diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-26 15:04:32 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-09-13 07:52:17 +0000 |
commit | a3ab260da51260ddb9126b3f4e57579cdffaa2ca (patch) | |
tree | c9c3711e916966404633ab6f400ce54e380b4125 /lib | |
parent | 4dea5ce73de8c7b8ebd12f8b1bc6210e54101488 (diff) | |
download | gnutls-a3ab260da51260ddb9126b3f4e57579cdffaa2ca.tar.gz |
algorithms/sign: removed TLS identifiers for legacy algorithms
That is, for the MD5-using algorithms, as well as for the DSA2
signature algorithms that were never really used with TLS 1.2.
Kept DSA-SHA1 in order to be used by TLS 1.2 and legacy applications.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/algorithms/sign.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index 84015fc2b3..e7c225a795 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -266,21 +266,21 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .id = GNUTLS_SIGN_DSA_SHA256, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA256, - .aid = {{4, 2}}}, + .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "RSA-MD5", .oid = SIG_RSA_MD5_OID, .id = GNUTLS_SIGN_RSA_MD5, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_MD5, .slevel = _INSECURE, - .aid = {{1, 1}}}, + .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "RSA-MD5", .oid = "1.3.14.3.2.25", .id = GNUTLS_SIGN_RSA_MD5, .pk = GNUTLS_PK_RSA, .hash = GNUTLS_DIG_MD5, .slevel = _INSECURE, - .aid = {{1, 1}}}, + .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "RSA-MD2", .oid = SIG_RSA_MD2_OID, .id = GNUTLS_SIGN_RSA_MD2, @@ -318,14 +318,13 @@ static const gnutls_sign_entry_st sign_algorithms[] = { .id = GNUTLS_SIGN_DSA_SHA384, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA384, - .aid = {{5, 2}}}, + .aid = TLS_SIGN_AID_UNKNOWN}, {.name = "DSA-SHA512", .oid = SIG_DSA_SHA512_OID, .id = GNUTLS_SIGN_DSA_SHA512, .pk = GNUTLS_PK_DSA, .hash = GNUTLS_DIG_SHA512, - .aid = {{6, 2}}}, - + .aid = TLS_SIGN_AID_UNKNOWN}, {0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN} }; |