]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
removed gnutls_x509_crt_verify_hash() and gnutls_x509_crt_verify_data()
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Wed, 3 Dec 2014 08:37:55 +0000 (09:37 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Wed, 3 Dec 2014 08:39:58 +0000 (09:39 +0100)
lib/includes/gnutls/compat.h
lib/x509/x509.c

index 894e31b99cf067e61523a2a8c558b13e6657b13f..cb79cee43f9950a12bd5c294f4abcf4b54d793a4 100644 (file)
@@ -236,21 +236,6 @@ int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key,
                                  size_t * signature_size)
     _GNUTLS_GCC_ATTR_DEPRECATED;
 
-       /* gnutls_pubkey_verify_data() */
-int gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt,
-                               unsigned int flags,
-                               const gnutls_datum_t * data,
-                               const gnutls_datum_t * signature)
-    _GNUTLS_GCC_ATTR_DEPRECATED;
-
-
-       /* gnutls_pubkey_verify_hash() */
-int gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt,
-                               unsigned int flags,
-                               const gnutls_datum_t * hash,
-                               const gnutls_datum_t * signature)
-    _GNUTLS_GCC_ATTR_DEPRECATED;
-
        /* gnutls_pubkey_get_verify_algorithm() */
 int gnutls_x509_crt_get_verify_algorithm(gnutls_x509_crt_t crt,
                                         const gnutls_datum_t *
index 4d07334677456df37ea84a1ced775b2977210e77..513de83a7382da1fad47cfcdf02ccdcc1ba79b6d 100644 (file)
@@ -2809,102 +2809,6 @@ gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t crt,
        return ret;
 }
 
-/**
- * gnutls_x509_crt_verify_data:
- * @crt: Holds the certificate
- * @flags: should be 0 for now
- * @data: holds the data to be signed
- * @signature: contains the signature
- *
- * This function will verify the given signed data, using the
- * parameters from the certificate.
- *
- * Deprecated. This function cannot be easily used securely. 
- * Use gnutls_pubkey_verify_data2() instead.
- *
- * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED 
- * is returned, and zero or positive code on success.
- **/
-int
-gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt, unsigned int flags,
-                           const gnutls_datum_t * data,
-                           const gnutls_datum_t * signature)
-{
-       int result;
-
-       if (crt == NULL) {
-               gnutls_assert();
-               return GNUTLS_E_INVALID_REQUEST;
-       }
-
-       result =
-           _gnutls_x509_verify_data(GNUTLS_DIG_UNKNOWN, data, signature,
-                                    crt);
-       if (result < 0) {
-               gnutls_assert();
-               return result;
-       }
-
-       return result;
-}
-
-/**
- * gnutls_x509_crt_verify_hash:
- * @crt: Holds the certificate
- * @flags: should be 0 for now
- * @hash: holds the hash digest to be verified
- * @signature: contains the signature
- *
- * This function will verify the given signed digest, using the
- * parameters from the certificate.
- *
- * Deprecated. This function cannot be easily used securely. 
- * Use gnutls_pubkey_verify_hash2() instead.
- *
- * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED 
- * is returned, and zero or positive code on success.
- **/
-int
-gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt, unsigned int flags,
-                           const gnutls_datum_t * hash,
-                           const gnutls_datum_t * signature)
-{
-       gnutls_pk_params_st params;
-       gnutls_digest_algorithm_t algo;
-       int ret;
-
-       if (crt == NULL) {
-               gnutls_assert();
-               return GNUTLS_E_INVALID_REQUEST;
-       }
-
-       ret = gnutls_x509_crt_get_verify_algorithm(crt, signature, &algo);
-       if (ret < 0)
-               return gnutls_assert_val(ret);
-
-       /* Read the MPI parameters from the issuer's certificate.
-        */
-       ret = _gnutls_x509_crt_get_mpis(crt, &params);
-       if (ret < 0) {
-               gnutls_assert();
-               return ret;
-       }
-
-       ret =
-           pubkey_verify_hashed_data(gnutls_x509_crt_get_pk_algorithm
-                                     (crt, NULL), hash_to_entry(algo),
-                                     hash, signature, &params);
-       if (ret < 0) {
-               gnutls_assert();
-       }
-
-       /* release all allocated MPIs
-        */
-       gnutls_pk_params_release(&params);
-
-       return ret;
-}
-
 /**
  * gnutls_x509_crt_get_crl_dist_points:
  * @cert: should contain a #gnutls_x509_crt_t structure