From b4541fab5e606187b51e789c26e6065cfc57ded0 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 2 Mar 2024 10:20:27 +0000
Subject: Remove more PBE stuff from the public API

This is still needed internally for CMS and its predecessors. This
removal will enable disentangling some of its innards.

ok jsing
---
 src/lib/libcrypto/evp/evp.h       | 7 +------
 src/lib/libcrypto/evp/evp_local.h | 5 +----
 src/lib/libcrypto/evp/evp_pbe.c   | 8 +++++++-
 3 files changed, 9 insertions(+), 11 deletions(-)

(limited to 'src/lib/libcrypto/evp')

diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 28b095ffd4..9e203b086d 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.130 2024/03/02 10:13:13 tb Exp $ */
+/* $OpenBSD: evp.h,v 1.131 2024/03/02 10:20:27 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -870,17 +870,12 @@ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
 int EVP_CIPHER_type(const EVP_CIPHER *ctx);
 
 /* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
 int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
     const unsigned char *salt, int saltlen, int iter, int keylen,
     unsigned char *out);
 int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
     int saltlen, int iter, const EVP_MD *digest, int keylen,
     unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
-    int en_de);
 
 #define ASN1_PKEY_ALIAS		0x1
 #define ASN1_PKEY_DYNAMIC	0x2
diff --git a/src/lib/libcrypto/evp/evp_local.h b/src/lib/libcrypto/evp/evp_local.h
index bce6a87a1e..dad2cec81e 100644
--- a/src/lib/libcrypto/evp/evp_local.h
+++ b/src/lib/libcrypto/evp/evp_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_local.h,v 1.18 2024/03/02 10:08:29 tb Exp $ */
+/* $OpenBSD: evp_local.h,v 1.19 2024/03/02 10:20:27 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -340,9 +340,6 @@ struct evp_pkey_method_st {
 
 void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
 
-int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
-
 /* EVP_AEAD represents a specific AEAD algorithm. */
 struct evp_aead_st {
 	unsigned char key_len;
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index a9f5b8fb12..532c924a9e 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pbe.c,v 1.45 2024/03/02 10:17:37 tb Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.46 2024/03/02 10:20:27 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -73,9 +73,15 @@
 #include "x509_local.h"
 
 /* Password based encryption (PBE) functions */
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
 int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
     ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type,
     int en_de);
+int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
 
 static const struct pbe_config {
 	int pbe_nid;
-- 
cgit v1.2.3-55-g6feb