Remove ECDSA_METHOD

After smtpd (in base) and libtls finally switched from ECDSA_METHOD to
EC_KEY_METHOD, much of the ECDSA_METHOD code was neutered. Remove the
remaining public API as well as numerous tentacles into ENGINE.

ok jsing

13 files changed, 9 insertions, 345 deletions

diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 64bdb97eef..5e6cd43138 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.140 2023/07/28 09:01:25 tb Exp $
+# $OpenBSD: Makefile,v 1.141 2023/07/28 09:08:31 tb Exp $
 
 LIB=    crypto
 LIBREBUILD=y
@@ -357,7 +357,6 @@ SRCS+= ech_err.c
 SRCS+= ech_lib.c
 
 # ecdsa/
-SRCS+= ecs_lib.c
 SRCS+= ecdsa.c
 
 # engine/
@@ -380,7 +379,6 @@ SRCS+= tb_dh.c
 SRCS+= tb_digest.c
 SRCS+= tb_dsa.c
 SRCS+= tb_ecdh.c
-SRCS+= tb_ecdsa.c
 SRCS+= tb_eckey.c
 SRCS+= tb_pkmeth.c
 SRCS+= tb_rand.c
diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 3cb83777ce..5aed850082 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -1019,7 +1019,6 @@ ECDH_set_default_method
 ECDH_set_ex_data
 ECDH_set_method
 ECDH_size
-ECDSA_OpenSSL
 ECDSA_SIG_free
 ECDSA_SIG_get0
 ECDSA_SIG_get0_r
@@ -1029,12 +1028,6 @@ ECDSA_SIG_new
 ECDSA_SIG_set0
 ECDSA_do_sign
 ECDSA_do_verify
-ECDSA_get_default_method
-ECDSA_get_ex_data
-ECDSA_get_ex_new_index
-ECDSA_set_default_method
-ECDSA_set_ex_data
-ECDSA_set_method
 ECDSA_sign
 ECDSA_size
 ECDSA_verify
@@ -1188,7 +1181,6 @@ ENGINE_get_DH
 ENGINE_get_DSA
 ENGINE_get_EC
 ENGINE_get_ECDH
-ENGINE_get_ECDSA
 ENGINE_get_RAND
 ENGINE_get_RSA
 ENGINE_get_STORE
@@ -1201,7 +1193,6 @@ ENGINE_get_default_DH
 ENGINE_get_default_DSA
 ENGINE_get_default_EC
 ENGINE_get_default_ECDH
-ENGINE_get_default_ECDSA
 ENGINE_get_default_RAND
 ENGINE_get_default_RSA
 ENGINE_get_destroy_function
@@ -1244,7 +1235,6 @@ ENGINE_register_DH
 ENGINE_register_DSA
 ENGINE_register_EC
 ENGINE_register_ECDH
-ENGINE_register_ECDSA
 ENGINE_register_RAND
 ENGINE_register_RSA
 ENGINE_register_STORE
@@ -1252,7 +1242,6 @@ ENGINE_register_all_DH
 ENGINE_register_all_DSA
 ENGINE_register_all_EC
 ENGINE_register_all_ECDH
-ENGINE_register_all_ECDSA
 ENGINE_register_all_RAND
 ENGINE_register_all_RSA
 ENGINE_register_all_STORE
@@ -1271,7 +1260,6 @@ ENGINE_set_DH
 ENGINE_set_DSA
 ENGINE_set_EC
 ENGINE_set_ECDH
-ENGINE_set_ECDSA
 ENGINE_set_RAND
 ENGINE_set_RSA
 ENGINE_set_STORE
@@ -1283,7 +1271,6 @@ ENGINE_set_default_DH
 ENGINE_set_default_DSA
 ENGINE_set_default_EC
 ENGINE_set_default_ECDH
-ENGINE_set_default_ECDSA
 ENGINE_set_default_RAND
 ENGINE_set_default_RSA
 ENGINE_set_default_ciphers
@@ -1309,7 +1296,6 @@ ENGINE_unregister_DH
 ENGINE_unregister_DSA
 ENGINE_unregister_EC
 ENGINE_unregister_ECDH
-ENGINE_unregister_ECDSA
 ENGINE_unregister_RAND
 ENGINE_unregister_RSA
 ENGINE_unregister_STORE
diff --git a/src/lib/libcrypto/Symbols.namespace b/src/lib/libcrypto/Symbols.namespace
index ede2752b88..d57a72510e 100644
--- a/src/lib/libcrypto/Symbols.namespace
+++ b/src/lib/libcrypto/Symbols.namespace
@@ -1430,16 +1430,9 @@ _libre_ECDSA_SIG_get0_s
 _libre_ECDSA_SIG_set0
 _libre_ECDSA_do_sign
 _libre_ECDSA_do_verify
-_libre_ECDSA_OpenSSL
-_libre_ECDSA_set_default_method
-_libre_ECDSA_get_default_method
-_libre_ECDSA_set_method
 _libre_ECDSA_size
 _libre_ECDSA_sign
 _libre_ECDSA_verify
-_libre_ECDSA_get_ex_new_index
-_libre_ECDSA_set_ex_data
-_libre_ECDSA_get_ex_data
 _libre_EC_KEY_METHOD_set_sign
 _libre_EC_KEY_METHOD_set_verify
 _libre_EC_KEY_METHOD_get_sign
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h
index 122b0eb000..4b4a10ced4 100644
--- a/src/lib/libcrypto/ecdsa/ecdsa.h
+++ b/src/lib/libcrypto/ecdsa/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.18 2023/07/28 09:01:25 tb Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.19 2023/07/28 09:08:31 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -75,18 +75,6 @@ extern "C" {
 
 typedef struct ECDSA_SIG_st ECDSA_SIG;
 
-struct ecdsa_method {
-        const char *name;
-        ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
-            const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
-        int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-            BIGNUM **r);
-        int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
-            const ECDSA_SIG *sig, EC_KEY *eckey);
-        int flags;
-        char *app_data;
-};
-
 /*
  * If this flag is set, the ECDSA method is FIPS compliant and can be used
  * in FIPS mode. This is set in the validated module method. If an
@@ -111,10 +99,6 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
 int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
     const ECDSA_SIG *sig, EC_KEY* eckey);
 
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
 int ECDSA_size(const EC_KEY *eckey);
 
 int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
@@ -122,11 +106,6 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
 int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
     const unsigned char *sig, int siglen, EC_KEY *eckey);
 
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
 /* XXX should be in ec.h, but needs ECDSA_SIG */
 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
     int (*sign)(int type, const unsigned char *dgst,
diff --git a/src/lib/libcrypto/ecdsa/ecs_lib.c b/src/lib/libcrypto/ecdsa/ecs_lib.c
deleted file mode 100644
index e3e67ba07d..0000000000
--- a/src/lib/libcrypto/ecdsa/ecs_lib.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* $OpenBSD: ecs_lib.c,v 1.25 2023/07/07 13:54:45 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-#include "ec_local.h"
-#include "ecdsa_local.h"
-
-static const ECDSA_METHOD *default_ECDSA_method = NULL;
-
-static const ECDSA_METHOD openssl_ecdsa_meth = {
-        .name = "OpenSSL ECDSA method",
-        .ecdsa_do_sign = ecdsa_sign_sig,
-        .ecdsa_sign_setup = ecdsa_sign_setup,
-        .ecdsa_do_verify = ecdsa_verify_sig,
-};
-
-const ECDSA_METHOD *
-ECDSA_OpenSSL(void)
-{
-        return &openssl_ecdsa_meth;
-}
-LCRYPTO_ALIAS(ECDSA_OpenSSL);
-
-void
-ECDSA_set_default_method(const ECDSA_METHOD *meth)
-{
-        default_ECDSA_method = meth;
-}
-LCRYPTO_ALIAS(ECDSA_set_default_method);
-
-const ECDSA_METHOD *
-ECDSA_get_default_method(void)
-{
-        if (!default_ECDSA_method) {
-                default_ECDSA_method = ECDSA_OpenSSL();
-        }
-        return default_ECDSA_method;
-}
-LCRYPTO_ALIAS(ECDSA_get_default_method);
-
-int
-ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
-{
-        return 0;
-}
-LCRYPTO_ALIAS(ECDSA_set_method);
-
-int
-ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-        return -1;
-}
-LCRYPTO_ALIAS(ECDSA_get_ex_new_index);
-
-int
-ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-        return 0;
-}
-LCRYPTO_ALIAS(ECDSA_set_ex_data);
-
-void *
-ECDSA_get_ex_data(EC_KEY *d, int idx)
-{
-        return NULL;
-}
-LCRYPTO_ALIAS(ECDSA_get_ex_data);
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c
index baf1a54883..cf49c99bb4 100644
--- a/src/lib/libcrypto/engine/eng_fat.c
+++ b/src/lib/libcrypto/engine/eng_fat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_fat.c,v 1.17 2019/01/19 01:07:00 tb Exp $ */
+/* $OpenBSD: eng_fat.c,v 1.18 2023/07/28 09:08:31 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
  *
@@ -89,10 +89,6 @@ ENGINE_set_default(ENGINE *e, unsigned int flags)
         if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e))
                 return 0;
 #endif
-#ifndef OPENSSL_NO_ECDSA
-        if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
-                return 0;
-#endif
 #ifndef OPENSSL_NO_EC
         if ((flags & ENGINE_METHOD_EC) && !ENGINE_set_default_EC(e))
                 return 0;
@@ -123,8 +119,6 @@ int_def_cb(const char *alg, int len, void *arg)
                 *pflags |= ENGINE_METHOD_DSA;
         else if (!strncmp(alg, "ECDH", len))
                 *pflags |= ENGINE_METHOD_ECDH;
-        else if (!strncmp(alg, "ECDSA", len))
-                *pflags |= ENGINE_METHOD_ECDSA;
         else if (!strncmp(alg, "DH", len))
                 *pflags |= ENGINE_METHOD_DH;
         else if (strncmp(alg, "EC", len) == 0)
@@ -177,9 +171,6 @@ ENGINE_register_complete(ENGINE *e)
 #ifndef OPENSSL_NO_ECDH
         ENGINE_register_ECDH(e);
 #endif
-#ifndef OPENSSL_NO_ECDSA
-        ENGINE_register_ECDSA(e);
-#endif
 #ifndef OPENSSL_NO_EC
         ENGINE_register_EC(e);
 #endif
diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h
index 298c0e327f..ad504a5a2b 100644
--- a/src/lib/libcrypto/engine/eng_int.h
+++ b/src/lib/libcrypto/engine/eng_int.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_int.h,v 1.10 2019/01/19 01:07:00 tb Exp $ */
+/* $OpenBSD: eng_int.h,v 1.11 2023/07/28 09:08:31 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -158,7 +158,6 @@ struct engine_st {
         const DSA_METHOD *dsa_meth;
         const DH_METHOD *dh_meth;
         const ECDH_METHOD *ecdh_meth;
-        const ECDSA_METHOD *ecdsa_meth;
         const EC_KEY_METHOD *ec_meth;
         const RAND_METHOD *rand_meth;
         const STORE_METHOD *store_meth;
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
index 451c8616ef..e460e71136 100644
--- a/src/lib/libcrypto/engine/eng_list.c
+++ b/src/lib/libcrypto/engine/eng_list.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_list.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */
+/* $OpenBSD: eng_list.c,v 1.26 2023/07/28 09:08:31 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -313,9 +313,6 @@ engine_cpy(ENGINE *dest, const ENGINE *src)
 #ifndef OPENSSL_NO_ECDH
         dest->ecdh_meth = src->ecdh_meth;
 #endif
-#ifndef OPENSSL_NO_ECDSA
-        dest->ecdsa_meth = src->ecdsa_meth;
-#endif
 #ifndef OPENSSL_NO_EC
         dest->ec_meth = src->ec_meth;
 #endif
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c
index 4e0f144e81..7abb6114bc 100644
--- a/src/lib/libcrypto/engine/eng_openssl.c
+++ b/src/lib/libcrypto/engine/eng_openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_openssl.c,v 1.17 2023/07/20 15:08:12 tb Exp $ */
+/* $OpenBSD: eng_openssl.c,v 1.18 2023/07/28 09:08:31 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -149,9 +149,6 @@ bind_helper(ENGINE *e)
 #ifndef OPENSSL_NO_ECDH
             || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
 #endif
-#ifndef OPENSSL_NO_ECDSA
-            || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
-#endif
 #ifndef OPENSSL_NO_DH
             || !ENGINE_set_DH(e, DH_get_default_method())
 #endif
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index 156c2f856c..dbc3718dca 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: engine.h,v 1.39 2023/07/21 09:04:23 tb Exp $ */
+/* $OpenBSD: engine.h,v 1.40 2023/07/28 09:08:31 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -79,9 +79,6 @@
 #ifndef OPENSSL_NO_ECDH
 #include <openssl/ecdh.h>
 #endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
-#endif
 #include <openssl/err.h>
 #ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
@@ -102,7 +99,6 @@ extern "C" {
 #define ENGINE_METHOD_DH                (unsigned int)0x0004
 #define ENGINE_METHOD_RAND              (unsigned int)0x0008
 #define ENGINE_METHOD_ECDH              (unsigned int)0x0010
-#define ENGINE_METHOD_ECDSA             (unsigned int)0x0020
 #define ENGINE_METHOD_CIPHERS           (unsigned int)0x0040
 #define ENGINE_METHOD_DIGESTS           (unsigned int)0x0080
 #define ENGINE_METHOD_STORE             (unsigned int)0x0100
@@ -383,10 +379,6 @@ int ENGINE_register_ECDH(ENGINE *e);
 void ENGINE_unregister_ECDH(ENGINE *e);
 void ENGINE_register_all_ECDH(void);
 
-int ENGINE_register_ECDSA(ENGINE *e);
-void ENGINE_unregister_ECDSA(ENGINE *e);
-void ENGINE_register_all_ECDSA(void);
-
 int ENGINE_register_EC(ENGINE *e);
 void ENGINE_unregister_EC(ENGINE *e);
 void ENGINE_register_all_EC(void);
@@ -484,7 +476,6 @@ int ENGINE_set_name(ENGINE *e, const char *name);
 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
 int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
 int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth);
 int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
 int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
@@ -524,7 +515,6 @@ const char *ENGINE_get_name(const ENGINE *e);
 const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
 const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
 const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
 const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
 const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
 const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
@@ -592,7 +582,6 @@ ENGINE *ENGINE_get_default_RSA(void);
 /* Same for the other "methods" */
 ENGINE *ENGINE_get_default_DSA(void);
 ENGINE *ENGINE_get_default_ECDH(void);
-ENGINE *ENGINE_get_default_ECDSA(void);
 ENGINE *ENGINE_get_default_EC(void);
 ENGINE *ENGINE_get_default_DH(void);
 ENGINE *ENGINE_get_default_RAND(void);
@@ -612,7 +601,6 @@ int ENGINE_set_default_string(ENGINE *e, const char *def_list);
 /* Same for the other "methods" */
 int ENGINE_set_default_DSA(ENGINE *e);
 int ENGINE_set_default_ECDH(ENGINE *e);
-int ENGINE_set_default_ECDSA(ENGINE *e);
 int ENGINE_set_default_EC(ENGINE *e);
 int ENGINE_set_default_DH(ENGINE *e);
 int ENGINE_set_default_RAND(ENGINE *e);
diff --git a/src/lib/libcrypto/engine/tb_ecdsa.c b/src/lib/libcrypto/engine/tb_ecdsa.c
deleted file mode 100644
index 226b76e185..0000000000
--- a/src/lib/libcrypto/engine/tb_ecdsa.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_ecdsa.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_ECDSA(), the function that is
- * used by ECDSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_ECDSA_DEBUG */
-
-static ENGINE_TABLE *ecdsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_ECDSA(ENGINE *e)
-{
-        engine_table_unregister(&ecdsa_table, e);
-}
-
-static void
-engine_unregister_all_ECDSA(void)
-{
-        engine_table_cleanup(&ecdsa_table);
-}
-
-int
-ENGINE_register_ECDSA(ENGINE *e)
-{
-        if (e->ecdsa_meth)
-                return engine_table_register(&ecdsa_table,
-                    engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
-        return 1;
-}
-
-void
-ENGINE_register_all_ECDSA(void)
-{
-        ENGINE *e;
-
-        for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-                ENGINE_register_ECDSA(e);
-}
-
-int
-ENGINE_set_default_ECDSA(ENGINE *e)
-{
-        if (e->ecdsa_meth)
-                return engine_table_register(&ecdsa_table,
-                    engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
-        return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_ECDSA(void)
-{
-        return engine_table_select(&ecdsa_table, dummy_nid);
-}
-
-/* Obtains an ECDSA implementation from an ENGINE functional reference */
-const ECDSA_METHOD *
-ENGINE_get_ECDSA(const ENGINE *e)
-{
-        return e->ecdsa_meth;
-}
-
-/* Sets an ECDSA implementation in an ENGINE structure */
-int
-ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth)
-{
-        e->ecdsa_meth = ecdsa_meth;
-        return 1;
-}
diff --git a/src/lib/libcrypto/hidden/openssl/ecdsa.h b/src/lib/libcrypto/hidden/openssl/ecdsa.h
index 90860bf16d..5846906be9 100644
--- a/src/lib/libcrypto/hidden/openssl/ecdsa.h
+++ b/src/lib/libcrypto/hidden/openssl/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.4 2023/07/28 09:01:25 tb Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.5 2023/07/28 09:08:31 tb Exp $ */
 /*
  * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
  *
@@ -35,16 +35,9 @@ LCRYPTO_USED(ECDSA_SIG_get0_s);
 LCRYPTO_USED(ECDSA_SIG_set0);
 LCRYPTO_USED(ECDSA_do_sign);
 LCRYPTO_USED(ECDSA_do_verify);
-LCRYPTO_USED(ECDSA_OpenSSL);
-LCRYPTO_USED(ECDSA_set_default_method);
-LCRYPTO_USED(ECDSA_get_default_method);
-LCRYPTO_USED(ECDSA_set_method);
 LCRYPTO_USED(ECDSA_size);
 LCRYPTO_USED(ECDSA_sign);
 LCRYPTO_USED(ECDSA_verify);
-LCRYPTO_USED(ECDSA_get_ex_new_index);
-LCRYPTO_USED(ECDSA_set_ex_data);
-LCRYPTO_USED(ECDSA_get_ex_data);
 LCRYPTO_USED(EC_KEY_METHOD_set_sign);
 LCRYPTO_USED(EC_KEY_METHOD_set_verify);
 LCRYPTO_USED(EC_KEY_METHOD_get_sign);
diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h
index 6e33f8cfbd..8ff3779636 100644
--- a/src/lib/libcrypto/ossl_typ.h
+++ b/src/lib/libcrypto/ossl_typ.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ossl_typ.h,v 1.25 2023/04/25 18:28:05 tb Exp $ */
+/* $OpenBSD: ossl_typ.h,v 1.26 2023/07/28 09:08:31 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
@@ -125,7 +125,6 @@ typedef struct rsa_pss_params_st RSA_PSS_PARAMS;
 typedef struct rand_meth_st RAND_METHOD;
 
 typedef struct ecdh_method ECDH_METHOD;
-typedef struct ecdsa_method ECDSA_METHOD;
 
 typedef struct x509_st X509;
 typedef struct X509_algor_st X509_ALGOR;