From acf9fd0ee4ad53302c4e9c3a12db9d010f25851a Mon Sep 17 00:00:00 2001
From: tedu <tedu@openbsd.org>
Date: Sat, 17 May 2014 15:44:28 +0000
Subject: [PATCH] deleted seed some time ago

---
 lib/libssl/s3_lib.c           | 101 ----------------------------------
 lib/libssl/src/apps/cms.c     |   7 ---
 lib/libssl/src/apps/dsa.c     |   3 -
 lib/libssl/src/apps/gendsa.c  |   8 ---
 lib/libssl/src/apps/genrsa.c  |   8 ---
 lib/libssl/src/apps/pkcs12.c  |   7 ---
 lib/libssl/src/apps/progs.h   |   7 ---
 lib/libssl/src/apps/rsa.c     |   3 -
 lib/libssl/src/apps/smime.c   |   7 ---
 lib/libssl/src/apps/speed.c   |  35 ------------
 lib/libssl/src/ssl/s3_lib.c   | 101 ----------------------------------
 lib/libssl/src/ssl/ssl_algs.c |   4 --
 lib/libssl/ssl_algs.c         |   4 --
 13 files changed, 295 deletions(-)

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index c68748809c5..293866afee3 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1327,107 +1327,6 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
 	},
 #endif  /* OPENSSL_NO_PSK */
 
-#ifndef OPENSSL_NO_SEED
-	/* SEED ciphersuites from RFC4162 */
-
-	/* Cipher 96 */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_SEED_SHA,
-		TLS1_CK_RSA_WITH_SEED_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 97 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_SEED_SHA,
-		TLS1_CK_DH_DSS_WITH_SEED_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 98 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_SEED_SHA,
-		TLS1_CK_DH_RSA_WITH_SEED_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 99 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
-		TLS1_CK_DHE_DSS_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 9A */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
-		TLS1_CK_DHE_RSA_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 9B */
-	{
-		1,
-		TLS1_TXT_ADH_WITH_SEED_SHA,
-		TLS1_CK_ADH_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-#endif /* OPENSSL_NO_SEED */
-
 	/* GCM ciphersuites from RFC5288 */
 
 	/* Cipher 9C */
diff --git a/lib/libssl/src/apps/cms.c b/lib/libssl/src/apps/cms.c
index aa59b28e863..03459c64a20 100644
--- a/lib/libssl/src/apps/cms.c
+++ b/lib/libssl/src/apps/cms.c
@@ -198,10 +198,6 @@ cms_main(int argc, char **argv)
 		else if (!strcmp(*args, "-des"))
 			cipher = EVP_des_cbc();
 #endif
-#ifndef OPENSSL_NO_SEED
-		else if (!strcmp(*args, "-seed"))
-			cipher = EVP_seed_cbc();
-#endif
 #ifndef OPENSSL_NO_RC2
 		else if (!strcmp(*args, "-rc2-40"))
 			cipher = EVP_rc2_40_cbc();
@@ -518,9 +514,6 @@ argerr:
 		BIO_printf(bio_err, "-des3          encrypt with triple DES\n");
 		BIO_printf(bio_err, "-des           encrypt with DES\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, "-seed          encrypt with SEED\n");
-#endif
 #ifndef OPENSSL_NO_RC2
 		BIO_printf(bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
 		BIO_printf(bio_err, "-rc2-64        encrypt with RC2-64\n");
diff --git a/lib/libssl/src/apps/dsa.c b/lib/libssl/src/apps/dsa.c
index 2a27365adf1..f9be2392d8e 100644
--- a/lib/libssl/src/apps/dsa.c
+++ b/lib/libssl/src/apps/dsa.c
@@ -216,9 +216,6 @@ bad:
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
 		BIO_printf(bio_err, "                 encrypt PEM output with cbc camellia\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, " -seed           encrypt PEM output with cbc seed\n");
 #endif
 		BIO_printf(bio_err, " -text           print the key in text\n");
 		BIO_printf(bio_err, " -noout          don't print key out\n");
diff --git a/lib/libssl/src/apps/gendsa.c b/lib/libssl/src/apps/gendsa.c
index 8a0d3ecbed9..07eb7563720 100644
--- a/lib/libssl/src/apps/gendsa.c
+++ b/lib/libssl/src/apps/gendsa.c
@@ -134,10 +134,6 @@ gendsa_main(int argc, char **argv)
 		else if (strcmp(*argv, "-idea") == 0)
 			enc = EVP_idea_cbc();
 #endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv, "-seed") == 0)
-			enc = EVP_seed_cbc();
-#endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv, "-aes128") == 0)
 			enc = EVP_aes_128_cbc();
@@ -173,10 +169,6 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err, " -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, " -seed\n");
-		BIO_printf(bio_err, "                 encrypt PEM output with cbc seed\n");
-#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
diff --git a/lib/libssl/src/apps/genrsa.c b/lib/libssl/src/apps/genrsa.c
index 88c80f2b666..643e20da2f3 100644
--- a/lib/libssl/src/apps/genrsa.c
+++ b/lib/libssl/src/apps/genrsa.c
@@ -157,10 +157,6 @@ genrsa_main(int argc, char **argv)
 		else if (strcmp(*argv, "-idea") == 0)
 			enc = EVP_idea_cbc();
 #endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv, "-seed") == 0)
-			enc = EVP_seed_cbc();
-#endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv, "-aes128") == 0)
 			enc = EVP_aes_128_cbc();
@@ -194,10 +190,6 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err, " -idea           encrypt the generated key with IDEA in cbc mode\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, " -seed\n");
-		BIO_printf(bio_err, "                 encrypt PEM output with cbc seed\n");
-#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
diff --git a/lib/libssl/src/apps/pkcs12.c b/lib/libssl/src/apps/pkcs12.c
index 55a5779360d..8ea749616d6 100644
--- a/lib/libssl/src/apps/pkcs12.c
+++ b/lib/libssl/src/apps/pkcs12.c
@@ -180,10 +180,6 @@ pkcs12_main(int argc, char **argv)
 			else if (!strcmp(*args, "-idea"))
 				enc = EVP_idea_cbc();
 #endif
-#ifndef OPENSSL_NO_SEED
-			else if (!strcmp(*args, "-seed"))
-				enc = EVP_seed_cbc();
-#endif
 #ifndef OPENSSL_NO_AES
 			else if (!strcmp(*args, "-aes128"))
 				enc = EVP_aes_128_cbc();
@@ -346,9 +342,6 @@ pkcs12_main(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err, "-idea         encrypt private keys with idea\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, "-seed         encrypt private keys with seed\n");
-#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err, "              encrypt PEM output with cbc aes\n");
diff --git a/lib/libssl/src/apps/progs.h b/lib/libssl/src/apps/progs.h
index df00b719390..c6f66b585f7 100644
--- a/lib/libssl/src/apps/progs.h
+++ b/lib/libssl/src/apps/progs.h
@@ -230,13 +230,6 @@ FUNCTION functions[] = {
 	{ FUNC_TYPE_CIPHER, "rc5-cfb", enc_main },
 	{ FUNC_TYPE_CIPHER, "rc5-ofb", enc_main },
 #endif
-#ifndef OPENSSL_NO_SEED
-	{ FUNC_TYPE_CIPHER, "seed", enc_main },
-	{ FUNC_TYPE_CIPHER, "seed-cbc", enc_main },
-	{ FUNC_TYPE_CIPHER, "seed-ecb", enc_main },
-	{ FUNC_TYPE_CIPHER, "seed-cfb", enc_main },
-	{ FUNC_TYPE_CIPHER, "seed-ofb", enc_main },
-#endif
 #ifdef ZLIB
 	{ FUNC_TYPE_CIPHER, "zlib", enc_main },
 #endif
diff --git a/lib/libssl/src/apps/rsa.c b/lib/libssl/src/apps/rsa.c
index 21bc3ba93ce..286183582af 100644
--- a/lib/libssl/src/apps/rsa.c
+++ b/lib/libssl/src/apps/rsa.c
@@ -215,9 +215,6 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err, " -idea           encrypt PEM output with cbc idea\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, " -seed           encrypt PEM output with cbc seed\n");
-#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
diff --git a/lib/libssl/src/apps/smime.c b/lib/libssl/src/apps/smime.c
index a241231b08d..4fdf170df77 100644
--- a/lib/libssl/src/apps/smime.c
+++ b/lib/libssl/src/apps/smime.c
@@ -148,10 +148,6 @@ smime_main(int argc, char **argv)
 		else if (!strcmp(*args, "-des"))
 			cipher = EVP_des_cbc();
 #endif
-#ifndef OPENSSL_NO_SEED
-		else if (!strcmp(*args, "-seed"))
-			cipher = EVP_seed_cbc();
-#endif
 #ifndef OPENSSL_NO_RC2
 		else if (!strcmp(*args, "-rc2-40"))
 			cipher = EVP_rc2_40_cbc();
@@ -378,9 +374,6 @@ argerr:
 		BIO_printf(bio_err, "-des3          encrypt with triple DES\n");
 		BIO_printf(bio_err, "-des           encrypt with DES\n");
 #endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err, "-seed          encrypt with SEED\n");
-#endif
 #ifndef OPENSSL_NO_RC2
 		BIO_printf(bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
 		BIO_printf(bio_err, "-rc2-64        encrypt with RC2-64\n");
diff --git a/lib/libssl/src/apps/speed.c b/lib/libssl/src/apps/speed.c
index 83564be6fd5..c8ed39d1f6d 100644
--- a/lib/libssl/src/apps/speed.c
+++ b/lib/libssl/src/apps/speed.c
@@ -155,9 +155,6 @@
 #ifndef OPENSSL_NO_RIPEMD
 #include <openssl/ripemd.h>
 #endif
-#ifndef OPENSSL_NO_SEED
-#include <openssl/seed.h>
-#endif
 #ifndef OPENSSL_NO_SHA
 #include <openssl/sha.h>
 #endif
@@ -313,9 +310,6 @@ speed_main(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	IDEA_KEY_SCHEDULE idea_ks;
 #endif
-#ifndef OPENSSL_NO_SEED
-	SEED_KEY_SCHEDULE seed_ks;
-#endif
 #ifndef OPENSSL_NO_BF
 	BF_KEY bf_ks;
 #endif
@@ -802,13 +796,6 @@ speed_main(int argc, char **argv)
 			doit[D_CBC_IDEA] = 1;
 		else
 #endif
-#ifndef OPENSSL_NO_SEED
-		if (strcmp(*argv, "seed-cbc") == 0)
-			doit[D_CBC_SEED] = 1;
-		else if (strcmp(*argv, "seed") == 0)
-			doit[D_CBC_SEED] = 1;
-		else
-#endif
 #ifndef OPENSSL_NO_BF
 		if (strcmp(*argv, "bf-cbc") == 0)
 			doit[D_CBC_BF] = 1;
@@ -984,9 +971,6 @@ speed_main(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err, "idea-cbc ");
 #endif
-#ifndef OPENSSL_NO_SEED
-			BIO_printf(bio_err, "seed-cbc ");
-#endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err, "rc2-cbc  ");
 #endif
@@ -1039,9 +1023,6 @@ speed_main(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err, "idea     ");
 #endif
-#ifndef OPENSSL_NO_SEED
-			BIO_printf(bio_err, "seed     ");
-#endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err, "rc2      ");
 #endif
@@ -1160,9 +1141,6 @@ speed_main(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	idea_set_encrypt_key(key16, &idea_ks);
 #endif
-#ifndef OPENSSL_NO_SEED
-	SEED_set_key(key16, &seed_ks);
-#endif
 #ifndef OPENSSL_NO_RC4
 	RC4_set_key(&rc4_ks, 16, key16);
 #endif
@@ -1499,19 +1477,6 @@ speed_main(int argc, char **argv)
 		}
 	}
 #endif
-#ifndef OPENSSL_NO_SEED
-	if (doit[D_CBC_SEED]) {
-		for (j = 0; j < SIZE_NUM; j++) {
-			print_message(names[D_CBC_SEED], c[D_CBC_SEED][j], lengths[j]);
-			Time_F(START);
-			for (count = 0, run = 1; COND(c[D_CBC_SEED][j]); count++)
-				SEED_cbc_encrypt(buf, buf,
-				    (unsigned long) lengths[j], &seed_ks, iv, 1);
-			d = Time_F(STOP);
-			print_result(D_CBC_SEED, j, count, d);
-		}
-	}
-#endif
 #ifndef OPENSSL_NO_RC2
 	if (doit[D_CBC_RC2]) {
 		for (j = 0; j < SIZE_NUM; j++) {
diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c
index c68748809c5..293866afee3 100644
--- a/lib/libssl/src/ssl/s3_lib.c
+++ b/lib/libssl/src/ssl/s3_lib.c
@@ -1327,107 +1327,6 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
 	},
 #endif  /* OPENSSL_NO_PSK */
 
-#ifndef OPENSSL_NO_SEED
-	/* SEED ciphersuites from RFC4162 */
-
-	/* Cipher 96 */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_SEED_SHA,
-		TLS1_CK_RSA_WITH_SEED_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 97 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_SEED_SHA,
-		TLS1_CK_DH_DSS_WITH_SEED_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 98 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_SEED_SHA,
-		TLS1_CK_DH_RSA_WITH_SEED_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 99 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
-		TLS1_CK_DHE_DSS_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 9A */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
-		TLS1_CK_DHE_RSA_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-	/* Cipher 9B */
-	{
-		1,
-		TLS1_TXT_ADH_WITH_SEED_SHA,
-		TLS1_CK_ADH_WITH_SEED_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_SEED,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-#endif /* OPENSSL_NO_SEED */
-
 	/* GCM ciphersuites from RFC5288 */
 
 	/* Cipher 9C */
diff --git a/lib/libssl/src/ssl/ssl_algs.c b/lib/libssl/src/ssl/ssl_algs.c
index 3c7006ed91b..46b3c413511 100644
--- a/lib/libssl/src/ssl/ssl_algs.c
+++ b/lib/libssl/src/ssl/ssl_algs.c
@@ -97,10 +97,6 @@ SSL_library_init(void)
 	EVP_add_cipher(EVP_camellia_256_cbc());
 #endif
 
-#ifndef OPENSSL_NO_SEED
-	EVP_add_cipher(EVP_seed_cbc());
-#endif
-
 	EVP_add_digest(EVP_md5());
 	EVP_add_digest_alias(SN_md5, "ssl2-md5");
 	EVP_add_digest_alias(SN_md5, "ssl3-md5");
diff --git a/lib/libssl/ssl_algs.c b/lib/libssl/ssl_algs.c
index 3c7006ed91b..46b3c413511 100644
--- a/lib/libssl/ssl_algs.c
+++ b/lib/libssl/ssl_algs.c
@@ -97,10 +97,6 @@ SSL_library_init(void)
 	EVP_add_cipher(EVP_camellia_256_cbc());
 #endif
 
-#ifndef OPENSSL_NO_SEED
-	EVP_add_cipher(EVP_seed_cbc());
-#endif
-
 	EVP_add_digest(EVP_md5());
 	EVP_add_digest_alias(SN_md5, "ssl2-md5");
 	EVP_add_digest_alias(SN_md5, "ssl3-md5");
-- 
2.20.1