[crypto] Allow algorithms to be included without being OID-identifiable

There are many ways in which the object for a cryptographic algorithm
may be included, even if not explicitly enabled in config/crypto.h.
For example: the MD5 algorithm is required by TLSv1.1 or earlier, by
iSCSI CHAP authentication, by HTTP digest authentication, and by NTLM
authentication.

In the current implementation, inclusion of an algorithm for any
reason will result in the algorithm's ASN.1 object identifier being
included in the "asn1_algorithms" table, which consequently allows the
algorithm to be used for any ASN1-identified purpose.  For example: if
the MD5 algorithm is included in order to support HTTP digest
authentication, then iPXE would accept a (validly signed) TLS
certificate using an MD5 digest.

Split the ASN.1 object identifiers into separate files that are
required only if explicitly enabled in config/crypto.h.  This allows
an algorithm to be omitted from the "asn1_algorithms" table even if
the algorithm implementation is dragged in for some other purpose.

The end result is that only the algorithms that are explicitly enabled
in config/crypto.h can be used for ASN1-identified purposes such as
signature verification.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/config/config_crypto.c

@@ -33,6 +33,56 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 PROVIDE_REQUIRING_SYMBOL();
 
+/* RSA */
+#if defined ( CRYPTO_PUBKEY_RSA )
+REQUIRE_OBJECT ( oid_rsa );
+#endif
+
+/* MD4 */
+#if defined ( CRYPTO_DIGEST_MD4 )
+REQUIRE_OBJECT ( oid_md4 );
+#endif
+
+/* MD5 */
+#if defined ( CRYPTO_DIGEST_MD5 )
+REQUIRE_OBJECT ( oid_md5 );
+#endif
+
+/* SHA-1 */
+#if defined ( CRYPTO_DIGEST_SHA1 )
+REQUIRE_OBJECT ( oid_sha1 );
+#endif
+
+/* SHA-224 */
+#if defined ( CRYPTO_DIGEST_SHA224 )
+REQUIRE_OBJECT ( oid_sha224 );
+#endif
+
+/* SHA-256 */
+#if defined ( CRYPTO_DIGEST_SHA256 )
+REQUIRE_OBJECT ( oid_sha256 );
+#endif
+
+/* SHA-384 */
+#if defined ( CRYPTO_DIGEST_SHA384 )
+REQUIRE_OBJECT ( oid_sha384 );
+#endif
+
+/* SHA-512 */
+#if defined ( CRYPTO_DIGEST_SHA512 )
+REQUIRE_OBJECT ( oid_sha512 );
+#endif
+
+/* SHA-512/224 */
+#if defined ( CRYPTO_DIGEST_SHA512_224 )
+REQUIRE_OBJECT ( oid_sha512_224 );
+#endif
+
+/* SHA-512/256 */
+#if defined ( CRYPTO_DIGEST_SHA512_256 )
+REQUIRE_OBJECT ( oid_sha512_256 );
+#endif
+
 /* RSA and MD5 */
 #if defined ( CRYPTO_PUBKEY_RSA ) && defined ( CRYPTO_DIGEST_MD5 )
 REQUIRE_OBJECT ( rsa_md5 );

src/config/crypto.h

@@ -18,25 +18,19 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** AES-CBC block cipher */
 #define CRYPTO_CIPHER_AES_CBC
 
-/** MD5 digest algorithm
+/** MD4 digest algorithm */
- *
+//#define CRYPTO_DIGEST_MD4
- * Note that use of MD5 is implicit when using TLSv1.1 or earlier.
+
- */
+/** MD5 digest algorithm */
 #define CRYPTO_DIGEST_MD5
 
-/** SHA-1 digest algorithm
+/** SHA-1 digest algorithm */
- *
- * Note that use of SHA-1 is implicit when using TLSv1.1 or earlier.
- */
 #define CRYPTO_DIGEST_SHA1
 
 /** SHA-224 digest algorithm */
 #define CRYPTO_DIGEST_SHA224
 
-/** SHA-256 digest algorithm
+/** SHA-256 digest algorithm */
- *
- * Note that use of SHA-256 is implicit when using TLSv1.2.
- */
 #define CRYPTO_DIGEST_SHA256
 
 /** SHA-384 digest algorithm */
@@ -45,6 +39,12 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 /** SHA-512 digest algorithm */
 #define CRYPTO_DIGEST_SHA512
 
+/** SHA-512/224 digest algorithm */
+//#define CRYPTO_DIGEST_SHA512_224
+
+/** SHA-512/256 digest algorithm */
+//#define CRYPTO_DIGEST_SHA512_256
+
 /** Margin of error (in seconds) allowed in signed timestamps
  *
  * We default to allowing a reasonable margin of error: 12 hours to

src/crypto/md4.c

@@ -35,7 +35,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <ipxe/rotate.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/md4.h>
 
 /** MD4 variables */
@@ -268,13 +267,3 @@ struct digest_algorithm md4_algorithm = {
 	.update		= md4_update,
 	.final		= md4_final,
 };
-
-/** "md4" object identifier */
-static uint8_t oid_md4[] = { ASN1_OID_MD4 };
-
-/** "md4" OID-identified algorithm */
-struct asn1_algorithm oid_md4_algorithm __asn1_algorithm = {
-	.name = "md4",
-	.digest = &md4_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_md4 ),
-};

src/crypto/md5.c

@@ -35,7 +35,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <ipxe/rotate.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/md5.h>
 
 /** MD5 variables */
@@ -293,13 +292,3 @@ struct digest_algorithm md5_algorithm = {
 	.update		= md5_update,
 	.final		= md5_final,
 };
-
-/** "md5" object identifier */
-static uint8_t oid_md5[] = { ASN1_OID_MD5 };
-
-/** "md5" OID-identified algorithm */
-struct asn1_algorithm oid_md5_algorithm __asn1_algorithm = {
-	.name = "md5",
-	.digest = &md5_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_md5 ),
-};

src/crypto/mishmash/oid_md4.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/md4.h>
+#include <ipxe/asn1.h>
+
+/** "md4" object identifier */
+static uint8_t oid_md4[] = { ASN1_OID_MD4 };
+
+/** "md4" OID-identified algorithm */
+struct asn1_algorithm oid_md4_algorithm __asn1_algorithm = {
+	.name = "md4",
+	.digest = &md4_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_md4 ),
+};

src/crypto/mishmash/oid_md5.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/md5.h>
+#include <ipxe/asn1.h>
+
+/** "md5" object identifier */
+static uint8_t oid_md5[] = { ASN1_OID_MD5 };
+
+/** "md5" OID-identified algorithm */
+struct asn1_algorithm oid_md5_algorithm __asn1_algorithm = {
+	.name = "md5",
+	.digest = &md5_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_md5 ),
+};

src/crypto/mishmash/oid_rsa.c

@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/rsa.h>
+#include <ipxe/asn1.h>
+
+/** "rsaEncryption" object identifier */
+static uint8_t oid_rsa_encryption[] = { ASN1_OID_RSAENCRYPTION };
+
+/** "rsaEncryption" OID-identified algorithm */
+struct asn1_algorithm rsa_encryption_algorithm __asn1_algorithm = {
+	.name = "rsaEncryption",
+	.pubkey = &rsa_algorithm,
+	.digest = NULL,
+	.oid = ASN1_OID_CURSOR ( oid_rsa_encryption ),
+};

src/crypto/mishmash/oid_sha1.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha1.h>
+#include <ipxe/asn1.h>
+
+/** "sha1" object identifier */
+static uint8_t oid_sha1[] = { ASN1_OID_SHA1 };
+
+/** "sha1" OID-identified algorithm */
+struct asn1_algorithm oid_sha1_algorithm __asn1_algorithm = {
+	.name = "sha1",
+	.digest = &sha1_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha1 ),
+};

src/crypto/mishmash/oid_sha224.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha256.h>
+#include <ipxe/asn1.h>
+
+/** "sha224" object identifier */
+static uint8_t oid_sha224[] = { ASN1_OID_SHA224 };
+
+/** "sha224" OID-identified algorithm */
+struct asn1_algorithm oid_sha224_algorithm __asn1_algorithm = {
+	.name = "sha224",
+	.digest = &sha224_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha224 ),
+};

src/crypto/mishmash/oid_sha256.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha256.h>
+#include <ipxe/asn1.h>
+
+/** "sha256" object identifier */
+static uint8_t oid_sha256[] = { ASN1_OID_SHA256 };
+
+/** "sha256" OID-identified algorithm */
+struct asn1_algorithm oid_sha256_algorithm __asn1_algorithm = {
+	.name = "sha256",
+	.digest = &sha256_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha256 ),
+};

src/crypto/mishmash/oid_sha384.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <ipxe/asn1.h>
+
+/** "sha384" object identifier */
+static uint8_t oid_sha384[] = { ASN1_OID_SHA384 };
+
+/** "sha384" OID-identified algorithm */
+struct asn1_algorithm oid_sha384_algorithm __asn1_algorithm = {
+	.name = "sha384",
+	.digest = &sha384_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha384 ),
+};

src/crypto/mishmash/oid_sha512.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <ipxe/asn1.h>
+
+/** "sha512" object identifier */
+static uint8_t oid_sha512[] = { ASN1_OID_SHA512 };
+
+/** "sha512" OID-identified algorithm */
+struct asn1_algorithm oid_sha512_algorithm __asn1_algorithm = {
+	.name = "sha512",
+	.digest = &sha512_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha512 ),
+};

src/crypto/mishmash/oid_sha512_224.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <ipxe/asn1.h>
+
+/** "sha512_224" object identifier */
+static uint8_t oid_sha512_224[] = { ASN1_OID_SHA512_224 };
+
+/** "sha512_224" OID-identified algorithm */
+struct asn1_algorithm oid_sha512_224_algorithm __asn1_algorithm = {
+	.name = "sha512/224",
+	.digest = &sha512_224_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha512_224 ),
+};

src/crypto/mishmash/oid_sha512_256.c

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2020 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <ipxe/asn1.h>
+
+/** "sha512_256" object identifier */
+static uint8_t oid_sha512_256[] = { ASN1_OID_SHA512_256 };
+
+/** "sha512_256" OID-identified algorithm */
+struct asn1_algorithm oid_sha512_256_algorithm __asn1_algorithm = {
+	.name = "sha512/256",
+	.digest = &sha512_256_algorithm,
+	.oid = ASN1_OID_CURSOR ( oid_sha512_256 ),
+};

src/crypto/rsa.c

@@ -47,17 +47,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #define EINFO_EACCES_VERIFY \
 	__einfo_uniqify ( EINFO_EACCES, 0x01, "RSA signature incorrect" )
 
-/** "rsaEncryption" object identifier */
-static uint8_t oid_rsa_encryption[] = { ASN1_OID_RSAENCRYPTION };
-
-/** "rsaEncryption" OID-identified algorithm */
-struct asn1_algorithm rsa_encryption_algorithm __asn1_algorithm = {
-	.name = "rsaEncryption",
-	.pubkey = &rsa_algorithm,
-	.digest = NULL,
-	.oid = ASN1_OID_CURSOR ( oid_rsa_encryption ),
-};
-
 /**
  * Identify RSA prefix
  *

src/crypto/sha1.c

@@ -35,7 +35,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <ipxe/rotate.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha1.h>
 
 /** SHA-1 variables */
@@ -264,13 +263,3 @@ struct digest_algorithm sha1_algorithm = {
 	.update		= sha1_update,
 	.final		= sha1_final,
 };
-
-/** "sha1" object identifier */
-static uint8_t oid_sha1[] = { ASN1_OID_SHA1 };
-
-/** "sha1" OID-identified algorithm */
-struct asn1_algorithm oid_sha1_algorithm __asn1_algorithm = {
-	.name = "sha1",
-	.digest = &sha1_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha1 ),
-};

src/crypto/sha224.c

@@ -32,7 +32,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <stdint.h>
 #include <byteswap.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha256.h>
 
 /** SHA-224 initial digest values */
@@ -70,13 +69,3 @@ struct digest_algorithm sha224_algorithm = {
 	.update		= sha256_update,
 	.final		= sha256_final,
 };
-
-/** "sha224" object identifier */
-static uint8_t oid_sha224[] = { ASN1_OID_SHA224 };
-
-/** "sha224" OID-identified algorithm */
-struct asn1_algorithm oid_sha224_algorithm __asn1_algorithm = {
-	.name = "sha224",
-	.digest = &sha224_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha224 ),
-};

src/crypto/sha256.c

@@ -35,7 +35,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <ipxe/rotate.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha256.h>
 
 /** SHA-256 variables */
@@ -271,13 +270,3 @@ struct digest_algorithm sha256_algorithm = {
 	.update		= sha256_update,
 	.final		= sha256_final,
 };
-
-/** "sha256" object identifier */
-static uint8_t oid_sha256[] = { ASN1_OID_SHA256 };
-
-/** "sha256" OID-identified algorithm */
-struct asn1_algorithm oid_sha256_algorithm __asn1_algorithm = {
-	.name = "sha256",
-	.digest = &sha256_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha256 ),
-};

src/crypto/sha384.c

@@ -32,7 +32,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <stdint.h>
 #include <byteswap.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha512.h>
 
 /** SHA-384 initial digest values */
@@ -70,13 +69,3 @@ struct digest_algorithm sha384_algorithm = {
 	.update		= sha512_update,
 	.final		= sha512_final,
 };
-
-/** "sha384" object identifier */
-static uint8_t oid_sha384[] = { ASN1_OID_SHA384 };
-
-/** "sha384" OID-identified algorithm */
-struct asn1_algorithm oid_sha384_algorithm __asn1_algorithm = {
-	.name = "sha384",
-	.digest = &sha384_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha384 ),
-};

src/crypto/sha512.c

@@ -35,7 +35,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <ipxe/rotate.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha512.h>
 
 /** SHA-512 variables */
@@ -291,13 +290,3 @@ struct digest_algorithm sha512_algorithm = {
 	.update		= sha512_update,
 	.final		= sha512_final,
 };
-
-/** "sha512" object identifier */
-static uint8_t oid_sha512[] = { ASN1_OID_SHA512 };
-
-/** "sha512" OID-identified algorithm */
-struct asn1_algorithm oid_sha512_algorithm __asn1_algorithm = {
-	.name = "sha512",
-	.digest = &sha512_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha512 ),
-};

src/crypto/sha512_224.c

@@ -32,7 +32,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <stdint.h>
 #include <byteswap.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha512.h>
 
 /** SHA-512/224 initial digest values */
@@ -71,13 +70,3 @@ struct digest_algorithm sha512_224_algorithm = {
 	.update		= sha512_update,
 	.final		= sha512_final,
 };
-
-/** "sha512_224" object identifier */
-static uint8_t oid_sha512_224[] = { ASN1_OID_SHA512_224 };
-
-/** "sha512_224" OID-identified algorithm */
-struct asn1_algorithm oid_sha512_224_algorithm __asn1_algorithm = {
-	.name = "sha512/224",
-	.digest = &sha512_224_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha512_224 ),
-};

src/crypto/sha512_256.c

@@ -32,7 +32,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <stdint.h>
 #include <byteswap.h>
 #include <ipxe/crypto.h>
-#include <ipxe/asn1.h>
 #include <ipxe/sha512.h>
 
 /** SHA-512/256 initial digest values */
@@ -71,13 +70,3 @@ struct digest_algorithm sha512_256_algorithm = {
 	.update		= sha512_update,
 	.final		= sha512_final,
 };
-
-/** "sha512_256" object identifier */
-static uint8_t oid_sha512_256[] = { ASN1_OID_SHA512_256 };
-
-/** "sha512_256" OID-identified algorithm */
-struct asn1_algorithm oid_sha512_256_algorithm __asn1_algorithm = {
-	.name = "sha512/256",
-	.digest = &sha512_256_algorithm,
-	.oid = ASN1_OID_CURSOR ( oid_sha512_256 ),
-};