From 5a5cc510924fb6e11afacaa0c864bb2a532ff715 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 13 Jan 2024 12:46:59 +0000
Subject: Prepare to remove the EVP_PKEY_meth_* API
After removing the last caller of EVP_PKEY_meth_find() from libssl, none
of these is used. And with EVP_PKEY_meth_new() gone, there will no longer
be a way to get your hands onto an EVP_PKEY_METHOD that is writable, so
none of the silent failures (because they're void functions) should matter
in the few weeks until we bump.
ok jsing
---
src/lib/libcrypto/evp/pmeth_lib.c | 139 ++++++++++++++------------------------
1 file changed, 50 insertions(+), 89 deletions(-)
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index 604181d311..67ab72eff3 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pmeth_lib.c,v 1.36 2024/01/04 20:15:01 tb Exp $ */
+/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@@ -101,14 +101,14 @@ static const EVP_PKEY_METHOD *pkey_methods[] = {
#define N_PKEY_METHODS (sizeof(pkey_methods) / sizeof(pkey_methods[0]))
-const EVP_PKEY_METHOD *
-EVP_PKEY_meth_find(int type)
+static const EVP_PKEY_METHOD *
+evp_pkey_method_find(int nid)
{
size_t i;
for (i = 0; i < N_PKEY_METHODS; i++) {
const EVP_PKEY_METHOD *pmeth = pkey_methods[i];
- if (pmeth->pkey_id == type)
+ if (pmeth->pkey_id == nid)
return pmeth;
}
@@ -116,18 +116,18 @@ EVP_PKEY_meth_find(int type)
}
static EVP_PKEY_CTX *
-evp_pkey_ctx_new(EVP_PKEY *pkey, int id)
+evp_pkey_ctx_new(EVP_PKEY *pkey, int nid)
{
EVP_PKEY_CTX *pkey_ctx = NULL;
const EVP_PKEY_METHOD *pmeth;
- if (id == -1) {
+ if (nid == -1) {
if (pkey == NULL || pkey->ameth == NULL)
return NULL;
- id = pkey->ameth->pkey_id;
+ nid = pkey->ameth->pkey_id;
}
- if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) {
+ if ((pmeth = evp_pkey_method_find(nid)) == NULL) {
EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
goto err;
}
@@ -154,50 +154,6 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, int id)
return NULL;
}
-EVP_PKEY_METHOD*
-EVP_PKEY_meth_new(int id, int flags)
-{
- EVP_PKEY_METHOD *pmeth;
-
- if ((pmeth = calloc(1, sizeof(EVP_PKEY_METHOD))) == NULL)
- return NULL;
-
- pmeth->pkey_id = id;
- pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
-
- return pmeth;
-}
-
-void
-EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
-{
- if (ppkey_id)
- *ppkey_id = meth->pkey_id;
- if (pflags)
- *pflags = meth->flags;
-}
-
-void
-EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
-{
- EVP_PKEY_METHOD preserve;
-
- preserve.pkey_id = dst->pkey_id;
- preserve.flags = dst->flags;
-
- *dst = *src;
-
- dst->pkey_id = preserve.pkey_id;
- dst->flags = preserve.flags;
-}
-
-void
-EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
-{
- if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
- free(pmeth);
-}
-
EVP_PKEY_CTX *
EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine)
{
@@ -205,9 +161,9 @@ EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine)
}
EVP_PKEY_CTX *
-EVP_PKEY_CTX_new_id(int id, ENGINE *engine)
+EVP_PKEY_CTX_new_id(int nid, ENGINE *engine)
{
- return evp_pkey_ctx_new(NULL, id);
+ return evp_pkey_ctx_new(NULL, nid);
}
EVP_PKEY_CTX *
@@ -241,13 +197,6 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
return NULL;
}
-int
-EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
-{
- EVPerror(ERR_R_DISABLED);
- return 0;
-}
-
void
EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
{
@@ -399,25 +348,62 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
return ctx->app_data;
}
+/*
+ * Remove all the functions below in the next major bump
+ */
+
+const EVP_PKEY_METHOD *
+EVP_PKEY_meth_find(int type)
+{
+ EVPerror(ERR_R_DISABLED);
+ return NULL;
+}
+
+EVP_PKEY_METHOD*
+EVP_PKEY_meth_new(int id, int flags)
+{
+ EVPerror(ERR_R_DISABLED);
+ return NULL;
+}
+
+void
+EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
+{
+}
+
+void
+EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
+{
+}
+
+void
+EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
+{
+}
+
+int
+EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
+{
+ EVPerror(ERR_R_DISABLED);
+ return 0;
+}
+
void
EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx))
{
- pmeth->init = init;
}
void
EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
{
- pmeth->copy = copy;
}
void
EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx))
{
- pmeth->cleanup = cleanup;
}
void
@@ -425,8 +411,6 @@ EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
- pmeth->paramgen_init = paramgen_init;
- pmeth->paramgen = paramgen;
}
void
@@ -434,8 +418,6 @@ EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
- pmeth->keygen_init = keygen_init;
- pmeth->keygen = keygen;
}
void
@@ -444,8 +426,6 @@ EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
- pmeth->sign_init = sign_init;
- pmeth->sign = sign;
}
void
@@ -454,8 +434,6 @@ EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen))
{
- pmeth->verify_init = verify_init;
- pmeth->verify = verify;
}
void
@@ -465,8 +443,6 @@ EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen))
{
- pmeth->verify_recover_init = verify_recover_init;
- pmeth->verify_recover = verify_recover;
}
void
@@ -475,8 +451,6 @@ EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx))
{
- pmeth->signctx_init = signctx_init;
- pmeth->signctx = signctx;
}
void
@@ -485,8 +459,6 @@ EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx))
{
- pmeth->verifyctx_init = verifyctx_init;
- pmeth->verifyctx = verifyctx;
}
void
@@ -495,8 +467,6 @@ EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
- pmeth->encrypt_init = encrypt_init;
- pmeth->encrypt = encryptfn;
}
void
@@ -505,8 +475,6 @@ EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
- pmeth->decrypt_init = decrypt_init;
- pmeth->decrypt = decrypt;
}
void
@@ -514,8 +482,6 @@ EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
{
- pmeth->derive_init = derive_init;
- pmeth->derive = derive;
}
void
@@ -523,26 +489,21 @@ EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
{
- pmeth->ctrl = ctrl;
- pmeth->ctrl_str = ctrl_str;
}
void
EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey))
{
- pmeth->check = check;
}
void
EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
int (*public_check)(EVP_PKEY *pkey))
{
- pmeth->public_check = public_check;
}
void
EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
int (*param_check)(EVP_PKEY *pkey))
{
- pmeth->param_check = param_check;
}
--
cgit v1.2.3-55-g6feb