From: Matt Caswell Date: Thu, 11 Dec 2025 12:29:29 +0000 (+0000) Subject: Remove custom EVP_PKEY_METHODs X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3f70e170fdd14d5c7575f26a42c3b9c5a177656;p=thirdparty%2Fopenssl.git Remove custom EVP_PKEY_METHODs We retain custom EVP_PKEY_ASN1_METHODs for now - to be removed in some subsequent PR. Reviewed-by: Shane Lontis Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/29384) --- diff --git a/apps/list.c b/apps/list.c index e4825ae3b1d..f735101aab8 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1274,23 +1274,6 @@ static void list_pkey(void) static void list_pkey_meth(void) { -#ifndef OPENSSL_NO_DEPRECATED_3_0 - size_t i; - size_t meth_count = EVP_PKEY_meth_get_count(); - - if (select_name == NULL && include_legacy()) { - BIO_printf(bio_out, "Legacy:\n"); - for (i = 0; i < meth_count; i++) { - const EVP_PKEY_METHOD *pmeth = EVP_PKEY_meth_get0(i); - int pkey_id, pkey_flags; - - EVP_PKEY_meth_get0_info(&pkey_id, &pkey_flags, pmeth); - BIO_printf(bio_out, " %s\n", OBJ_nid2ln(pkey_id)); - BIO_printf(bio_out, "\tType: %s Algorithm\n", - pkey_flags & ASN1_PKEY_DYNAMIC ? "External" : "Builtin"); - } - } -#endif BIO_printf(bio_out, "Provided:\n"); BIO_printf(bio_out, " Encryption:\n"); list_asymciphers(); diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 01297325421..81029feb87a 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -190,8 +190,6 @@ void evp_cleanup_int(void) EVP_PBE_cleanup(); OBJ_sigid_free(); - - evp_app_cleanup_int(); } struct doall_cipher { diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 70abf69b81b..22e7259b2db 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -46,91 +46,6 @@ static void evp_pkey_ctx_free_all_cached_data(EVP_PKEY_CTX *ctx); typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void); typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); -static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; - -/* This array needs to be in order of NIDs */ -static pmeth_fn standard_methods[] = { - ossl_rsa_pkey_method, -#ifndef OPENSSL_NO_DH - ossl_dh_pkey_method, -#endif -#ifndef OPENSSL_NO_DSA - ossl_dsa_pkey_method, -#endif -#ifndef OPENSSL_NO_EC - ossl_ec_pkey_method, -#endif - ossl_rsa_pss_pkey_method, -#ifndef OPENSSL_NO_DH - ossl_dhx_pkey_method, -#endif -#ifndef OPENSSL_NO_ECX - ossl_ecx25519_pkey_method, - ossl_ecx448_pkey_method, - ossl_ed25519_pkey_method, - ossl_ed448_pkey_method, -#endif -}; - -DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); - -static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b) -{ - return ((*a)->pkey_id - ((**b)())->pkey_id); -} - -IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); - -static int pmeth_cmp(const EVP_PKEY_METHOD *const *a, - const EVP_PKEY_METHOD *const *b) -{ - return ((*a)->pkey_id - (*b)->pkey_id); -} - -static const EVP_PKEY_METHOD *evp_pkey_meth_find_added_by_application(int type) -{ - if (app_pkey_methods != NULL) { - int idx; - EVP_PKEY_METHOD tmp; - - tmp.pkey_id = type; - idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp); - if (idx >= 0) - return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); - } - return NULL; -} - -const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) -{ - pmeth_fn *ret; - EVP_PKEY_METHOD tmp; - const EVP_PKEY_METHOD *t; - - if ((t = evp_pkey_meth_find_added_by_application(type)) != NULL) - return t; - - tmp.pkey_id = type; - t = &tmp; - ret = OBJ_bsearch_pmeth_func(&t, standard_methods, - OSSL_NELEM(standard_methods)); - if (ret == NULL || *ret == NULL) - return NULL; - return (**ret)(); -} - -EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags) -{ - EVP_PKEY_METHOD *pmeth; - - pmeth = OPENSSL_zalloc(sizeof(*pmeth)); - if (pmeth == NULL) - return NULL; - - pmeth->pkey_id = id; - pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; - return pmeth; -} #endif /* FIPS_MODULE */ int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx) @@ -159,7 +74,6 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, { EVP_PKEY_CTX *ret = NULL; - const EVP_PKEY_METHOD *pmeth = NULL, *app_pmeth = NULL; EVP_KEYMGMT *keymgmt = NULL; /* Code below to be removed when legacy support is dropped. */ @@ -181,9 +95,6 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, #endif } } - /* If no ID was found here, we can only resort to find a keymgmt */ - if (id == -1) - goto common; #ifndef FIPS_MODULE /* @@ -191,22 +102,16 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, * supporting usage with implementations from providers, to make * for a smooth transition from legacy stuff to provider based stuff. */ - if (pkey == NULL || pkey->foreign == 0) + if (id != -1) keytype = OBJ_nid2sn(id); - if (pkey != NULL && pkey->foreign) - pmeth = EVP_PKEY_meth_find(id); - else - app_pmeth = pmeth = evp_pkey_meth_find_added_by_application(id); - /* END legacy */ #endif /* FIPS_MODULE */ -common: /* * If there's no app supplied pmeth and there's a name, we try * fetching a provider implementation. */ - if (app_pmeth == NULL && keytype != NULL) { + if (keytype != NULL) { /* * If |pkey| is given and is provided, we take a reference to its * keymgmt. Otherwise, we fetch one for the keytype we got. This @@ -254,7 +159,7 @@ common: #endif } - if (pmeth == NULL && keymgmt == NULL) { + if (keymgmt == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); } else { ret = OPENSSL_zalloc(sizeof(*ret)); @@ -276,7 +181,6 @@ common: ret->keytype = keytype; ret->keymgmt = keymgmt; ret->legacy_keytype = id; - ret->pmeth = pmeth; ret->operation = EVP_PKEY_OP_UNDEFINED; if (pkey != NULL && !EVP_PKEY_up_ref(pkey)) { @@ -286,14 +190,6 @@ common: ret->pkey = pkey; - if (pmeth != NULL && pmeth->init != NULL) { - if (pmeth->init(ret) <= 0) { - ret->pmeth = NULL; - EVP_PKEY_CTX_free(ret); - return NULL; - } - } - return ret; } @@ -365,34 +261,6 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) } #ifndef FIPS_MODULE - -void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, - const EVP_PKEY_METHOD *meth) -{ - if (ppkey_id) - *ppkey_id = meth->pkey_id; - if (pflags) - *pflags = meth->flags; -} - -void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) -{ - int pkey_id = dst->pkey_id; - int flags = dst->flags; - - *dst = *src; - - /* We only copy the function pointers so restore the other values */ - dst->pkey_id = pkey_id; - dst->flags = flags; -} - -void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) -{ - if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) - OPENSSL_free(pmeth); -} - EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) { if (!ossl_assert(e == NULL)) @@ -558,59 +426,6 @@ err: EVP_PKEY_CTX_free(rctx); return NULL; } - -int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) -{ - if (app_pkey_methods == NULL) { - app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp); - if (app_pkey_methods == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); - return 0; - } - } - if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) { - ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); - return 0; - } - sk_EVP_PKEY_METHOD_sort(app_pkey_methods); - return 1; -} - -void evp_app_cleanup_int(void) -{ - if (app_pkey_methods != NULL) - sk_EVP_PKEY_METHOD_pop_free(app_pkey_methods, EVP_PKEY_meth_free); -} - -int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth) -{ - const EVP_PKEY_METHOD *ret; - - ret = sk_EVP_PKEY_METHOD_delete_ptr(app_pkey_methods, pmeth); - - return ret == NULL ? 0 : 1; -} - -size_t EVP_PKEY_meth_get_count(void) -{ - size_t rv = OSSL_NELEM(standard_methods); - - if (app_pkey_methods) - rv += sk_EVP_PKEY_METHOD_num(app_pkey_methods); - return rv; -} - -const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx) -{ - if (idx < OSSL_NELEM(standard_methods)) - return (standard_methods[idx])(); - if (app_pkey_methods == NULL) - return NULL; - idx -= OSSL_NELEM(standard_methods); - if (idx >= (size_t)sk_EVP_PKEY_METHOD_num(app_pkey_methods)) - return NULL; - return sk_EVP_PKEY_METHOD_value(app_pkey_methods, (int)idx); -} #endif int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype) @@ -1612,401 +1427,4 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } - -void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, - int (*init)(EVP_PKEY_CTX *ctx)) -{ - pmeth->init = init; -} - -void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, - int (*copy)(EVP_PKEY_CTX *dst, - const EVP_PKEY_CTX *src)) -{ - pmeth->copy = copy; -} - -void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, - void (*cleanup)(EVP_PKEY_CTX *ctx)) -{ - pmeth->cleanup = cleanup; -} - -void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, - int (*paramgen_init)(EVP_PKEY_CTX *ctx), - int (*paramgen)(EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - pmeth->paramgen_init = paramgen_init; - pmeth->paramgen = paramgen; -} - -void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, - int (*keygen_init)(EVP_PKEY_CTX *ctx), - int (*keygen)(EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - pmeth->keygen_init = keygen_init; - pmeth->keygen = keygen; -} - -void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, - int (*sign_init)(EVP_PKEY_CTX *ctx), - int (*sign)(EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - pmeth->sign_init = sign_init; - pmeth->sign = sign; -} - -void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, - int (*verify_init)(EVP_PKEY_CTX *ctx), - int (*verify)(EVP_PKEY_CTX *ctx, - const unsigned char *sig, - size_t siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - pmeth->verify_init = verify_init; - pmeth->verify = verify; -} - -void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, - int (*verify_recover_init)(EVP_PKEY_CTX - *ctx), - int (*verify_recover)(EVP_PKEY_CTX - *ctx, - unsigned char - *sig, - size_t *siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - pmeth->verify_recover_init = verify_recover_init; - pmeth->verify_recover = verify_recover; -} - -void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, - int (*signctx_init)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (*signctx)(EVP_PKEY_CTX *ctx, - unsigned char *sig, - size_t *siglen, - EVP_MD_CTX *mctx)) -{ - pmeth->signctx_init = signctx_init; - pmeth->signctx = signctx; -} - -void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (*verifyctx)(EVP_PKEY_CTX *ctx, - const unsigned char *sig, - int siglen, - EVP_MD_CTX *mctx)) -{ - pmeth->verifyctx_init = verifyctx_init; - pmeth->verifyctx = verifyctx; -} - -void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, - int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encryptfn)(EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - pmeth->encrypt_init = encrypt_init; - pmeth->encrypt = encryptfn; -} - -void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, - int (*decrypt_init)(EVP_PKEY_CTX *ctx), - int (*decrypt)(EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - pmeth->decrypt_init = decrypt_init; - pmeth->decrypt = decrypt; -} - -void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, - int (*derive_init)(EVP_PKEY_CTX *ctx), - int (*derive)(EVP_PKEY_CTX *ctx, - unsigned char *key, - size_t *keylen)) -{ - pmeth->derive_init = derive_init; - pmeth->derive = derive; -} - -void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, - int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, - void *p2), - int (*ctrl_str)(EVP_PKEY_CTX *ctx, - const char *type, - const char *value)) -{ - pmeth->ctrl = ctrl; - pmeth->ctrl_str = ctrl_str; -} - -void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth, - int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)) -{ - pmeth->digestsign = digestsign; -} - -void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth, - int (*digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen)) -{ - pmeth->digestverify = digestverify; -} - -void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, - int (*check)(EVP_PKEY *pkey)) -{ - pmeth->check = check; -} - -void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, - int (*check)(EVP_PKEY *pkey)) -{ - pmeth->public_check = check; -} - -void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, - int (*check)(EVP_PKEY *pkey)) -{ - pmeth->param_check = check; -} - -void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth, - int (*digest_custom)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx)) -{ - pmeth->digest_custom = digest_custom; -} - -void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, - int (**pinit)(EVP_PKEY_CTX *ctx)) -{ - *pinit = pmeth->init; -} - -void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, - int (**pcopy)(EVP_PKEY_CTX *dst, - const EVP_PKEY_CTX *src)) -{ - *pcopy = pmeth->copy; -} - -void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth, - void (**pcleanup)(EVP_PKEY_CTX *ctx)) -{ - *pcleanup = pmeth->cleanup; -} - -void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth, - int (**pparamgen_init)(EVP_PKEY_CTX *ctx), - int (**pparamgen)(EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - if (pparamgen_init) - *pparamgen_init = pmeth->paramgen_init; - if (pparamgen) - *pparamgen = pmeth->paramgen; -} - -void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth, - int (**pkeygen_init)(EVP_PKEY_CTX *ctx), - int (**pkeygen)(EVP_PKEY_CTX *ctx, - EVP_PKEY *pkey)) -{ - if (pkeygen_init) - *pkeygen_init = pmeth->keygen_init; - if (pkeygen) - *pkeygen = pmeth->keygen; -} - -void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth, - int (**psign_init)(EVP_PKEY_CTX *ctx), - int (**psign)(EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - if (psign_init) - *psign_init = pmeth->sign_init; - if (psign) - *psign = pmeth->sign; -} - -void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth, - int (**pverify_init)(EVP_PKEY_CTX *ctx), - int (**pverify)(EVP_PKEY_CTX *ctx, - const unsigned char *sig, - size_t siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - if (pverify_init) - *pverify_init = pmeth->verify_init; - if (pverify) - *pverify = pmeth->verify; -} - -void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth, - int (**pverify_recover_init)(EVP_PKEY_CTX - *ctx), - int (**pverify_recover)(EVP_PKEY_CTX - *ctx, - unsigned char - *sig, - size_t *siglen, - const unsigned char *tbs, - size_t tbslen)) -{ - if (pverify_recover_init) - *pverify_recover_init = pmeth->verify_recover_init; - if (pverify_recover) - *pverify_recover = pmeth->verify_recover; -} - -void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth, - int (**psignctx_init)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (**psignctx)(EVP_PKEY_CTX *ctx, - unsigned char *sig, - size_t *siglen, - EVP_MD_CTX *mctx)) -{ - if (psignctx_init) - *psignctx_init = pmeth->signctx_init; - if (psignctx) - *psignctx = pmeth->signctx; -} - -void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth, - int (**pverifyctx_init)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx), - int (**pverifyctx)(EVP_PKEY_CTX *ctx, - const unsigned char *sig, - int siglen, - EVP_MD_CTX *mctx)) -{ - if (pverifyctx_init) - *pverifyctx_init = pmeth->verifyctx_init; - if (pverifyctx) - *pverifyctx = pmeth->verifyctx; -} - -void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth, - int (**pencrypt_init)(EVP_PKEY_CTX *ctx), - int (**pencryptfn)(EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - if (pencrypt_init) - *pencrypt_init = pmeth->encrypt_init; - if (pencryptfn) - *pencryptfn = pmeth->encrypt; -} - -void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth, - int (**pdecrypt_init)(EVP_PKEY_CTX *ctx), - int (**pdecrypt)(EVP_PKEY_CTX *ctx, - unsigned char *out, - size_t *outlen, - const unsigned char *in, - size_t inlen)) -{ - if (pdecrypt_init) - *pdecrypt_init = pmeth->decrypt_init; - if (pdecrypt) - *pdecrypt = pmeth->decrypt; -} - -void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth, - int (**pderive_init)(EVP_PKEY_CTX *ctx), - int (**pderive)(EVP_PKEY_CTX *ctx, - unsigned char *key, - size_t *keylen)) -{ - if (pderive_init) - *pderive_init = pmeth->derive_init; - if (pderive) - *pderive = pmeth->derive; -} - -void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth, - int (**pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, - void *p2), - int (**pctrl_str)(EVP_PKEY_CTX *ctx, - const char *type, - const char *value)) -{ - if (pctrl) - *pctrl = pmeth->ctrl; - if (pctrl_str) - *pctrl_str = pmeth->ctrl_str; -} - -void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth, - int (**digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)) -{ - if (digestsign) - *digestsign = pmeth->digestsign; -} - -void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth, - int (**digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen)) -{ - if (digestverify) - *digestverify = pmeth->digestverify; -} - -void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth, - int (**pcheck)(EVP_PKEY *pkey)) -{ - if (pcheck != NULL) - *pcheck = pmeth->check; -} - -void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth, - int (**pcheck)(EVP_PKEY *pkey)) -{ - if (pcheck != NULL) - *pcheck = pmeth->public_check; -} - -void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth, - int (**pcheck)(EVP_PKEY *pkey)) -{ - if (pcheck != NULL) - *pcheck = pmeth->param_check; -} - -void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth, - int (**pdigest_custom)(EVP_PKEY_CTX *ctx, - EVP_MD_CTX *mctx)) -{ - if (pdigest_custom != NULL) - *pdigest_custom = pmeth->digest_custom; -} - #endif /* FIPS_MODULE */ diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 7d1c28b6756..40d92d28528 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -767,7 +767,6 @@ struct evp_skey_st { void openssl_add_all_ciphers_int(void); void openssl_add_all_digests_int(void); void evp_cleanup_int(void); -void evp_app_cleanup_int(void); void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, EVP_KEYMGMT **keymgmt, const char *propquery); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0114e1bafec..b00c2044c02 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1733,19 +1733,6 @@ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, * Method handles all operations: don't assume any digest related defaults. */ #define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 -#ifndef OPENSSL_NO_DEPRECATED_3_0 -OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); -OSSL_DEPRECATEDIN_3_0 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, - const EVP_PKEY_METHOD *meth); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, - const EVP_PKEY_METHOD *src); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); -OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); -OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth); -OSSL_DEPRECATEDIN_3_0 size_t EVP_PKEY_meth_get_count(void); -OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx); -#endif EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); @@ -2039,103 +2026,6 @@ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); -#ifndef OPENSSL_NO_DEPRECATED_3_0 -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, - int (*init)(EVP_PKEY_CTX *ctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup)(EVP_PKEY_CTX *ctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init)(EVP_PKEY_CTX *ctx), - int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init)(EVP_PKEY_CTX *ctx), - int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign_init)(EVP_PKEY_CTX *ctx), - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify_init)(EVP_PKEY_CTX *ctx), - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, int (*verify_recover_init)(EVP_PKEY_CTX *ctx), - int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt_init)(EVP_PKEY_CTX *ctx), - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init)(EVP_PKEY_CTX *ctx), - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth, - int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth, - int (*digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth, int (*digest_custom)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, int (**pinit)(EVP_PKEY_CTX *ctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, int (**pcopy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth, void (**pcleanup)(EVP_PKEY_CTX *ctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth, int (**pparamgen_init)(EVP_PKEY_CTX *ctx), - int (**pparamgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth, int (**pkeygen_init)(EVP_PKEY_CTX *ctx), - int (**pkeygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth, int (**psign_init)(EVP_PKEY_CTX *ctx), - int (**psign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth, int (**pverify_init)(EVP_PKEY_CTX *ctx), - int (**pverify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth, - int (**pverify_recover_init)(EVP_PKEY_CTX *ctx), - int (**pverify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth, - int (**psignctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (**psignctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth, - int (**pverifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (**pverifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, - int siglen, EVP_MD_CTX *mctx)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth, int (**pencrypt_init)(EVP_PKEY_CTX *ctx), - int (**pencryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth, int (**pdecrypt_init)(EVP_PKEY_CTX *ctx), - int (**pdecrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth, int (**pderive_init)(EVP_PKEY_CTX *ctx), - int (**pderive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth, - int (**pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), - int (**pctrl_str)(EVP_PKEY_CTX *ctx, const char *type, - const char *value)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth, - int (**digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth, - int (**digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth, - int (**pdigest_custom)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)); -#endif void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange); int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange); diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 870bc80cb7f..9c94dc1b641 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -695,48 +695,6 @@ static const unsigned char kExampleED25519PubKeyDER[] = { 0xef, 0x5b, 0x7c, 0x20, 0xe8, 0x66, 0x28, 0x30, 0x3c, 0x8a, 0x82, 0x40, 0x97, 0xa3, 0x08, 0xdc, 0x65, 0x80, 0x39, 0x29 }; - -#ifndef OPENSSL_NO_DEPRECATED_3_0 -static const unsigned char kExampleX25519KeyDER[] = { - 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e, - 0x04, 0x22, 0x04, 0x20, 0xa0, 0x24, 0x3a, 0x31, 0x24, 0xc3, 0x3f, 0xf6, - 0x7b, 0x96, 0x0b, 0xd4, 0x8f, 0xd1, 0xee, 0x67, 0xf2, 0x9b, 0x88, 0xac, - 0x50, 0xce, 0x97, 0x36, 0xdd, 0xaf, 0x25, 0xf6, 0x10, 0x34, 0x96, 0x6e -}; -#endif -#endif -#endif - -/* kExampleDHKeyDER is a DH private key in ASN.1, DER format. */ -#ifndef OPENSSL_NO_DEPRECATED_3_0 -#ifndef OPENSSL_NO_DH -static const unsigned char kExampleDHKeyDER[] = { - 0x30, 0x82, 0x01, 0x21, 0x02, 0x01, 0x00, 0x30, 0x81, 0x95, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03, 0x01, 0x30, 0x81, 0x87, - 0x02, 0x81, 0x81, 0x00, 0xf7, 0x52, 0xc2, 0x68, 0xcc, 0x66, 0xc4, 0x8d, - 0x03, 0x3f, 0xfa, 0x9c, 0x52, 0xd0, 0xd8, 0x33, 0xf2, 0xe1, 0xc9, 0x9e, - 0xb7, 0xe7, 0x6e, 0x90, 0x97, 0xeb, 0x92, 0x91, 0x6a, 0x9a, 0x85, 0x63, - 0x92, 0x79, 0xab, 0xb6, 0x3d, 0x23, 0x58, 0x5a, 0xe8, 0x45, 0x06, 0x81, - 0x97, 0x77, 0xe1, 0xcc, 0x34, 0x4e, 0xae, 0x36, 0x80, 0xf2, 0xc4, 0x7f, - 0x8a, 0x52, 0xb8, 0xdb, 0x58, 0xc8, 0x4b, 0x12, 0x4c, 0xf1, 0x4c, 0x53, - 0xc1, 0x89, 0x39, 0x8d, 0xb6, 0x06, 0xd8, 0xea, 0x7f, 0x2d, 0x36, 0x53, - 0x96, 0x29, 0xbe, 0xb6, 0x75, 0xfc, 0xe7, 0xf3, 0x36, 0xd6, 0xf4, 0x8f, - 0x16, 0xa6, 0xc7, 0xec, 0x7b, 0xce, 0x42, 0x8d, 0x48, 0x2e, 0xb7, 0x74, - 0x00, 0x11, 0x52, 0x61, 0xb4, 0x19, 0x35, 0xec, 0x5c, 0xe4, 0xbe, 0x34, - 0xc6, 0x59, 0x64, 0x5e, 0x42, 0x61, 0x70, 0x54, 0xf4, 0xe9, 0x6b, 0x53, - 0x02, 0x01, 0x02, 0x04, 0x81, 0x83, 0x02, 0x81, 0x80, 0x64, 0xc2, 0xe3, - 0x09, 0x69, 0x37, 0x3c, 0xd2, 0x4a, 0xba, 0xc3, 0x78, 0x6a, 0x9b, 0x8a, - 0x2a, 0xdb, 0xe7, 0xe6, 0xc0, 0xfa, 0x3a, 0xbe, 0x39, 0x67, 0xc0, 0xa9, - 0x2a, 0xf0, 0x0a, 0xc1, 0x53, 0x1c, 0xdb, 0xfa, 0x1a, 0x26, 0x98, 0xb0, - 0x8c, 0xc6, 0x06, 0x4a, 0xa2, 0x48, 0xd3, 0xa4, 0x3b, 0xbd, 0x05, 0x48, - 0xea, 0x59, 0xdb, 0x18, 0xa4, 0xca, 0x66, 0xd9, 0x5d, 0xb8, 0x95, 0xd1, - 0xeb, 0x97, 0x3d, 0x66, 0x97, 0x5c, 0x86, 0x8f, 0x7e, 0x90, 0xd3, 0x43, - 0xd1, 0xa2, 0x0d, 0xcb, 0xe7, 0xeb, 0x90, 0xea, 0x09, 0x40, 0xb1, 0x6f, - 0xf7, 0x4c, 0xf2, 0x41, 0x83, 0x1d, 0xd0, 0x76, 0xef, 0xaf, 0x55, 0x6f, - 0x5d, 0xa9, 0xa3, 0x55, 0x81, 0x2a, 0xd1, 0x5d, 0x9d, 0x22, 0x77, 0x97, - 0x83, 0xde, 0xad, 0xb6, 0x5d, 0x19, 0xc1, 0x53, 0xec, 0xfb, 0xaf, 0x06, - 0x2e, 0x87, 0x2a, 0x0b, 0x7a -}; #endif #endif @@ -1106,30 +1064,6 @@ static int test_ml_dsa_seed_only(int idx) } #endif -#ifndef OPENSSL_NO_DEPRECATED_3_0 -#ifndef OPENSSL_NO_DH -static EVP_PKEY *load_example_dh_key(void) -{ - return load_example_key("DH", kExampleDHKeyDER, - sizeof(kExampleDHKeyDER)); -} -#endif - -#ifndef OPENSSL_NO_ECX -static EVP_PKEY *load_example_ed25519_key(void) -{ - return load_example_key("ED25519", kExampleED25519KeyDER, - sizeof(kExampleED25519KeyDER)); -} - -static EVP_PKEY *load_example_x25519_key(void) -{ - return load_example_key("X25519", kExampleX25519KeyDER, - sizeof(kExampleX25519KeyDER)); -} -#endif -#endif /* OPENSSL_NO_DEPRECATED_3_0 */ - static EVP_PKEY *load_example_hmac_key(void) { EVP_PKEY *pkey = NULL; @@ -3443,33 +3377,11 @@ static int test_set_get_raw_keys(int tst) && test_set_get_raw_keys_int(tst, 1, 1); } -#ifndef OPENSSL_NO_DEPRECATED_3_0 -static int pkey_custom_check(EVP_PKEY *pkey) -{ - return 0xbeef; -} - -static int pkey_custom_pub_check(EVP_PKEY *pkey) -{ - return 0xbeef; -} - -static int pkey_custom_param_check(EVP_PKEY *pkey) -{ - return 0xbeef; -} - -static EVP_PKEY_METHOD *custom_pmeth; -#endif - static int test_EVP_PKEY_check(int i) { int ret = 0; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; -#ifndef OPENSSL_NO_DEPRECATED_3_0 - EVP_PKEY_CTX *ctx2 = NULL; -#endif const APK_DATA *ak = &keycheckdata[i]; const unsigned char *input = ak->kder; size_t input_len = ak->size; @@ -3497,31 +3409,10 @@ static int test_EVP_PKEY_check(int i) if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check)) goto done; -#ifndef OPENSSL_NO_DEPRECATED_3_0 - ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL); - /* assign the pkey directly, as an internal test */ - if (!EVP_PKEY_up_ref(pkey)) - goto done; - - ctx2->pkey = pkey; - - if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef)) - goto done; - - if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef)) - goto done; - - if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef)) - goto done; -#endif - ret = 1; done: EVP_PKEY_CTX_free(ctx); -#ifndef OPENSSL_NO_DEPRECATED_3_0 - EVP_PKEY_CTX_free(ctx2); -#endif EVP_PKEY_free(pkey); return ret; } @@ -5736,261 +5627,6 @@ err: return res; } -#ifndef OPENSSL_NO_DEPRECATED_3_0 -static EVP_PKEY_METHOD *custom_pmeth = NULL; -static const EVP_PKEY_METHOD *orig_pmeth = NULL; - -#define EVP_PKEY_CTRL_MY_COMMAND 9999 - -static int custom_pmeth_init(EVP_PKEY_CTX *ctx) -{ - int (*pinit)(EVP_PKEY_CTX *ctx); - - EVP_PKEY_meth_get_init(orig_pmeth, &pinit); - return pinit(ctx); -} - -static void custom_pmeth_cleanup(EVP_PKEY_CTX *ctx) -{ - void (*pcleanup)(EVP_PKEY_CTX *ctx); - - EVP_PKEY_meth_get_cleanup(orig_pmeth, &pcleanup); - pcleanup(ctx); -} - -static int custom_pmeth_sign(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *in, - size_t inlen) -{ - int (*psign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - - EVP_PKEY_meth_get_sign(orig_pmeth, NULL, &psign); - return psign(ctx, out, outlen, in, inlen); -} - -static int custom_pmeth_digestsign(EVP_MD_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbslen) -{ - int (*pdigestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - - EVP_PKEY_meth_get_digestsign(orig_pmeth, &pdigestsign); - return pdigestsign(ctx, sig, siglen, tbs, tbslen); -} - -static int custom_pmeth_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - int (*pderive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); - - EVP_PKEY_meth_get_derive(orig_pmeth, NULL, &pderive); - return pderive(ctx, key, keylen); -} - -static int custom_pmeth_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) -{ - int (*pcopy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src); - - EVP_PKEY_meth_get_copy(orig_pmeth, &pcopy); - return pcopy(dst, src); -} - -static int ctrl_called; - -static int custom_pmeth_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - int (*pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - - EVP_PKEY_meth_get_ctrl(orig_pmeth, &pctrl, NULL); - - if (type == EVP_PKEY_CTRL_MY_COMMAND) { - ctrl_called = 1; - return 1; - } - - return pctrl(ctx, type, p1, p2); -} - -static int test_custom_pmeth(int idx) -{ - EVP_PKEY_CTX *pctx = NULL; - EVP_MD_CTX *ctx = NULL; - EVP_PKEY *pkey = NULL; - int id, orig_id, orig_flags; - int testresult = 0; - size_t reslen; - unsigned char *res = NULL; - unsigned char msg[] = { 'H', 'e', 'l', 'l', 'o' }; - const EVP_MD *md = EVP_sha256(); - int doderive = 0; - - ctrl_called = 0; - - /* We call deprecated APIs so this test doesn't support a custom libctx */ - if (testctx != NULL) - return 1; - - switch (idx) { - case 0: - case 6: - id = EVP_PKEY_RSA; - pkey = load_example_rsa_key(); - break; - case 1: - case 7: -#ifndef OPENSSL_NO_DSA - id = EVP_PKEY_DSA; - pkey = load_example_dsa_key(); - break; -#else - return 1; -#endif - case 2: - case 8: -#ifndef OPENSSL_NO_EC - id = EVP_PKEY_EC; - pkey = load_example_ec_key(); - break; -#else - return 1; -#endif - case 3: - case 9: -#ifndef OPENSSL_NO_ECX - id = EVP_PKEY_ED25519; - md = NULL; - pkey = load_example_ed25519_key(); - break; -#else - return 1; -#endif - case 4: - case 10: -#ifndef OPENSSL_NO_DH - id = EVP_PKEY_DH; - doderive = 1; - pkey = load_example_dh_key(); - break; -#else - return 1; -#endif - case 5: - case 11: -#ifndef OPENSSL_NO_ECX - id = EVP_PKEY_X25519; - doderive = 1; - pkey = load_example_x25519_key(); - break; -#else - return 1; -#endif - default: - TEST_error("Should not happen"); - goto err; - } - - if (!TEST_ptr(pkey)) - goto err; - - if (idx < 6) { - if (!TEST_true(evp_pkey_is_provided(pkey))) - goto err; - } else { - EVP_PKEY *tmp = pkey; - - /* Convert to a legacy key */ - pkey = EVP_PKEY_new(); - if (!TEST_ptr(pkey)) { - pkey = tmp; - goto err; - } - if (!TEST_true(evp_pkey_copy_downgraded(&pkey, tmp))) { - EVP_PKEY_free(tmp); - goto err; - } - EVP_PKEY_free(tmp); - if (!TEST_true(evp_pkey_is_legacy(pkey))) - goto err; - } - - if (!TEST_ptr(orig_pmeth = EVP_PKEY_meth_find(id)) - || !TEST_ptr(pkey)) - goto err; - - EVP_PKEY_meth_get0_info(&orig_id, &orig_flags, orig_pmeth); - if (!TEST_int_eq(orig_id, id) - || !TEST_ptr(custom_pmeth = EVP_PKEY_meth_new(id, orig_flags))) - goto err; - - if (id == EVP_PKEY_ED25519) { - EVP_PKEY_meth_set_digestsign(custom_pmeth, custom_pmeth_digestsign); - } - if (id == EVP_PKEY_DH || id == EVP_PKEY_X25519) { - EVP_PKEY_meth_set_derive(custom_pmeth, NULL, custom_pmeth_derive); - } else { - EVP_PKEY_meth_set_sign(custom_pmeth, NULL, custom_pmeth_sign); - } - if (id != EVP_PKEY_ED25519 && id != EVP_PKEY_X25519) { - EVP_PKEY_meth_set_init(custom_pmeth, custom_pmeth_init); - EVP_PKEY_meth_set_cleanup(custom_pmeth, custom_pmeth_cleanup); - EVP_PKEY_meth_set_copy(custom_pmeth, custom_pmeth_copy); - } - EVP_PKEY_meth_set_ctrl(custom_pmeth, custom_pmeth_ctrl, NULL); - if (!TEST_true(EVP_PKEY_meth_add0(custom_pmeth))) - goto err; - - if (doderive) { - pctx = EVP_PKEY_CTX_new(pkey, NULL); - if (!TEST_ptr(pctx) - || !TEST_int_eq(EVP_PKEY_derive_init(pctx), 1) - || !TEST_int_ge(EVP_PKEY_CTX_ctrl(pctx, -1, -1, - EVP_PKEY_CTRL_MY_COMMAND, 0, NULL), - 1) - || !TEST_int_eq(ctrl_called, 1) - || !TEST_int_ge(EVP_PKEY_derive_set_peer(pctx, pkey), 1) - || !TEST_int_ge(EVP_PKEY_derive(pctx, NULL, &reslen), 1) - || !TEST_ptr(res = OPENSSL_malloc(reslen)) - || !TEST_int_ge(EVP_PKEY_derive(pctx, res, &reslen), 1)) - goto err; - } else { - ctx = EVP_MD_CTX_new(); - reslen = EVP_PKEY_size(pkey); - res = OPENSSL_malloc(reslen); - if (!TEST_ptr(ctx) - || !TEST_ptr(res) - || !TEST_true(EVP_DigestSignInit(ctx, &pctx, md, NULL, pkey)) - || !TEST_int_ge(EVP_PKEY_CTX_ctrl(pctx, -1, -1, - EVP_PKEY_CTRL_MY_COMMAND, 0, NULL), - 1) - || !TEST_int_eq(ctrl_called, 1)) - goto err; - - if (id == EVP_PKEY_ED25519) { - if (!TEST_true(EVP_DigestSign(ctx, res, &reslen, msg, sizeof(msg)))) - goto err; - } else { - if (!TEST_true(EVP_DigestUpdate(ctx, msg, sizeof(msg))) - || !TEST_true(EVP_DigestSignFinal(ctx, res, &reslen))) - goto err; - } - } - - testresult = 1; -err: - OPENSSL_free(res); - EVP_MD_CTX_free(ctx); - if (doderive) - EVP_PKEY_CTX_free(pctx); - EVP_PKEY_free(pkey); - EVP_PKEY_meth_remove(custom_pmeth); - EVP_PKEY_meth_free(custom_pmeth); - custom_pmeth = NULL; - return testresult; -} -#endif /* OPENSSL_NO_DEPRECATED_3_0 */ - #ifndef OPENSSL_NO_ECX static int ecxnids[] = { NID_X25519, @@ -6727,16 +6363,6 @@ int setup_tests(void) ADD_TEST(test_EVP_SM2_verify); #endif ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys)); -#ifndef OPENSSL_NO_DEPRECATED_3_0 - custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0); - if (!TEST_ptr(custom_pmeth)) - return 0; - EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check); - EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check); - EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check); - if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) - return 0; -#endif ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); #ifndef OPENSSL_NO_CMAC ADD_TEST(test_CMAC_keygen); @@ -6809,10 +6435,6 @@ int setup_tests(void) if (OSSL_NELEM(keylen_change_ciphers) - 1 > 0) ADD_ALL_TESTS(test_keylen_change, OSSL_NELEM(keylen_change_ciphers) - 1); -#ifndef OPENSSL_NO_DEPRECATED_3_0 - ADD_ALL_TESTS(test_custom_pmeth, 12); -#endif - #ifndef OPENSSL_NO_ECX ADD_ALL_TESTS(test_ecx_short_keys, OSSL_NELEM(ecxnids)); ADD_ALL_TESTS(test_ecx_not_private_key, OSSL_NELEM(keys)); diff --git a/test/pkey_meth_test.c b/test/pkey_meth_test.c index 46b39efc3be..15d62e0a939 100644 --- a/test/pkey_meth_test.c +++ b/test/pkey_meth_test.c @@ -53,42 +53,10 @@ static int test_asn1_meths(void) } #endif -#ifndef OPENSSL_NO_DEPRECATED_3_0 -/* Test of EVP_PKEY_METHOD ordering */ -static int test_pkey_meths(void) -{ - size_t i; - int prev = -1; - int good = 1; - int pkey_id; - const EVP_PKEY_METHOD *pmeth; - - for (i = 0; i < EVP_PKEY_meth_get_count(); i++) { - pmeth = EVP_PKEY_meth_get0(i); - EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth); - if (pkey_id < prev) - good = 0; - prev = pkey_id; - } - if (!good) { - TEST_error("EVP_PKEY_METHOD table out of order"); - for (i = 0; i < EVP_PKEY_meth_get_count(); i++) { - pmeth = EVP_PKEY_meth_get0(i); - EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth); - TEST_note("%d : %s", pkey_id, OBJ_nid2ln(pkey_id)); - } - } - return good; -} -#endif - int setup_tests(void) { #ifndef OPENSSL_NO_DEPRECATED_3_6 ADD_TEST(test_asn1_meths); -#endif -#ifndef OPENSSL_NO_DEPRECATED_3_0 - ADD_TEST(test_pkey_meths); #endif return 1; } diff --git a/util/libcrypto.num b/util/libcrypto.num index 46452b2f7e1..5e4e18b0fe7 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1368,15 +1368,6 @@ EVP_PKEY_CTX_get1_id_len ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_kem_op ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_get0_type_name ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_mac_key ? 4_0_0 EXIST::FUNCTION: -EVP_PKEY_meth_find ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_new ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get0_info ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_free ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_add0 ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_remove ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_count ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get0 ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_KEYMGMT_fetch ? 4_0_0 EXIST::FUNCTION: EVP_KEYMGMT_up_ref ? 4_0_0 EXIST::FUNCTION: EVP_KEYMGMT_free ? 4_0_0 EXIST::FUNCTION: @@ -1546,46 +1537,6 @@ EVP_PKEY_get_ex_data ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_cb ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get_cb ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get_keygen_info ? 4_0_0 EXIST::FUNCTION: -EVP_PKEY_meth_set_init ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_cleanup ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_paramgen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_keygen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_sign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_verify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_verify_recover ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_signctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_verifyctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_encrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_decrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_derive ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_ctrl ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_digestsign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_digestverify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_public_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_param_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_set_digest_custom ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_init ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_cleanup ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_paramgen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_keygen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_sign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_verify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_verify_recover ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_signctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_verifyctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_encrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_decrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_derive ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_ctrl ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_digestsign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_digestverify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_public_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_param_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -EVP_PKEY_meth_get_digest_custom ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_KEYEXCH_free ? 4_0_0 EXIST::FUNCTION: EVP_KEYEXCH_up_ref ? 4_0_0 EXIST::FUNCTION: EVP_KEYEXCH_fetch ? 4_0_0 EXIST::FUNCTION: