openbsd/src/lib/libcrypto/hidden, branch OPENBSD_7

openbsd/src/lib/libcrypto/hidden, branch OPENBSD_7_6 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_6 2024-08-31T10:46:40+00:00 Make X509at_* API internal 2024-08-31T10:46:40+00:00 tb 2024-08-31T10:46:40+00:00 urn:sha1:6e18dec83a409158e5e06e9980d445c2a14a5fbe The only consumer, yara, has been adjusted. It will be some more work to remove this idiocy internally, but at least we will no longer have to care about external consumers. ok beck jsing Zap HMAC_Init 2024-08-31T10:42:21+00:00 tb 2024-08-31T10:42:21+00:00 urn:sha1:49dd9dd6066796148cceffc28570ac4ba886e6f0 Long deprecated, last users have been fixed. ok beck jsing Nuke the whrlpool (named after the galaxy) from orbit 2024-08-31T10:38:49+00:00 tb 2024-08-31T10:38:49+00:00 urn:sha1:74a335fca70cbc1c69a8939c41ad12d0a6414a99 It's just gross. Only used by a popular disk encryption utility on an all-too-popular OS one or two decades back. ok beck jsing Remove DES_enc_{read,write} and DES_rw_mode 2024-08-31T10:30:16+00:00 tb 2024-08-31T10:30:16+00:00 urn:sha1:4b2577fba1553fdbc04543a632170338ee2fff7d Unfortunately we'll probably never be able to get rid of DES entirely. One part of it that is old enough to be a grandparent can go, though. ok beck jsing Garbage collec UI_UTIL remnants 2024-08-31T10:28:03+00:00 tb 2024-08-31T10:28:03+00:00 urn:sha1:a3d07755a8d0db401282e8062b34e00134369199 ok beck jsing Remove EVP_PKEY.*attr* API 2024-08-31T10:25:38+00:00 tb 2024-08-31T10:25:38+00:00 urn:sha1:1879b1c335b79500e4608d064e6a67c172898224 I ranted enough about this recently. PKCS#12. Microsoft. 'nuff said. ok beck jsing Remove X509_REQ_{set,get}_extension_nids() 2024-08-31T10:16:52+00:00 tb 2024-08-31T10:16:52+00:00 urn:sha1:6b73d9352a214f801122b7ee10c167492ca9e38e LibreSSL no longer supports non-standard OIDs for use in the extensions attribute of CSRs. The API that enabled that (and nobody used of course) can now go. ok beck jsing Remove X509_check_trust() and some related defines 2024-08-31T10:12:23+00:00 tb 2024-08-31T10:12:23+00:00 urn:sha1:98cde9e87c7eeb1ad50a82b9052b86dd675bd285 Someone thought it would be a good idea to append non-standard trust information to the certs in the trust store. This API is used to inspect that depending on the intended purpose of the cert. Only M2Crypto thought it necessary to expose this. It was adjusted. ok beck jsing Remove ERR_add_{,v}data() 2024-08-31T10:09:15+00:00 tb 2024-08-31T10:09:15+00:00 urn:sha1:20621a3f421681dddbebb1b41d980374765a0b0e Another unused bit of legacy API... ok beck jsing Make some more x509 conf stuff internal 2024-08-31T10:03:03+00:00 tb 2024-08-31T10:03:03+00:00 urn:sha1:d3edcca660d1c5d3db97be3355caca4afe8ef67a This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing