Make extended ECDSA signing routines internal

ECDSA_sign_setup() permits precomputing the values of the inverse of the
random k and the corresponding r. These can then be fed into the signing
routines ECDSA_{do_,}sign_ex() multiple times if needed. This is not a
great idea and the interface adds a lot of unwanted complexity.

Not to mention that nothing ever used this correctly - if s works out to
0, a special error code is thrown requesting that the caller provide new
kinv and r values. Unsurprisingly, nobody ever checked for that special
error code.

ok jsing

This commit marks the start of a libcrypto major bump. Do not build the
tree until I bumped the shlib_version and synced file sets (in about 35
commits).

1 files changed, 1 insertions, 4 deletions

diff --git a/src/lib/libcrypto/hidden/openssl/ecdsa.h b/src/lib/libcrypto/hidden/openssl/ecdsa.h
index ef8a789939..b2563ed37d 100644
--- a/src/lib/libcrypto/hidden/openssl/ecdsa.h
+++ b/src/lib/libcrypto/hidden/openssl/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.3 2023/07/28 08:49:43 tb Exp $ */
 /*
  * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
  *
@@ -34,16 +34,13 @@ LCRYPTO_USED(ECDSA_SIG_get0_r);
 LCRYPTO_USED(ECDSA_SIG_get0_s);
 LCRYPTO_USED(ECDSA_SIG_set0);
 LCRYPTO_USED(ECDSA_do_sign);
-LCRYPTO_USED(ECDSA_do_sign_ex);
 LCRYPTO_USED(ECDSA_do_verify);
 LCRYPTO_USED(ECDSA_OpenSSL);
 LCRYPTO_USED(ECDSA_set_default_method);
 LCRYPTO_USED(ECDSA_get_default_method);
 LCRYPTO_USED(ECDSA_set_method);
 LCRYPTO_USED(ECDSA_size);
-LCRYPTO_USED(ECDSA_sign_setup);
 LCRYPTO_USED(ECDSA_sign);
-LCRYPTO_USED(ECDSA_sign_ex);
 LCRYPTO_USED(ECDSA_verify);
 LCRYPTO_USED(ECDSA_get_ex_new_index);
 LCRYPTO_USED(ECDSA_set_ex_data);