From 0c4bef0c67554c96db6dc257452593c5a9b573ec Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 29 Nov 2024 15:59:57 +0000
Subject: Remove X9.42 DH rudiments

In the unlikely event that we should ever decide to implement this after
a quarter century of not needing it, we can readily put this back. Until
then this is dead weight.

prompted by a question by djm
ok jsing
---
 src/lib/libcrypto/dh/dh_check.c | 10 +++-------
 src/lib/libcrypto/dh/dh_lib.c   |  7 ++-----
 src/lib/libcrypto/dh/dh_local.h |  9 ++-------
 3 files changed, 7 insertions(+), 19 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 57330b2068..a880f9fca1 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_check.c,v 1.29 2024/08/30 17:44:56 tb Exp $ */
+/* $OpenBSD: dh_check.c,v 1.30 2024/11/29 15:59:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -127,10 +127,8 @@ DH_check(const DH *dh, int *flags)
 	BN_CTX_start(ctx);
 
 	if (dh->q != NULL) {
-		BIGNUM *quotient, *residue;
+		BIGNUM *residue;
 
-		if ((quotient = BN_CTX_get(ctx)) == NULL)
-			goto err;
 		if ((residue = BN_CTX_get(ctx)) == NULL)
 			goto err;
 		if ((*flags & DH_NOT_SUITABLE_GENERATOR) == 0) {
@@ -147,12 +145,10 @@ DH_check(const DH *dh, int *flags)
 		if (is_prime == 0)
 			*flags |= DH_CHECK_Q_NOT_PRIME;
 		/* Check p == 1 mod q, i.e., q divides p - 1 */
-		if (!BN_div_ct(quotient, residue, dh->p, dh->q, ctx))
+		if (!BN_div_ct(NULL, residue, dh->p, dh->q, ctx))
 			goto err;
 		if (!BN_is_one(residue))
 			*flags |= DH_CHECK_INVALID_Q_VALUE;
-		if (dh->j != NULL && BN_cmp(dh->j, quotient) != 0)
-			*flags |= DH_CHECK_INVALID_J_VALUE;
 	}
 
 	is_prime = BN_is_prime_ex(dh->p, DH_NUMBER_ITERATIONS_FOR_PRIME,
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 86503bc4e0..803aca6421 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_lib.c,v 1.45 2024/03/27 01:26:30 tb Exp $ */
+/* $OpenBSD: dh_lib.c,v 1.46 2024/11/29 15:59:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -154,11 +154,8 @@ DH_free(DH *dh)
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data);
 
 	BN_free(dh->p);
-	BN_free(dh->g);
 	BN_free(dh->q);
-	BN_free(dh->j);
-	free(dh->seed);
-	BN_free(dh->counter);
+	BN_free(dh->g);
 	BN_free(dh->pub_key);
 	BN_free(dh->priv_key);
 	free(dh);
diff --git a/src/lib/libcrypto/dh/dh_local.h b/src/lib/libcrypto/dh/dh_local.h
index efbc08b356..2c89f10127 100644
--- a/src/lib/libcrypto/dh/dh_local.h
+++ b/src/lib/libcrypto/dh/dh_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_local.h,v 1.6 2024/11/29 07:42:35 tb Exp $ */
+/* $OpenBSD: dh_local.h,v 1.7 2024/11/29 15:59:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -80,6 +80,7 @@ struct dh_method {
 struct dh_st {
 	int version;
 	BIGNUM *p;
+	BIGNUM *q;
 	BIGNUM *g;
 	long length; /* optional */
 	BIGNUM *pub_key;	/* g^x */
@@ -87,12 +88,6 @@ struct dh_st {
 
 	int flags;
 	BN_MONT_CTX *method_mont_p;
-	/* Place holders if we want to do X9.42 DH */
-	BIGNUM *q;
-	BIGNUM *j;
-	unsigned char *seed;
-	int seedlen;
-	BIGNUM *counter;
 
 	int references;
 	CRYPTO_EX_DATA ex_data;
-- 
cgit v1.2.3-55-g6feb