Remove documentation of UI_UTIL_read_pw*

According to some, a fail-open password verification function is par for the course for libcrypto. Unfortunately, we have been recommending its use over similarly named EVP functions after what amounted to a coin toss a few years back. Luckily enough, no one followed that advice and we can soon remove this API for good.
author: tb <> 2024-08-24 07:48:37 +0000
committer: tb <> 2024-08-24 07:48:37 +0000
commit: bf1f93fbf489016a56536bda74c7bbbbea4d4c8a (patch)
tree: d2bbbb98eebdfdc70a775382e6e12455493608f2
parent: 56917f3bcb61bebc42b4cdbb89e6e6bdefe00e06 (diff)
download: openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.tar.gz
openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.tar.bz2
openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.zip
4 files changed, 7 insertions, 122 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index d4633edddf..4973ea744c 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.289 2024/08/17 09:16:37 tb Exp $
+# $OpenBSD: Makefile,v 1.290 2024/08/24 07:48:37 tb Exp $
 .include <bsd.own.mk>
@@ -300,7 +300,6 @@ MAN=	\
        SMIME_write_PKCS7.3 \
        STACK_OF.3 \
        TS_REQ_new.3 \
-        UI_UTIL_read_pw.3 \
        UI_create_method.3 \
        UI_get_string_type.3 \
        UI_new.3 \
diff --git a/src/lib/libcrypto/man/UI_UTIL_read_pw.3 b/src/lib/libcrypto/man/UI_UTIL_read_pw.3
deleted file mode 100644
index aa3cefe8dd..0000000000
--- a/src/lib/libcrypto/man/UI_UTIL_read_pw.3
+++ /dev/null
@@ -1,107 +0,0 @@
-.\" $OpenBSD: UI_UTIL_read_pw.3,v 1.3 2018/03/22 21:08:22 schwarze Exp $
-.\" full merge up to: OpenSSL 23103a52 Jan 12 15:17:42 2017 +0100
-.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
-.\"
-.\" This file was written by Richard Levitte <levitte@openssl.org>.
-.\" Copyright (c) 2017 The OpenSSL Project.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: March 22 2018 $
-.Dt UI_UTIL_READ_PW 3
-.Os
-.Sh NAME
-.Nm UI_UTIL_read_pw ,
-.Nm UI_UTIL_read_pw_string
-.Nd get a password from the user
-.Sh SYNOPSIS
-.In openssl/ui.h
-.Ft int
-.Fo UI_UTIL_read_pw_string
-.Fa "char *buf"
-.Fa "int length"
-.Fa "const char *prompt"
-.Fa "int verify"
-.Fc
-.Ft int
-.Fo UI_UTIL_read_pw
-.Fa "char *buf"
-.Fa "char *buff"
-.Fa "int size"
-.Fa "const char *prompt"
-.Fa "int verify"
-.Fc
-.Sh DESCRIPTION
-.Fn UI_UTIL_read_pw_string
-asks for a passphrase, using
-.Fa prompt
-as a prompt, and stores it in
-.Fa buf .
-The maximum allowed size is given with
-.Fa length ,
-including the terminating NUL byte.
-If
-.Fa verify
-is non-zero, the password will be verified as well.
-.Pp
-.Fn UI_UTIL_read_pw
-does the same as
-.Fn UI_UTIL_read_pw_string ,
-but takes an external buffer
-.Fa buff
-for the verification passphrase.
-.Sh RETURN VALUES
-.Fn UI_UTIL_read_pw_string
-and
-.Fn UI_UTIL_read_pw
-return 0 on success or a negative value on error.
-.Sh SEE ALSO
-.Xr UI_new 3
-.Sh HISTORY
-.Fn UI_UTIL_read_pw
-and
-.Fn UI_UTIL_read_pw_string
-first appeared in OpenSSL 0.9.7 and have been available since
-.Ox 3.2 .
diff --git a/src/lib/libcrypto/man/UI_new.3 b/src/lib/libcrypto/man/UI_new.3
index d711359196..411b37b1c5 100644
--- a/src/lib/libcrypto/man/UI_new.3
+++ b/src/lib/libcrypto/man/UI_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: UI_new.3,v 1.11 2022/12/17 22:23:31 tb Exp $
+.\" $OpenBSD: UI_new.3,v 1.12 2024/08/24 07:48:37 tb Exp $
 .\" full merge up to: OpenSSL 78b19e90 Jan 11 00:12:01 2017 +0100
 .\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
 .\"
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 17 2022 $
+.Dd $Mdocdate: August 24 2024 $
 .Dt UI_NEW 3
 .Os
 .Sh NAME
@@ -515,8 +515,7 @@ argument.
 .Sh SEE ALSO
 .Xr crypto 3 ,
 .Xr UI_create_method 3 ,
-.Xr UI_get_string_type 3 ,
+.Xr UI_get_string_type 3
-.Xr UI_UTIL_read_pw 3
 .Sh HISTORY
 These functions first appeared in  OpenSSL 0.9.7
 and have been available since
diff --git a/src/lib/libcrypto/man/des_read_pw.3 b/src/lib/libcrypto/man/des_read_pw.3
index 41f8553de1..7cb35b47f8 100644
--- a/src/lib/libcrypto/man/des_read_pw.3
+++ b/src/lib/libcrypto/man/des_read_pw.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: des_read_pw.3,v 1.11 2023/09/10 13:58:46 schwarze Exp $
+.\" $OpenBSD: des_read_pw.3,v 1.12 2024/08/24 07:48:37 tb Exp $
 .\" full merge up to: OpenSSL doc/crypto/des.pod
 .\" 53934822 Jun 9 16:39:19 2016 -0400
 .\"
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 10 2023 $
+.Dd $Mdocdate: August 24 2024 $
 .Dt DES_READ_PW 3
 .Os
 .Sh NAME
@@ -99,11 +99,6 @@
 .Ft char *
 .Fn EVP_get_pw_prompt void
 .Sh DESCRIPTION
-These functions are deprecated.
-Use
-.Xr UI_UTIL_read_pw 3
-instead.
-.Pp
 .Fn EVP_read_pw_string
 writes the
 .Fa prompt
@@ -185,8 +180,7 @@ returns an internal pointer to static memory containing the default prompt, or
 .Dv NULL
 if no default prompt is set.
 .Sh SEE ALSO
-.Xr UI_new 3 ,
+.Xr UI_new 3
-.Xr UI_UTIL_read_pw 3
 .Sh HISTORY
 .Fn EVP_read_pw_string
 first appeared in SSLeay 0.5.1 and
author	tb <>	2024-08-24 07:48:37 +0000
committer	tb <>	2024-08-24 07:48:37 +0000
commit	bf1f93fbf489016a56536bda74c7bbbbea4d4c8a (patch)
tree	d2bbbb98eebdfdc70a775382e6e12455493608f2
parent	56917f3bcb61bebc42b4cdbb89e6e6bdefe00e06 (diff)
download	openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.tar.gz openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.tar.bz2 openbsd-bf1f93fbf489016a56536bda74c7bbbbea4d4c8a.zip

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index d4633edddf..4973ea744c 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.289 2024/08/17 09:16:37 tb Exp $	1	# $OpenBSD: Makefile,v 1.290 2024/08/24 07:48:37 tb Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -300,7 +300,6 @@ MAN= \
300	SMIME_write_PKCS7.3 \	300	SMIME_write_PKCS7.3 \
301	STACK_OF.3 \	301	STACK_OF.3 \
302	TS_REQ_new.3 \	302	TS_REQ_new.3 \
303	UI_UTIL_read_pw.3 \
304	UI_create_method.3 \	303	UI_create_method.3 \
305	UI_get_string_type.3 \	304	UI_get_string_type.3 \
306	UI_new.3 \	305	UI_new.3 \


diff --git a/src/lib/libcrypto/man/UI_UTIL_read_pw.3 b/src/lib/libcrypto/man/UI_UTIL_read_pw.3 deleted file mode 100644 index aa3cefe8dd..0000000000 --- a/src/lib/libcrypto/man/UI_UTIL_read_pw.3 +++ /dev/null
@@ -1,107 +0,0 @@
1	.\" $OpenBSD: UI_UTIL_read_pw.3,v 1.3 2018/03/22 21:08:22 schwarze Exp $
2	.\" full merge up to: OpenSSL 23103a52 Jan 12 15:17:42 2017 +0100
3	.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
4	.\"
5	.\" This file was written by Richard Levitte <levitte@openssl.org>.
6	.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved.
7	.\"
8	.\" Redistribution and use in source and binary forms, with or without
9	.\" modification, are permitted provided that the following conditions
10	.\" are met:
11	.\"
12	.\" 1. Redistributions of source code must retain the above copyright
13	.\" notice, this list of conditions and the following disclaimer.
14	.\"
15	.\" 2. Redistributions in binary form must reproduce the above copyright
16	.\" notice, this list of conditions and the following disclaimer in
17	.\" the documentation and/or other materials provided with the
18	.\" distribution.
19	.\"
20	.\" 3. All advertising materials mentioning features or use of this
21	.\" software must display the following acknowledgment:
22	.\" "This product includes software developed by the OpenSSL Project
23	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24	.\"
25	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	.\" endorse or promote products derived from this software without
27	.\" prior written permission. For written permission, please contact
28	.\" openssl-core@openssl.org.
29	.\"
30	.\" 5. Products derived from this software may not be called "OpenSSL"
31	.\" nor may "OpenSSL" appear in their names without prior written
32	.\" permission of the OpenSSL Project.
33	.\"
34	.\" 6. Redistributions of any form whatsoever must retain the following
35	.\" acknowledgment:
36	.\" "This product includes software developed by the OpenSSL Project
37	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38	.\"
39	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"
52	.Dd $Mdocdate: March 22 2018 $
53	.Dt UI_UTIL_READ_PW 3
54	.Os
55	.Sh NAME
56	.Nm UI_UTIL_read_pw ,
57	.Nm UI_UTIL_read_pw_string
58	.Nd get a password from the user
59	.Sh SYNOPSIS
60	.In openssl/ui.h
61	.Ft int
62	.Fo UI_UTIL_read_pw_string
63	.Fa "char *buf"
64	.Fa "int length"
65	.Fa "const char *prompt"
66	.Fa "int verify"
67	.Fc
68	.Ft int
69	.Fo UI_UTIL_read_pw
70	.Fa "char *buf"
71	.Fa "char *buff"
72	.Fa "int size"
73	.Fa "const char *prompt"
74	.Fa "int verify"
75	.Fc
76	.Sh DESCRIPTION
77	.Fn UI_UTIL_read_pw_string
78	asks for a passphrase, using
79	.Fa prompt
80	as a prompt, and stores it in
81	.Fa buf .
82	The maximum allowed size is given with
83	.Fa length ,
84	including the terminating NUL byte.
85	If
86	.Fa verify
87	is non-zero, the password will be verified as well.
88	.Pp
89	.Fn UI_UTIL_read_pw
90	does the same as
91	.Fn UI_UTIL_read_pw_string ,
92	but takes an external buffer
93	.Fa buff
94	for the verification passphrase.
95	.Sh RETURN VALUES
96	.Fn UI_UTIL_read_pw_string
97	and
98	.Fn UI_UTIL_read_pw
99	return 0 on success or a negative value on error.
100	.Sh SEE ALSO
101	.Xr UI_new 3
102	.Sh HISTORY
103	.Fn UI_UTIL_read_pw
104	and
105	.Fn UI_UTIL_read_pw_string
106	first appeared in OpenSSL 0.9.7 and have been available since
107	.Ox 3.2 .


diff --git a/src/lib/libcrypto/man/UI_new.3 b/src/lib/libcrypto/man/UI_new.3 index d711359196..411b37b1c5 100644 --- a/src/lib/libcrypto/man/UI_new.3 +++ b/src/lib/libcrypto/man/UI_new.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: UI_new.3,v 1.11 2022/12/17 22:23:31 tb Exp $	1	.\" $OpenBSD: UI_new.3,v 1.12 2024/08/24 07:48:37 tb Exp $
2	.\" full merge up to: OpenSSL 78b19e90 Jan 11 00:12:01 2017 +0100	2	.\" full merge up to: OpenSSL 78b19e90 Jan 11 00:12:01 2017 +0100
3	.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800	3	.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
4	.\"	4	.\"
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: December 17 2022 $	52	.Dd $Mdocdate: August 24 2024 $
53	.Dt UI_NEW 3	53	.Dt UI_NEW 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -515,8 +515,7 @@ argument.
515	.Sh SEE ALSO	515	.Sh SEE ALSO
516	.Xr crypto 3 ,	516	.Xr crypto 3 ,
517	.Xr UI_create_method 3 ,	517	.Xr UI_create_method 3 ,
518	.Xr UI_get_string_type 3 ,	518	.Xr UI_get_string_type 3
519	.Xr UI_UTIL_read_pw 3
520	.Sh HISTORY	519	.Sh HISTORY
521	These functions first appeared in OpenSSL 0.9.7	520	These functions first appeared in OpenSSL 0.9.7
522	and have been available since	521	and have been available since


diff --git a/src/lib/libcrypto/man/des_read_pw.3 b/src/lib/libcrypto/man/des_read_pw.3 index 41f8553de1..7cb35b47f8 100644 --- a/src/lib/libcrypto/man/des_read_pw.3 +++ b/src/lib/libcrypto/man/des_read_pw.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: des_read_pw.3,v 1.11 2023/09/10 13:58:46 schwarze Exp $	1	.\" $OpenBSD: des_read_pw.3,v 1.12 2024/08/24 07:48:37 tb Exp $
2	.\" full merge up to: OpenSSL doc/crypto/des.pod	2	.\" full merge up to: OpenSSL doc/crypto/des.pod
3	.\" 53934822 Jun 9 16:39:19 2016 -0400	3	.\" 53934822 Jun 9 16:39:19 2016 -0400
4	.\"	4	.\"
@@ -66,7 +66,7 @@
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"	68	.\"
69	.Dd $Mdocdate: September 10 2023 $	69	.Dd $Mdocdate: August 24 2024 $
70	.Dt DES_READ_PW 3	70	.Dt DES_READ_PW 3
71	.Os	71	.Os
72	.Sh NAME	72	.Sh NAME
@@ -99,11 +99,6 @@
99	.Ft char *	99	.Ft char *
100	.Fn EVP_get_pw_prompt void	100	.Fn EVP_get_pw_prompt void
101	.Sh DESCRIPTION	101	.Sh DESCRIPTION
102	These functions are deprecated.
103	Use
104	.Xr UI_UTIL_read_pw 3
105	instead.
106	.Pp
107	.Fn EVP_read_pw_string	102	.Fn EVP_read_pw_string
108	writes the	103	writes the
109	.Fa prompt	104	.Fa prompt
@@ -185,8 +180,7 @@ returns an internal pointer to static memory containing the default prompt, or
185	.Dv NULL	180	.Dv NULL
186	if no default prompt is set.	181	if no default prompt is set.
187	.Sh SEE ALSO	182	.Sh SEE ALSO
188	.Xr UI_new 3 ,	183	.Xr UI_new 3
189	.Xr UI_UTIL_read_pw 3
190	.Sh HISTORY	184	.Sh HISTORY
191	.Fn EVP_read_pw_string	185	.Fn EVP_read_pw_string
192	first appeared in SSLeay 0.5.1 and	186	first appeared in SSLeay 0.5.1 and