Remove method wrappers that use {ecdh,ecdsa}_check()

Now that it is no longer possible to set a custom {ECDH,ECDSA}_METHOD,
EC_KEY_METHOD can just call the relevant method directly without the
need for this extra contortion.

ok jsing

2 files changed, 14 insertions, 73 deletions

diff --git a/src/lib/libcrypto/ecdh/ech_key.c b/src/lib/libcrypto/ecdh/ech_key.c
index a5c6371f91..108a5ff8f6 100644
--- a/src/lib/libcrypto/ecdh/ech_key.c
+++ b/src/lib/libcrypto/ecdh/ech_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ech_key.c,v 1.14 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ech_key.c,v 1.15 2023/06/25 18:41:36 tb Exp $ */
 /* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
@@ -81,10 +81,6 @@
 #include "ech_local.h"
 #include "ec_local.h"
 
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-    EC_KEY *ecdh,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-
 /*
  * This implementation is based on the following primitives in the IEEE 1363
  * standard:
@@ -92,8 +88,8 @@ static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
  *  - ECSVDP-DH
  * Finally an optional KDF is applied.
  */
-static int
-ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+int
+ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
     EC_KEY *ecdh,
     void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
 {
@@ -195,7 +191,7 @@ err:
 
 static ECDH_METHOD openssl_ecdh_meth = {
         .name = "OpenSSL ECDH method",
-        .compute_key = ecdh_compute_key
+        .compute_key = ossl_ecdh_compute_key,
 };
 
 const ECDH_METHOD *
@@ -204,19 +200,6 @@ ECDH_OpenSSL(void)
         return &openssl_ecdh_meth;
 }
 
-/* replace w/ ecdh_compute_key() when ECDH_METHOD gets removed */
-int
-ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-    EC_KEY *eckey,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
-{
-        ECDH_DATA *ecdh;
-
-        if ((ecdh = ecdh_check(eckey)) == NULL)
-                return 0;
-        return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
-}
-
 int
 ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
     EC_KEY *eckey,
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
index 02e38109bc..5df87f224b 100644
--- a/src/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_ossl.c,v 1.34 2023/06/25 18:35:28 tb Exp $ */
+/* $OpenBSD: ecs_ossl.c,v 1.35 2023/06/25 18:41:36 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -71,18 +71,12 @@
 
 static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len,
     BIGNUM *order, BIGNUM *ret);
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
-    const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-    BIGNUM **rp);
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
-    const ECDSA_SIG *sig, EC_KEY *eckey);
 
 static ECDSA_METHOD openssl_ecdsa_meth = {
         .name = "OpenSSL ECDSA method",
-        .ecdsa_do_sign = ecdsa_do_sign,
-        .ecdsa_sign_setup = ecdsa_sign_setup,
-        .ecdsa_do_verify = ecdsa_do_verify
+        .ecdsa_do_sign = ossl_ecdsa_sign_sig,
+        .ecdsa_sign_setup = ossl_ecdsa_sign_setup,
+        .ecdsa_do_verify = ossl_ecdsa_verify_sig,
 };
 
 const ECDSA_METHOD *
@@ -139,8 +133,8 @@ ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, unsigned char *si
         return ret;
 }
 
-static int
-ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+int
+ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 {
         BN_CTX *ctx = ctx_in;
         BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
@@ -260,18 +254,6 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
         return (ret);
 }
 
-/* replace w/ ecdsa_sign_setup() when ECDSA_METHOD gets removed */
-int
-ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-        ECDSA_DATA *ecdsa;
-
-        if ((ecdsa = ecdsa_check(eckey)) == NULL)
-                return 0;
-        return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
-}
-
-
 /*
  * It is too expensive to check curve parameters on every sign operation.
  * Instead, cap the number of retries. A single retry is very unlikely, so
@@ -279,8 +261,8 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp
  */
 #define ECDSA_MAX_SIGN_ITERATIONS               32
 
-static ECDSA_SIG *
-ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
+ECDSA_SIG *
+ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
     const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
 {
         BIGNUM *b = NULL, *binv = NULL, *bm = NULL, *bxr = NULL;
@@ -432,18 +414,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
         return ret;
 }
 
-/* replace w/ ecdsa_do_sign() when ECDSA_METHOD gets removed */
-ECDSA_SIG *
-ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
-    const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
-{
-        ECDSA_DATA *ecdsa;
-
-        if ((ecdsa = ecdsa_check(eckey)) == NULL)
-                return NULL;
-        return ecdsa->meth->ecdsa_do_sign(dgst, dgst_len, in_kinv, in_r, eckey);
-}
-
 int
 ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
     const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
@@ -470,8 +440,8 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
         return (ret);
 }
 
-static int
-ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
+int
+ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
     EC_KEY *eckey)
 {
         BN_CTX *ctx;
@@ -561,18 +531,6 @@ ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
         return ret;
 }
 
-/* replace w/ ecdsa_do_verify() when ECDSA_METHOD gets removed */
-int
-ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
-    const ECDSA_SIG *sig, EC_KEY *eckey)
-{
-        ECDSA_DATA *ecdsa;
-
-        if ((ecdsa = ecdsa_check(eckey)) == NULL)
-                return 0;
-        return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
-}
-
 ECDSA_SIG *
 ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
 {