From 32fdc512ca6aed2473a63f8a826705a122d4ea0c Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Thu, 31 Dec 2015 03:10:27 -0500 Subject: [PATCH] Remove param_decode and param_encode EVP_PKEY hooks. They're only used by a pair of PEM functions, which are never used. BUG=499653 Change-Id: I89731485c66ca328c634efbdb7e182a917f2a963 Reviewed-on: https://boringssl-review.googlesource.com/6863 Reviewed-by: Adam Langley --- crypto/evp/internal.h | 2 -- crypto/evp/p_dsa_asn1.c | 17 ---------- crypto/evp/p_ec_asn1.c | 17 ---------- crypto/evp/p_rsa_asn1.c | 2 +- crypto/pem/pem_lib.c | 18 ----------- crypto/pem/pem_pkey.c | 72 ----------------------------------------- include/openssl/pem.h | 5 --- 7 files changed, 1 insertion(+), 132 deletions(-) diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index f2bad30a..90ccfec3 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h @@ -124,8 +124,6 @@ struct evp_pkey_asn1_method_st { int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*param_encode)(const EVP_PKEY *pkey, uint8_t **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); diff --git a/crypto/evp/p_dsa_asn1.c b/crypto/evp/p_dsa_asn1.c index 62f2ac89..8cd7179c 100644 --- a/crypto/evp/p_dsa_asn1.c +++ b/crypto/evp/p_dsa_asn1.c @@ -420,21 +420,6 @@ err: return ret; } -static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { - DSA *dsa; - dsa = d2i_DSAparams(NULL, pder, derlen); - if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); - return 0; - } - EVP_PKEY_assign_DSA(pkey, dsa); - return 1; -} - -static int dsa_param_encode(const EVP_PKEY *pkey, uint8_t **pder) { - return i2d_DSAparams(pkey->pkey.dsa, pder); -} - static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) { return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); @@ -527,8 +512,6 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { int_dsa_size, dsa_bits, - dsa_param_decode, - dsa_param_encode, dsa_missing_parameters, dsa_copy_parameters, dsa_cmp_parameters, diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c index 2d8d38a2..25081b82 100644 --- a/crypto/evp/p_ec_asn1.c +++ b/crypto/evp/p_ec_asn1.c @@ -430,21 +430,6 @@ err: return ret; } -static int eckey_param_decode(EVP_PKEY *pkey, const uint8_t **pder, - int derlen) { - EC_KEY *eckey; - if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); - return 0; - } - EVP_PKEY_assign_EC_KEY(pkey, eckey); - return 1; -} - -static int eckey_param_encode(const EVP_PKEY *pkey, uint8_t **pder) { - return i2d_ECParameters(pkey->pkey.ec, pder); -} - static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) { return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0); @@ -500,8 +485,6 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { int_ec_size, ec_bits, - eckey_param_decode, - eckey_param_encode, ec_missing_parameters, ec_copy_parameters, ec_cmp_parameters, diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c index 83da7df4..e2362e02 100644 --- a/crypto/evp/p_rsa_asn1.c +++ b/crypto/evp/p_rsa_asn1.c @@ -728,7 +728,7 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { int_rsa_size, rsa_bits, - 0,0,0,0,0,0, + 0,0,0,0, rsa_sig_print, int_rsa_free, diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 733d0159..deaf26ab 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -163,24 +163,6 @@ static int check_pem(const char *nm, const char *name) return 0; } - if (!strcmp(name, PEM_STRING_PARAMETERS)) { - int slen; - const EVP_PKEY_ASN1_METHOD *ameth; - slen = pem_check_suffix(nm, "PARAMETERS"); - if (slen > 0) { - ENGINE *e; - ameth = EVP_PKEY_asn1_find_str(&e, nm, slen); - if (ameth) { - int r; - if (ameth->param_decode) - r = 1; - else - r = 0; - return r; - } - } - return 0; - } /* Permit older strings */ if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509)) diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index c60f22cc..4cac7c28 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -160,78 +160,6 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, pem_str, bp, x, enc, kstr, klen, cb, u); } -static int public_key_type_from_str(const char *name, size_t len) -{ - if (len == 3 && memcmp(name, "RSA", 3) == 0) { - return EVP_PKEY_RSA; - } else if (len == 2 && memcmp(name, "DH", 2) == 0) { - return EVP_PKEY_DH; - } else if (len == 2 && memcmp(name, "EC", 2) == 0) { - return EVP_PKEY_EC; - } - return NID_undef; -} - -static int set_pkey_type_from_str(EVP_PKEY *pkey, const char *name, - size_t len) -{ - int nid = public_key_type_from_str(name, len); - if (nid == NID_undef) { - return 0; - } - return EVP_PKEY_set_type(pkey, nid); -} - -EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) -{ - char *nm = NULL; - const unsigned char *p = NULL; - unsigned char *data = NULL; - long len; - int slen; - EVP_PKEY *ret = NULL; - - if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS, - bp, 0, NULL)) - return NULL; - p = data; - - if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) { - ret = EVP_PKEY_new(); - if (!ret) - goto err; - if (!set_pkey_type_from_str(ret, nm, slen) - || !ret->ameth->param_decode - || !ret->ameth->param_decode(ret, &p, len)) { - EVP_PKEY_free(ret); - ret = NULL; - goto err; - } - if (x) { - if (*x) - EVP_PKEY_free((EVP_PKEY *)*x); - *x = ret; - } - } - err: - if (ret == NULL) - OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); - OPENSSL_free(nm); - OPENSSL_free(data); - return (ret); -} - -int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x) -{ - char pem_str[80]; - if (!x->ameth || !x->ameth->param_encode) - return 0; - - BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str); - return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode, - pem_str, bp, x, NULL, NULL, 0, 0, NULL); -} - #ifndef OPENSSL_NO_FP_API EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) diff --git a/include/openssl/pem.h b/include/openssl/pem.h index a6687a69..c233a501 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -129,7 +129,6 @@ extern "C" { #define PEM_STRING_DSAPARAMS "DSA PARAMETERS" #define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" #define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" -#define PEM_STRING_PARAMETERS "PARAMETERS" #define PEM_STRING_CMS "CMS" /* Note that this structure is initialised by PEM_SealInit and cleaned up @@ -477,10 +476,6 @@ OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_pass OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, char *kstr,int klen, pem_password_cb *cd, void *u); -OPENSSL_EXPORT EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); -OPENSSL_EXPORT int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); - - OPENSSL_EXPORT EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); OPENSSL_EXPORT EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); OPENSSL_EXPORT EVP_PKEY *b2i_PrivateKey_bio(BIO *in);