Remove unused DSA methods

There are no accessors to set them, so this has been involved in a bunch
of dead logic ever since we made DSA opaque a few years ago.

ok jsing

diff --git a/lib/libcrypto/dsa/dsa_gen.c b/lib/libcrypto/dsa/dsa_gen.c
index 8b96687..dc04eba 100644 (file)
--- a/lib/libcrypto/dsa/dsa_gen.c
+++ b/lib/libcrypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_gen.c,v 1.31 2024/03/02 09:33:14 tb Exp $ */
+/* $OpenBSD: dsa_gen.c,v 1.32 2024/05/11 06:43:50 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -75,24 +75,19 @@ int
 DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in,
     int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
 {
-       if (ret->meth->dsa_paramgen)
-               return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
-                   counter_ret, h_ret, cb);
-       else {
-               const EVP_MD *evpmd;
-               size_t qbits;
-
-               if (bits >= 2048) {
-                       qbits = 256;
-                       evpmd = EVP_sha256();
-               } else {
-                       qbits = 160;
-                       evpmd = EVP_sha1();
-               }
-
-               return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in,
-                   seed_len, NULL, counter_ret, h_ret, cb);
+       const EVP_MD *evpmd;
+       size_t qbits;
+
+       if (bits >= 2048) {
+               qbits = 256;
+               evpmd = EVP_sha256();
+       } else {
+               qbits = 160;
+               evpmd = EVP_sha1();
        }
+
+       return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, seed_len,
+           NULL, counter_ret, h_ret, cb);
 }
 LCRYPTO_ALIAS(DSA_generate_parameters_ex);
 

diff --git a/lib/libcrypto/dsa/dsa_key.c b/lib/libcrypto/dsa/dsa_key.c
index 46ec9cf..5fbedcf 100644 (file)
--- a/lib/libcrypto/dsa/dsa_key.c
+++ b/lib/libcrypto/dsa/dsa_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_key.c,v 1.36 2024/05/10 04:53:55 tb Exp $ */
+/* $OpenBSD: dsa_key.c,v 1.37 2024/05/11 06:43:50 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -76,9 +76,6 @@ DSA_generate_key(DSA *dsa)
        BN_CTX *ctx = NULL;
        int ok = 0;
 
-       if (dsa->meth->dsa_keygen != NULL)
-               return dsa->meth->dsa_keygen(dsa);
-
        if ((priv_key = BN_new()) == NULL)
                goto err;
        if ((pub_key = BN_new()) == NULL)

diff --git a/lib/libcrypto/dsa/dsa_local.h b/lib/libcrypto/dsa/dsa_local.h
index 3e688b8..46248f0 100644 (file)
--- a/lib/libcrypto/dsa/dsa_local.h
+++ b/lib/libcrypto/dsa/dsa_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_local.h,v 1.3 2023/11/29 21:35:57 tb Exp $ */
+/* $OpenBSD: dsa_local.h,v 1.4 2024/05/11 06:43:50 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
  *
@@ -69,20 +69,9 @@ struct dsa_method {
            BIGNUM **rp);
        int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
            DSA_SIG *sig, DSA *dsa);
-       int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-           BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-           BN_MONT_CTX *in_mont);
-       int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-           const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
        int (*init)(DSA *dsa);
        int (*finish)(DSA *dsa);
        int flags;
-       char *app_data;
-       /* If this is non-NULL, it is used to generate DSA parameters */
-       int (*dsa_paramgen)(DSA *dsa, int bits, const unsigned char *seed,
-           int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
-       /* If this is non-NULL, it is used to generate DSA keys */
-       int (*dsa_keygen)(DSA *dsa);
 } /* DSA_METHOD */;
 
 struct dsa_st {

diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c
index 943d038..c53c8b9 100644 (file)
--- a/lib/libcrypto/dsa/dsa_ossl.c
+++ b/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ossl.c,v 1.55 2024/05/09 20:57:49 tb Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.56 2024/05/11 06:43:50 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -268,15 +268,8 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
            !bn_copy(k, BN_num_bits(l) > q_bits ? l : m))
                goto err;
 
-       if (dsa->meth->bn_mod_exp != NULL) {
-               if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx,
-                   dsa->method_mont_p))
-                       goto err;
-       } else {
-               if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx,
-                   dsa->method_mont_p))
-                       goto err;
-       }
+       if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx, dsa->method_mont_p))
+               goto err;
 
        if (!BN_mod_ct(r, r, dsa->q, ctx))
                goto err;
@@ -372,15 +365,9 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
                        goto err;
        }
 
-       if (dsa->meth->dsa_mod_exp != NULL) {
-               if (!dsa->meth->dsa_mod_exp(dsa, t1, dsa->g, u1, dsa->pub_key,
-                   u2, dsa->p, ctx, mont))
-                       goto err;
-       } else {
-               if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2,
-                   dsa->p, ctx, mont))
-                       goto err;
-       }
+       if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2, dsa->p,
+           ctx, mont))
+               goto err;
 
        /* let u1 = u1 mod q */
        if (!BN_mod_ct(u1, t1, dsa->q, ctx))