From: Matt Caswell <matt@openssl.org>
Date: Fri, 19 Dec 2025 11:32:23 +0000 (+0000)
Subject: Remove legacy method deadcode for EVP_MD implementations
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a82bb34662efe1019dc656675b1642ee0b42fe2f;p=thirdparty%2Fopenssl.git

Remove legacy method deadcode for EVP_MD implementations

Remove the legacy EVP_MD implementation functions. These are no longer
used due to providers. This code is now unreachable due to the removal of
the functions related to custom EVP_MD methods.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29460)
---

diff --git a/crypto/evp/legacy_blake2.c b/crypto/evp/legacy_blake2.c
index af8ad536fa3..c3032c3051c 100644
--- a/crypto/evp/legacy_blake2.c
+++ b/crypto/evp/legacy_blake2.c
@@ -11,40 +11,13 @@
 #include "prov/blake2.h" /* diverse BLAKE2 macros */
 #include "legacy_meth.h"
 
-/*
- * Local hack to adapt the BLAKE2 init functions to what the
- * legacy function signatures demand.
- */
-static int blake2s_init(BLAKE2S_CTX *C)
-{
-    BLAKE2S_PARAM P;
-
-    ossl_blake2s_param_init(&P);
-    return ossl_blake2s_init(C, &P);
-}
-static int blake2b_init(BLAKE2B_CTX *C)
-{
-    BLAKE2B_PARAM P;
-
-    ossl_blake2b_param_init(&P);
-    return ossl_blake2b_init(C, &P);
-}
-#define blake2s_update ossl_blake2s_update
-#define blake2b_update ossl_blake2b_update
-#define blake2s_final ossl_blake2s_final
-#define blake2b_final ossl_blake2b_final
-
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(blake2s_int, blake2s)
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(blake2b_int, blake2b)
-
 static const EVP_MD blake2b_md = {
     NID_blake2b512,
     0,
     BLAKE2B_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(blake2b_int_init, blake2b_int_update,
-        blake2b_int_final, NULL, BLAKE2B_BLOCKBYTES),
+    LEGACY_EVP_MD_METH_TABLE(BLAKE2B_BLOCKBYTES),
 };
 
 const EVP_MD *EVP_blake2b512(void)
@@ -58,8 +31,7 @@ static const EVP_MD blake2s_md = {
     BLAKE2S_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(blake2s_int_init, blake2s_int_update,
-        blake2s_int_final, NULL, BLAKE2S_BLOCKBYTES),
+    LEGACY_EVP_MD_METH_TABLE(BLAKE2S_BLOCKBYTES),
 };
 
 const EVP_MD *EVP_blake2s256(void)
diff --git a/crypto/evp/legacy_md2.c b/crypto/evp/legacy_md2.c
index 72cc99ad704..1416211a4c2 100644
--- a/crypto/evp/legacy_md2.c
+++ b/crypto/evp/legacy_md2.c
@@ -7,25 +7,17 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * MD2 low level APIs are deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
 #include <openssl/md2.h>
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(md2, MD2)
-
 static const EVP_MD md2_md = {
     NID_md2,
     NID_md2WithRSAEncryption,
     MD2_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(md2_init, md2_update, md2_final, NULL, MD2_BLOCK)
+    LEGACY_EVP_MD_METH_TABLE(MD2_BLOCK)
 };
 
 const EVP_MD *EVP_md2(void)
diff --git a/crypto/evp/legacy_md4.c b/crypto/evp/legacy_md4.c
index 4bc852b5209..c95162d11b6 100644
--- a/crypto/evp/legacy_md4.c
+++ b/crypto/evp/legacy_md4.c
@@ -17,15 +17,13 @@
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(md4, MD4)
-
 static const EVP_MD md4_md = {
     NID_md4,
     NID_md4WithRSAEncryption,
     MD4_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(md4_init, md4_update, md4_final, NULL, MD4_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(MD4_CBLOCK),
 };
 
 const EVP_MD *EVP_md4(void)
diff --git a/crypto/evp/legacy_md5.c b/crypto/evp/legacy_md5.c
index a67be9fef74..43703fa5f6f 100644
--- a/crypto/evp/legacy_md5.c
+++ b/crypto/evp/legacy_md5.c
@@ -17,15 +17,13 @@
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(md5, MD5)
-
 static const EVP_MD md5_md = {
     NID_md5,
     NID_md5WithRSAEncryption,
     MD5_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(md5_init, md5_update, md5_final, NULL, MD5_CBLOCK)
+    LEGACY_EVP_MD_METH_TABLE(MD5_CBLOCK)
 };
 
 const EVP_MD *EVP_md5(void)
diff --git a/crypto/evp/legacy_md5_sha1.c b/crypto/evp/legacy_md5_sha1.c
index 62947f8b9a6..aa6b58e9a9a 100644
--- a/crypto/evp/legacy_md5_sha1.c
+++ b/crypto/evp/legacy_md5_sha1.c
@@ -18,21 +18,13 @@
 #include "prov/md5_sha1.h" /* diverse MD5_SHA1 macros */
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(md5_sha1_int, ossl_md5_sha1)
-static int md5_sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
-{
-    return ossl_md5_sha1_ctrl(EVP_MD_CTX_get0_md_data(ctx), cmd, mslen, ms);
-}
-
 static const EVP_MD md5_sha1_md = {
     NID_md5_sha1,
     NID_md5_sha1,
     MD5_SHA1_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(md5_sha1_int_init, md5_sha1_int_update,
-        md5_sha1_int_final, md5_sha1_int_ctrl,
-        MD5_SHA1_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(MD5_SHA1_CBLOCK),
 };
 
 const EVP_MD *EVP_md5_sha1(void)
diff --git a/crypto/evp/legacy_mdc2.c b/crypto/evp/legacy_mdc2.c
index 2ad432426c6..f596de1781a 100644
--- a/crypto/evp/legacy_mdc2.c
+++ b/crypto/evp/legacy_mdc2.c
@@ -17,16 +17,13 @@
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(mdc2, MDC2)
-
 static const EVP_MD mdc2_md = {
     NID_mdc2,
     NID_mdc2WithRSA,
     MDC2_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(mdc2_init, mdc2_update, mdc2_final, NULL,
-        MDC2_BLOCK),
+    LEGACY_EVP_MD_METH_TABLE(MDC2_BLOCK),
 };
 
 const EVP_MD *EVP_mdc2(void)
diff --git a/crypto/evp/legacy_meth.h b/crypto/evp/legacy_meth.h
index ea1e84c7e7b..66107b1b8f0 100644
--- a/crypto/evp/legacy_meth.h
+++ b/crypto/evp/legacy_meth.h
@@ -35,5 +35,5 @@
         return fn##_final(md, EVP_MD_CTX_get0_md_data(ctx));                \
     }
 
-#define LEGACY_EVP_MD_METH_TABLE(init, update, final, ctrl, blksz) \
-    init, update, final, NULL, NULL, blksz, 0, ctrl
+#define LEGACY_EVP_MD_METH_TABLE(blksz) \
+    NULL, NULL, NULL, NULL, NULL, blksz, 0, NULL
diff --git a/crypto/evp/legacy_ripemd.c b/crypto/evp/legacy_ripemd.c
index 80f551a97d5..8fa38abfe7a 100644
--- a/crypto/evp/legacy_ripemd.c
+++ b/crypto/evp/legacy_ripemd.c
@@ -17,16 +17,13 @@
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(ripe, RIPEMD160)
-
 static const EVP_MD ripemd160_md = {
     NID_ripemd160,
     NID_ripemd160WithRSA,
     RIPEMD160_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(ripe_init, ripe_update, ripe_final, NULL,
-        RIPEMD160_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(RIPEMD160_CBLOCK)
 };
 
 const EVP_MD *EVP_ripemd160(void)
diff --git a/crypto/evp/legacy_sha.c b/crypto/evp/legacy_sha.c
index 0c1a74de30a..20a57667154 100644
--- a/crypto/evp/legacy_sha.c
+++ b/crypto/evp/legacy_sha.c
@@ -21,80 +21,13 @@
 #include "legacy_meth.h"
 #include "evp_local.h"
 
-/*-
- * LEGACY methods for SHA.
- * These only remain to support engines that can get these methods.
- * Hardware support for SHA3 has been removed from these legacy cases.
- */
-#define IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(nm, fn, tag)                                 \
-    static int nm##_init(EVP_MD_CTX *ctx)                                              \
-    {                                                                                  \
-        return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
-    }                                                                                  \
-    static int nm##_update(EVP_MD_CTX *ctx, const void *data, size_t count)            \
-    {                                                                                  \
-        return fn##_update(EVP_MD_CTX_get0_md_data(ctx), data, count);                 \
-    }                                                                                  \
-    static int nm##_final(EVP_MD_CTX *ctx, unsigned char *md)                          \
-    {                                                                                  \
-        KECCAK1600_CTX *kctx = EVP_MD_CTX_get0_md_data(ctx);                           \
-        return fn##_final(kctx, md, kctx->md_size);                                    \
-    }
-#define IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(nm, fn, tag)                                \
-    static int nm##_init(EVP_MD_CTX *ctx)                                              \
-    {                                                                                  \
-        return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
-    }
-
-#define sha512_224_Init sha512_224_init
-#define sha512_256_Init sha512_256_init
-
-#define sha512_224_Update SHA512_Update
-#define sha512_224_Final SHA512_Final
-#define sha512_256_Update SHA512_Update
-#define sha512_256_Final SHA512_Final
-
-IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha256, SHA256)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha384, SHA384)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512, SHA512)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512_224_int, sha512_224)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512_256_int, sha512_256)
-IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(sha3_int, ossl_sha3, '\x06')
-IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(shake, ossl_sha3, '\x1f')
-
-static int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
-{
-    return ossl_sha1_ctrl(ctx != NULL ? EVP_MD_CTX_get0_md_data(ctx) : NULL,
-        cmd, p1, p2);
-}
-
-static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
-{
-    KECCAK1600_CTX *ctx;
-
-    if (evp_ctx == NULL)
-        return 0;
-    ctx = evp_ctx->md_data;
-
-    switch (cmd) {
-    case EVP_MD_CTRL_XOF_LEN:
-        ctx->md_size = p1;
-        return 1;
-    default:
-        return 0;
-    }
-}
-
 static const EVP_MD sha1_md = {
     NID_sha1,
     NID_sha1WithRSAEncryption,
     SHA_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha1_init, sha1_update, sha1_final, sha1_int_ctrl,
-        SHA_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA_CBLOCK)
 };
 
 const EVP_MD *EVP_sha1(void)
@@ -108,8 +41,7 @@ static const EVP_MD sha224_md = {
     SHA224_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha224_init, sha224_update, sha224_final, NULL,
-        SHA256_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA256_CBLOCK)
 };
 
 const EVP_MD *EVP_sha224(void)
@@ -123,8 +55,7 @@ static const EVP_MD sha256_md = {
     SHA256_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha256_init, sha256_update, sha256_final, NULL,
-        SHA256_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA256_CBLOCK)
 };
 
 const EVP_MD *EVP_sha256(void)
@@ -138,8 +69,7 @@ static const EVP_MD sha512_224_md = {
     SHA224_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha512_224_int_init, sha512_224_int_update,
-        sha512_224_int_final, NULL, SHA512_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
 };
 
 const EVP_MD *EVP_sha512_224(void)
@@ -153,8 +83,7 @@ static const EVP_MD sha512_256_md = {
     SHA256_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha512_256_int_init, sha512_256_int_update,
-        sha512_256_int_final, NULL, SHA512_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
 };
 
 const EVP_MD *EVP_sha512_256(void)
@@ -168,8 +97,7 @@ static const EVP_MD sha384_md = {
     SHA384_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha384_init, sha384_update, sha384_final, NULL,
-        SHA512_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
 };
 
 const EVP_MD *EVP_sha384(void)
@@ -183,8 +111,7 @@ static const EVP_MD sha512_md = {
     SHA512_DIGEST_LENGTH,
     EVP_MD_FLAG_DIGALGID_ABSENT,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sha512_init, sha512_update, sha512_final, NULL,
-        SHA512_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK),
 };
 
 const EVP_MD *EVP_sha512(void)
@@ -192,34 +119,31 @@ const EVP_MD *EVP_sha512(void)
     return &sha512_md;
 }
 
-#define EVP_MD_SHA3(bitlen)                                          \
-    const EVP_MD *EVP_sha3_##bitlen(void)                            \
-    {                                                                \
-        static const EVP_MD sha3_##bitlen##_md = {                   \
-            NID_sha3_##bitlen,                                       \
-            NID_RSA_SHA3_##bitlen,                                   \
-            bitlen / 8,                                              \
-            EVP_MD_FLAG_DIGALGID_ABSENT,                             \
-            EVP_ORIG_GLOBAL,                                         \
-            LEGACY_EVP_MD_METH_TABLE(sha3_int_init, sha3_int_update, \
-                sha3_int_final, NULL,                                \
-                (KECCAK1600_WIDTH - bitlen * 2) / 8),                \
-        };                                                           \
-        return &sha3_##bitlen##_md;                                  \
+#define EVP_MD_SHA3(bitlen)                                               \
+    const EVP_MD *EVP_sha3_##bitlen(void)                                 \
+    {                                                                     \
+        static const EVP_MD sha3_##bitlen##_md = {                        \
+            NID_sha3_##bitlen,                                            \
+            NID_RSA_SHA3_##bitlen,                                        \
+            bitlen / 8,                                                   \
+            EVP_MD_FLAG_DIGALGID_ABSENT,                                  \
+            EVP_ORIG_GLOBAL,                                              \
+            LEGACY_EVP_MD_METH_TABLE((KECCAK1600_WIDTH - bitlen * 2) / 8) \
+        };                                                                \
+        return &sha3_##bitlen##_md;                                       \
     }
-#define EVP_MD_SHAKE(bitlen)                                                      \
-    const EVP_MD *EVP_shake##bitlen(void)                                         \
-    {                                                                             \
-        static const EVP_MD shake##bitlen##_md = {                                \
-            NID_shake##bitlen,                                                    \
-            0,                                                                    \
-            bitlen / 8,                                                           \
-            EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT,                        \
-            EVP_ORIG_GLOBAL,                                                      \
-            LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final, \
-                shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8),                 \
-        };                                                                        \
-        return &shake##bitlen##_md;                                               \
+#define EVP_MD_SHAKE(bitlen)                                              \
+    const EVP_MD *EVP_shake##bitlen(void)                                 \
+    {                                                                     \
+        static const EVP_MD shake##bitlen##_md = {                        \
+            NID_shake##bitlen,                                            \
+            0,                                                            \
+            bitlen / 8,                                                   \
+            EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT,                \
+            EVP_ORIG_GLOBAL,                                              \
+            LEGACY_EVP_MD_METH_TABLE((KECCAK1600_WIDTH - bitlen * 2) / 8) \
+        };                                                                \
+        return &shake##bitlen##_md;                                       \
     }
 
 EVP_MD_SHA3(224)
diff --git a/crypto/evp/legacy_wp.c b/crypto/evp/legacy_wp.c
index 21865e63508..7a1f4d253fd 100644
--- a/crypto/evp/legacy_wp.c
+++ b/crypto/evp/legacy_wp.c
@@ -17,16 +17,13 @@
 #include "crypto/evp.h"
 #include "legacy_meth.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH(wp, WHIRLPOOL)
-
 static const EVP_MD whirlpool_md = {
     NID_whirlpool,
     0,
     WHIRLPOOL_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(wp_init, wp_update, wp_final, NULL,
-        WHIRLPOOL_BBLOCK / 8),
+    LEGACY_EVP_MD_METH_TABLE(WHIRLPOOL_BBLOCK / 8)
 };
 
 const EVP_MD *EVP_whirlpool(void)
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
index 7b310d70477..316b964fc03 100644
--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -14,34 +14,12 @@
 #include <openssl/x509.h>
 #include "crypto/evp.h"
 
-static int init(EVP_MD_CTX *ctx)
-{
-    return 1;
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return 1;
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return 1;
-}
-
 static const EVP_MD null_md = {
     NID_undef,
     NID_undef,
     0,
     0,
-    EVP_ORIG_GLOBAL,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    0,
-    sizeof(EVP_MD *),
+    EVP_ORIG_GLOBAL
 };
 
 const EVP_MD *EVP_md_null(void)
diff --git a/crypto/sm3/legacy_sm3.c b/crypto/sm3/legacy_sm3.c
index 7f5ee97807a..df3a474a55e 100644
--- a/crypto/sm3/legacy_sm3.c
+++ b/crypto/sm3/legacy_sm3.c
@@ -12,16 +12,13 @@
 #include "../evp/legacy_meth.h"
 #include "internal/sm3.h"
 
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(sm3_int, ossl_sm3)
-
 static const EVP_MD sm3_md = {
     NID_sm3,
     NID_sm3WithRSAEncryption,
     SM3_DIGEST_LENGTH,
     0,
     EVP_ORIG_GLOBAL,
-    LEGACY_EVP_MD_METH_TABLE(sm3_int_init, sm3_int_update, sm3_int_final, NULL,
-        SM3_CBLOCK),
+    LEGACY_EVP_MD_METH_TABLE(SM3_CBLOCK)
 };
 
 const EVP_MD *EVP_sm3(void)