From: Matt Caswell Date: Mon, 15 Dec 2025 17:02:36 +0000 (+0000) Subject: Remove the ability to create a custom EVP_PKEY_ASN1_METHOD X-Git-Tag: openssl-4.0.0-alpha1~566 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c65e34bfceb63f1dfc8f49a882824811fde4df38;p=thirdparty%2Fopenssl.git Remove the ability to create a custom EVP_PKEY_ASN1_METHOD Now that the ability to register a custom EVP_PKEY_ASN1_METHOD has been removed in an earlier commit, we can now remove the functions that are used to create a custom EVP_PKEY_ASN1_METHOD. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/29405) --- diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index bdba0329315..f003b9e4a7c 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -7,11 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* - * We need to use some EVP_PKEY_asn1 deprecated APIs - */ -#include "internal/deprecated.h" - #include "internal/cryptlib.h" #include #include @@ -123,219 +118,3 @@ const EVP_PKEY_ASN1_METHOD *evp_pkey_get0_asn1(const EVP_PKEY *pkey) { return pkey->ameth; } - -EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, - const char *pem_str, const char *info) -{ - EVP_PKEY_ASN1_METHOD *ameth = OPENSSL_zalloc(sizeof(*ameth)); - - if (ameth == NULL) - return NULL; - - ameth->pkey_id = id; - ameth->pkey_base_id = id; - ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; - - if (info) { - ameth->info = OPENSSL_strdup(info); - if (ameth->info == NULL) - goto err; - } - - if (pem_str) { - ameth->pem_str = OPENSSL_strdup(pem_str); - if (ameth->pem_str == NULL) - goto err; - } - - return ameth; - -err: - EVP_PKEY_asn1_free(ameth); - return NULL; -} - -void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, - const EVP_PKEY_ASN1_METHOD *src) -{ - int pkey_id = dst->pkey_id; - int pkey_base_id = dst->pkey_base_id; - unsigned long pkey_flags = dst->pkey_flags; - char *pem_str = dst->pem_str; - char *info = dst->info; - - *dst = *src; - - /* We only copy the function pointers so restore the other values */ - dst->pkey_id = pkey_id; - dst->pkey_base_id = pkey_base_id; - dst->pkey_flags = pkey_flags; - dst->pem_str = pem_str; - dst->info = info; -} - -void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) -{ - if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) { - OPENSSL_free(ameth->pem_str); - OPENSSL_free(ameth->info); - OPENSSL_free(ameth); - } -} - -void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, - int (*pub_decode)(EVP_PKEY *pk, - const X509_PUBKEY *pub), - int (*pub_encode)(X509_PUBKEY *pub, - const EVP_PKEY *pk), - int (*pub_cmp)(const EVP_PKEY *a, - const EVP_PKEY *b), - int (*pub_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx), - int (*pkey_size)(const EVP_PKEY *pk), - int (*pkey_bits)(const EVP_PKEY *pk)) -{ - ameth->pub_decode = pub_decode; - ameth->pub_encode = pub_encode; - ameth->pub_cmp = pub_cmp; - ameth->pub_print = pub_print; - ameth->pkey_size = pkey_size; - ameth->pkey_bits = pkey_bits; -} - -void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, - int (*priv_decode)(EVP_PKEY *pk, - const PKCS8_PRIV_KEY_INFO - *p8inf), - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, - const EVP_PKEY *pk), - int (*priv_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, - ASN1_PCTX *pctx)) -{ - ameth->priv_decode = priv_decode; - ameth->priv_encode = priv_encode; - ameth->priv_print = priv_print; -} - -void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(EVP_PKEY *pkey, - const unsigned char **pder, - int derlen), - int (*param_encode)(const EVP_PKEY *pkey, - unsigned char **pder), - int (*param_missing)(const EVP_PKEY *pk), - int (*param_copy)(EVP_PKEY *to, - const EVP_PKEY *from), - int (*param_cmp)(const EVP_PKEY *a, - const EVP_PKEY *b), - int (*param_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx)) -{ - ameth->param_decode = param_decode; - ameth->param_encode = param_encode; - ameth->param_missing = param_missing; - ameth->param_copy = param_copy; - ameth->param_cmp = param_cmp; - ameth->param_print = param_print; -} - -void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, - void (*pkey_free)(EVP_PKEY *pkey)) -{ - ameth->pkey_free = pkey_free; -} - -void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, - long arg1, void *arg2)) -{ - ameth->pkey_ctrl = pkey_ctrl; -} - -void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_security_bits)(const EVP_PKEY - *pk)) -{ - ameth->pkey_security_bits = pkey_security_bits; -} - -void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, - int (*item_verify)(EVP_MD_CTX *ctx, - const ASN1_ITEM *it, - const void *data, - const X509_ALGOR *a, - const ASN1_BIT_STRING *sig, - EVP_PKEY *pkey), - int (*item_sign)(EVP_MD_CTX *ctx, - const ASN1_ITEM *it, - const void *data, - X509_ALGOR *alg1, - X509_ALGOR *alg2, - ASN1_BIT_STRING *sig)) -{ - ameth->item_sign = item_sign; - ameth->item_verify = item_verify; -} - -void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth, - int (*siginf_set)(X509_SIG_INFO *siginf, - const X509_ALGOR *alg, - const ASN1_STRING *sig)) -{ - ameth->siginf_set = siginf_set; -} - -void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_check)(const EVP_PKEY *pk)) -{ - ameth->pkey_check = pkey_check; -} - -void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_pub_check)(const EVP_PKEY *pk)) -{ - ameth->pkey_public_check = pkey_pub_check; -} - -void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_param_check)(const EVP_PKEY *pk)) -{ - ameth->pkey_param_check = pkey_param_check; -} - -void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*set_priv_key)(EVP_PKEY *pk, - const unsigned char - *priv, - size_t len)) -{ - ameth->set_priv_key = set_priv_key; -} - -void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*set_pub_key)(EVP_PKEY *pk, - const unsigned char *pub, - size_t len)) -{ - ameth->set_pub_key = set_pub_key; -} - -void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*get_priv_key)(const EVP_PKEY *pk, - unsigned char *priv, - size_t *len)) -{ - ameth->get_priv_key = get_priv_key; -} - -void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*get_pub_key)(const EVP_PKEY *pk, - unsigned char *pub, - size_t *len)) -{ - ameth->get_pub_key = get_pub_key; -} diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h index 8b3d068de72..637d7c01537 100644 --- a/crypto/asn1/standard_methods.h +++ b/crypto/asn1/standard_methods.h @@ -7,7 +7,6 @@ * https://www.openssl.org/source/license.html */ -#ifndef OPENSSL_NO_DEPRECATED_3_6 /* * This table MUST be kept in ascending order of the NID each method * represents (corresponding to the pkey_id field) as OBJ_bsearch @@ -42,4 +41,3 @@ static const EVP_PKEY_ASN1_METHOD *const standard_methods[] = { &ossl_sm2_asn1_meth, #endif }; -#endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 91664256428..bb90b4f3c9e 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1512,122 +1512,6 @@ int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num); #define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa #define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xb -#ifndef OPENSSL_NO_DEPRECATED_3_6 -OSSL_DEPRECATEDIN_3_6 EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, - const char *pem_str, - const char *info); -OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, - const EVP_PKEY_ASN1_METHOD *src); -OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, - int (*pub_decode)(EVP_PKEY *pk, - const X509_PUBKEY *pub), - int (*pub_encode)(X509_PUBKEY *pub, - const EVP_PKEY *pk), - int (*pub_cmp)(const EVP_PKEY *a, - const EVP_PKEY *b), - int (*pub_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx), - int (*pkey_size)(const EVP_PKEY *pk), - int (*pkey_bits)(const EVP_PKEY *pk)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, - int (*priv_decode)(EVP_PKEY *pk, - const PKCS8_PRIV_KEY_INFO - *p8inf), - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, - const EVP_PKEY *pk), - int (*priv_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, - ASN1_PCTX *pctx)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(EVP_PKEY *pkey, - const unsigned char **pder, - int derlen), - int (*param_encode)(const EVP_PKEY *pkey, - unsigned char **pder), - int (*param_missing)(const EVP_PKEY *pk), - int (*param_copy)(EVP_PKEY *to, - const EVP_PKEY *from), - int (*param_cmp)(const EVP_PKEY *a, - const EVP_PKEY *b), - int (*param_print)(BIO *out, - const EVP_PKEY *pkey, - int indent, - ASN1_PCTX *pctx)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, - void (*pkey_free)(EVP_PKEY *pkey)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, - long arg1, void *arg2)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, - int (*item_verify)(EVP_MD_CTX *ctx, - const ASN1_ITEM *it, - const void *data, - const X509_ALGOR *a, - const ASN1_BIT_STRING *sig, - EVP_PKEY *pkey), - int (*item_sign)(EVP_MD_CTX *ctx, - const ASN1_ITEM *it, - const void *data, - X509_ALGOR *alg1, - X509_ALGOR *alg2, - ASN1_BIT_STRING *sig)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth, - int (*siginf_set)(X509_SIG_INFO *siginf, - const X509_ALGOR *alg, - const ASN1_STRING *sig)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_check)(const EVP_PKEY *pk)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_pub_check)(const EVP_PKEY *pk)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_param_check)(const EVP_PKEY *pk)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*set_priv_key)(EVP_PKEY *pk, - const unsigned char - *priv, - size_t len)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*set_pub_key)(EVP_PKEY *pk, - const unsigned char *pub, - size_t len)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*get_priv_key)(const EVP_PKEY *pk, - unsigned char *priv, - size_t *len)); -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth, - int (*get_pub_key)(const EVP_PKEY *pk, - unsigned char *pub, - size_t *len)); - -OSSL_DEPRECATEDIN_3_6 -void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_security_bits)(const EVP_PKEY - *pk)); -#endif /* OPENSSL_NO_DEPRECATED_3_6 */ - int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); diff --git a/util/libcrypto.num b/util/libcrypto.num index 9d508f96cac..c01447b1775 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1331,24 +1331,6 @@ EVP_PBE_find ? 4_0_0 EXIST::FUNCTION: EVP_PBE_find_ex ? 4_0_0 EXIST::FUNCTION: EVP_PBE_cleanup ? 4_0_0 EXIST::FUNCTION: EVP_PBE_get ? 4_0_0 EXIST::FUNCTION: -EVP_PKEY_asn1_new ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_free ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_public ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_private ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_param ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_free ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_ctrl ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_item ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_siginf ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_public_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_param_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_set_priv_key ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_set_pub_key ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_get_priv_key ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_get_pub_key ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 -EVP_PKEY_asn1_set_security_bits ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_6 EVP_PKEY_CTX_get_signature_md ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_signature_md ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set1_id ? 4_0_0 EXIST::FUNCTION: