From: tb Date: Sun, 14 Jul 2024 16:04:10 +0000 (+0000) Subject: Disable most EVP_PKEY_*attr* API X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2a0af5fe32f6f0f93eab1cbb5fc811184d05c6d8;p=openbsd Disable most EVP_PKEY_*attr* API There is a single consumer of this entire family of function, namely the openssl(1) pkcs12 command uses EVP_PKEY_add1_attr_by_NID, so leave that one intact for now. ok jsing --- diff --git a/lib/libcrypto/evp/evp_pkey.c b/lib/libcrypto/evp/evp_pkey.c index 591d066f4f3..655ec107ff5 100644 --- a/lib/libcrypto/evp/evp_pkey.c +++ b/lib/libcrypto/evp/evp_pkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pkey.c,v 1.28 2024/04/09 13:55:02 beck Exp $ */ +/* $OpenBSD: evp_pkey.c,v 1.29 2024/07/14 16:04:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -141,19 +141,23 @@ error: } LCRYPTO_ALIAS(EVP_PKEY2PKCS8); -/* EVP_PKEY attribute functions */ +/* + * XXX - delete all the garbage below in the next bump. + */ int EVP_PKEY_get_attr_count(const EVP_PKEY *key) { - return X509at_get_attr_count(key->attributes); + EVPerror(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(EVP_PKEY_get_attr_count); int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos) { - return X509at_get_attr_by_NID(key->attributes, nid, lastpos); + EVPerror(ERR_R_DISABLED); + return -1; } LCRYPTO_ALIAS(EVP_PKEY_get_attr_by_NID); @@ -161,29 +165,31 @@ int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj, int lastpos) { - return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos); + EVPerror(ERR_R_DISABLED); + return -1; } LCRYPTO_ALIAS(EVP_PKEY_get_attr_by_OBJ); X509_ATTRIBUTE * EVP_PKEY_get_attr(const EVP_PKEY *key, int loc) { - return X509at_get_attr(key->attributes, loc); + EVPerror(ERR_R_DISABLED); + return NULL; } LCRYPTO_ALIAS(EVP_PKEY_get_attr); X509_ATTRIBUTE * EVP_PKEY_delete_attr(EVP_PKEY *key, int loc) { - return X509at_delete_attr(key->attributes, loc); + EVPerror(ERR_R_DISABLED); + return NULL; } LCRYPTO_ALIAS(EVP_PKEY_delete_attr); int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr) { - if (X509at_add1_attr(&key->attributes, attr)) - return 1; + EVPerror(ERR_R_DISABLED); return 0; } LCRYPTO_ALIAS(EVP_PKEY_add1_attr); @@ -192,8 +198,7 @@ int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len)) - return 1; + EVPerror(ERR_R_DISABLED); return 0; } LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_OBJ); @@ -212,9 +217,7 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_txt(&key->attributes, attrname, type, - bytes, len)) - return 1; + EVPerror(ERR_R_DISABLED); return 0; } LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_txt);