From d4370d4f0bb8dbac953cc26577cd3c4165dfed56 Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 13 Jan 2024 12:46:59 +0000 Subject: [PATCH] Prepare to remove the EVP_PKEY_meth_* API After removing the last caller of EVP_PKEY_meth_find() from libssl, none of these is used. And with EVP_PKEY_meth_new() gone, there will no longer be a way to get your hands onto an EVP_PKEY_METHOD that is writable, so none of the silent failures (because they're void functions) should matter in the few weeks until we bump. ok jsing --- lib/libcrypto/evp/pmeth_lib.c | 139 ++++++++++++---------------------- 1 file changed, 50 insertions(+), 89 deletions(-) diff --git a/lib/libcrypto/evp/pmeth_lib.c b/lib/libcrypto/evp/pmeth_lib.c index 604181d3119..67ab72eff3f 100644 --- a/lib/libcrypto/evp/pmeth_lib.c +++ b/lib/libcrypto/evp/pmeth_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmeth_lib.c,v 1.36 2024/01/04 20:15:01 tb Exp $ */ +/* $OpenBSD: pmeth_lib.c,v 1.37 2024/01/13 12:46:59 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -101,14 +101,14 @@ static const EVP_PKEY_METHOD *pkey_methods[] = { #define N_PKEY_METHODS (sizeof(pkey_methods) / sizeof(pkey_methods[0])) -const EVP_PKEY_METHOD * -EVP_PKEY_meth_find(int type) +static const EVP_PKEY_METHOD * +evp_pkey_method_find(int nid) { size_t i; for (i = 0; i < N_PKEY_METHODS; i++) { const EVP_PKEY_METHOD *pmeth = pkey_methods[i]; - if (pmeth->pkey_id == type) + if (pmeth->pkey_id == nid) return pmeth; } @@ -116,18 +116,18 @@ EVP_PKEY_meth_find(int type) } static EVP_PKEY_CTX * -evp_pkey_ctx_new(EVP_PKEY *pkey, int id) +evp_pkey_ctx_new(EVP_PKEY *pkey, int nid) { EVP_PKEY_CTX *pkey_ctx = NULL; const EVP_PKEY_METHOD *pmeth; - if (id == -1) { + if (nid == -1) { if (pkey == NULL || pkey->ameth == NULL) return NULL; - id = pkey->ameth->pkey_id; + nid = pkey->ameth->pkey_id; } - if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) { + if ((pmeth = evp_pkey_method_find(nid)) == NULL) { EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); goto err; } @@ -154,50 +154,6 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, int id) return NULL; } -EVP_PKEY_METHOD* -EVP_PKEY_meth_new(int id, int flags) -{ - EVP_PKEY_METHOD *pmeth; - - if ((pmeth = calloc(1, sizeof(EVP_PKEY_METHOD))) == NULL) - return NULL; - - pmeth->pkey_id = id; - pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; - - return pmeth; -} - -void -EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) -{ - if (ppkey_id) - *ppkey_id = meth->pkey_id; - if (pflags) - *pflags = meth->flags; -} - -void -EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) -{ - EVP_PKEY_METHOD preserve; - - preserve.pkey_id = dst->pkey_id; - preserve.flags = dst->flags; - - *dst = *src; - - dst->pkey_id = preserve.pkey_id; - dst->flags = preserve.flags; -} - -void -EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) -{ - if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) - free(pmeth); -} - EVP_PKEY_CTX * EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) { @@ -205,9 +161,9 @@ EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) } EVP_PKEY_CTX * -EVP_PKEY_CTX_new_id(int id, ENGINE *engine) +EVP_PKEY_CTX_new_id(int nid, ENGINE *engine) { - return evp_pkey_ctx_new(NULL, id); + return evp_pkey_ctx_new(NULL, nid); } EVP_PKEY_CTX * @@ -241,13 +197,6 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) return NULL; } -int -EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) -{ - EVPerror(ERR_R_DISABLED); - return 0; -} - void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) { @@ -399,25 +348,62 @@ EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) return ctx->app_data; } +/* + * Remove all the functions below in the next major bump + */ + +const EVP_PKEY_METHOD * +EVP_PKEY_meth_find(int type) +{ + EVPerror(ERR_R_DISABLED); + return NULL; +} + +EVP_PKEY_METHOD* +EVP_PKEY_meth_new(int id, int flags) +{ + EVPerror(ERR_R_DISABLED); + return NULL; +} + +void +EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) +{ +} + +void +EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) +{ +} + +void +EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) +{ +} + +int +EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) +{ + EVPerror(ERR_R_DISABLED); + return 0; +} + void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, int (*init)(EVP_PKEY_CTX *ctx)) { - pmeth->init = init; } void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) { - pmeth->copy = copy; } void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup)(EVP_PKEY_CTX *ctx)) { - pmeth->cleanup = cleanup; } void @@ -425,8 +411,6 @@ EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init)(EVP_PKEY_CTX *ctx), int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) { - pmeth->paramgen_init = paramgen_init; - pmeth->paramgen = paramgen; } void @@ -434,8 +418,6 @@ EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init)(EVP_PKEY_CTX *ctx), int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) { - pmeth->keygen_init = keygen_init; - pmeth->keygen = keygen; } void @@ -444,8 +426,6 @@ EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->sign_init = sign_init; - pmeth->sign = sign; } void @@ -454,8 +434,6 @@ EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->verify_init = verify_init; - pmeth->verify = verify; } void @@ -465,8 +443,6 @@ EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)) { - pmeth->verify_recover_init = verify_recover_init; - pmeth->verify_recover = verify_recover; } void @@ -475,8 +451,6 @@ EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)) { - pmeth->signctx_init = signctx_init; - pmeth->signctx = signctx; } void @@ -485,8 +459,6 @@ EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx)) { - pmeth->verifyctx_init = verifyctx_init; - pmeth->verifyctx = verifyctx; } void @@ -495,8 +467,6 @@ EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)) { - pmeth->encrypt_init = encrypt_init; - pmeth->encrypt = encryptfn; } void @@ -505,8 +475,6 @@ EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)) { - pmeth->decrypt_init = decrypt_init; - pmeth->decrypt = decrypt; } void @@ -514,8 +482,6 @@ EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init)(EVP_PKEY_CTX *ctx), int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) { - pmeth->derive_init = derive_init; - pmeth->derive = derive; } void @@ -523,26 +489,21 @@ EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) { - pmeth->ctrl = ctrl; - pmeth->ctrl_str = ctrl_str; } void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)) { - pmeth->check = check; } void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, int (*public_check)(EVP_PKEY *pkey)) { - pmeth->public_check = public_check; } void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, int (*param_check)(EVP_PKEY *pkey)) { - pmeth->param_check = param_check; } -- 2.20.1