From: Simon Josefsson Date: Sun, 20 Feb 2011 19:59:56 +0000 (+0100) Subject: Remove gnutls_x509_crq_get_preferred_hash_algorithm. X-Git-Tag: gnutls_2_99_0~176 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=751a07546063e2c68c2ea15ce027d97e90d6f05c;p=thirdparty%2Fgnutls.git Remove gnutls_x509_crq_get_preferred_hash_algorithm. --- diff --git a/NEWS b/NEWS index f52bb53c24..ae47f2d8c2 100644 --- a/NEWS +++ b/NEWS @@ -124,7 +124,7 @@ gnutls_privkey_sign_hash: MODIFIED (was added in 2.11.0) gnutls_privkey_sign_data: MODIFIED (was added in 2.11.0) gnutls_x509_crq_sign2: DEPRECATED (use: gnutls_x509_crq_privkey_sign) gnutls_x509_crq_sign: DEPRECATED (use: gnutls_x509_crq_privkey_sign) -gnutls_x509_crq_get_preferred_hash_algorithm: DEPRECATED +gnutls_x509_crq_get_preferred_hash_algorithm: REMOVED (was added in 2.11.0) gnutls_x509_crl_sign: DEPRECATED (use: gnutls_x509_crl_privkey_sign) gnutls_x509_crl_sign2: DEPRECATED (use: gnutls_x509_crl_privkey_sign) gnutls_x509_privkey_sign_data: DEPRECATED (use: gnutls_privkey_sign_data2) diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 340f75178a..f1f707b30a 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -439,7 +439,6 @@ APIMANS += gnutls_x509_crq_set_basic_constraints.3 APIMANS += gnutls_x509_crq_set_key_usage.3 APIMANS += gnutls_x509_crq_get_key_purpose_oid.3 APIMANS += gnutls_x509_crq_set_key_purpose_oid.3 -APIMANS += gnutls_x509_crq_get_preferred_hash_algorithm.3 APIMANS += gnutls_x509_crq_get_key_id.3 APIMANS += gnutls_x509_crq_privkey_sign.3 APIMANS += gnutls_x509_dn_init.3 diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h index d7664d47ab..5b778c02ba 100644 --- a/lib/includes/gnutls/compat.h +++ b/lib/includes/gnutls/compat.h @@ -238,11 +238,6 @@ gnutls_sign_callback_get (gnutls_session_t session, void **userdata) unsigned int *mand) _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_x509_crq_get_preferred_hash_algorithm (gnutls_x509_crq_t crq, - gnutls_digest_algorithm_t * hash, - unsigned int *mand) - _GNUTLS_GCC_ATTR_DEPRECATED; - /* gnutls_x509_crq_privkey_sign() */ int gnutls_x509_crq_sign2 (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key, diff --git a/lib/libgnutls.map b/lib/libgnutls.map index d04f917497..83121442e9 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -668,7 +668,6 @@ GNUTLS_2_12 gnutls_sec_param_get_name; gnutls_pk_bits_to_sec_param; gnutls_rnd; - gnutls_x509_crq_get_preferred_hash_algorithm; gnutls_cipher_encrypt2; gnutls_cipher_decrypt2; gnutls_openpgp_privkey_sec_param; diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 9e60e2e564..02dc2c4a80 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2003, 2004, 2005, 2008, 2009, 2010 Free Software + * Copyright (C) 2003, 2004, 2005, 2008, 2009, 2010, 2011 Free Software * Foundation, Inc. * * Author: Nikos Mavrogiannopoulos @@ -999,10 +999,6 @@ gnutls_x509_crq_set_challenge_password (gnutls_x509_crq_t crq, * This must be the last step in a certificate request generation * since all the previously set parameters are now signed. * - * Use gnutls_x509_crq_get_preferred_hash_algorithm() to obtain - * the digest algorithm to use with the specified public key - * algorithm. - * * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * %GNUTLS_E_ASN1_VALUE_NOT_FOUND is returned if you didn't set all * information in the certificate request (e.g., the version using @@ -1068,16 +1064,7 @@ fail: int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key) { - gnutls_digest_algorithm_t dig; - int ret = gnutls_x509_crq_get_preferred_hash_algorithm (crq, &dig, NULL); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return gnutls_x509_crq_sign2 (crq, key, dig, 0); + return gnutls_x509_crq_sign2 (crq, key, GNUTLS_DIG_SHA1, 0); } /** @@ -2280,59 +2267,6 @@ gnutls_x509_crq_set_key_purpose_oid (gnutls_x509_crq_t crq, return 0; } -/** - * gnutls_x509_crq_get_preferred_hash_algorithm: - * @crq: Holds the certificate - * @hash: The result of the call with the hash algorithm used for signature - * @mand: If non zero it means that the algorithm MUST use this hash. May be NULL. - * - * This function will read the certifcate and return the appropriate digest - * algorithm to use for signing with this certificate. Some certificates (i.e. - * DSA might not be able to sign without the preferred algorithm). - * - * Returns: the 0 if the hash algorithm is found. A negative value is - * returned on error. - * - * Since: 2.11.0 - **/ -int -gnutls_x509_crq_get_preferred_hash_algorithm (gnutls_x509_crq_t crq, - gnutls_digest_algorithm_t * - hash, unsigned int *mand) -{ - bigint_t params[MAX_PUBLIC_PARAMS_SIZE]; - int params_size; - int ret, i; - - if (crq == NULL) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - - params_size = MAX_PUBLIC_PARAMS_SIZE; - ret = _gnutls_x509_crq_get_mpis (crq, params, ¶ms_size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = - _gnutls_pk_get_hash_algorithm (gnutls_x509_crq_get_pk_algorithm - (crq, NULL), params, params_size, hash, - mand); - - /* release allocated mpis */ - for (i = 0; i < params_size; i++) - { - _gnutls_mpi_release (¶ms[i]); - } - - return ret; -} - - static int rsadsa_crq_get_key_id (gnutls_x509_crq_t crq, int pk, unsigned char *output_data, size_t * output_data_size)