From 1a56892e9f5f6bd3e6c0b16440013d986f8e1cfc Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Tue, 23 Aug 2011 21:37:21 +0200
Subject: keys: Remove obsolete ssh_do_sign().

---
 include/libssh/keys.h |   5 --
 src/keys.c            | 140 --------------------------------------------------
 2 files changed, 145 deletions(-)

diff --git a/include/libssh/keys.h b/include/libssh/keys.h
index f9f683f..1fdc8af 100644
--- a/include/libssh/keys.h
+++ b/include/libssh/keys.h
@@ -71,12 +71,7 @@ ssh_public_key publickey_make_dss(ssh_session session, ssh_buffer buffer);
 ssh_public_key publickey_make_rsa(ssh_session session, ssh_buffer buffer, int type);
 ssh_public_key publickey_from_string(ssh_session session, ssh_string pubkey_s);
 ssh_string signature_to_string(SIGNATURE *sign);
-#if defined HAVE_LIBCRYPTO
-ssh_string RSA_do_sign(const unsigned char *payload, int len, RSA *privkey);
-#endif
 SIGNATURE *signature_from_string(ssh_session session, ssh_string signature,ssh_public_key pubkey,int needed_type);
 void signature_free(SIGNATURE *sign);
-ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf,
-        ssh_private_key privatekey);
 
 #endif /* KEYS_H_ */
diff --git a/src/keys.c b/src/keys.c
index 78b0616..e12fb39 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -295,146 +295,6 @@ void signature_free(SIGNATURE *sign) {
   SAFE_FREE(sign);
 }
 
-#ifdef HAVE_LIBCRYPTO
-/*
- * Maybe the missing function from libcrypto
- *
- * I think now, maybe it's a bad idea to name it has it should have be
- * named in libcrypto
- */
-ssh_string RSA_do_sign(const unsigned char *payload, int len, RSA *privkey) {
-  ssh_string sign = NULL;
-  unsigned char *buffer = NULL;
-  unsigned int size;
-
-  buffer = malloc(RSA_size(privkey));
-  if (buffer == NULL) {
-    return NULL;
-  }
-
-  if (RSA_sign(NID_sha1, payload, len, buffer, &size, privkey) == 0) {
-    SAFE_FREE(buffer);
-    return NULL;
-  }
-
-  sign = ssh_string_new(size);
-  if (sign == NULL) {
-    SAFE_FREE(buffer);
-    return NULL;
-  }
-
-  ssh_string_fill(sign, buffer, size);
-  SAFE_FREE(buffer);
-
-  return sign;
-}
-#endif
-
-/*
- * This function signs the session id (known as H) as a string then
- * the content of sigbuf */
-ssh_string ssh_do_sign(ssh_session session, ssh_buffer sigbuf,
-    ssh_private_key privatekey) {
-  struct ssh_crypto_struct *crypto = session->current_crypto ? session->current_crypto :
-    session->next_crypto;
-  unsigned char hash[SHA_DIGEST_LEN + 1] = {0};
-  ssh_string session_str = NULL;
-  ssh_string signature = NULL;
-  SIGNATURE *sign = NULL;
-  SHACTX ctx = NULL;
-#ifdef HAVE_LIBGCRYPT
-  gcry_sexp_t gcryhash;
-#endif
-
-  session_str = ssh_string_new(crypto->digest_len);
-  if (session_str == NULL) {
-    return NULL;
-  }
-  ssh_string_fill(session_str, crypto->session_id, crypto->digest_len);
-
-  ctx = sha1_init();
-  if (ctx == NULL) {
-    ssh_string_free(session_str);
-    return NULL;
-  }
-
-  sha1_update(ctx, session_str, ssh_string_len(session_str) + 4);
-  ssh_string_free(session_str);
-  sha1_update(ctx, buffer_get_rest(sigbuf), buffer_get_rest_len(sigbuf));
-  sha1_final(hash + 1,ctx);
-  hash[0] = 0;
-
-#ifdef DEBUG_CRYPTO
-  ssh_print_hexa("Hash being signed with dsa", hash + 1, SHA_DIGEST_LEN);
-#endif
-
-  sign = malloc(sizeof(SIGNATURE));
-  if (sign == NULL) {
-    return NULL;
-  }
-
-  switch(privatekey->type) {
-    case SSH_KEYTYPE_DSS:
-#ifdef HAVE_LIBGCRYPT
-      if (gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
-          gcry_pk_sign(&sign->dsa_sign, gcryhash, privatekey->dsa_priv)) {
-        ssh_set_error(session, SSH_FATAL, "Signing: libcrypt error");
-        gcry_sexp_release(gcryhash);
-        signature_free(sign);
-        return NULL;
-      }
-#elif defined HAVE_LIBCRYPTO
-      sign->dsa_sign = DSA_do_sign(hash + 1, SHA_DIGEST_LEN,
-          privatekey->dsa_priv);
-      if (sign->dsa_sign == NULL) {
-        ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
-        signature_free(sign);
-        return NULL;
-      }
-#ifdef DEBUG_CRYPTO
-      ssh_print_bignum("r", sign->dsa_sign->r);
-      ssh_print_bignum("s", sign->dsa_sign->s);
-#endif
-#endif /* HAVE_LIBCRYPTO */
-      sign->rsa_sign = NULL;
-      break;
-    case SSH_KEYTYPE_RSA:
-#ifdef HAVE_LIBGCRYPT
-      if (gcry_sexp_build(&gcryhash, NULL, "(data(flags pkcs1)(hash sha1 %b))",
-            SHA_DIGEST_LEN, hash + 1) ||
-          gcry_pk_sign(&sign->rsa_sign, gcryhash, privatekey->rsa_priv)) {
-        ssh_set_error(session, SSH_FATAL, "Signing: libcrypt error");
-        gcry_sexp_release(gcryhash);
-        signature_free(sign);
-        return NULL;
-      }
-#elif defined HAVE_LIBCRYPTO
-      sign->rsa_sign = RSA_do_sign(hash + 1, SHA_DIGEST_LEN,
-          privatekey->rsa_priv);
-      if (sign->rsa_sign == NULL) {
-        ssh_set_error(session, SSH_FATAL, "Signing: openssl error");
-        signature_free(sign);
-        return NULL;
-      }
-#endif
-      sign->dsa_sign = NULL;
-      break;
-    default:
-      signature_free(sign);
-      return NULL;
-  }
-#ifdef HAVE_LIBGCRYPT
-  gcry_sexp_release(gcryhash);
-#endif
-
-  sign->type = privatekey->type;
-
-  signature = signature_to_string(sign);
-  signature_free(sign);
-
-  return signature;
-}
-
 /** @} */
 
 /* vim: set ts=4 sw=4 et cindent: */
-- 
cgit v1.2.3