From 088524f67dc2c4c14a8321f741b91bd9d7a0211d Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Fri, 15 Dec 2023 08:16:54 +0000
Subject: [PATCH] Neuter EVP_PKEY_asn1_add{0,_alias}()

Nothing uses these, so they will be removed in the next bump. For now
make them always fail and remove the unprotected global state backing
them. This makes EVP_PKEY_asn1_get{0,_count}() completely trivial and
will allow some further cleanup in later steps.

ok jsing
---
 lib/libcrypto/asn1/ameth_lib.c | 52 +++++++---------------------------
 1 file changed, 10 insertions(+), 42 deletions(-)

diff --git a/lib/libcrypto/asn1/ameth_lib.c b/lib/libcrypto/asn1/ameth_lib.c
index aa4bb876677..9b4796a161c 100644
--- a/lib/libcrypto/asn1/ameth_lib.c
+++ b/lib/libcrypto/asn1/ameth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ameth_lib.c,v 1.34 2023/11/29 21:35:57 tb Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.35 2023/12/15 08:16:54 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -62,6 +62,7 @@
 #include <openssl/opensslconf.h>
 
 #include <openssl/asn1t.h>
+#include <openssl/err.h>
 #include <openssl/x509.h>
 
 #include "asn1_local.h"
@@ -100,36 +101,21 @@ static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = {
 	&x25519_asn1_meth,
 };
 
-static const size_t asn1_methods_count =
-    sizeof(asn1_methods) / sizeof(asn1_methods[0]);
-
-DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
-static STACK_OF(EVP_PKEY_ASN1_METHOD) *asn1_app_methods = NULL;
+#define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0]))
 
 int
 EVP_PKEY_asn1_get_count(void)
 {
-	int num = asn1_methods_count;
-
-	if (asn1_app_methods != NULL)
-		num += sk_EVP_PKEY_ASN1_METHOD_num(asn1_app_methods);
-
-	return num;
+	return N_ASN1_METHODS;
 }
 
 const EVP_PKEY_ASN1_METHOD *
 EVP_PKEY_asn1_get0(int idx)
 {
-	int num = asn1_methods_count;
-
-	if (idx < 0)
+	if (idx < 0 || idx >= N_ASN1_METHODS)
 		return NULL;
-	if (idx < num)
-		return asn1_methods[idx];
-
-	idx -= num;
 
-	return sk_EVP_PKEY_ASN1_METHOD_value(asn1_app_methods, idx);
+	return asn1_methods[idx];
 }
 
 static const EVP_PKEY_ASN1_METHOD *
@@ -196,33 +182,15 @@ EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len)
 int
 EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
 {
-	if (asn1_app_methods == NULL) {
-		asn1_app_methods = sk_EVP_PKEY_ASN1_METHOD_new(NULL);
-		if (asn1_app_methods == NULL)
-			return 0;
-	}
-
-	if (!sk_EVP_PKEY_ASN1_METHOD_push(asn1_app_methods, ameth))
-		return 0;
-
-	return 1;
+	EVPerror(ERR_R_DISABLED);
+	return 0;
 }
 
 int
 EVP_PKEY_asn1_add_alias(int to, int from)
 {
-	EVP_PKEY_ASN1_METHOD *ameth;
-
-	ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
-	if (ameth == NULL)
-		return 0;
-
-	ameth->pkey_base_id = to;
-	if (!EVP_PKEY_asn1_add0(ameth)) {
-		EVP_PKEY_asn1_free(ameth);
-		return 0;
-	}
-	return 1;
+	EVPerror(ERR_R_DISABLED);
+	return 0;
 }
 
 int
-- 
2.20.1