Remove SHA-0 support.

SHA-0 was withdrawn shortly after publication 20 years ago and replaced
with SHA-1.  This will require a major crank.

ok bcook@, jsing@

25 files changed, 36 insertions, 825 deletions

diff --git a/lib/libcrypto/crypto/Makefile b/lib/libcrypto/crypto/Makefile
index 410511fd60c..76a099cd5bf 100644
--- a/lib/libcrypto/crypto/Makefile
+++ b/lib/libcrypto/crypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.62 2015/09/13 12:27:14 jsing Exp $
+# $OpenBSD: Makefile,v 1.63 2015/09/13 21:09:56 doug Exp $
 
 LIB=	crypto
 
@@ -144,7 +144,7 @@ SRCS+= encode.c digest.c evp_enc.c evp_key.c
 SRCS+= e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c
 SRCS+= e_rc4.c e_aes.c names.c
 SRCS+= e_xcbc_d.c e_rc2.c e_cast.c
-SRCS+= m_null.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c
+SRCS+= m_null.c m_md4.c m_md5.c m_sha1.c m_wp.c
 SRCS+= m_dss.c m_dss1.c m_ripemd.c m_ecdsa.c
 SRCS+= p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c
 SRCS+= bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c
@@ -221,7 +221,7 @@ SRCS+= rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c
 SRCS+= rsa_pmeth.c rsa_crpt.c
 
 # sha/
-SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
+SRCS+= sha1dgst.c sha1_one.c sha256.c sha512.c
 
 # stack/
 SRCS+= stack.c
diff --git a/lib/libcrypto/doc/EVP_DigestInit.pod b/lib/libcrypto/doc/EVP_DigestInit.pod
index ccb19fc0a78..0d2c2e03b91 100644
--- a/lib/libcrypto/doc/EVP_DigestInit.pod
+++ b/lib/libcrypto/doc/EVP_DigestInit.pod
@@ -6,7 +6,7 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
 EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
 EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type,
 EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
-EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha,
+EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5
 EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1,
 EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid,
 EVP_get_digestbyobj - EVP digest routines
@@ -49,7 +49,6 @@ EVP_get_digestbyobj - EVP digest routines
  const EVP_MD *EVP_md_null(void);
  const EVP_MD *EVP_md2(void);
  const EVP_MD *EVP_md5(void);
- const EVP_MD *EVP_sha(void);
  const EVP_MD *EVP_sha1(void);
  const EVP_MD *EVP_dss(void);
  const EVP_MD *EVP_dss1(void);
@@ -132,12 +131,12 @@ this will return B<NID_sha1WithRSAEncryption>. Since digests and signature
 algorithms are no longer linked this function is only retained for
 compatibility reasons.
 
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
-EVP_sha384(), EVP_sha512() and EVP_ripemd160() return B<EVP_MD>
-structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512
-and RIPEMD160 digest algorithms respectively.
+EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(),
+EVP_sha512() and EVP_ripemd160() return B<EVP_MD> structures for the MD2, MD5,
+SHA1, SHA224, SHA256, SHA384, SHA512 and RIPEMD160 digest algorithms
+respectively.
 
-EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
+EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA1 digest
 algorithms but using DSS (DSA) for the signature algorithm. Note: there is
 no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
 however retained for compatibility.
diff --git a/lib/libcrypto/evp/c_all.c b/lib/libcrypto/evp/c_all.c
index 5f9df3a7ad8..6568f2ba5a9 100644
--- a/lib/libcrypto/evp/c_all.c
+++ b/lib/libcrypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.17 2015/06/20 01:07:24 doug Exp $ */
+/* $OpenBSD: c_all.c,v 1.18 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -238,8 +238,7 @@ OpenSSL_add_all_digests(void)
 	EVP_add_digest_alias(SN_md5, "ssl3-md5");
 #endif
 
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-	EVP_add_digest(EVP_sha());
+#if !defined(OPENSSL_NO_SHA)
 #ifndef OPENSSL_NO_DSA
 	EVP_add_digest(EVP_dss());
 #endif
diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h
index 57f8753ced1..c9a11c3a5f7 100644
--- a/lib/libcrypto/evp/evp.h
+++ b/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.45 2015/06/20 01:07:24 doug Exp $ */
+/* $OpenBSD: evp.h,v 1.46 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -655,7 +655,6 @@ const EVP_MD *EVP_md4(void);
 const EVP_MD *EVP_md5(void);
 #endif
 #ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha(void);
 const EVP_MD *EVP_sha1(void);
 const EVP_MD *EVP_dss(void);
 const EVP_MD *EVP_dss1(void);
diff --git a/lib/libcrypto/evp/m_sha.c b/lib/libcrypto/evp/m_sha.c
deleted file mode 100644
index c8de337839e..00000000000
--- a/lib/libcrypto/evp/m_sha.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: m_sha.c,v 1.16 2014/07/13 09:30:02 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha_md = {
-	.type = NID_sha,
-	.pkey_type = NID_shaWithRSAEncryption,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_sha(void)
-{
-	return (&sha_md);
-}
-#endif
diff --git a/lib/libcrypto/opensslfeatures.h b/lib/libcrypto/opensslfeatures.h
index 6b6784754dd..ba4dbba9596 100644
--- a/lib/libcrypto/opensslfeatures.h
+++ b/lib/libcrypto/opensslfeatures.h
@@ -13,6 +13,7 @@
 # define OPENSSL_NO_RSAX
 # define OPENSSL_NO_SCTP
 # define OPENSSL_NO_SEED
+# define OPENSSL_NO_SHA0
 # define OPENSSL_NO_SRP
 # define OPENSSL_NO_SSL2
 # define OPENSSL_NO_SSL3
diff --git a/lib/libcrypto/sha/sha.h b/lib/libcrypto/sha/sha.h
index d890175159f..87fdf8d186f 100644
--- a/lib/libcrypto/sha/sha.h
+++ b/lib/libcrypto/sha/sha.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha.h,v 1.20 2014/10/20 13:06:54 bcook Exp $ */
+/* $OpenBSD: sha.h,v 1.21 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,7 +70,7 @@
 extern "C" {
 #endif
 
-#if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
 #error SHA is disabled.
 #endif
 
@@ -97,15 +97,6 @@ typedef struct SHAstate_st
 	unsigned int num;
 	} SHA_CTX;
 
-#ifndef OPENSSL_NO_SHA0
-int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
 #ifndef OPENSSL_NO_SHA1
 int SHA1_Init(SHA_CTX *c);
 int SHA1_Update(SHA_CTX *c, const void *data, size_t len)
diff --git a/lib/libcrypto/sha/sha1dgst.c b/lib/libcrypto/sha/sha1dgst.c
index aac27bdd2d3..583d1068ba4 100644
--- a/lib/libcrypto/sha/sha1dgst.c
+++ b/lib/libcrypto/sha/sha1dgst.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha1dgst.c,v 1.13 2014/07/10 22:45:58 jsing Exp $ */
+/* $OpenBSD: sha1dgst.c,v 1.14 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -62,9 +62,6 @@
 
 #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
 
-#undef  SHA_0
-#define SHA_1
-
 #include <openssl/opensslv.h>
 
 /* The implementation is in ../md32_common.h */
diff --git a/lib/libcrypto/sha/sha_dgst.c b/lib/libcrypto/sha/sha_dgst.c
deleted file mode 100644
index bb8c0c244ff..00000000000
--- a/lib/libcrypto/sha/sha_dgst.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* $OpenBSD: sha_dgst.c,v 1.12 2014/07/10 22:45:58 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-
-#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
-
-#undef  SHA_1
-#define SHA_0
-
-#include <openssl/opensslv.h>
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
diff --git a/lib/libcrypto/sha/sha_locl.h b/lib/libcrypto/sha/sha_locl.h
index f2f9a31ee7f..f56ac5b9b74 100644
--- a/lib/libcrypto/sha/sha_locl.h
+++ b/lib/libcrypto/sha/sha_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha_locl.h,v 1.19 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: sha_locl.h,v 1.20 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -76,19 +76,6 @@
 	ll=(c)->h4; HOST_l2c(ll,(s));	\
 	} while (0)
 
-#if defined(SHA_0)
-
-# define HASH_UPDATE             	SHA_Update
-# define HASH_TRANSFORM          	SHA_Transform
-# define HASH_FINAL              	SHA_Final
-# define HASH_INIT			SHA_Init
-# define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))
-
-static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
-
-#elif defined(SHA_1)
-
 # define HASH_UPDATE             	SHA1_Update
 # define HASH_TRANSFORM          	SHA1_Transform
 # define HASH_FINAL              	SHA1_Final
@@ -103,10 +90,6 @@ static
 #endif
 void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
 
-#else
-# error "Either SHA_0 or SHA_1 must be defined."
-#endif
-
 #include "md32_common.h"
 
 #define INIT_DATA_h0 0x67452301UL
@@ -115,11 +98,7 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
 #define INIT_DATA_h3 0x10325476UL
 #define INIT_DATA_h4 0xc3d2e1f0UL
 
-#ifdef SHA_0
-int SHA_Init(SHA_CTX *c)
-#else
 int SHA1_Init(SHA_CTX *c)
-#endif
 	{
 	memset (c,0,sizeof(*c));
 	c->h0=INIT_DATA_h0;
@@ -201,7 +180,7 @@ int SHA1_Init(SHA_CTX *c)
 # define X(i)	XX[i]
 #endif
 
-#if !defined(SHA_1) || !defined(SHA1_ASM)
+#if !defined(SHA1_ASM)
 #include <machine/endian.h>
 static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
@@ -387,7 +366,7 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	E=D, D=C, C=ROTATE(B,30), B=A;	\
 	A=ROTATE(A,5)+T+xa;	    } while(0)
 
-#if !defined(SHA_1) || !defined(SHA1_ASM)
+#if !defined(SHA1_ASM)
 static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
 	const unsigned char *data=p;
diff --git a/lib/libcrypto/sha/sha_one.c b/lib/libcrypto/sha/sha_one.c
deleted file mode 100644
index ad04021eb1d..00000000000
--- a/lib/libcrypto/sha/sha_one.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* $OpenBSD: sha_one.c,v 1.9 2015/09/10 15:56:26 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_SHA0
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA_CTX c;
-	static unsigned char m[SHA_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!SHA_Init(&c))
-		return NULL;
-	SHA_Update(&c,d,n);
-	SHA_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-#endif
diff --git a/lib/libssl/src/crypto/evp/c_all.c b/lib/libssl/src/crypto/evp/c_all.c
index 5f9df3a7ad8..6568f2ba5a9 100644
--- a/lib/libssl/src/crypto/evp/c_all.c
+++ b/lib/libssl/src/crypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.17 2015/06/20 01:07:24 doug Exp $ */
+/* $OpenBSD: c_all.c,v 1.18 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -238,8 +238,7 @@ OpenSSL_add_all_digests(void)
 	EVP_add_digest_alias(SN_md5, "ssl3-md5");
 #endif
 
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-	EVP_add_digest(EVP_sha());
+#if !defined(OPENSSL_NO_SHA)
 #ifndef OPENSSL_NO_DSA
 	EVP_add_digest(EVP_dss());
 #endif
diff --git a/lib/libssl/src/crypto/evp/evp.h b/lib/libssl/src/crypto/evp/evp.h
index 57f8753ced1..c9a11c3a5f7 100644
--- a/lib/libssl/src/crypto/evp/evp.h
+++ b/lib/libssl/src/crypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.45 2015/06/20 01:07:24 doug Exp $ */
+/* $OpenBSD: evp.h,v 1.46 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -655,7 +655,6 @@ const EVP_MD *EVP_md4(void);
 const EVP_MD *EVP_md5(void);
 #endif
 #ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha(void);
 const EVP_MD *EVP_sha1(void);
 const EVP_MD *EVP_dss(void);
 const EVP_MD *EVP_dss1(void);
diff --git a/lib/libssl/src/crypto/evp/m_sha.c b/lib/libssl/src/crypto/evp/m_sha.c
deleted file mode 100644
index c8de337839e..00000000000
--- a/lib/libssl/src/crypto/evp/m_sha.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: m_sha.c,v 1.16 2014/07/13 09:30:02 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha_md = {
-	.type = NID_sha,
-	.pkey_type = NID_shaWithRSAEncryption,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_sha(void)
-{
-	return (&sha_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/opensslfeatures.h b/lib/libssl/src/crypto/opensslfeatures.h
index 6b6784754dd..ba4dbba9596 100644
--- a/lib/libssl/src/crypto/opensslfeatures.h
+++ b/lib/libssl/src/crypto/opensslfeatures.h
@@ -13,6 +13,7 @@
 # define OPENSSL_NO_RSAX
 # define OPENSSL_NO_SCTP
 # define OPENSSL_NO_SEED
+# define OPENSSL_NO_SHA0
 # define OPENSSL_NO_SRP
 # define OPENSSL_NO_SSL2
 # define OPENSSL_NO_SSL3
diff --git a/lib/libssl/src/crypto/sha/sha.h b/lib/libssl/src/crypto/sha/sha.h
index d890175159f..87fdf8d186f 100644
--- a/lib/libssl/src/crypto/sha/sha.h
+++ b/lib/libssl/src/crypto/sha/sha.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha.h,v 1.20 2014/10/20 13:06:54 bcook Exp $ */
+/* $OpenBSD: sha.h,v 1.21 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,7 +70,7 @@
 extern "C" {
 #endif
 
-#if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
 #error SHA is disabled.
 #endif
 
@@ -97,15 +97,6 @@ typedef struct SHAstate_st
 	unsigned int num;
 	} SHA_CTX;
 
-#ifndef OPENSSL_NO_SHA0
-int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
 #ifndef OPENSSL_NO_SHA1
 int SHA1_Init(SHA_CTX *c);
 int SHA1_Update(SHA_CTX *c, const void *data, size_t len)
diff --git a/lib/libssl/src/crypto/sha/sha1dgst.c b/lib/libssl/src/crypto/sha/sha1dgst.c
index aac27bdd2d3..583d1068ba4 100644
--- a/lib/libssl/src/crypto/sha/sha1dgst.c
+++ b/lib/libssl/src/crypto/sha/sha1dgst.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha1dgst.c,v 1.13 2014/07/10 22:45:58 jsing Exp $ */
+/* $OpenBSD: sha1dgst.c,v 1.14 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -62,9 +62,6 @@
 
 #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
 
-#undef  SHA_0
-#define SHA_1
-
 #include <openssl/opensslv.h>
 
 /* The implementation is in ../md32_common.h */
diff --git a/lib/libssl/src/crypto/sha/sha_dgst.c b/lib/libssl/src/crypto/sha/sha_dgst.c
deleted file mode 100644
index bb8c0c244ff..00000000000
--- a/lib/libssl/src/crypto/sha/sha_dgst.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* $OpenBSD: sha_dgst.c,v 1.12 2014/07/10 22:45:58 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-
-#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
-
-#undef  SHA_1
-#define SHA_0
-
-#include <openssl/opensslv.h>
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
diff --git a/lib/libssl/src/crypto/sha/sha_locl.h b/lib/libssl/src/crypto/sha/sha_locl.h
index f2f9a31ee7f..f56ac5b9b74 100644
--- a/lib/libssl/src/crypto/sha/sha_locl.h
+++ b/lib/libssl/src/crypto/sha/sha_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha_locl.h,v 1.19 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: sha_locl.h,v 1.20 2015/09/13 21:09:56 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -76,19 +76,6 @@
 	ll=(c)->h4; HOST_l2c(ll,(s));	\
 	} while (0)
 
-#if defined(SHA_0)
-
-# define HASH_UPDATE             	SHA_Update
-# define HASH_TRANSFORM          	SHA_Transform
-# define HASH_FINAL              	SHA_Final
-# define HASH_INIT			SHA_Init
-# define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))
-
-static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
-
-#elif defined(SHA_1)
-
 # define HASH_UPDATE             	SHA1_Update
 # define HASH_TRANSFORM          	SHA1_Transform
 # define HASH_FINAL              	SHA1_Final
@@ -103,10 +90,6 @@ static
 #endif
 void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
 
-#else
-# error "Either SHA_0 or SHA_1 must be defined."
-#endif
-
 #include "md32_common.h"
 
 #define INIT_DATA_h0 0x67452301UL
@@ -115,11 +98,7 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
 #define INIT_DATA_h3 0x10325476UL
 #define INIT_DATA_h4 0xc3d2e1f0UL
 
-#ifdef SHA_0
-int SHA_Init(SHA_CTX *c)
-#else
 int SHA1_Init(SHA_CTX *c)
-#endif
 	{
 	memset (c,0,sizeof(*c));
 	c->h0=INIT_DATA_h0;
@@ -201,7 +180,7 @@ int SHA1_Init(SHA_CTX *c)
 # define X(i)	XX[i]
 #endif
 
-#if !defined(SHA_1) || !defined(SHA1_ASM)
+#if !defined(SHA1_ASM)
 #include <machine/endian.h>
 static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
@@ -387,7 +366,7 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	E=D, D=C, C=ROTATE(B,30), B=A;	\
 	A=ROTATE(A,5)+T+xa;	    } while(0)
 
-#if !defined(SHA_1) || !defined(SHA1_ASM)
+#if !defined(SHA1_ASM)
 static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
 	const unsigned char *data=p;
diff --git a/lib/libssl/src/crypto/sha/sha_one.c b/lib/libssl/src/crypto/sha/sha_one.c
deleted file mode 100644
index ad04021eb1d..00000000000
--- a/lib/libssl/src/crypto/sha/sha_one.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* $OpenBSD: sha_one.c,v 1.9 2015/09/10 15:56:26 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_SHA0
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA_CTX c;
-	static unsigned char m[SHA_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!SHA_Init(&c))
-		return NULL;
-	SHA_Update(&c,d,n);
-	SHA_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-#endif
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index ccb19fc0a78..0d2c2e03b91 100644
--- a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -6,7 +6,7 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
 EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
 EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type,
 EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
-EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha,
+EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5
 EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1,
 EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid,
 EVP_get_digestbyobj - EVP digest routines
@@ -49,7 +49,6 @@ EVP_get_digestbyobj - EVP digest routines
  const EVP_MD *EVP_md_null(void);
  const EVP_MD *EVP_md2(void);
  const EVP_MD *EVP_md5(void);
- const EVP_MD *EVP_sha(void);
  const EVP_MD *EVP_sha1(void);
  const EVP_MD *EVP_dss(void);
  const EVP_MD *EVP_dss1(void);
@@ -132,12 +131,12 @@ this will return B<NID_sha1WithRSAEncryption>. Since digests and signature
 algorithms are no longer linked this function is only retained for
 compatibility reasons.
 
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
-EVP_sha384(), EVP_sha512() and EVP_ripemd160() return B<EVP_MD>
-structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512
-and RIPEMD160 digest algorithms respectively.
+EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(),
+EVP_sha512() and EVP_ripemd160() return B<EVP_MD> structures for the MD2, MD5,
+SHA1, SHA224, SHA256, SHA384, SHA512 and RIPEMD160 digest algorithms
+respectively.
 
-EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
+EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA1 digest
 algorithms but using DSS (DSA) for the signature algorithm. Note: there is
 no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
 however retained for compatibility.
diff --git a/regress/lib/libcrypto/Makefile b/regress/lib/libcrypto/Makefile
index b2247a7b291..a6c1bbffd3f 100644
--- a/regress/lib/libcrypto/Makefile
+++ b/regress/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.18 2015/06/20 01:07:25 doug Exp $
+#	$OpenBSD: Makefile,v 1.19 2015/09/13 21:09:56 doug Exp $
 
 SUBDIR= \
 	aead \
@@ -34,7 +34,6 @@ SUBDIR= \
 	rc2 \
 	rc4 \
 	rmd \
-	sha \
 	sha1 \
 	sha2 \
 	sha256 \
diff --git a/regress/lib/libcrypto/sha/Makefile b/regress/lib/libcrypto/sha/Makefile
deleted file mode 100644
index 249fb9956e3..00000000000
--- a/regress/lib/libcrypto/sha/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
-#	$OpenBSD: Makefile,v 1.3 2014/07/08 15:53:53 jsing Exp $
-
-PROG=	shatest
-LDADD=	-lcrypto
-DPADD=	${LIBCRYPTO}
-WARNINGS=	Yes
-CFLAGS+=	-DLIBRESSL_INTERNAL -Werror
-
-.include <bsd.regress.mk>
diff --git a/regress/lib/libcrypto/sha/shatest.c b/regress/lib/libcrypto/sha/shatest.c
deleted file mode 100644
index d04e6ac6aae..00000000000
--- a/regress/lib/libcrypto/sha/shatest.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/sha/shatest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#define SHA_0 /* FIPS 180 */
-#undef  SHA_1 /* FIPS 180-1 */
-
-static char *test[]={
-	"abc",
-	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-	NULL,
-	};
-
-#ifdef SHA_0
-static char *ret[]={
-	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
-	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-	};
-static char *bigret=
-	"3232affa48628a26653b5aaa44541fd90d690603";
-#endif
-#ifdef SHA_1
-static char *ret[]={
-	"a9993e364706816aba3e25717850c26c9cd0d89d",
-	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
-	};
-static char *bigret=
-	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-#endif
-
-static char *pt(unsigned char *md);
-int main(int argc, char *argv[])
-	{
-	int i,err=0;
-	char **P,**R;
-	static unsigned char buf[1000];
-	char *p,*r;
-	EVP_MD_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
-
-	EVP_MD_CTX_init(&c);
-	P=test;
-	R=ret;
-	i=1;
-	while (*P != NULL)
-		{
-		EVP_Digest(*P,strlen(*P),md,NULL,EVP_sha(), NULL);
-		p=pt(md);
-		if (strcmp(p,*R) != 0)
-			{
-			printf("error calculating SHA on '%s'\n",*P);
-			printf("got %s instead of %s\n",p,*R);
-			err++;
-			}
-		else
-			printf("test %d ok\n",i);
-		i++;
-		R++;
-		P++;
-		}
-
-	memset(buf,'a',1000);
-	EVP_DigestInit_ex(&c,EVP_sha(), NULL);
-	for (i=0; i<1000; i++)
-		EVP_DigestUpdate(&c,buf,1000);
-	EVP_DigestFinal_ex(&c,md,NULL);
-	p=pt(md);
-
-	r=bigret;
-	if (strcmp(p,r) != 0)
-		{
-		printf("error calculating SHA on '%s'\n",p);
-		printf("got %s instead of %s\n",p,r);
-		err++;
-		}
-	else
-		printf("test 3 ok\n");
-
-	EVP_MD_CTX_cleanup(&c);
-	exit(err);
-	}
-
-static char *pt(unsigned char *md)
-	{
-	int i;
-	static char buf[80];
-
-	for (i=0; i<SHA_DIGEST_LENGTH; i++)
-		snprintf(buf + i*2, sizeof(buf) - i*2, "%02x",md[i]);
-	return(buf);
-	}
diff --git a/regress/lib/libcrypto/sha1/sha1test.c b/regress/lib/libcrypto/sha1/sha1test.c
index 4a18a31459d..b7251b31dc2 100644
--- a/regress/lib/libcrypto/sha1/sha1test.c
+++ b/regress/lib/libcrypto/sha1/sha1test.c
@@ -63,31 +63,18 @@
 #include <openssl/evp.h>
 #include <openssl/sha.h>
 
-#undef SHA_0 /* FIPS 180 */
-#define  SHA_1 /* FIPS 180-1 */
-
 static char *test[]={
 	"abc",
 	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
 	NULL,
 	};
 
-#ifdef SHA_0
-static char *ret[]={
-	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
-	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
-	};
-static char *bigret=
-	"3232affa48628a26653b5aaa44541fd90d690603";
-#endif
-#ifdef SHA_1
 static char *ret[]={
 	"a9993e364706816aba3e25717850c26c9cd0d89d",
 	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
 	};
 static char *bigret=
 	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
-#endif
 
 static char *pt(unsigned char *md);
 int main(int argc, char *argv[])