From 9e356d4225ee2dcd3e3eebabf384851ee547ec95 Mon Sep 17 00:00:00 2001 From: tb <> Date: Sun, 19 Nov 2023 15:46:10 +0000 Subject: Unifdef OPENSSL_NO_ENGINE in libcrypto This is mechanical apart from a few manual edits to avoid doubled empty lines. ok jsing --- src/lib/libcrypto/evp/digest.c | 62 +---------------------------------------- src/lib/libcrypto/evp/evp_enc.c | 55 +----------------------------------- src/lib/libcrypto/evp/p_lib.c | 21 +------------- 3 files changed, 3 insertions(+), 135 deletions(-) (limited to 'src/lib/libcrypto/evp') diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index ca3fb219cd..9a2a304250 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -118,10 +118,6 @@ #include #include -#ifndef OPENSSL_NO_ENGINE -#include -#endif - #include "evp_local.h" int @@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unnecessary. */ - if (ctx->engine && ctx->digest && (!type || - (type && (type->type == ctx->digest->type)))) - goto skip_to_init; - if (type) { - /* Ensure an ENGINE left lying around from last time is cleared - * (the previous check attempted to avoid this if the same - * ENGINE and EVP_MD could be used). */ - ENGINE_finish(ctx->engine); - if (impl != NULL) { - if (!ENGINE_init(impl)) { - EVPerror(EVP_R_INITIALIZATION_ERROR); - return 0; - } - } else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_digest_engine(type->type); - if (impl != NULL) { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_MD *d = ENGINE_get_digest(impl, type->type); - if (d == NULL) { - /* Same comment from evp_enc.c */ - EVPerror(EVP_R_INITIALIZATION_ERROR); - ENGINE_finish(impl); - return 0; - } - /* We'll use the ENGINE's private digest definition */ - type = d; - /* Store the ENGINE functional reference so we know - * 'type' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } else - ctx->engine = NULL; - } else if (!ctx->digest) { - EVPerror(EVP_R_NO_DIGEST_SET); - return 0; - } -#endif if (ctx->digest != type) { if (ctx->digest && ctx->digest->ctx_size && ctx->md_data && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { @@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) } } } -#ifndef OPENSSL_NO_ENGINE -skip_to_init: -#endif if (ctx->pctx) { int r; r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, @@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) EVPerror(EVP_R_INPUT_NOT_INITIALIZED); return 0; } -#ifndef OPENSSL_NO_ENGINE - /* Make sure it's safe to copy a digest context using an ENGINE */ - if (in->engine && !ENGINE_init(in->engine)) { - EVPerror(ERR_R_ENGINE_LIB); - return 0; - } -#endif if (out->digest == in->digest) { tmp_buf = out->md_data; @@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) */ if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) EVP_PKEY_CTX_free(ctx->pctx); -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(ctx->engine); -#endif memset(ctx, 0, sizeof(*ctx)); return 1; diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index eb279b2378..172d8b4019 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_enc.c,v 1.54 2023/11/18 09:37:15 tb Exp $ */ +/* $OpenBSD: evp_enc.c,v 1.55 2023/11/19 15:46:09 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -68,10 +68,6 @@ #include #include -#ifndef OPENSSL_NO_ENGINE -#include -#endif - #include "evp_local.h" int @@ -94,15 +90,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, enc = 1; ctx->encrypt = enc; } -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unnecessary. */ - if (ctx->engine && ctx->cipher && - (!cipher || (cipher && (cipher->nid == ctx->cipher->nid)))) - goto skip_to_init; -#endif if (cipher) { /* Ensure a context left lying around from last time is cleared * (the previous check attempted to avoid this if the same @@ -114,32 +101,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, ctx->encrypt = enc; ctx->flags = flags; } -#ifndef OPENSSL_NO_ENGINE - if (impl) { - if (!ENGINE_init(impl)) { - EVPerror(EVP_R_INITIALIZATION_ERROR); - return 0; - } - } else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_cipher_engine(cipher->nid); - if (impl) { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_CIPHER *c = - ENGINE_get_cipher(impl, cipher->nid); - if (!c) { - EVPerror(EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private cipher definition */ - cipher = c; - /* Store the ENGINE functional reference so we know - * 'cipher' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } else - ctx->engine = NULL; -#endif ctx->cipher = cipher; if (ctx->cipher->ctx_size) { @@ -163,9 +124,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, EVPerror(EVP_R_NO_CIPHER_SET); return 0; } -#ifndef OPENSSL_NO_ENGINE -skip_to_init: -#endif /* we assume block size is a power of 2 in *cryptUpdate */ if (ctx->cipher->block_size != 1 && ctx->cipher->block_size != 8 && @@ -614,10 +572,6 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) /* XXX - store size of cipher_data so we can always freezero(). */ free(c->cipher_data); -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(c->engine); -#endif - explicit_bzero(c, sizeof(EVP_CIPHER_CTX)); return 1; @@ -688,13 +642,6 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) EVPerror(EVP_R_INPUT_NOT_INITIALIZED); return 0; } -#ifndef OPENSSL_NO_ENGINE - /* Make sure it's safe to copy a cipher context using an ENGINE */ - if (in->engine && !ENGINE_init(in->engine)) { - EVPerror(ERR_R_ENGINE_LIB); - return 0; - } -#endif EVP_CIPHER_CTX_cleanup(out); memcpy(out, in, sizeof *out); diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c index 23ec8e6031..eaeb456cbb 100644 --- a/src/lib/libcrypto/evp/p_lib.c +++ b/src/lib/libcrypto/evp/p_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_lib.c,v 1.37 2023/09/10 17:32:17 tb Exp $ */ +/* $OpenBSD: p_lib.c,v 1.38 2023/11/19 15:46:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -77,10 +77,6 @@ #include #endif -#ifndef OPENSSL_NO_ENGINE -#include -#endif - #include "asn1_local.h" #include "evp_local.h" @@ -245,19 +241,11 @@ pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, int len) */ if ((type == pkey->save_type) && pkey->ameth) return 1; -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(pkey->engine); - pkey->engine = NULL; -#endif } if (str) ameth = EVP_PKEY_asn1_find_str(eptr, str, len); else ameth = EVP_PKEY_asn1_find(eptr, type); -#ifndef OPENSSL_NO_ENGINE - if (pkey == NULL && eptr != NULL) - ENGINE_finish(e); -#endif if (!ameth) { EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); return 0; @@ -583,9 +571,6 @@ EVP_PKEY_type(int type) ret = ameth->pkey_id; else ret = NID_undef; -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(e); -#endif return ret; } @@ -626,10 +611,6 @@ EVP_PKEY_free_it(EVP_PKEY *x) x->ameth->pkey_free(x); x->pkey.ptr = NULL; } -#ifndef OPENSSL_NO_ENGINE - ENGINE_finish(x->engine); - x->engine = NULL; -#endif } static int -- cgit v1.2.3-55-g6feb