From: Richard Levitte <levitte@openssl.org>
Date: Thu, 18 Mar 2021 12:15:18 +0000 (+0100)
Subject: Make ossl_d2i_PUBKEY_legacy() completely libcrypto internal
X-Git-Tag: openssl-3.0.0-alpha14~197
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aff442dc38707a5ab4a7acc811c9ef10cbdd3346;p=thirdparty%2Fopenssl.git

Make ossl_d2i_PUBKEY_legacy() completely libcrypto internal

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14314)
---

diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index 37fe2d3435c..b2c8e4c83ed 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -438,8 +438,8 @@ static EVP_PKEY *d2i_PUBKEY_int(EVP_PKEY **a,
 }
 
 /* For the algorithm specific d2i functions further down */
-EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a,
-                                 const unsigned char **pp, long length)
+static EVP_PKEY *d2i_PUBKEY_legacy(EVP_PKEY **a,
+                                   const unsigned char **pp, long length)
 {
     return d2i_PUBKEY_int(a, pp, length, NULL, NULL, 1, d2i_X509_PUBKEY);
 }
@@ -516,7 +516,7 @@ RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     key = EVP_PKEY_get1_RSA(pkey);
@@ -557,7 +557,7 @@ DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length)
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_DH)
@@ -598,7 +598,7 @@ DH *ossl_d2i_DHx_PUBKEY(DH **a, const unsigned char **pp, long length)
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_DHX)
@@ -641,7 +641,7 @@ DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     key = EVP_PKEY_get1_DSA(pkey);
@@ -683,7 +683,7 @@ EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
@@ -725,7 +725,7 @@ ECX_KEY *ossl_d2i_ED25519_PUBKEY(ECX_KEY **a,
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     key = ossl_evp_pkey_get1_ED25519(pkey);
@@ -766,7 +766,7 @@ ECX_KEY *ossl_d2i_ED448_PUBKEY(ECX_KEY **a,
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_ED448)
@@ -808,7 +808,7 @@ ECX_KEY *ossl_d2i_X25519_PUBKEY(ECX_KEY **a,
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_X25519)
@@ -850,7 +850,7 @@ ECX_KEY *ossl_d2i_X448_PUBKEY(ECX_KEY **a,
     const unsigned char *q;
 
     q = *pp;
-    pkey = ossl_d2i_PUBKEY_legacy(NULL, &q, length);
+    pkey = d2i_PUBKEY_legacy(NULL, &q, length);
     if (pkey == NULL)
         return NULL;
     if (EVP_PKEY_id(pkey) == EVP_PKEY_X448)
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index 98aea5f1fde..09b1fb15e34 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -326,10 +326,6 @@ int ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq,
 /* Calculate default key identifier according to RFC 5280 section 4.2.1.2 (1) */
 ASN1_OCTET_STRING *ossl_x509_pubkey_hash(X509_PUBKEY *pubkey);
 
-/* A variant of d2i_PUBKEY() that is guaranteed to only return legacy keys */
-EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a,
-                                 const unsigned char **in, long length);
-
 RSA *ossl_d2i_RSA_PSS_PUBKEY(RSA **a, const unsigned char **pp, long length);
 int ossl_i2d_RSA_PSS_PUBKEY(const RSA *a, unsigned char **pp);
 # ifndef OPENSSL_NO_DH