1 files changed, 2 insertions, 80 deletions
diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c
index 5e4e8d521c..392d3cc339 100644
--- a/src/usr.bin/openssl/apps.c
+++ b/src/usr.bin/openssl/apps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.c,v 1.60 2021/03/31 17:13:54 tb Exp $ */
+/* $OpenBSD: apps.c,v 1.61 2021/11/26 16:23:27 tb Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -160,12 +160,6 @@ static int set_table_opts(unsigned long *flags, const char *arg,
 static int set_multi_opts(unsigned long *flags, const char *arg,
    const NAME_EX_TBL *in_tbl);
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-/* Looks like this stuff is worth moving into separate function */
-static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
-    const char *key_descrip, int format);
-#endif
 int
 str2fmt(char *s)
 {
@@ -175,8 +169,6 @@ str2fmt(char *s)
                return (FORMAT_ASN1);
        else if ((*s == 'T') || (*s == 't'))
                return (FORMAT_TEXT);
-        else if ((*s == 'N') || (*s == 'n'))
-                return (FORMAT_NETSCAPE);
        else if ((*s == 'S') || (*s == 's'))
                return (FORMAT_SMIME);
        else if ((*s == 'M') || (*s == 'm'))
@@ -612,24 +604,7 @@ load_cert(BIO *err, const char *file, int format, const char *pass,
        if (format == FORMAT_ASN1)
                x = d2i_X509_bio(cert, NULL);
-        else if (format == FORMAT_NETSCAPE) {
+        else if (format == FORMAT_PEM)
-                NETSCAPE_X509 *nx;
-                nx = ASN1_item_d2i_bio(&NETSCAPE_X509_it,
-                    cert, NULL);
-                if (nx == NULL)
-                        goto end;
-                if ((strncmp(NETSCAPE_CERT_HDR, (char *) nx->header->data,
-                    nx->header->length) != 0)) {
-                        NETSCAPE_X509_free(nx);
-                        BIO_printf(err,
-                            "Error reading header on certificate\n");
-                        goto end;
-                }
-                x = nx->cert;
-                nx->cert = NULL;
-                NETSCAPE_X509_free(nx);
-        } else if (format == FORMAT_PEM)
                x = PEM_read_bio_X509_AUX(cert, NULL, password_callback, NULL);
        else if (format == FORMAT_PKCS12) {
                if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL,
@@ -684,10 +659,6 @@ load_key(BIO *err, const char *file, int format, int maybe_stdin,
        } else if (format == FORMAT_PEM) {
                pkey = PEM_read_bio_PrivateKey(key, NULL, password_callback, &cb_data);
        }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-        else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-                pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
        else if (format == FORMAT_PKCS12) {
                if (!load_pkcs12(err, key, key_descrip, password_callback, &cb_data,
                    &pkey, NULL, NULL))
@@ -768,10 +739,6 @@ load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
        else if (format == FORMAT_PEM) {
                pkey = PEM_read_bio_PUBKEY(key, NULL, password_callback, &cb_data);
        }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-        else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-                pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
        else if (format == FORMAT_MSBLOB)
                pkey = b2i_PublicKey_bio(key);
@@ -788,51 +755,6 @@ load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
        return (pkey);
 }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-static EVP_PKEY *
-load_netscape_key(BIO *err, BIO *key, const char *file,
-    const char *key_descrip, int format)
-{
-        EVP_PKEY *pkey;
-        BUF_MEM *buf;
-        RSA *rsa;
-        const unsigned char *p;
-        int size, i;
-        buf = BUF_MEM_new();
-        pkey = EVP_PKEY_new();
-        size = 0;
-        if (buf == NULL || pkey == NULL)
-                goto error;
-        for (;;) {
-                if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
-                        goto error;
-                i = BIO_read(key, &(buf->data[size]), 1024 * 10);
-                size += i;
-                if (i == 0)
-                        break;
-                if (i < 0) {
-                        BIO_printf(err, "Error reading %s %s",
-                            key_descrip, file);
-                        goto error;
-                }
-        }
-        p = (unsigned char *) buf->data;
-        rsa = d2i_RSA_NET(NULL, &p, (long) size, NULL,
-            (format == FORMAT_IISSGC ? 1 : 0));
-        if (rsa == NULL)
-                goto error;
-        BUF_MEM_free(buf);
-        EVP_PKEY_set1_RSA(pkey, rsa);
-        return pkey;
- error:
-        BUF_MEM_free(buf);
-        EVP_PKEY_free(pkey);
-        return NULL;
-}
-#endif                          /* ndef OPENSSL_NO_RC4 */
 static int
 load_certs_crls(BIO *err, const char *file, int format, const char *pass,
    const char *desc, STACK_OF(X509) **pcerts,

diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c index 5e4e8d521c..392d3cc339 100644 --- a/src/usr.bin/openssl/apps.c +++ b/src/usr.bin/openssl/apps.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: apps.c,v 1.60 2021/03/31 17:13:54 tb Exp $ */	1	/* $OpenBSD: apps.c,v 1.61 2021/11/26 16:23:27 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -160,12 +160,6 @@ static int set_table_opts(unsigned long flags, const char arg,
160	static int set_multi_opts(unsigned long flags, const char arg,	160	static int set_multi_opts(unsigned long flags, const char arg,
161	const NAME_EX_TBL *in_tbl);	161	const NAME_EX_TBL *in_tbl);
162		162
163	#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
164	/* Looks like this stuff is worth moving into separate function */
165	static EVP_PKEY load_netscape_key(BIO err, BIO key, const char file,
166	const char *key_descrip, int format);
167	#endif
168
169	int	163	int
170	str2fmt(char *s)	164	str2fmt(char *s)
171	{	165	{
@@ -175,8 +169,6 @@ str2fmt(char *s)
175	return (FORMAT_ASN1);	169	return (FORMAT_ASN1);
176	else if ((s == 'T') \|\| (s == 't'))	170	else if ((s == 'T') \|\| (s == 't'))
177	return (FORMAT_TEXT);	171	return (FORMAT_TEXT);
178	else if ((s == 'N') \|\| (s == 'n'))
179	return (FORMAT_NETSCAPE);
180	else if ((s == 'S') \|\| (s == 's'))	172	else if ((s == 'S') \|\| (s == 's'))
181	return (FORMAT_SMIME);	173	return (FORMAT_SMIME);
182	else if ((s == 'M') \|\| (s == 'm'))	174	else if ((s == 'M') \|\| (s == 'm'))
@@ -612,24 +604,7 @@ load_cert(BIO err, const char file, int format, const char *pass,
612		604
613	if (format == FORMAT_ASN1)	605	if (format == FORMAT_ASN1)
614	x = d2i_X509_bio(cert, NULL);	606	x = d2i_X509_bio(cert, NULL);
615	else if (format == FORMAT_NETSCAPE) {	607	else if (format == FORMAT_PEM)
616	NETSCAPE_X509 *nx;
617	nx = ASN1_item_d2i_bio(&NETSCAPE_X509_it,
618	cert, NULL);
619	if (nx == NULL)
620	goto end;
621
622	if ((strncmp(NETSCAPE_CERT_HDR, (char *) nx->header->data,
623	nx->header->length) != 0)) {
624	NETSCAPE_X509_free(nx);
625	BIO_printf(err,
626	"Error reading header on certificate\n");
627	goto end;
628	}
629	x = nx->cert;
630	nx->cert = NULL;
631	NETSCAPE_X509_free(nx);
632	} else if (format == FORMAT_PEM)
633	x = PEM_read_bio_X509_AUX(cert, NULL, password_callback, NULL);	608	x = PEM_read_bio_X509_AUX(cert, NULL, password_callback, NULL);
634	else if (format == FORMAT_PKCS12) {	609	else if (format == FORMAT_PKCS12) {
635	if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL,	610	if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL,
@@ -684,10 +659,6 @@ load_key(BIO err, const char file, int format, int maybe_stdin,
684	} else if (format == FORMAT_PEM) {	659	} else if (format == FORMAT_PEM) {
685	pkey = PEM_read_bio_PrivateKey(key, NULL, password_callback, &cb_data);	660	pkey = PEM_read_bio_PrivateKey(key, NULL, password_callback, &cb_data);
686	}	661	}
687	#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
688	else if (format == FORMAT_NETSCAPE \|\| format == FORMAT_IISSGC)
689	pkey = load_netscape_key(err, key, file, key_descrip, format);
690	#endif
691	else if (format == FORMAT_PKCS12) {	662	else if (format == FORMAT_PKCS12) {
692	if (!load_pkcs12(err, key, key_descrip, password_callback, &cb_data,	663	if (!load_pkcs12(err, key, key_descrip, password_callback, &cb_data,
693	&pkey, NULL, NULL))	664	&pkey, NULL, NULL))
@@ -768,10 +739,6 @@ load_pubkey(BIO err, const char file, int format, int maybe_stdin,
768	else if (format == FORMAT_PEM) {	739	else if (format == FORMAT_PEM) {
769	pkey = PEM_read_bio_PUBKEY(key, NULL, password_callback, &cb_data);	740	pkey = PEM_read_bio_PUBKEY(key, NULL, password_callback, &cb_data);
770	}	741	}
771	#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
772	else if (format == FORMAT_NETSCAPE \|\| format == FORMAT_IISSGC)
773	pkey = load_netscape_key(err, key, file, key_descrip, format);
774	#endif
775	#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)	742	#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
776	else if (format == FORMAT_MSBLOB)	743	else if (format == FORMAT_MSBLOB)
777	pkey = b2i_PublicKey_bio(key);	744	pkey = b2i_PublicKey_bio(key);
@@ -788,51 +755,6 @@ load_pubkey(BIO err, const char file, int format, int maybe_stdin,
788	return (pkey);	755	return (pkey);
789	}	756	}
790		757
791	#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
792	static EVP_PKEY *
793	load_netscape_key(BIO err, BIO key, const char *file,
794	const char *key_descrip, int format)
795	{
796	EVP_PKEY *pkey;
797	BUF_MEM *buf;
798	RSA *rsa;
799	const unsigned char *p;
800	int size, i;
801
802	buf = BUF_MEM_new();
803	pkey = EVP_PKEY_new();
804	size = 0;
805	if (buf == NULL \|\| pkey == NULL)
806	goto error;
807	for (;;) {
808	if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
809	goto error;
810	i = BIO_read(key, &(buf->data[size]), 1024 * 10);
811	size += i;
812	if (i == 0)
813	break;
814	if (i < 0) {
815	BIO_printf(err, "Error reading %s %s",
816	key_descrip, file);
817	goto error;
818	}
819	}
820	p = (unsigned char *) buf->data;
821	rsa = d2i_RSA_NET(NULL, &p, (long) size, NULL,
822	(format == FORMAT_IISSGC ? 1 : 0));
823	if (rsa == NULL)
824	goto error;
825	BUF_MEM_free(buf);
826	EVP_PKEY_set1_RSA(pkey, rsa);
827	return pkey;
828
829	error:
830	BUF_MEM_free(buf);
831	EVP_PKEY_free(pkey);
832	return NULL;
833	}
834	#endif /* ndef OPENSSL_NO_RC4 */
835
836	static int	758	static int
837	load_certs_crls(BIO err, const char file, int format, const char *pass,	759	load_certs_crls(BIO err, const char file, int format, const char *pass,
838	const char desc, STACK_OF(X509) *pcerts,	760	const char desc, STACK_OF(X509) *pcerts,