Remove legacy sign/verify from EVP_MD.

Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: N Richard Levitte <levitte@openssl.org>

Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: N Richard Levitte <levitte@openssl.org>
7f572e95 · Dr. Stephen Henson · 0aca86b3 · 7f572e95 · 7f572e95 · 7f572e95
25 changed file
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -260,17 +260,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
        rv = 2;

    if (rv == 2) {
-        if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-            if (!pkey->ameth ||
-                !OBJ_find_sigid_by_algs(&signid,
-                                        EVP_MD_nid(type),
-                                        pkey->ameth->pkey_id)) {
-                ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
-                        ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
-                return 0;
-            }
-        } else
-            signid = type->pkey_type;
+        if (!pkey->ameth ||
+            !OBJ_find_sigid_by_algs(&signid,
+                                    EVP_MD_nid(type),
+                                    pkey->ameth->pkey_id)) {
+            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
+                    ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+            return 0;
+        }

        if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
            paramtype = V_ASN1_NULL;

--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -363,7 +363,6 @@ static const EVP_MD test_sha_md = {
    test_sha1_final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA_CTX),
 };

--- a/crypto/evp/Makefile
+++ b/crypto/evp/Makefile
@@ -20,7 +20,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
 	e_rc4.c e_aes.c names.c e_seed.c \
 	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
 	m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
-	m_md5_sha1.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+	m_md5_sha1.c m_mdc2.c m_ripemd.c \
 	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
 	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
 	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
@@ -33,7 +33,7 @@ LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
 	e_rc4.o e_aes.o names.o e_seed.o \
 	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
 	m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
-	m_md5_sha1.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+	m_md5_sha1.o m_mdc2.o m_ripemd.o \
 	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
 	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
 	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
@@ -460,26 +460,6 @@ evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 evp_pkey.o: ../include/internal/asn1_int.h ../include/internal/cryptlib.h
 evp_pkey.o: evp_pkey.c
-m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../include/internal/cryptlib.h m_dss1.c
-m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_ecdsa.o: ../include/internal/cryptlib.h m_ecdsa.c
 m_md2.o: ../../e_os.h ../../include/openssl/bio.h
 m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -75,15 +75,6 @@ void OpenSSL_add_all_digests(void)
    EVP_add_digest(EVP_sha1());
    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-# ifndef OPENSSL_NO_DSA
-    EVP_add_digest(EVP_dss1());
-    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-# endif
-# ifndef OPENSSL_NO_EC
-    EVP_add_digest(EVP_ecdsa());
-# endif
 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
    EVP_add_digest(EVP_mdc2());
 #endif

--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
-/* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dss1_md = {
-    NID_dsa,
-    NID_dsaWithSHA1,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_PKEY_DIGEST,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_NULL_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_dss1(void)
-{
-    return (&dss1_md);
-}
--- a/crypto/evp/m_ecdsa.c
+++ b/crypto/evp/m_ecdsa.c
-/* crypto/evp/m_ecdsa.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ecdsa_md = {
-    NID_ecdsa_with_SHA1,
-    NID_ecdsa_with_SHA1,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_PKEY_DIGEST,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_NULL_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_ecdsa(void)
-{
-    return (&ecdsa_md);
-}
--- a/crypto/evp/m_md4.c
+++ b/crypto/evp/m_md4.c
@@ -94,7 +94,6 @@ static const EVP_MD md4_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    MD4_CBLOCK,
    sizeof(EVP_MD *) + sizeof(MD4_CTX),
 };

--- a/crypto/evp/m_md5.c
+++ b/crypto/evp/m_md5.c
@@ -94,7 +94,6 @@ static const EVP_MD md5_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    MD5_CBLOCK,
    sizeof(EVP_MD *) + sizeof(MD5_CTX),
 };

--- a/crypto/evp/m_md5_sha1.c
+++ b/crypto/evp/m_md5_sha1.c
@@ -171,7 +171,6 @@ static const EVP_MD md5_sha1_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    MD5_CBLOCK,
    sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx),
    ctrl

--- a/crypto/evp/m_mdc2.c
+++ b/crypto/evp/m_mdc2.c
@@ -94,7 +94,6 @@ static const EVP_MD mdc2_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
    MDC2_BLOCK,
    sizeof(EVP_MD *) + sizeof(MDC2_CTX),
 };

--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -87,7 +87,6 @@ static const EVP_MD null_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    0,
    sizeof(EVP_MD *),
 };

--- a/crypto/evp/m_ripemd.c
+++ b/crypto/evp/m_ripemd.c
@@ -94,7 +94,6 @@ static const EVP_MD ripemd160_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    RIPEMD160_CBLOCK,
    sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
 };

--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -139,13 +139,12 @@ static const EVP_MD sha1_md = {
    NID_sha1,
    NID_sha1WithRSAEncryption,
    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    init,
    update,
    final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA_CTX),
    ctrl
@@ -185,13 +184,12 @@ static const EVP_MD sha224_md = {
    NID_sha224,
    NID_sha224WithRSAEncryption,
    SHA224_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    init224,
    update256,
    final256,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA256_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
 };
@@ -205,13 +203,12 @@ static const EVP_MD sha256_md = {
    NID_sha256,
    NID_sha256WithRSAEncryption,
    SHA256_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    init256,
    update256,
    final256,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA256_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
 };
@@ -246,13 +243,12 @@ static const EVP_MD sha384_md = {
    NID_sha384,
    NID_sha384WithRSAEncryption,
    SHA384_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    init384,
    update512,
    final512,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
 };
@@ -266,13 +262,12 @@ static const EVP_MD sha512_md = {
    NID_sha512,
    NID_sha512WithRSAEncryption,
    SHA512_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    init512,
    update512,
    final512,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
 };

--- a/crypto/evp/m_wp.c
+++ b/crypto/evp/m_wp.c
@@ -35,7 +35,6 @@ static const EVP_MD whirlpool_md = {
    final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    WHIRLPOOL_BBLOCK / 8,
    sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
 };

--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -67,7 +67,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 {
    unsigned char m[EVP_MAX_MD_SIZE];
    unsigned int m_len = 0;
-    int i = 0, ok = 0, v = 0;
+    int i = 0;
+    size_t sltmp;
    EVP_PKEY_CTX *pkctx = NULL;

    *siglen = 0;
@@ -86,43 +87,20 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
            return 0;
    }

-    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-        size_t sltmp = (size_t)EVP_PKEY_size(pkey);
-        i = 0;
-        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (pkctx == NULL)
-            goto err;
-        if (EVP_PKEY_sign_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-            goto err;
-        if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
-            goto err;
-        *siglen = sltmp;
-        i = 1;
+    sltmp = (size_t)EVP_PKEY_size(pkey);
+    i = 0;
+    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (pkctx == NULL)
+        goto err;
+    if (EVP_PKEY_sign_init(pkctx) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+        goto err;
+    if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+        goto err;
+    *siglen = sltmp;
+    i = 1;
 err:
        EVP_PKEY_CTX_free(pkctx);
        return i;
-    }
-
-    for (i = 0; i < 4; i++) {
-        v = ctx->digest->required_pkey_type[i];
-        if (v == 0)
-            break;
-        if (pkey->type == v) {
-            ok = 1;
-            break;
-        }
-    }
-    if (!ok) {
-        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-        return (0);
-    }
-
-    if (ctx->digest->sign == NULL) {
-        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
-        return (0);
-    }
-    return ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
-                             pkey->pkey.ptr);
 }
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -67,7 +67,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
 {
    unsigned char m[EVP_MAX_MD_SIZE];
    unsigned int m_len = 0;
-    int i = 0, ok = 0, v = 0;
+    int i = 0;
    EVP_PKEY_CTX *pkctx = NULL;

    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
@@ -85,39 +85,16 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
            return 0;
    }

-    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-        i = -1;
-        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (pkctx == NULL)
-            goto err;
-        if (EVP_PKEY_verify_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-            goto err;
-        i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+    i = -1;
+    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (pkctx == NULL)
+        goto err;
+    if (EVP_PKEY_verify_init(pkctx) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+        goto err;
+    i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
 err:
-        EVP_PKEY_CTX_free(pkctx);
-        return i;
-    }
-
-    for (i = 0; i < 4; i++) {
-        v = ctx->digest->required_pkey_type[i];
-        if (v == 0)
-            break;
-        if (pkey->type == v) {
-            ok = 1;
-            break;
-        }
-    }
-    if (!ok) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-        return (-1);
-    }
-    if (ctx->digest->verify == NULL) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
-        return (0);
-    }
-
-    return (ctx->digest->verify(ctx->digest->type, m, m_len,
-                                sigbuf, siglen, pkey->pkey.ptr));
+    EVP_PKEY_CTX_free(pkctx);
+    return i;
 }
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -377,20 +377,43 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,

 static int check_padding_md(const EVP_MD *md, int padding)
 {
+    int mdnid;
    if (!md)
        return 1;

+    mdnid = EVP_MD_type(md);
+
    if (padding == RSA_NO_PADDING) {
        RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
        return 0;
    }

    if (padding == RSA_X931_PADDING) {
-        if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
+        if (RSA_X931_hash_id(mdnid) == -1) {
            RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST);
            return 0;
        }
-        return 1;
+    } else {
+        switch(mdnid) {
+        /* List of all supported RSA digests */
+        case NID_sha1:
+        case NID_sha224:
+        case NID_sha256:
+        case NID_sha384:
+        case NID_sha512:
+        case NID_md5:
+        case NID_md5_sha1:
+        case NID_md2:
+        case NID_md4:
+        case NID_mdc2:
+        case NID_ripemd160:
+            return 1;
+
+        default:
+            RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_DIGEST);
+            return 0;
+
+        }
    }

    return 1;

--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -7,7 +7,7 @@ EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
 EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type,
 EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
 EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1,
-EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss1, EVP_mdc2,
+EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_mdc2,
 EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
 EVP digest routines

@@ -50,7 +50,6 @@ EVP digest routines
 const EVP_MD *EVP_md2(void);
 const EVP_MD *EVP_md5(void);
 const EVP_MD *EVP_sha1(void);
- const EVP_MD *EVP_dss1(void);
 const EVP_MD *EVP_mdc2(void);
 const EVP_MD *EVP_ripemd160(void);

@@ -137,11 +136,6 @@ EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
 structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
 and RIPEMD160 digest algorithms respectively.

-EVP_dss1() returns B<EVP_MD> an structure the SHA1 digest
-algorithm but using DSS (DSA) for the signature algorithm. Note: there is
-no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
-however retained for compatibility.
-
 EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
 returns is of zero length.

@@ -164,7 +158,7 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
 EVP_MD_CTX_block_size() return the digest or block size in bytes.

 EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
+EVP_mdc2() and EVP_ripemd160() return pointers to the
 corresponding EVP_MD structures.

 EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
@@ -261,7 +255,7 @@ L<evp(3)>
 =head1 HISTORY

 The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
-later, so now EVP_sha1() can be used with RSA and DSA; there is no need to
-use EVP_dss1() any more.
+later, so now EVP_sha1() can be used with RSA and DSA. The legacy EVP_dss1()
+was removed in OpenSSL 1.1.0

 =cut
--- a/engines/ccgost/gost_crypt.c
+++ b/engines/ccgost/gost_crypt.c
@@ -95,9 +95,6 @@ EVP_MD imit_gost_cpa = {
    gost_imit_final,
    gost_imit_copy,
    gost_imit_cleanup,
-    NULL,
-    NULL,
-    {0, 0, 0, 0, 0},
    8,
    sizeof(struct ossl_gost_imit_ctx),
    gost_imit_ctrl

--- a/engines/ccgost/gost_md.c
+++ b/engines/ccgost/gost_md.c
@@ -23,15 +23,12 @@ EVP_MD digest_gost = {
    NID_id_GostR3411_94,
    NID_undef,
    32,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+    0,
    gost_digest_init,
    gost_digest_update,
    gost_digest_final,
    gost_digest_copy,
    gost_digest_cleanup,
-    NULL,
-    NULL,
-    {NID_undef, NID_undef, 0, 0, 0},
    32,
    sizeof(struct ossl_gost_digest_ctx),
    NULL

--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -94,13 +94,12 @@ static const EVP_MD dasync_sha1 = {
    NID_sha1,
    NID_sha1WithRSAEncryption,
    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    dasync_sha1_init,
    dasync_sha1_update,
    dasync_sha1_final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA_CTX),
 };

--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -107,7 +107,6 @@ static const EVP_MD digest_md5 = {
    digest_md5_final,
    NULL,
    NULL,
-    EVP_PKEY_RSA_method,
    MD5_CBLOCK,
    sizeof(EVP_MD *) + sizeof(MD5_CTX),
 };
@@ -122,13 +121,12 @@ static const EVP_MD digest_sha1 = {
    NID_sha1,
    NID_sha1WithRSAEncryption,
    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    digest_sha1_init,
    digest_sha1_update,
    digest_sha1_final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA_CTX),
 };
@@ -143,13 +141,12 @@ static const EVP_MD digest_sha256 = {
    NID_sha256,
    NID_sha256WithRSAEncryption,
    SHA256_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    digest_sha256_init,
    digest_sha256_update,
    digest_sha256_final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA256_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
 };
@@ -166,13 +163,12 @@ static const EVP_MD digest_sha384 = {
    NID_sha384,
    NID_sha384WithRSAEncryption,
    SHA384_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    digest_sha384_init,
    digest_sha512_update,
    digest_sha384_final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
 };
@@ -181,13 +177,12 @@ static const EVP_MD digest_sha512 = {
    NID_sha512,
    NID_sha512WithRSAEncryption,
    SHA512_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    EVP_MD_FLAG_DIGALGID_ABSENT,
    digest_sha512_init,
    digest_sha512_update,
    digest_sha512_final,
    NULL,
    NULL,
-    EVP_PKEY_NULL_method,
    SHA512_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
 };

--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -158,42 +158,15 @@ struct evp_md_st {
    int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
    int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
    int (*cleanup) (EVP_MD_CTX *ctx);
-    /* FIXME: prototype these some day */
-    int (*sign) (int type, const unsigned char *m, unsigned int m_length,
-                 unsigned char *sigret, unsigned int *siglen, void *key);
-    int (*verify) (int type, const unsigned char *m, unsigned int m_length,
-                   const unsigned char *sigbuf, unsigned int siglen,
-                   void *key);
-    int required_pkey_type[5];  /* EVP_PKEY_xxx */
    int block_size;
    int ctx_size;               /* how big does the ctx->md_data need to be */
    /* control function */
    int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
 } /* EVP_MD */ ;

-typedef int evp_sign_method(int type, const unsigned char *m,
-                            unsigned int m_length, unsigned char *sigret,
-                            unsigned int *siglen, void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
-                              unsigned int m_length,
-                              const unsigned char *sigbuf,
-                              unsigned int siglen, void *key);
-
 /* digest can only handle a single block */
 #  define EVP_MD_FLAG_ONESHOT     0x0001

-/*
- * digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc
- */
-#  define EVP_MD_FLAG_PKEY_DIGEST 0x0002
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-#  define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE       0x0004
-
 /* DigestAlgorithmIdentifier flags... */

 #  define EVP_MD_FLAG_DIGALGID_MASK               0x0018
@@ -222,38 +195,6 @@ typedef int evp_verify_method(int type, const unsigned char *m,

 #  define EVP_MD_CTRL_ALG_CTRL                    0x1000

-#  define EVP_PKEY_NULL_method    NULL,NULL,{0,0,0,0}
-
-#  ifndef OPENSSL_NO_DSA
-#   define EVP_PKEY_DSA_method     (evp_sign_method *)DSA_sign, \
-                                (evp_verify_method *)DSA_verify, \
-                                {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
-                                        EVP_PKEY_DSA4,0}
-#  else
-#   define EVP_PKEY_DSA_method     EVP_PKEY_NULL_method
-#  endif
-
-#  ifndef OPENSSL_NO_EC
-#   define EVP_PKEY_ECDSA_method   (evp_sign_method *)ECDSA_sign, \
-                                (evp_verify_method *)ECDSA_verify, \
-                                 {EVP_PKEY_EC,0,0,0}
-#  else
-#   define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-#   define EVP_PKEY_RSA_method     (evp_sign_method *)RSA_sign, \
-                                (evp_verify_method *)RSA_verify, \
-                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
-                                (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
-                                (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
-                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#  else
-#   define EVP_PKEY_RSA_method     EVP_PKEY_NULL_method
-#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#  endif
-
 # endif                         /* !EVP_MD */

 struct evp_md_ctx_st {
@@ -772,8 +713,6 @@ const EVP_MD *EVP_md5(void);
 const EVP_MD *EVP_md5_sha1(void);
 # endif
 const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
 const EVP_MD *EVP_sha224(void);
 const EVP_MD *EVP_sha256(void);
 const EVP_MD *EVP_sha384(void);

--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -121,15 +121,6 @@ int SSL_library_init(void)
    EVP_add_digest(EVP_sha256());
    EVP_add_digest(EVP_sha384());
    EVP_add_digest(EVP_sha512());
-#if !defined(OPENSSL_NO_DSA)
-    EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
-    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-#endif
-#ifndef OPENSSL_NO_EC
-    EVP_add_digest(EVP_ecdsa());
-#endif
 #ifndef OPENSSL_NO_COMP
    /*
     * This will initialise the built-in compression algorithms. The value

--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -196,7 +196,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)

    EVP_MD_CTX_init(&md_ctx);
    /* get the message digest */
-    if (!EVP_DigestInit(&md_ctx, EVP_ecdsa())
+    if (!EVP_DigestInit(&md_ctx, EVP_sha1())
        || !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
        || !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
        goto x962_int_err;