Remove ECDSA_{do_,}sign_ex() and ECDSA_sign_setup()

These very poorly designed interfaces will go away, so stop documenting
them.

4 files changed, 20 insertions, 103 deletions

diff --git a/src/lib/libcrypto/man/ECDSA_SIG_new.3 b/src/lib/libcrypto/man/ECDSA_SIG_new.3
index 61815128a8..d278fcaaa7 100644
--- a/src/lib/libcrypto/man/ECDSA_SIG_new.3
+++ b/src/lib/libcrypto/man/ECDSA_SIG_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ECDSA_SIG_new.3,v 1.17 2023/03/07 06:12:27 tb Exp $
+.\" $OpenBSD: ECDSA_SIG_new.3,v 1.18 2023/07/20 09:28:30 tb Exp $
 .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\" selective merge up to: OpenSSL da4ea0cf Aug 5 16:13:24 2019 +0100
 .\"
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 7 2023 $
+.Dd $Mdocdate: July 20 2023 $
 .Dt ECDSA_SIG_NEW 3
 .Os
 .Sh NAME
@@ -63,12 +63,9 @@
 .Nm i2d_ECDSA_SIG ,
 .Nm d2i_ECDSA_SIG ,
 .Nm ECDSA_size ,
-.Nm ECDSA_sign_setup ,
 .Nm ECDSA_sign ,
-.Nm ECDSA_sign_ex ,
 .Nm ECDSA_verify ,
 .Nm ECDSA_do_sign ,
-.Nm ECDSA_do_sign_ex ,
 .Nm ECDSA_do_verify ,
 .Nm ECDSA_OpenSSL ,
 .Nm ECDSA_get_default_method ,
@@ -121,13 +118,6 @@
 .Fa "const EC_KEY *eckey"
 .Fc
 .Ft int
-.Fo ECDSA_sign_setup
-.Fa "EC_KEY *eckey"
-.Fa "BN_CTX *ctx"
-.Fa "BIGNUM **kinv"
-.Fa "BIGNUM **rp"
-.Fc
-.Ft int
 .Fo ECDSA_sign
 .Fa "int type"
 .Fa "const unsigned char *dgst"
@@ -137,17 +127,6 @@
 .Fa "EC_KEY *eckey"
 .Fc
 .Ft int
-.Fo ECDSA_sign_ex
-.Fa "int type"
-.Fa "const unsigned char *dgst"
-.Fa "int dgstlen"
-.Fa "unsigned char *sig"
-.Fa "unsigned int *siglen"
-.Fa "const BIGNUM *kinv"
-.Fa "const BIGNUM *rp"
-.Fa "EC_KEY *eckey"
-.Fc
-.Ft int
 .Fo ECDSA_verify
 .Fa "int type"
 .Fa "const unsigned char *dgst"
@@ -162,14 +141,6 @@
 .Fa "int dgst_len"
 .Fa "EC_KEY *eckey"
 .Fc
-.Ft ECDSA_SIG*
-.Fo ECDSA_do_sign_ex
-.Fa "const unsigned char *dgst"
-.Fa "int dgstlen"
-.Fa "const BIGNUM *kinv"
-.Fa "const BIGNUM *rp"
-.Fa "EC_KEY *eckey"
-.Fc
 .Ft int
 .Fo ECDSA_do_verify
 .Fa "const unsigned char *dgst"
@@ -284,45 +255,13 @@ returns the maximum length of a DER-encoded ECDSA signature created with
 the private EC key
 .Fa eckey .
 .Pp
-.Fn ECDSA_sign_setup
-may be used to precompute parts of the signing operation.
-.Fa eckey
-is the private EC key and
-.Fa ctx
-is a pointer to a
-.Vt BN_CTX
-structure (or
-.Dv NULL ) .
-The precomputed values are returned in
-.Fa kinv
-and
-.Fa rp
-and can be used in a later call to
-.Fa ECDSA_sign_ex
-or
-.Fa ECDSA_do_sign_ex .
-.Pp
 .Fn ECDSA_sign
-is a wrapper function for
-.Fa ECDSA_sign_ex
-with
-.Fa kinv
-and
-.Fa rp
-set to
-.Dv NULL .
-.Pp
-.Fn ECDSA_sign_ex
 computes a digital signature of the
 .Fa dgstlen
 bytes hash value
 .Fa dgst
 using the private EC key
-.Fa eckey
-and the optional pre-computed values
-.Fa kinv
-and
-.Fa rp .
+.Fa eckey .
 The DER-encoded signature is stored in
 .Fa sig
 and its length is returned in
@@ -352,26 +291,12 @@ The parameter
 is ignored.
 .Pp
 .Fn ECDSA_do_sign
-is a wrapper function for
-.Fn ECDSA_do_sign_ex
-with
-.Fa kinv
-and
-.Fa rp
-set to
-.Dv NULL .
-.Pp
-.Fn ECDSA_do_sign_ex
 computes a digital signature of the
 .Fa dgst_len
 bytes hash value
 .Fa dgst
 using the private key
-.Fa eckey
-and the optional pre-computed values
-.Fa kinv
-and
-.Fa rp .
+.Fa eckey .
 The signature is returned in a newly allocated
 .Vt ECDSA_SIG
 structure (or
@@ -418,17 +343,13 @@ object if it has been set or
 .Dv NULL
 otherwise.
 .Pp
-.Fn ECDSA_SIG_set0 ,
-.Fn ECDSA_sign ,
-.Fn ECDSA_sign_ex ,
+.Fn ECDSA_SIG_set0
 and
-.Fn ECDSA_sign_setup
+.Fn ECDSA_sign
 return 1 if successful or 0 on error.
 .Pp
 .Fn ECDSA_do_sign
-and
-.Fn ECDSA_do_sign_ex
-return a pointer to an allocated
+returns a pointer to an allocated
 .Vt ECDSA_SIG
 structure or
 .Dv NULL
@@ -516,12 +437,12 @@ if (ret == -1) {
 .Xr EC_GROUP_new 3 ,
 .Xr EC_KEY_METHOD_new 3 ,
 .Xr EC_KEY_new 3 ,
-.Xr ECDSA_set_ex_data 3 ,
+.Xr EC_KEY_set_ex_data 3 ,
 .Xr EVP_DigestSignInit 3 ,
 .Xr EVP_DigestVerifyInit 3 ,
 .Xr RSA_new 3
 .Sh STANDARDS
-ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
+ANSI X9.62, US Federal Information Processing Standard FIPS 186-5
 (Digital Signature Standard, DSS)
 .Sh HISTORY
 .Fn ECDSA_SIG_new ,
@@ -529,12 +450,9 @@ ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
 .Fn i2d_ECDSA_SIG ,
 .Fn d2i_ECDSA_SIG ,
 .Fn ECDSA_size ,
-.Fn ECDSA_sign_setup ,
 .Fn ECDSA_sign ,
-.Fn ECDSA_sign_ex ,
 .Fn ECDSA_verify ,
 .Fn ECDSA_do_sign ,
-.Fn ECDSA_do_sign_ex ,
 .Fn ECDSA_do_verify ,
 .Fn ECDSA_OpenSSL ,
 .Fn ECDSA_get_default_method ,
diff --git a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3 b/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
index 383688b0ef..c8efa8c732 100644
--- a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
+++ b/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.1 2019/08/16 16:15:50 schwarze Exp $
+.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.2 2023/07/20 09:28:30 tb Exp $
 .\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
 .\"
 .\" Permission to use, copy, modify, and distribute this software for any
@@ -13,7 +13,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: August 16 2019 $
+.Dd $Mdocdate: July 20 2023 $
 .Dt EC_KEY_METHOD_NEW 3
 .Os
 .Sh NAME
@@ -225,10 +225,9 @@ to selectively retrieve callback function pointers.
 and
 .Fn EC_KEY_METHOD_get_sign
 set and retrieve the functions implementing
-.Xr ECDSA_sign_ex 3 ,
-.Xr ECDSA_sign_setup 3 ,
+.Xr ECDSA_sign 3
 and
-.Xr ECDSA_do_sign_ex 3 .
+.Xr ECDSA_do_sign 3 .
 .Pp
 .Fn EC_KEY_METHOD_set_verify
 and
diff --git a/src/lib/libcrypto/man/ENGINE_get_default_RSA.3 b/src/lib/libcrypto/man/ENGINE_get_default_RSA.3
index b04d42c18f..ae63984800 100644
--- a/src/lib/libcrypto/man/ENGINE_get_default_RSA.3
+++ b/src/lib/libcrypto/man/ENGINE_get_default_RSA.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ENGINE_get_default_RSA.3,v 1.2 2018/04/18 03:39:22 schwarze Exp $
+.\" $OpenBSD: ENGINE_get_default_RSA.3,v 1.3 2023/07/20 09:28:30 tb Exp $
 .\" content checked up to:
 .\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
 .\"
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: April 18 2018 $
+.Dd $Mdocdate: July 20 2023 $
 .Dt ENGINE_GET_DEFAULT_RSA 3
 .Os
 .Sh NAME
@@ -107,7 +107,7 @@ they are called automatically when needed, in particular from
 .Fn ECDH_set_method ,
 .Fn ECDH_compute_key ,
 .Xr ECDSA_set_method 3 ,
-.Xr ECDSA_do_sign_ex 3 ,
+.Xr ECDSA_do_sign 3 ,
 .Xr ECDSA_do_verify 3 ,
 .Xr DH_new 3 ,
 .Xr EVP_CipherInit_ex 3 ,
diff --git a/src/lib/libcrypto/man/ENGINE_set_RSA.3 b/src/lib/libcrypto/man/ENGINE_set_RSA.3
index 0859b8f3c4..4bf12defc3 100644
--- a/src/lib/libcrypto/man/ENGINE_set_RSA.3
+++ b/src/lib/libcrypto/man/ENGINE_set_RSA.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ENGINE_set_RSA.3,v 1.5 2019/06/06 17:41:43 schwarze Exp $
+.\" $OpenBSD: ENGINE_set_RSA.3,v 1.6 2023/07/20 09:28:30 tb Exp $
 .\" content checked up to:
 .\" OpenSSL ENGINE_add 1f13ad31 Dec 25 17:50:39 2017 +0800
 .\"
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 6 2019 $
+.Dd $Mdocdate: July 20 2023 $
 .Dt ENGINE_SET_RSA 3
 .Os
 .Sh NAME
@@ -238,8 +238,8 @@ as shown in the following table:
 .It Fn ENGINE_get_RSA Ta Xr RSA_new_method 3 , Xr RSA_new 3
 .It Fn ENGINE_get_DSA Ta Xr DSA_new_method 3 , Xr DSA_new 3
 .It Fn ENGINE_get_ECDH Ta Fn ECDH_set_method , Fn ECDH_compute_key
-.It Fn ENGINE_get_ECDSA Ta Xr ECDSA_set_method 3 , Xr ECDSA_sign_setup 3 ,
-.Xr ECDSA_do_sign_ex 3 , Xr ECDSA_do_verify 3
+.It Fn ENGINE_get_ECDSA Ta Xr ECDSA_set_method 3 ,
+.Xr ECDSA_do_sign 3 , Xr ECDSA_do_verify 3
 .It Fn ENGINE_get_DH Ta Xr DH_new_method 3 , Xr DH_new 3
 .It Fn ENGINE_get_RAND Ta unused
 .It Fn ENGINE_get_STORE Ta unused