From ca27616f3448007878cc68b4e8b6293f34661574 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 25 Apr 2023 19:57:59 +0000 Subject: [PATCH] Remove the deprecated API from BN --- lib/libcrypto/bn/bn.h | 35 ++----------------- lib/libcrypto/bn/bn_blind.c | 20 +---------- lib/libcrypto/bn/bn_lib.c | 67 +------------------------------------ lib/libcrypto/bn/bn_prime.c | 57 +------------------------------ 4 files changed, 5 insertions(+), 174 deletions(-) diff --git a/lib/libcrypto/bn/bn.h b/lib/libcrypto/bn/bn.h index b15e6311f94..c1d28cb10df 100644 --- a/lib/libcrypto/bn/bn.h +++ b/lib/libcrypto/bn/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.69 2023/04/25 19:53:30 tb Exp $ */ +/* $OpenBSD: bn.h,v 1.70 2023/04/25 19:57:59 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -201,15 +201,6 @@ extern "C" { * BN_mod_inverse() will call BN_mod_inverse_no_branch. */ -#ifndef OPENSSL_NO_DEPRECATED -#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */ - /* avoid leaking exponent information through timings - * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ -#endif - -#ifndef OPENSSL_NO_DEPRECATED -#define BN_FLG_FREE 0x8000 /* used for debugging */ -#endif void BN_set_flags(BIGNUM *b, int n); int BN_get_flags(const BIGNUM *b, int n); void BN_with_flags(BIGNUM *dest, const BIGNUM *src, int flags); @@ -443,20 +434,6 @@ void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); int BN_security_bits(int L, int N); -/* Deprecated versions */ -#ifndef OPENSSL_NO_DEPRECATED -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, - const BIGNUM *add, const BIGNUM *rem, - void (*callback)(int, int, void *), void *cb_arg); -int BN_is_prime(const BIGNUM *p, int nchecks, - void (*callback)(int, int, void *), - BN_CTX *ctx, void *cb_arg); -int BN_is_prime_fasttest(const BIGNUM *p, int nchecks, - void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, - int do_trial_division); -#endif /* !defined(OPENSSL_NO_DEPRECATED) */ - -/* Newer versions */ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb); int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb); @@ -487,10 +464,7 @@ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); -#ifndef OPENSSL_NO_DEPRECATED -unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); -void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); -#endif + CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); @@ -500,11 +474,6 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx); -#ifndef OPENSSL_NO_DEPRECATED -void BN_set_params(int mul, int high, int low, int mont); -int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ -#endif - /* Primes from RFC 2409 */ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn); BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn); diff --git a/lib/libcrypto/bn/bn_blind.c b/lib/libcrypto/bn/bn_blind.c index 9c07f33e1f8..77ba691b6df 100644 --- a/lib/libcrypto/bn/bn_blind.c +++ b/lib/libcrypto/bn/bn_blind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_blind.c,v 1.21 2023/03/27 10:25:02 tb Exp $ */ +/* $OpenBSD: bn_blind.c,v 1.22 2023/04/25 19:57:59 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -124,10 +124,6 @@ struct bn_blinding_st { BIGNUM *Ai; BIGNUM *e; BIGNUM *mod; /* just a reference */ -#ifndef OPENSSL_NO_DEPRECATED - unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; - * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ -#endif CRYPTO_THREADID tid; int counter; unsigned long flags; @@ -279,20 +275,6 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) return (ret); } -#ifndef OPENSSL_NO_DEPRECATED -unsigned long -BN_BLINDING_get_thread_id(const BN_BLINDING *b) -{ - return b->thread_id; -} - -void -BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n) -{ - b->thread_id = n; -} -#endif - CRYPTO_THREADID * BN_BLINDING_thread_id(BN_BLINDING *b) { diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c index 78410e2133d..439bdb1e9d3 100644 --- a/lib/libcrypto/bn/bn_lib.c +++ b/lib/libcrypto/bn/bn_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_lib.c,v 1.84 2023/04/19 11:12:43 jsing Exp $ */ +/* $OpenBSD: bn_lib.c,v 1.85 2023/04/25 19:57:59 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -120,71 +120,6 @@ BN_clear_free(BIGNUM *bn) BN_free(bn); } -/* This stuff appears to be completely unused, so is deprecated */ -#ifndef OPENSSL_NO_DEPRECATED -/* For a 32 bit machine - * 2 - 4 == 128 - * 3 - 8 == 256 - * 4 - 16 == 512 - * 5 - 32 == 1024 - * 6 - 64 == 2048 - * 7 - 128 == 4096 - * 8 - 256 == 8192 - */ -static int bn_limit_bits = 0; -static int bn_limit_num = 8; /* (1<= 0) { - if (mult > (int)(sizeof(int) * 8) - 1) - mult = sizeof(int) * 8 - 1; - bn_limit_bits = mult; - bn_limit_num = 1 << mult; - } - if (high >= 0) { - if (high > (int)(sizeof(int) * 8) - 1) - high = sizeof(int) * 8 - 1; - bn_limit_bits_high = high; - bn_limit_num_high = 1 << high; - } - if (low >= 0) { - if (low > (int)(sizeof(int) * 8) - 1) - low = sizeof(int) * 8 - 1; - bn_limit_bits_low = low; - bn_limit_num_low = 1 << low; - } - if (mont >= 0) { - if (mont > (int)(sizeof(int) * 8) - 1) - mont = sizeof(int) * 8 - 1; - bn_limit_bits_mont = mont; - bn_limit_num_mont = 1 << mont; - } -} - -int -BN_get_params(int which) -{ - if (which == 0) - return (bn_limit_bits); - else if (which == 1) - return (bn_limit_bits_high); - else if (which == 2) - return (bn_limit_bits_low); - else if (which == 3) - return (bn_limit_bits_mont); - else - return (0); -} -#endif - void BN_set_flags(BIGNUM *b, int n) { diff --git a/lib/libcrypto/bn/bn_prime.c b/lib/libcrypto/bn/bn_prime.c index 6e46a3912ca..c2fd0fc2e9f 100644 --- a/lib/libcrypto/bn/bn_prime.c +++ b/lib/libcrypto/bn/bn_prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_prime.c,v 1.30 2023/01/28 17:13:26 jsing Exp $ */ +/* $OpenBSD: bn_prime.c,v 1.31 2023/04/25 19:57:59 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -151,35 +151,6 @@ BN_GENCB_call(BN_GENCB *cb, int a, int b) return 0; } -#ifndef OPENSSL_NO_DEPRECATED -BIGNUM * -BN_generate_prime(BIGNUM *ret, int bits, int safe, const BIGNUM *add, - const BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg) -{ - BN_GENCB cb; - BIGNUM *rnd = NULL; - int found = 0; - - BN_GENCB_set_old(&cb, callback, cb_arg); - - if (ret == NULL) { - if ((rnd = BN_new()) == NULL) - goto err; - } else - rnd = ret; - if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb)) - goto err; - - /* we have a prime :-) */ - found = 1; - -err: - if (!found && (ret == NULL) && (rnd != NULL)) - BN_free(rnd); - return (found ? rnd : NULL); -} -#endif - int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb) @@ -260,38 +231,12 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, return found; } -#ifndef OPENSSL_NO_DEPRECATED -int -BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, void *), - BN_CTX *ctx_passed, void *cb_arg) -{ - BN_GENCB cb; - - BN_GENCB_set_old(&cb, callback, cb_arg); - return BN_is_prime_ex(a, checks, ctx_passed, &cb); -} -#endif - int BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb) { return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb); } -#ifndef OPENSSL_NO_DEPRECATED -int -BN_is_prime_fasttest(const BIGNUM *a, int checks, - void (*callback)(int, int, void *), BN_CTX *ctx_passed, void *cb_arg, - int do_trial_division) -{ - BN_GENCB cb; - - BN_GENCB_set_old(&cb, callback, cb_arg); - return BN_is_prime_fasttest_ex(a, checks, ctx_passed, - do_trial_division, &cb); -} -#endif - int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, int do_trial_division, BN_GENCB *cb) -- 2.20.1