPENSSL_NO_MDC2
{FUNC_TYPE_MD, "mdc2", dgst_main},
#endif
#ifndef OPENSSL_NO_RMD160
{FUNC_TYPE_MD, "rmd160", dgst_main},
#endif
-#ifndef OPENSSL_NO_SHA224
{FUNC_TYPE_MD, "sha224", dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA256
{FUNC_TYPE_MD, "sha256", dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA384
{FUNC_TYPE_MD, "sha384", dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA512
{FUNC_TYPE_MD, "sha512", dgst_main},
-#endif
#ifndef OPENSSL_NO_AES
{FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main},
#endif
diff --git a/apps/progs.pl b/apps/progs.pl
index 8695742f28..09dd00b7ee 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -6,22 +6,22 @@ print "/* automatically generated by progs.pl for openssl.c */\n\n";
grep(s/^asn1pars$/asn1parse/,@ARGV);
foreach (@ARGV)
- { printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+ { printf "extern int %s_main(int argc, char *argv[]);\n",$_; }
print <<'EOF';
-#define FUNC_TYPE_GENERAL 1
-#define FUNC_TYPE_MD 2
-#define FUNC_TYPE_CIPHER 3
-#define FUNC_TYPE_PKEY 4
-#define FUNC_TYPE_MD_ALG 5
-#define FUNC_TYPE_CIPHER_ALG 6
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+#define FUNC_TYPE_PKEY 4
+#define FUNC_TYPE_MD_ALG 5
+#define FUNC_TYPE_CIPHER_ALG 6
typedef struct {
- int type;
- const char *name;
- int (*func)(int argc,char *argv[]);
- } FUNCTION;
+ int type;
+ const char *name;
+ int (*func) (int argc, char *argv[]);
+} FUNCTION;
DECLARE_LHASH_OF(FUNCTION);
FUNCTION functions[] = {
@@ -30,7 +30,7 @@ EOF
foreach (@ARGV)
{
push(@files,$_);
- $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+ $str=" {FUNC_TYPE_GENERAL, \"$_\", ${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
{ print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; }
elsif ( ($_ =~ /^engine$/))
@@ -44,7 +44,7 @@ foreach (@ARGV)
elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
elsif ( ($_ =~ /^pkcs12$/))
- { print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
+ { print "#if !defined(OPENSSL_NO_DES)\n${str}#endif\n"; }
elsif ( ($_ =~ /^cms$/))
{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
elsif ( ($_ =~ /^ocsp$/))
@@ -58,7 +58,9 @@ foreach (@ARGV)
foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160","sha224","sha256","sha384","sha512")
{
push(@files,$_);
- printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
+ printf "#ifndef OPENSSL_NO_".uc($_)."\n" if ! /sha/;
+ printf " {FUNC_TYPE_MD, \"".$_."\", dgst_main},\n";
+ printf "#endif\n" if ! /sha/;
}
foreach (
@@ -84,7 +86,7 @@ foreach (
{
push(@files,$_);
- $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+ $t=sprintf(" {FUNC_TYPE_CIPHER, \"%s\", enc_main},\n", $_);
if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
@@ -99,4 +101,4 @@ foreach (
print $t;
}
-print "\t{0,NULL,NULL}\n\t};\n";
+print " {0, NULL, NULL}\n};\n";
diff --git a/apps/speed.c b/apps/speed.c
index f5af9a345e..419dced807 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -137,9 +137,7 @@
# include <openssl/hmac.h>
#endif
#include <openssl/evp.h>
-#ifndef OPENSSL_NO_SHA
# include <openssl/sha.h>
-#endif
#ifndef OPENSSL_NO_RMD160
# include <openssl/ripemd.h>
#endif
@@ -339,15 +337,10 @@ static const int KDF1_SHA1_len = 20;
static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
size_t *outlen)
{
-# ifndef OPENSSL_NO_SHA
if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
- else
- *outlen = SHA_DIGEST_LENGTH;
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
-# else
- return NULL;
-# endif /* OPENSSL_NO_SHA */
}
#endif /* OPENSSL_NO_ECDH */
@@ -382,15 +375,9 @@ int MAIN(int argc, char **argv)
unsigned char md5[MD5_DIGEST_LENGTH];
unsigned char hmac[MD5_DIGEST_LENGTH];
#endif
-#ifndef OPENSSL_NO_SHA
unsigned char sha[SHA_DIGEST_LENGTH];
-# ifndef OPENSSL_NO_SHA256
unsigned char sha256[SHA256_DIGEST_LENGTH];
-# endif
-# ifndef OPENSSL_NO_SHA512
unsigned char sha512[SHA512_DIGEST_LENGTH];
-# endif
-#endif
#ifndef OPENSSL_NO_WHIRLPOOL
unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
#endif
@@ -827,23 +814,15 @@ int MAIN(int argc, char **argv)
doit[D_HMAC] = 1;
else
#endif
-#ifndef OPENSSL_NO_SHA
if (strcmp(*argv, "sha1") == 0)
doit[D_SHA1] = 1;
else if (strcmp(*argv, "sha") == 0)
doit[D_SHA1] = 1, doit[D_SHA256] = 1, doit[D_SHA512] = 1;
- else
-# ifndef OPENSSL_NO_SHA256
- if (strcmp(*argv, "sha256") == 0)
+ else if (strcmp(*argv, "sha256") == 0)
doit[D_SHA256] = 1;
- else
-# endif
-# ifndef OPENSSL_NO_SHA512
- if (strcmp(*argv, "sha512") == 0)
+ else if (strcmp(*argv, "sha512") == 0)
doit[D_SHA512] = 1;
else
-# endif
-#endif
#ifndef OPENSSL_NO_WHIRLPOOL
if (strcmp(*argv, "whirlpool") == 0)
doit[D_WHIRLPOOL] = 1;
@@ -1110,27 +1089,16 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "hmac ");
# endif
#endif
-#ifndef OPENSSL_NO_SHA1
BIO_printf(bio_err, "sha1 ");
-#endif
-#ifndef OPENSSL_NO_SHA256
BIO_printf(bio_err, "sha256 ");
-#endif
-#ifndef OPENSSL_NO_SHA512
BIO_printf(bio_err, "sha512 ");
-#endif
#ifndef OPENSSL_NO_WHIRLPOOL
BIO_printf(bio_err, "whirlpool");
#endif
#ifndef OPENSSL_NO_RMD160
BIO_printf(bio_err, "rmd160");
#endif
-#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
- !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
- !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RMD160) || \
- !defined(OPENSSL_NO_WHIRLPOOL)
BIO_printf(bio_err, "\n");
-#endif
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err, "idea-cbc ");
@@ -1660,23 +1628,16 @@ int MAIN(int argc, char **argv)
HMAC_CTX_cleanup(&hctx);
}
#endif
-#ifndef OPENSSL_NO_SHA
if (doit[D_SHA1]) {
for (j = 0; j < SIZE_NUM; j++) {
print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
Time_F(START);
for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
-# if 0
- EVP_Digest(buf, (unsigned long)lengths[j], &(sha[0]), NULL,
- EVP_sha1(), NULL);
-# else
SHA1(buf, lengths[j], sha);
-# endif
d = Time_F(STOP);
print_result(D_SHA1, j, count, d);
}
}
-# ifndef OPENSSL_NO_SHA256
if (doit[D_SHA256]) {
for (j = 0; j < SIZE_NUM; j++) {
print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
@@ -1687,9 +1648,6 @@ int MAIN(int argc, char **argv)
print_result(D_SHA256, j, count, d);
}
}
-# endif
-
-# ifndef OPENSSL_NO_SHA512
if (doit[D_SHA512]) {
for (j = 0; j < SIZE_NUM; j++) {
print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
@@ -1700,8 +1658,6 @@ int MAIN(int argc, char **argv)
print_result(D_SHA512, j, count, d);
}
}
-# endif
-#endif
#ifndef OPENSSL_NO_WHIRLPOOL
if (doit[D_WHIRLPOOL]) {
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index 027950330d..79eab4f398 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -220,9 +220,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
break;
case ASN1_OP_D2I_POST:
-#ifndef OPENSSL_NO_SHA
X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
-#endif
crl->idp = X509_CRL_get_ext_d2i(crl,
NID_issuing_distribution_point, NULL,
NULL);
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index de6028698e..ecdce9ff14 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -289,7 +289,6 @@ int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
return bn_rand_range(1, r, range);
}
-#ifndef OPENSSL_NO_SHA512
/*
* BN_generate_dsa_nonce generates a random number 0 <= out < range. Unlike
* BN_rand_range, it also includes the contents of |priv| and |message| in
@@ -362,4 +361,3 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
OPENSSL_free(k_bytes);
return ret;
}
-#endif /* OPENSSL_NO_SHA512 */
diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c
index b3d0fab14b..be1df138cb 100644
--- a/crypto/dsa/dsa_depr.c
+++ b/crypto/dsa/dsa_depr.c
@@ -58,37 +58,25 @@
* version(s).
*/
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/*
- * Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
- */
-# define HASH EVP_sha()
-#else
/*
* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
* also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
* 180-1)
*/
-# define HASH EVP_sha1()
-#endif
+#define xxxHASH EVP_sha1()
static void *dummy = &dummy;
-#ifndef OPENSSL_NO_SHA
-
-# include <stdio.h>
-# include <time.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
-# ifndef OPENSSL_NO_DEPRECATED
+#ifndef OPENSSL_NO_DEPRECATED
DSA *DSA_generate_parameters(int bits,
unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret,
@@ -117,5 +105,4 @@ DSA *DSA_generate_parameters(int bits,
DSA_free(ret);
return NULL;
}
-# endif
#endif
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 5e92d93d9a..37b23c9f41 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -56,35 +56,23 @@
* [including the GNU Public Licence.]
*/
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/*
- * Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
- */
-# define HASH EVP_sha()
-#else
/*
* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
* also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
* 180-1)
*/
-# define HASH EVP_sha1()
-#endif
+#define xxxHASH EVP_sha1()
#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
-#ifndef OPENSSL_NO_SHA
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
-
-# include "dsa_locl.h"
+#include "dsa_locl.h"
int DSA_generate_parameters_ex(DSA *ret, int bits,
const unsigned char *seed_in, int seed_len,
@@ -714,5 +702,3 @@ int dsa_paramgen_check_g(DSA *dsa)
return rv;
}
-
-#endif
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 8584963609..1c05b0f80d 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -59,10 +59,9 @@
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
-#ifndef OPENSSL_NO_SHA
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/rand.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
static int dsa_builtin_keygen(DSA *dsa);
@@ -133,4 +132,3 @@ static int dsa_builtin_keygen(DSA *dsa)
BN_CTX_free(ctx);
return (ok);
}
-#endif
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index bd83227549..96f5d6fed1 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -258,7 +258,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
/* Get random k */
do {
-#ifndef OPENSSL_NO_SHA512
if (dgst != NULL) {
/*
* We calculate k from SHA512(private_key + H(message) + random).
@@ -267,9 +266,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
if (!BN_generate_dsa_nonce(k, dsa->q, dsa->priv_key, dgst,
dlen, ctx))
goto err;
- } else
-#endif
- if (!BN_rand_range(k, dsa->q))
+ } else if (!BN_rand_range(k, dsa->q))
goto err;
} while (BN_is_zero(k));
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index a791d63ca7..04b0cf30d0 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -103,15 +103,10 @@ static const int KDF1_SHA1_len = 20;
static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
size_t *outlen)
{
-# ifndef OPENSSL_NO_SHA
if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
- else
- *outlen = SHA_DIGEST_LENGTH;
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
-# else
- return NULL;
-# endif
}
static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 95d9dadc84..c232321cf9 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -140,7 +140,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
do {
/* get random k */
do
-#ifndef OPENSSL_NO_SHA512
if (dgst != NULL) {
if (!BN_generate_dsa_nonce
(k, order, EC_KEY_get0_private_key(eckey), dgst, dlen,
@@ -149,9 +148,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}
- } else
-#endif
- {
+ } else {
if (!BN_rand_range(k, order)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index 19c5213b5b..3e12ecf760 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -108,13 +108,6 @@
# undef TEST_ENG_OPENSSL_RC4_P_INIT
# undef TEST_ENG_OPENSSL_RC4_P_CIPHER
#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
-# undef TEST_ENG_OPENSSL_SHA
-# undef TEST_ENG_OPENSSL_SHA_OTHERS
-# undef TEST_ENG_OPENSSL_SHA_P_INIT
-# undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-# undef TEST_ENG_OPENSSL_SHA_P_FINAL
-#endif
#ifdef TEST_ENG_OPENSSL_RC4
static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile
index fd5727dd45..f882096ceb 100644
--- a/crypto/evp/Makefile
+++ b/crypto/evp/Makefile
@@ -22,7 +22,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
- m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
+ m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
@@ -35,7 +35,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
- m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
+ m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
@@ -568,19 +568,6 @@ m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
-m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index 0a1f90a079..174a419883 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -214,14 +214,10 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher(EVP_aes_256_wrap_pad());
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-# endif
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-# endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index 7e1200b157..0d4278b86a 100644
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -71,13 +71,6 @@ void OpenSSL_add_all_digests(void)
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5, "ssl3-md5");
#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
- EVP_add_digest(EVP_sha());
-# ifndef OPENSSL_NO_DSA
- EVP_add_digest(EVP_dss());
-# endif
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
@@ -90,7 +83,6 @@ void OpenSSL_add_all_digests(void)
# ifndef OPENSSL_NO_ECDSA
EVP_add_digest(EVP_ecdsa());
# endif
-#endif
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
EVP_add_digest(EVP_mdc2());
#endif
@@ -99,14 +91,10 @@ void OpenSSL_add_all_digests(void)
EVP_add_digest_alias(SN_ripemd160, "ripemd");
EVP_add_digest_alias(SN_ripemd160, "rmd160");
#endif
-#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
-#endif
#ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool());
#endif
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index e0127a9bb2..960be3cdbc 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -52,7 +52,7 @@
#include <stdio.h>
#include <string.h>
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
+#if !defined(OPENSSL_NO_AES)
# include <openssl/evp.h>
# include <openssl/objects.h>
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 598c096d9e..bea8f6dd50 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -52,7 +52,7 @@
#include <stdio.h>
#include <string.h>
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256)
+#if !defined(OPENSSL_NO_AES)
# include <openssl/evp.h>
# include <openssl/objects.h>
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 0627a63b55..73d792304f 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -374,9 +374,8 @@ const EVP_CIPHER *EVP_des_ede3(void)
return &des_ede3_ecb;
}
-# ifndef OPENSSL_NO_SHA
-# include <openssl/sha.h>
+# include <openssl/sha.h>
static const unsigned char wrap_iv[8] =
{ 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
@@ -482,5 +481,4 @@ const EVP_CIPHER *EVP_des_ede3_wrap(void)
return &des3_wrap;
}
-# endif
#endif
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 7a95de0b1d..ca7447f540 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -759,21 +759,13 @@ const EVP_MD *EVP_md4(void);
# ifndef OPENSSL_NO_MD5
const EVP_MD *EVP_md5(void);
# endif
-# ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha(void);
const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss(void);
const EVP_MD *EVP_dss1(void);
const EVP_MD *EVP_ecdsa(void);
-# endif
-# ifndef OPENSSL_NO_SHA256
const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void);
-# endif
-# ifndef OPENSSL_NO_SHA512
const EVP_MD *EVP_sha384(void);
const EVP_MD *EVP_sha512(void);
-# endif
# ifndef OPENSSL_NO_MDC2
const EVP_MD *EVP_mdc2(void);
# endif
@@ -917,14 +909,10 @@ const EVP_CIPHER *EVP_aes_256_wrap_pad(void);
# ifndef OPENSSL_NO_OCB
const EVP_CIPHER *EVP_aes_256_ocb(void);
# endif
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
-# endif
-# ifndef OPENSSL_NO_SHA256
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
-# endif
# endif
# ifndef OPENSSL_NO_CAMELLIA
const EVP_CIPHER *EVP_camellia_128_ecb(void);
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
index 221eda4cf7..7fa1ca36e6 100644
--- a/crypto/evp/m_dss.c
+++ b/crypto/evp/m_dss.c
@@ -65,7 +65,6 @@
# include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_SHA
static int init(EVP_MD_CTX *ctx)
{
@@ -101,4 +100,3 @@ const EVP_MD *EVP_dss(void)
{
return (&dsa_md);
}
-#endif
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
index a80a865769..41b837cd77 100644
--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
@@ -59,14 +59,12 @@
#include <stdio.h>
#include "cryptlib.h"
-#ifndef OPENSSL_NO_SHA
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/sha.h>
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/sha.h>
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
static int init(EVP_MD_CTX *ctx)
{
@@ -102,4 +100,3 @@ const EVP_MD *EVP_dss1(void)
{
return (&dss1_md);
}
-#endif
diff --git a/crypto/evp/m_ecdsa.c b/crypto/evp/m_ecdsa.c
index b774e41fda..181f19f744 100644
--- a/crypto/evp/m_ecdsa.c
+++ b/crypto/evp/m_ecdsa.c
@@ -115,8 +115,6 @@
#include <openssl/objects.h>
#include <openssl/sha.h>
-#ifndef OPENSSL_NO_SHA
-
static int init(EVP_MD_CTX *ctx)
{
return SHA1_Init(ctx->md_data);
@@ -151,4 +149,3 @@ const EVP_MD *EVP_ecdsa(void)
{
return (&ecdsa_md);
}
-#endif
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c
deleted file mode 100644
index 548fae424c..0000000000
--- a/crypto/evp/m_sha.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/evp/m_sha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
-
-static int init(EVP_MD_CTX *ctx)
-{
- return SHA_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha_md = {
- NID_sha,
- NID_shaWithRSAEncryption,
- SHA_DIGEST_LENGTH,
- 0,
- init,
- update,
- final,
- NULL,
- NULL,
- EVP_PKEY_RSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_sha(void)
-{
- return (&sha_md);
-}
-#endif
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index 83edc40638..9ab8c9093e 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -59,14 +59,12 @@
#include <stdio.h>
#include "cryptlib.h"
-#ifndef OPENSSL_NO_SHA
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/sha.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/sha.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
static int init(EVP_MD_CTX *ctx)
{
@@ -102,9 +100,7 @@ const EVP_MD *EVP_sha1(void)
{
return (&sha1_md);
}
-#endif
-#ifndef OPENSSL_NO_SHA256
static int init224(EVP_MD_CTX *ctx)
{
return SHA224_Init(ctx->md_data);
@@ -169,9 +165,7 @@ const EVP_MD *EVP_sha256(void)
{
return (&sha256_md);
}
-#endif /* ifndef OPENSSL_NO_SHA256 */
-#ifndef OPENSSL_NO_SHA512
static int init384(EVP_MD_CTX *ctx)
{
return SHA384_Init(ctx->md_data);
@@ -232,4 +226,3 @@ const EVP_MD *EVP_sha512(void)
{
return (&sha512_md);
}
-#endif /* ifndef OPENSSL_NO_SHA512 */
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index f2ae1e5790..b9c4dcbeda 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include <stdlib.h>
#include "cryptlib.h"
-#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
+#if !defined(OPENSSL_NO_HMAC)
# include <openssl/x509.h>
# include <openssl/evp.h>
# include <openssl/hmac.h>
diff --git a/crypto/evp/p5_crpt2_test.c b/crypto/evp/p5_crpt2_test.c
index 451c580a07..01661b15ed 100644
--- a/crypto/evp/p5_crpt2_test.c
+++ b/crypto/evp/p5_crpt2_test.c
@@ -60,14 +60,6 @@
#include <openssl/err.h>
#include <openssl/conf.h>
-#ifdef OPENSSL_NO_SHA
-int main(int argc, char *argv[])
-{
- printf("No SHA support\n");
- return (0);
-}
-#else
-
typedef struct {
const char *pass;
int passlen;
@@ -200,15 +192,9 @@ int main(int argc, char **argv)
printf("PKCS5_PBKDF2_HMAC() tests ");
for (i = 0; test->pass != NULL; i++, test++) {
-# ifndef OPENSSL_NO_SHA0
test_p5_pbkdf2(i, "sha1", test, sha1_results[i]);
-# endif
-# ifndef OPENSSL_NO_SHA256
test_p5_pbkdf2(i, "sha256", test, sha256_results[i]);
-# endif
-# ifndef OPENSSL_NO_SHA512
test_p5_pbkdf2(i, "sha512", test, sha512_results[i]);
-# endif
printf(".");
}
printf(" done\n");
@@ -223,4 +209,3 @@ int main(int argc, char **argv)
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
-#endif /* OPENSSL_NO_SHA */
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
index 92ec80af4b..cb01854138 100644
--- a/crypto/lhash/lhash.h
+++ b/crypto/lhash/lhash.h
@@ -178,6 +178,10 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
unsigned long lh_strhash(const char *c);
unsigned long lh_num_items(const _LHASH *lh);
+# ifndef OPENSSL_NO_STDIO
+void lh_stats(const _LHASH *lh, FILE *fp);
+void lh_node_stats(const _LHASH *lh, FILE *fp);
+# endif
void lh_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index 442a5b63d4..24ca40eef1 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -81,10 +81,8 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
X509_NAME *iname;
ASN1_INTEGER *serial;
ASN1_BIT_STRING *ikey;
-#ifndef OPENSSL_NO_SHA1
if (!dgst)
dgst = EVP_sha1();
-#endif
if (subject) {
iname = X509_get_issuer_name(subject);
serial = X509_get_serialNumber(subject);
diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index e2f784479d..3ced44d803 100644
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -115,17 +115,7 @@
# define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */
# if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-# define USE_SHA1_RAND
-# elif !defined(OPENSSL_NO_MD5)
-# define USE_MD5_RAND
-# elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-# define USE_MDC2_RAND
-# elif !defined(OPENSSL_NO_MD2)
-# define USE_MD2_RAND
-# else
-# error No message digest algorithm available
-# endif
+# define USE_SHA1_RAND
# endif
# include <openssl/evp.h>
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index b8d9221592..73a8e07d35 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -193,11 +193,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
case RSA_PKCS1_PADDING:
i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen);
break;
-# ifndef OPENSSL_NO_SHA
case RSA_PKCS1_OAEP_PADDING:
i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
break;
-# endif
case RSA_SSLV23_PADDING:
i = RSA_padding_add_SSLv23(buf, num, from, flen);
break;
@@ -603,11 +601,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
case RSA_PKCS1_PADDING:
r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num);
break;
-# ifndef OPENSSL_NO_SHA
case RSA_PKCS1_OAEP_PADDING:
r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
break;
-# endif
case RSA_SSLV23_PADDING:
r = RSA_padding_check_SSLv23(to, num, buf, j, num);
break;
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index ebaad1a8ac..ab8f9ec078 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -19,14 +19,13 @@
#include "constant_time_locl.h"
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/bn.h>
-# include <openssl/rsa.h>
-# include <openssl/evp.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *from, int flen,
@@ -76,11 +75,11 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);
if (RAND_bytes(seed, mdlen) <= 0)
return 0;
-# ifdef PKCS_TESTVECT
+#ifdef PKCS_TESTVECT
memcpy(seed,
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
20);
-# endif
+#endif
dbmask = OPENSSL_malloc(emlen - mdlen);
if (dbmask == NULL) {
@@ -279,5 +278,3 @@ int PKCS1_MGF1(unsigned char *mask, long len,
EVP_MD_CTX_cleanup(&c);
return rv;
}
-
-#endif
diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
index a8c0cf7850..c72bba69bd 100644
--- a/crypto/sha/Makefile
+++ b/crypto/sha/Makefile
@@ -22,8 +22,8 @@ TEST=shatest.c sha1test.c sha256t.c sha512t.c
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
+LIBSRC=sha1dgst.c sha1_one.c sha256.c sha512.c
+LIBOBJ=sha1dgst.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
SRC= $(LIBSRC)
@@ -162,14 +162,3 @@ sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha512.o: ../cryptlib.h sha512.c
-sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha_dgst.o: ../../include/openssl/opensslconf.h
-sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
-sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
index d76790b35a..e35f328943 100644
--- a/crypto/sha/sha.h
+++ b/crypto/sha/sha.h
@@ -66,10 +66,6 @@
extern "C" {
#endif
-# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
-# error SHA is disabled.
-# endif
-
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. !
@@ -91,26 +87,15 @@ typedef struct SHAstate_st {
unsigned int num;
} SHA_CTX;
-# ifndef OPENSSL_NO_SHA0
-int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-# endif
-# ifndef OPENSSL_NO_SHA1
int SHA1_Init(SHA_CTX *c);
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
int SHA1_Final(unsigned char *md, SHA_CTX *c);
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-# endif
# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
* contiguous array of 32 bit wide
* big-endian values. */
-# define SHA224_DIGEST_LENGTH 28
-# define SHA256_DIGEST_LENGTH 32
typedef struct SHA256state_st {
SHA_LONG h[8];
@@ -119,7 +104,6 @@ typedef struct SHA256state_st {
unsigned int num, md_len;
} SHA256_CTX;
-# ifndef OPENSSL_NO_SHA256
int SHA224_Init(SHA256_CTX *c);
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
@@ -129,12 +113,12 @@ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
int SHA256_Final(unsigned char *md, SHA256_CTX *c);
unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
-# endif
+# define SHA224_DIGEST_LENGTH 28
+# define SHA256_DIGEST_LENGTH 32
# define SHA384_DIGEST_LENGTH 48
# define SHA512_DIGEST_LENGTH 64
-# ifndef OPENSSL_NO_SHA512
/*
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
* being exactly 64-bit wide. See Implementation Notes in sha512.c
@@ -145,17 +129,17 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
* contiguous array of 64 bit
* wide big-endian values.
*/
-# define SHA512_CBLOCK (SHA_LBLOCK*8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SHA_LONG64 unsigned __int64
-# define U64(C) C##UI64
-# elif defined(__arch64__)
-# define SHA_LONG64 unsigned long
-# define U64(C) C##UL
-# else
-# define SHA_LONG64 unsigned long long
-# define U64(C) C##ULL
-# endif
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# define U64(C) C##UI64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# define U64(C) C##UL
+# else
+# define SHA_LONG64 unsigned long long
+# define U64(C) C##ULL
+# endif
typedef struct SHA512state_st {
SHA_LONG64 h[8];
@@ -166,9 +150,7 @@ typedef struct SHA512state_st {
} u;
unsigned int num, md_len;
} SHA512_CTX;
-# endif
-# ifndef OPENSSL_NO_SHA512
int SHA384_Init(SHA512_CTX *c);
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
@@ -178,7 +160,6 @@ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
int SHA512_Final(unsigned char *md, SHA512_CTX *c);
unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
-# endif
#ifdef __cplusplus
}
diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
index a6dd760a1e..4a59115664 100644
--- a/crypto/sha/sha1_one.c
+++ b/crypto/sha/sha1_one.c
@@ -61,7 +61,6 @@
#include <openssl/crypto.h>
#include <openssl/sha.h>
-#ifndef OPENSSL_NO_SHA1
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
{
SHA_CTX c;
@@ -76,4 +75,3 @@ unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
OPENSSL_cleanse(&c, sizeof(c));
return (md);
}
-#endif
diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
index a67f1fe364..9f1b8f0630 100644
--- a/crypto/sha/sha1dgst.c
+++ b/crypto/sha/sha1dgst.c
@@ -58,10 +58,6 @@
#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
-
-# undef SHA_0
-# define SHA_1
# include <openssl/opensslv.h>
@@ -70,5 +66,3 @@ const char SHA1_version[] = "SHA1" OPENSSL_VERSION_PTEXT;
/* The implementation is in ../md32_common.h */
# include "sha_locl.h"
-
-#endif
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
index 0052a95c7d..cc3633dc68 100644
--- a/crypto/sha/sha1test.c
+++ b/crypto/sha/sha1test.c
@@ -61,23 +61,12 @@
#include <stdlib.h>
#include "../e_os.h"
+#include <openssl/evp.h>
+#include <openssl/sha.h>
-#ifdef OPENSSL_NO_SHA
-int main(int argc, char *argv[])
-{
- printf("No SHA support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/sha.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-# undef SHA_0 /* FIPS 180 */
-# define SHA_1 /* FIPS 180-1 */
+#ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+#endif
static char *test[] = {
"abc",
@@ -85,22 +74,12 @@ static char *test[] = {
NULL,
};
-# ifdef SHA_0
-static char *ret[] = {
- "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
- "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-};
-
-static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
-# endif
-# ifdef SHA_1
static char *ret[] = {
"a9993e364706816aba3e25717850c26c9cd0d89d",
"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
};
static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-# endif
static char *pt(unsigned char *md);
int main(int argc, char *argv[])
@@ -112,10 +91,10 @@ int main(int argc, char *argv[])
EVP_MD_CTX c;
unsigned char md[SHA_DIGEST_LENGTH];
-# ifdef CHARSET_EBCDIC
+#ifdef CHARSET_EBCDIC
ebcdic2ascii(test[0], test[0], strlen(test[0]));
ebcdic2ascii(test[1], test[1], strlen(test[1]));
-# endif
+#endif
EVP_MD_CTX_init(&c);
P = test;
@@ -136,9 +115,9 @@ int main(int argc, char *argv[])
}
memset(buf, 'a', 1000);
-# ifdef CHARSET_EBCDIC
+#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, 1000);
-# endif /* CHARSET_EBCDIC */
+#endif /* CHARSET_EBCDIC */
EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
for (i = 0; i < 1000; i++)
EVP_DigestUpdate(&c, buf, 1000);
@@ -153,10 +132,10 @@ int main(int argc, char *argv[])
} else
printf("test 3 ok\n");
-# ifdef OPENSSL_SYS_NETWARE
+#ifdef OPENSSL_SYS_NETWARE
if (err)
printf("ERROR: %d\n", err);
-# endif
+#endif
EXIT(err);
EVP_MD_CTX_cleanup(&c);
return (0);
@@ -171,4 +150,3 @@ static char *pt(unsigned char *md)
sprintf(&(buf[i * 2]), "%02x", md[i]);
return (buf);
}
-#endif
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index 92d8dd84f2..eec0cadf98 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -5,14 +5,13 @@
* ====================================================================
*/
#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-# include <stdlib.h>
-# include <string.h>
+#include <stdlib.h>
+#include <string.h>
-# include <openssl/crypto.h>
-# include <openssl/sha.h>
-# include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/opensslv.h>
const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
@@ -84,11 +83,12 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c)
return SHA256_Final(md, c);
}
-# define DATA_ORDER_IS_BIG_ENDIAN
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG SHA_LONG
+#define HASH_CTX SHA256_CTX
+#define HASH_CBLOCK SHA_CBLOCK
-# define HASH_LONG SHA_LONG
-# define HASH_CTX SHA256_CTX
-# define HASH_CBLOCK SHA_CBLOCK
/*
* Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
* default: case below covers for it. It's not clear however if it's
@@ -97,7 +97,7 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c)
* Idea behind separate cases for pre-defined lenghts is to let the
* compiler decide if it's appropriate to unroll small loops.
*/
-# define HASH_MAKE_STRING(c,s) do { \
+#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
unsigned int nn; \
switch ((c)->md_len) \
@@ -118,18 +118,18 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c)
} \
} while (0)
-# define HASH_UPDATE SHA256_Update
-# define HASH_TRANSFORM SHA256_Transform
-# define HASH_FINAL SHA256_Final
-# define HASH_BLOCK_DATA_ORDER sha256_block_data_order
-# ifndef SHA256_ASM
+#define HASH_UPDATE SHA256_Update
+#define HASH_TRANSFORM SHA256_Transform
+#define HASH_FINAL SHA256_Final
+#define HASH_BLOCK_DATA_ORDER sha256_block_data_order
+#ifndef SHA256_ASM
static
-# endif
+#endif
void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num);
-# include "md32_common.h"
+#include "md32_common.h"
-# ifndef SHA256_ASM
+#ifndef SHA256_ASM
static const SHA_LONG K256[64] = {
0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
@@ -154,15 +154,15 @@ static const SHA_LONG K256[64] = {
* is left one. This is why you might notice that rotation coefficients
* differ from those observed in FIPS document by 32-N...
*/
-# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
-# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
-# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
-# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
+# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
+# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
+# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
+# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
-# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
-# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-# ifdef OPENSSL_SMALL_FOOTPRINT
+# ifdef OPENSSL_SMALL_FOOTPRINT
static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
size_t num)
@@ -229,14 +229,14 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
}
}
-# else
+# else
-# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
+# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i]; \
h = Sigma0(a) + Maj(a,b,c); \
d += T1; h += T1; } while (0)
-# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \
+# define ROUND_16_63(i,a,b,c,d,e,f,g,h,X) do { \
s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
@@ -381,7 +381,5 @@ static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
}
}
-# endif
-# endif /* SHA256_ASM */
-
-#endif /* OPENSSL_NO_SHA256 */
+# endif
+#endif /* SHA256_ASM */
diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c
index 476702c7ed..0872f346b7 100644
--- a/crypto/sha/sha256t.c
+++ b/crypto/sha/sha256t.c
@@ -10,14 +10,6 @@
#include <openssl/sha.h>
#include <openssl/evp.h>
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
-int main(int argc, char *argv[])
-{
- printf("No SHA256 support\n");
- return (0);
-}
-#else
-
unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
@@ -159,4 +151,3 @@ int main(int argc, char **argv)
return 0;
}
-#endif
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index d79c2a0e70..f934c74414 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -5,7 +5,6 @@
* ====================================================================
*/
#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
/*-
* IMPLEMENTATION NOTES.
*
@@ -41,24 +40,24 @@
* 16-bit platforms.
* <appro@fy.chalmers.se>
*/
-# include <stdlib.h>
-# include <string.h>
+#include <stdlib.h>
+#include <string.h>
-# include <openssl/crypto.h>
-# include <openssl/sha.h>
-# include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/opensslv.h>
-# include "cryptlib.h"
+#include "cryptlib.h"
const char SHA512_version[] = "SHA-512" OPENSSL_VERSION_PTEXT;
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
defined(__s390__) || defined(__s390x__) || \
defined(__aarch64__) || \
defined(SHA512_ASM)
-# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-# endif
+# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+#endif
int SHA384_Init(SHA512_CTX *c)
{
@@ -96,9 +95,9 @@ int SHA512_Init(SHA512_CTX *c)
return 1;
}
-# ifndef SHA512_ASM
+#ifndef SHA512_ASM
static
-# endif
+#endif
void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num);
int SHA512_Final(unsigned char *md, SHA512_CTX *c)
@@ -113,10 +112,10 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *c)
sha512_block_data_order(c, p, 1);
memset(p + n, 0, sizeof(c->u) - 16 - n);
-# ifdef B_ENDIAN
+#ifdef B_ENDIAN
c->u.d[SHA_LBLOCK - 2] = c->Nh;
c->u.d[SHA_LBLOCK - 1] = c->Nl;
-# else
+#else
p[sizeof(c->u) - 1] = (unsigned char)(c->Nl);
p[sizeof(c->u) - 2] = (unsigned char)(c->Nl >> 8);
p[sizeof(c->u) - 3] = (unsigned char)(c->Nl >> 16);
@@ -133,7 +132,7 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *c)
p[sizeof(c->u) - 14] = (unsigned char)(c->Nh >> 40);
p[sizeof(c->u) - 15] = (unsigned char)(c->Nh >> 48);
p[sizeof(c->u) - 16] = (unsigned char)(c->Nh >> 56);
-# endif
+#endif
sha512_block_data_order(c, p, 1);
@@ -213,14 +212,14 @@ int SHA512_Update(SHA512_CTX *c, const void *_data, size_t len)
}
if (len >= sizeof(c->u)) {
-# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)data % sizeof(c->u.d[0]) != 0)
while (len >= sizeof(c->u))
memcpy(p, data, sizeof(c->u)),
sha512_block_data_order(c, p, 1),
len -= sizeof(c->u), data += sizeof(c->u);
else
-# endif
+#endif
sha512_block_data_order(c, data, len / sizeof(c->u)),
data += len, len %= sizeof(c->u), data -= len;
}
@@ -238,10 +237,10 @@ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data)
{
-# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)data % sizeof(c->u.d[0]) != 0)
memcpy(c->u.p, data, sizeof(c->u.p)), data = c->u.p;
-# endif
+#endif
sha512_block_data_order(c, data, 1);
}
@@ -273,7 +272,7 @@ unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
return (md);
}
-# ifndef SHA512_ASM
+#ifndef SHA512_ASM
static const SHA_LONG64 K512[80] = {
U64(0x428a2f98d728ae22), U64(0x7137449123ef65cd),
U64(0xb5c0fbcfec4d3b2f), U64(0xe9b5dba58189dbbc),
@@ -317,23 +316,23 @@ static const SHA_LONG64 K512[80] = {
U64(0x5fcb6fab3ad6faec), U64(0x6c44198c4a475817)
};
-# ifndef PEDANTIC
-# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__x86_64) || defined(__x86_64__)
-# define ROTR(a,n) ({ SHA_LONG64 ret; \
+# ifndef PEDANTIC
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(__x86_64) || defined(__x86_64__)
+# define ROTR(a,n) ({ SHA_LONG64 ret; \
asm ("rorq %1,%0" \
: "=r"(ret) \
: "J"(n),"0"(a) \
: "cc"); ret; })
-# if !defined(B_ENDIAN)
-# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \
+# if !defined(B_ENDIAN)
+# define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x))); \
asm ("bswapq %0" \
: "=r"(ret) \
: "0"(ret)); ret; })
-# endif
-# elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN)
-# if defined(I386_ONLY)
-# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+# endif
+# elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN)
+# if defined(I386_ONLY)
+# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
unsigned int hi=p[0],lo=p[1]; \
asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\
"roll $16,%%eax; roll $16,%%edx; "\
@@ -341,39 +340,39 @@ static const SHA_LONG64 K512[80] = {
: "=a"(lo),"=d"(hi) \
: "0"(lo),"1"(hi) : "cc"); \
((SHA_LONG64)hi)<<32|lo; })
-# else
-# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+# else
+# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
unsigned int hi=p[0],lo=p[1]; \
asm ("bswapl %0; bswapl %1;" \
: "=r"(lo),"=r"(hi) \
: "0"(lo),"1"(hi)); \
((SHA_LONG64)hi)<<32|lo; })
-# endif
-# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
-# define ROTR(a,n) ({ SHA_LONG64 ret; \
+# endif
+# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
+# define ROTR(a,n) ({ SHA_LONG64 ret; \
asm ("rotrdi %0,%1,%2" \
: "=r"(ret) \
: "r"(a),"K"(n)); ret; })
-# elif defined(__aarch64__)
-# define ROTR(a,n) ({ SHA_LONG64 ret; \
+# elif defined(__aarch64__)
+# define ROTR(a,n) ({ SHA_LONG64 ret; \
asm ("ror %0,%1,%2" \
: "=r"(ret) \
: "r"(a),"I"(n)); ret; })
-# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
+# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
__BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
-# define PULL64(x) ({ SHA_LONG64 ret; \
+# define PULL64(x) ({ SHA_LONG64 ret; \
asm ("rev %0,%1" \
: "=r"(ret) \
: "r"(*((const SHA_LONG64 *)(&(x))))); ret; })
-# endif
# endif
-# elif defined(_MSC_VER)
-# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
-# pragma intrinsic(_rotr64)
-# define ROTR(a,n) _rotr64((a),n)
-# endif
-# if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(I386_ONLY)
+# endif
+# elif defined(_MSC_VER)
+# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
+# pragma intrinsic(_rotr64)
+# define ROTR(a,n) _rotr64((a),n)
+# endif
+# if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(I386_ONLY)
static SHA_LONG64 __fastcall __pull64be(const void *x)
{
_asm mov edx,[ecx + 0]
@@ -381,34 +380,34 @@ static SHA_LONG64 __fastcall __pull64be(const void *x)
_asm xchg dh, dl
_asm xchg ah, al
_asm rol edx, 16 _asm rol eax, 16 _asm xchg dh, dl _asm xchg ah, al}
-# else
+# else
static SHA_LONG64 __fastcall __pull64be(const void *x)
{
_asm mov edx,[ecx + 0]
_asm mov eax,[ecx + 4]
_asm bswap edx _asm bswap eax}
-# endif
-# define PULL64(x) __pull64be(&(x))
-# if _MSC_VER<=1200
-# pragma inline_depth(0)
-# endif
+# endif
+# define PULL64(x) __pull64be(&(x))
+# if _MSC_VER<=1200
+# pragma inline_depth(0)
# endif
# endif
# endif
-# ifndef PULL64
-# define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
-# define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
-# endif
-# ifndef ROTR
-# define ROTR(x,s) (((x)>>s) | (x)<<(64-s))
-# endif
-# define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
-# define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
-# define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
-# define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
-# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
-# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+# endif
+# ifndef PULL64
+# define B(x,j) (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
+# define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
+# endif
+# ifndef ROTR
+# define ROTR(x,s) (((x)>>s) | (x)<<(64-s))
+# endif
+# define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+# define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
+# define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
+# define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86)
/*
* This code should give better results on 32-bit CPU with less than
* ~24 registers, both size and performance wise...
@@ -433,11 +432,11 @@ _asm bswap edx _asm bswap eax}
F[7] = ctx->h[7];
for (i = 0; i < 16; i++, F--) {
-# ifdef B_ENDIAN
+# ifdef B_ENDIAN
T = W[i];
-# else
+# else
T = PULL64(W[i]);
-# endif
+# endif
F[0] = A;
F[4] = E;
F[8] = T;
@@ -472,7 +471,7 @@ _asm bswap edx _asm bswap eax}
}
}
-# elif defined(OPENSSL_SMALL_FOOTPRINT)
+# elif defined(OPENSSL_SMALL_FOOTPRINT)
static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
size_t num)
{
@@ -493,11 +492,11 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
h = ctx->h[7];
for (i = 0; i < 16; i++) {
-# ifdef B_ENDIAN
+# ifdef B_ENDIAN
T1 = X[i] = W[i];
-# else
+# else
T1 = X[i] = PULL64(W[i]);
-# endif
+# endif
T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
T2 = Sigma0(a) + Maj(a, b, c);
h = g;
@@ -542,12 +541,12 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
}
}
-# else
-# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
+# else
+# define ROUND_00_15(i,a,b,c,d,e,f,g,h) do { \
T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i]; \
h = Sigma0(a) + Maj(a,b,c); \
d += T1; h += T1; } while (0)
-# define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X) do { \
+# define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X) do { \
s0 = X[(j+1)&0x0f]; s0 = sigma0(s0); \
s1 = X[(j+14)&0x0f]; s1 = sigma1(s1); \
T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f]; \
@@ -571,7 +570,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
g = ctx->h[6];
h = ctx->h[7];
-# ifdef B_ENDIAN
+# ifdef B_ENDIAN
T1 = X[0] = W[0];
ROUND_00_15(0, a, b, c, d, e, f, g, h);
T1 = X[1] = W[1];
@@ -604,7 +603,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
ROUND_00_15(14, c, d, e, f, g, h, a, b);
T1 = X[15] = W[15];
ROUND_00_15(15, b, c, d, e, f, g, h, a);
-# else
+# else
T1 = X[0] = PULL64(W[0]);
ROUND_00_15(0, a, b, c, d, e, f, g, h);
T1 = X[1] = PULL64(W[1]);
@@ -637,7 +636,7 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
ROUND_00_15(14, c, d, e, f, g, h, a, b);
T1 = X[15] = PULL64(W[15]);
ROUND_00_15(15, b, c, d, e, f, g, h, a);
-# endif
+# endif
for (i = 16; i < 80; i += 16) {
ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);
@@ -671,14 +670,6 @@ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
}
}
-# endif
-
-# endif /* SHA512_ASM */
-
-#else /* !OPENSSL_NO_SHA512 */
-
-# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
-static void *dummy = &dummy;
# endif
-#endif /* !OPENSSL_NO_SHA512 */
+#endif /* SHA512_ASM */
diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c
index 178882fc76..a4d4b5e80b 100644
--- a/crypto/sha/sha512t.c
+++ b/crypto/sha/sha512t.c
@@ -11,14 +11,6 @@
#include <openssl/evp.h>
#include <openssl/crypto.h>
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
-int main(int argc, char *argv[])
-{
- printf("No SHA512 support\n");
- return (0);
-}
-#else
-
unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
@@ -193,4 +185,3 @@ int main(int argc, char **argv)
return 0;
}
-#endif
diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c
deleted file mode 100644
index f77cf5e38d..0000000000
--- a/crypto/sha/sha_dgst.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
-
-# undef SHA_1
-# define SHA_0
-
-# include <openssl/opensslv.h>
-
-const char SHA_version[] = "SHA" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-# include "sha_locl.h"
-
-#endif
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
index 2a44f57c7b..af62d9e290 100644
--- a/crypto/sha/sha_locl.h
+++ b/crypto/sha/sha_locl.h
@@ -76,35 +76,19 @@
ll=(c)->h4; (void)HOST_l2c(ll,(s)); \
} while (0)
-#if defined(SHA_0)
-
-# define HASH_UPDATE SHA_Update
-# define HASH_TRANSFORM SHA_Transform
-# define HASH_FINAL SHA_Final
-# define HASH_INIT SHA_Init
-# define HASH_BLOCK_DATA_ORDER sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id))
-
-static void sha_block_data_order(SHA_CTX *c, const void *p, size_t num);
-
-#elif defined(SHA_1)
-
-# define HASH_UPDATE SHA1_Update
-# define HASH_TRANSFORM SHA1_Transform
-# define HASH_FINAL SHA1_Final
-# define HASH_INIT SHA1_Init
-# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
+#define HASH_UPDATE SHA1_Update
+#define HASH_TRANSFORM SHA1_Transform
+#define HASH_FINAL SHA1_Final
+#define HASH_INIT SHA1_Init
+#define HASH_BLOCK_DATA_ORDER sha1_block_data_order
+#define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
ix=(a)=ROTATE((a),1) \
)
-# ifndef SHA1_ASM
-static
-# endif
-void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
-
+#ifndef SHA1_ASM
+static void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
#else
-# error "Either SHA_0 or SHA_1 must be defined."
+void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
#endif
#include "md32_common.h"
@@ -197,7 +181,7 @@ int HASH_INIT(SHA_CTX *c)
# define X(i) XX[i]
# endif
-# if !defined(SHA_1) || !defined(SHA1_ASM)
+# if !defined(SHA1_ASM)
static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
{
const unsigned char *data = p;
@@ -431,7 +415,7 @@ static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
E=D, D=C, C=ROTATE(B,30), B=A; \
A=ROTATE(A,5)+T+xa; } while(0)
-# if !defined(SHA_1) || !defined(SHA1_ASM)
+# if !defined(SHA1_ASM)
static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
{
const unsigned char *data = p;
diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c
deleted file mode 100644
index 0930b98a66..0000000000
--- a/crypto/sha/sha_one.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* crypto/sha/sha_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/sha.h>
-#include <openssl/crypto.h>
-
-#ifndef OPENSSL_NO_SHA0
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-{
- SHA_CTX c;
- static unsigned char m[SHA_DIGEST_LENGTH];
-
- if (md == NULL)
- md = m;
- if (!SHA_Init(&c))
- return NULL;
- SHA_Update(&c, d, n);
- SHA_Final(md, &c);
- OPENSSL_cleanse(&c, sizeof(c));
- return (md);
-}
-#endif
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
deleted file mode 100644
index 105060a7ec..0000000000
--- a/crypto/sha/shatest.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* crypto/sha/shatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include "../e_os.h"
-
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0)
-int main(int argc, char *argv[])
-{
- printf("No SHA0 support\n");
- return (0);
-}
-#else
-# include <openssl/evp.h>
-# include <openssl/sha.h>
-
-# ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-# endif
-
-# define SHA_0 /* FIPS 180 */
-# undef SHA_1 /* FIPS 180-1 */
-
-static char *test[] = {
- "abc",
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- NULL,
-};
-
-# ifdef SHA_0
-static char *ret[] = {
- "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
- "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-};
-
-static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
-# endif
-# ifdef SHA_1
-static char *ret[] = {
- "a9993e364706816aba3e25717850c26c9cd0d89d",
- "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-};
-
-static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-# endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-{
- int i, err = 0;
- char **P, **R;
- static unsigned char buf[1000];
- char *p, *r;
- EVP_MD_CTX c;
- unsigned char md[SHA_DIGEST_LENGTH];
-
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(test[0], test[0], strlen(test[0]));
- ebcdic2ascii(test[1], test[1], strlen(test[1]));
-# endif
-
- EVP_MD_CTX_init(&c);
- P = test;
- R = ret;
- i = 1;
- while (*P != NULL) {
- EVP_Digest(*P, strlen(*P), md, NULL, EVP_sha(), NULL);
- p = pt(md);
- if (strcmp(p, *R) != 0) {
- printf("error calculating SHA on '%s'\n", *P);
- printf("got %s instead of %s\n", p, *R);
- err++;
- } else
- printf("test %d ok\n", i);
- i++;
- R++;
- P++;
- }
-
- memset(buf, 'a', 1000);
-# ifdef CHARSET_EBCDIC
- ebcdic2ascii(buf, buf, 1000);
-# endif /* CHARSET_EBCDIC */
- EVP_DigestInit_ex(&c, EVP_sha(), NULL);
- for (i = 0; i < 1000; i++)
- EVP_DigestUpdate(&c, buf, 1000);
- EVP_DigestFinal_ex(&c, md, NULL);
- p = pt(md);
-
- r = bigret;
- if (strcmp(p, r) != 0) {
- printf("error calculating SHA on '%s'\n", p);
- printf("got %s instead of %s\n", p, r);
- err++;
- } else
- printf("test 3 ok\n");
-
-# ifdef OPENSSL_SYS_NETWARE
- if (err)
- printf("ERROR: %d\n", err);
-# endif
- EVP_MD_CTX_cleanup(&c);
- EXIT(err);
- return (0);
-}
-
-static char *pt(unsigned char *md)
-{
- int i;
- static char buf[80];
-
- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- return (buf);
-}
-#endif
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 13f7531c24..fae320f9f3 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -97,9 +97,7 @@
# endif
# endif
-# ifndef OPENSSL_NO_SHA
-# include <openssl/sha.h>
-# endif
+# include <openssl/sha.h>
# include <openssl/ossl_typ.h>
#ifdef __cplusplus
@@ -280,9 +278,7 @@ struct x509_st {
NAME_CONSTRAINTS *nc;
STACK_OF(IPAddressFamily) *rfc3779_addr;
struct ASIdentifiers_st *rfc3779_asid;
-# ifndef OPENSSL_NO_SHA
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
X509_CERT_AUX *aux;
} /* X509 */ ;
@@ -453,9 +449,7 @@ struct X509_crl_st {
/* CRL and base CRL numbers for delta processing */
ASN1_INTEGER *crl_number;
ASN1_INTEGER *base_crl_number;
-# ifndef OPENSSL_NO_SHA
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
STACK_OF(GENERAL_NAMES) *issuers;
const X509_CRL_METHOD *meth;
void *meth_data;
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 49c71b9128..04cecad14a 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -122,12 +122,10 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
}
-#ifndef OPENSSL_NO_SHA
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
{
return memcmp(a->sha1_hash, b->sha1_hash, 20);
}
-#endif
X509_NAME *X509_get_issuer_name(X509 *a)
{
@@ -168,7 +166,6 @@ unsigned long X509_subject_name_hash_old(X509 *x)
}
#endif
-#ifndef OPENSSL_NO_SHA
/*
* Compare two certificates: they must be identical for this to work. NB:
* Although "cmp" operations are generally prototyped to take "const"
@@ -197,7 +194,6 @@ int X509_cmp(const X509 *a, const X509 *b)
}
return rv;
}
-#endif
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
{
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index dfc8c5b8e1..b748e98b2c 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -390,9 +390,7 @@ static void x509v3_cache_extensions(X509 *x)
int i;
if (x->ex_flags & EXFLAG_SET)
return;
-#ifndef OPENSSL_NO_SHA
X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
-#endif
/* V1 should mean no extensions ... */
if (!X509_get_version(x))
x->ex_flags |= EXFLAG_V1;
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index d9fada9c0b..66055070c2 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -6,7 +6,7 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type,
EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
-EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1,
+EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1,
EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
EVP digest routines
@@ -49,7 +49,6 @@ EVP digest routines
const EVP_MD *EVP_md_null(void);
const EVP_MD *EVP_md2(void);
const EVP_MD *EVP_md5(void);
- const EVP_MD *EVP_sha(void);
const EVP_MD *EVP_sha1(void);
const EVP_MD *EVP_dss(void);
const EVP_MD *EVP_dss1(void);
@@ -134,9 +133,9 @@ return B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms
are no longer linked this function is only retained for compatibility
reasons.
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
+EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
-structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
+structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
@@ -165,7 +164,7 @@ corresponding OBJECT IDENTIFIER or NID_undef if none exists.
EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
EVP_MD_CTX_block_size() return the digest or block size in bytes.
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_dss(),
EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
corresponding EVP_MD structures.
@@ -269,7 +268,7 @@ EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
changed to return truly const EVP_MD * in OpenSSL 0.9.7.
diff --git a/engines/e_sureware.c b/engines/e_sureware.c
index dc3e21f56e..aae568ab71 100644
--- a/engines/e_sureware.c
+++ b/engines/e_sureware.c
@@ -946,13 +946,11 @@ static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
}
memcpy(buf, to, tlen); /* transfert to into buf */
switch (padding) { /* check padding in software */
-# ifndef OPENSSL_NO_SHA
case RSA_PKCS1_OAEP_PADDING:
ret =
RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf,
tlen, tlen, NULL, 0);
break;
-# endif
case RSA_SSLV23_PADDING:
ret =
RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen,
diff --git a/makevms.com b/makevms.com
index 47053462f8..331b1be625 100755
--- a/makevms.com
+++ b/makevms.com
@@ -566,12 +566,6 @@ $ WRITE H_FILE "#undef SIXTEEN_BIT"
$ WRITE H_FILE "#undef EIGHT_BIT"
$ WRITE H_FILE "#endif"
$!
-$! Oddly enough, the following symbol is tested in crypto/sha/sha512.c
-$! before sha.h gets included (and HEADER_SHA_H defined), so we will not
-$! protect this one...
-$ WRITE H_FILE "#undef OPENSSL_NO_SHA512"
-$ WRITE H_FILE "#define OPENSSL_NO_SHA512"
-$!
$ WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
$ WRITE H_FILE "#define OPENSSL_EXPORT_VAR_AS_FUNCTION"
$!
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index e5a04ace60..53e3c8764c 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -328,9 +328,6 @@ static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out)
l2n(sha1->h4, md_out);
}
-#define LARGEST_DIGEST_CTX SHA_CTX
-
-#ifndef OPENSSL_NO_SHA256
static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out)
{
SHA256_CTX *sha256 = ctx;
@@ -341,11 +338,6 @@ static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out)
}
}
-# undef LARGEST_DIGEST_CTX
-# define LARGEST_DIGEST_CTX SHA256_CTX
-#endif
-
-#ifndef OPENSSL_NO_SHA512
static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out)
{
SHA512_CTX *sha512 = ctx;
@@ -356,9 +348,8 @@ static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out)
}
}
-# undef LARGEST_DIGEST_CTX
-# define LARGEST_DIGEST_CTX SHA512_CTX
-#endif
+#undef LARGEST_DIGEST_CTX
+#define LARGEST_DIGEST_CTX SHA512_CTX
/*
* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
@@ -371,14 +362,10 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
switch (EVP_MD_CTX_type(ctx)) {
case NID_md5:
case NID_sha1:
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
case NID_sha256:
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
case NID_sha512:
-#endif
return 1;
default:
return 0;
@@ -465,7 +452,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
(void (*)(void *ctx, const unsigned char *block))SHA1_Transform;
md_size = 20;
break;
-#ifndef OPENSSL_NO_SHA256
case NID_sha224:
SHA224_Init((SHA256_CTX *)md_state.c);
md_final_raw = tls1_sha256_final_raw;
@@ -480,8 +466,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
(void (*)(void *ctx, const unsigned char *block))SHA256_Transform;
md_size = 32;
break;
-#endif
-#ifndef OPENSSL_NO_SHA512
case NID_sha384:
SHA384_Init((SHA512_CTX *)md_state.c);
md_final_raw = tls1_sha512_final_raw;
@@ -500,7 +484,6 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
md_block_size = 128;
md_length_size = 16;
break;
-#endif
default:
/*
* ssl3_cbc_record_digest_supported should have been called first to
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 93518b89b3..a383eee70a 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2225,11 +2225,7 @@ int ssl3_get_new_session_ticket(SSL *s)
*/
EVP_Digest(p, ticklen,
s->session->session_id, &s->session->session_id_length,
-# ifndef OPENSSL_NO_SHA256
EVP_sha256(), NULL);
-# else
- EVP_sha1(), NULL);
-# endif
ret = 1;
return (ret);
f_err:
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index ccc418ad78..e929658798 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3385,7 +3385,7 @@ int ssl3_send_newsession_ticket(SSL *s)
EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
tctx->tlsext_tick_aes_key, iv);
HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL);
+ EVP_sha256(), NULL);
memcpy(key_name, tctx->tlsext_tick_key_name, 16);
}
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index fdf1481444..3843aefe8d 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -91,14 +91,10 @@ int SSL_library_init(void)
EVP_add_cipher(EVP_aes_256_cbc());
EVP_add_cipher(EVP_aes_128_gcm());
EVP_add_cipher(EVP_aes_256_gcm());
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-# endif
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-# endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
@@ -113,20 +109,14 @@ int SSL_library_init(void)
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5, "ssl3-md5");
#endif
-#ifndef OPENSSL_NO_SHA
EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-#endif
-#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
+#if !defined(OPENSSL_NO_DSA)
EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
@@ -135,11 +125,6 @@ int SSL_library_init(void)
#ifndef OPENSSL_NO_ECDSA
EVP_add_digest(EVP_ecdsa());
#endif
- /* If you want support for phased out ciphers, add the following */
-#if 0
- EVP_add_digest(EVP_sha());
- EVP_add_digest(EVP_dss());
-#endif
#ifndef OPENSSL_NO_COMP
/*
* This will initialise the built-in compression algorithms. The value
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index f58a605ad0..fcf5f8d61d 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1329,11 +1329,6 @@ int tls1_process_heartbeat(SSL *s);
int dtls1_process_heartbeat(SSL *s);
# endif
-# ifdef OPENSSL_NO_SHA256
-# define tlsext_tick_md EVP_sha1
-# else
-# define tlsext_tick_md EVP_sha256
-# endif
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 115aab5596..6a1ed6a742 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -906,17 +906,11 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
tlsext_sigalg_ecdsa(md)
static const unsigned char tls12_sigalgs[] = {
-# ifndef OPENSSL_NO_SHA512
tlsext_sigalg(TLSEXT_hash_sha512)
tlsext_sigalg(TLSEXT_hash_sha384)
-# endif
-# ifndef OPENSSL_NO_SHA256
tlsext_sigalg(TLSEXT_hash_sha256)
tlsext_sigalg(TLSEXT_hash_sha224)
-# endif
-# ifndef OPENSSL_NO_SHA
tlsext_sigalg(TLSEXT_hash_sha1)
-# endif
};
# ifndef OPENSSL_NO_ECDSA
@@ -3318,7 +3312,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
return 2;
HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL);
+ EVP_sha256(), NULL);
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
tctx->tlsext_tick_aes_key, etick + 16);
}
@@ -3462,25 +3456,11 @@ static const tls12_hash_info tls12_md_info[] = {
# else
{NID_md5, 64, EVP_md5},
# endif
-# ifdef OPENSSL_NO_SHA
- {NID_sha1, 80, 0},
-# else
{NID_sha1, 80, EVP_sha1},
-# endif
-# ifdef OPENSSL_NO_SHA256
- {NID_sha224, 112, 0},
- {NID_sha256, 128, 0},
-# else
{NID_sha224, 112, EVP_sha224},
{NID_sha256, 128, EVP_sha256},
-# endif
-# ifdef OPENSSL_NO_SHA512
- {NID_sha384, 192, 0},
- {NID_sha512, 256, 0}
-# else
{NID_sha384, 192, EVP_sha384},
{NID_sha512, 256, EVP_sha512}
-# endif
};
static const tls12_hash_info *tls12_get_hash_info(unsigned char hash_alg)
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 07f6fdd56d..5424ed543c 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -177,7 +177,7 @@ $no_static_engine = 0 if (!$shlib);
$no_mdc2=1 if ($no_des);
-$no_ssl3=1 if ($no_md5 || $no_sha);
+$no_ssl3=1 if ($no_md5);
$no_ssl3=1 if ($no_rsa && $no_dh);
$out_def="out";
@@ -281,8 +281,6 @@ $cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
-$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
-$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
$cflags.=" -DOPENSSL_NO_RMD160" if $no_ripemd;
$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
@@ -1123,8 +1121,6 @@ sub var_add
@a=grep(!/_dhp$/,@a) if $no_dh;
- @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
- @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/(srp)/,@a) if $no_srp;
@@ -1133,11 +1129,8 @@ sub var_add
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
- @a=grep(!/^gendsa$/,@a) if $no_sha1;
@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
- @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-
grep($_="$dir/$_",@a);
@a=grep(!/(^|\/)s_/,@a) if $no_sock;
@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
@@ -1409,8 +1402,6 @@ sub read_options
"no-md2" => \$no_md2,
"no-md4" => \$no_md4,
"no-md5" => \$no_md5,
- "no-sha" => \$no_sha,
- "no-sha1" => \$no_sha1,
"no-ripemd" => \$no_ripemd,
"no-mdc2" => \$no_mdc2,
"no-whirlpool" => \$no_whirlpool,
@@ -1444,7 +1435,7 @@ sub read_options
"no-hw" => \$no_hw,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
- \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
+ \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_err, \$no_ripemd, \$no_rc5,
\$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
diff --git a/util/mkdef.pl b/util/mkdef.pl
index a6f64e3fc3..1dbd555797 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -972,7 +972,6 @@ sub do_defs
$a .= ",RC4" if($s =~ /EVP_rc4/);
$a .= ",RC5" if($s =~ /EVP_rc5/);
$a .= ",RIPEMD" if($s =~ /EVP_ripemd/);
- $a .= ",SHA" if($s =~ /EVP_sha/);
$a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/);
$a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
$a .= ",RSA" if($s =~ /RSAPrivateKey/);