Commit a82bb34662 for openssl.org
commit a82bb34662efe1019dc656675b1642ee0b42fe2f
Author: Matt Caswell <matt@openssl.org>
Date: Fri Dec 19 11:32:23 2025 +0000
Remove legacy method deadcode for EVP_MD implementations
Remove the legacy EVP_MD implementation functions. These are no longer
used due to providers. This code is now unreachable due to the removal of
the functions related to custom EVP_MD methods.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29460)
diff --git a/crypto/evp/legacy_blake2.c b/crypto/evp/legacy_blake2.c
index af8ad536fa..c3032c3051 100644
--- a/crypto/evp/legacy_blake2.c
+++ b/crypto/evp/legacy_blake2.c
@@ -11,40 +11,13 @@
#include "prov/blake2.h" /* diverse BLAKE2 macros */
#include "legacy_meth.h"
-/*
- * Local hack to adapt the BLAKE2 init functions to what the
- * legacy function signatures demand.
- */
-static int blake2s_init(BLAKE2S_CTX *C)
-{
- BLAKE2S_PARAM P;
-
- ossl_blake2s_param_init(&P);
- return ossl_blake2s_init(C, &P);
-}
-static int blake2b_init(BLAKE2B_CTX *C)
-{
- BLAKE2B_PARAM P;
-
- ossl_blake2b_param_init(&P);
- return ossl_blake2b_init(C, &P);
-}
-#define blake2s_update ossl_blake2s_update
-#define blake2b_update ossl_blake2b_update
-#define blake2s_final ossl_blake2s_final
-#define blake2b_final ossl_blake2b_final
-
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(blake2s_int, blake2s)
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(blake2b_int, blake2b)
-
static const EVP_MD blake2b_md = {
NID_blake2b512,
0,
BLAKE2B_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(blake2b_int_init, blake2b_int_update,
- blake2b_int_final, NULL, BLAKE2B_BLOCKBYTES),
+ LEGACY_EVP_MD_METH_TABLE(BLAKE2B_BLOCKBYTES),
};
const EVP_MD *EVP_blake2b512(void)
@@ -58,8 +31,7 @@ static const EVP_MD blake2s_md = {
BLAKE2S_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(blake2s_int_init, blake2s_int_update,
- blake2s_int_final, NULL, BLAKE2S_BLOCKBYTES),
+ LEGACY_EVP_MD_METH_TABLE(BLAKE2S_BLOCKBYTES),
};
const EVP_MD *EVP_blake2s256(void)
diff --git a/crypto/evp/legacy_md2.c b/crypto/evp/legacy_md2.c
index 72cc99ad70..1416211a4c 100644
--- a/crypto/evp/legacy_md2.c
+++ b/crypto/evp/legacy_md2.c
@@ -7,25 +7,17 @@
* https://www.openssl.org/source/license.html
*/
-/*
- * MD2 low level APIs are deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
#include <openssl/md2.h>
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(md2, MD2)
-
static const EVP_MD md2_md = {
NID_md2,
NID_md2WithRSAEncryption,
MD2_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(md2_init, md2_update, md2_final, NULL, MD2_BLOCK)
+ LEGACY_EVP_MD_METH_TABLE(MD2_BLOCK)
};
const EVP_MD *EVP_md2(void)
diff --git a/crypto/evp/legacy_md4.c b/crypto/evp/legacy_md4.c
index 4bc852b520..c95162d11b 100644
--- a/crypto/evp/legacy_md4.c
+++ b/crypto/evp/legacy_md4.c
@@ -17,15 +17,13 @@
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(md4, MD4)
-
static const EVP_MD md4_md = {
NID_md4,
NID_md4WithRSAEncryption,
MD4_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(md4_init, md4_update, md4_final, NULL, MD4_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(MD4_CBLOCK),
};
const EVP_MD *EVP_md4(void)
diff --git a/crypto/evp/legacy_md5.c b/crypto/evp/legacy_md5.c
index a67be9fef7..43703fa5f6 100644
--- a/crypto/evp/legacy_md5.c
+++ b/crypto/evp/legacy_md5.c
@@ -17,15 +17,13 @@
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(md5, MD5)
-
static const EVP_MD md5_md = {
NID_md5,
NID_md5WithRSAEncryption,
MD5_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(md5_init, md5_update, md5_final, NULL, MD5_CBLOCK)
+ LEGACY_EVP_MD_METH_TABLE(MD5_CBLOCK)
};
const EVP_MD *EVP_md5(void)
diff --git a/crypto/evp/legacy_md5_sha1.c b/crypto/evp/legacy_md5_sha1.c
index 62947f8b9a..aa6b58e9a9 100644
--- a/crypto/evp/legacy_md5_sha1.c
+++ b/crypto/evp/legacy_md5_sha1.c
@@ -18,21 +18,13 @@
#include "prov/md5_sha1.h" /* diverse MD5_SHA1 macros */
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(md5_sha1_int, ossl_md5_sha1)
-static int md5_sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
-{
- return ossl_md5_sha1_ctrl(EVP_MD_CTX_get0_md_data(ctx), cmd, mslen, ms);
-}
-
static const EVP_MD md5_sha1_md = {
NID_md5_sha1,
NID_md5_sha1,
MD5_SHA1_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(md5_sha1_int_init, md5_sha1_int_update,
- md5_sha1_int_final, md5_sha1_int_ctrl,
- MD5_SHA1_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(MD5_SHA1_CBLOCK),
};
const EVP_MD *EVP_md5_sha1(void)
diff --git a/crypto/evp/legacy_mdc2.c b/crypto/evp/legacy_mdc2.c
index 2ad432426c..f596de1781 100644
--- a/crypto/evp/legacy_mdc2.c
+++ b/crypto/evp/legacy_mdc2.c
@@ -17,16 +17,13 @@
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(mdc2, MDC2)
-
static const EVP_MD mdc2_md = {
NID_mdc2,
NID_mdc2WithRSA,
MDC2_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(mdc2_init, mdc2_update, mdc2_final, NULL,
- MDC2_BLOCK),
+ LEGACY_EVP_MD_METH_TABLE(MDC2_BLOCK),
};
const EVP_MD *EVP_mdc2(void)
diff --git a/crypto/evp/legacy_meth.h b/crypto/evp/legacy_meth.h
index ea1e84c7e7..66107b1b8f 100644
--- a/crypto/evp/legacy_meth.h
+++ b/crypto/evp/legacy_meth.h
@@ -35,5 +35,5 @@
return fn##_final(md, EVP_MD_CTX_get0_md_data(ctx)); \
}
-#define LEGACY_EVP_MD_METH_TABLE(init, update, final, ctrl, blksz) \
- init, update, final, NULL, NULL, blksz, 0, ctrl
+#define LEGACY_EVP_MD_METH_TABLE(blksz) \
+ NULL, NULL, NULL, NULL, NULL, blksz, 0, NULL
diff --git a/crypto/evp/legacy_ripemd.c b/crypto/evp/legacy_ripemd.c
index 80f551a97d..8fa38abfe7 100644
--- a/crypto/evp/legacy_ripemd.c
+++ b/crypto/evp/legacy_ripemd.c
@@ -17,16 +17,13 @@
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(ripe, RIPEMD160)
-
static const EVP_MD ripemd160_md = {
NID_ripemd160,
NID_ripemd160WithRSA,
RIPEMD160_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(ripe_init, ripe_update, ripe_final, NULL,
- RIPEMD160_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(RIPEMD160_CBLOCK)
};
const EVP_MD *EVP_ripemd160(void)
diff --git a/crypto/evp/legacy_sha.c b/crypto/evp/legacy_sha.c
index 0c1a74de30..20a5766715 100644
--- a/crypto/evp/legacy_sha.c
+++ b/crypto/evp/legacy_sha.c
@@ -21,80 +21,13 @@
#include "legacy_meth.h"
#include "evp_local.h"
-/*-
- * LEGACY methods for SHA.
- * These only remain to support engines that can get these methods.
- * Hardware support for SHA3 has been removed from these legacy cases.
- */
-#define IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(nm, fn, tag) \
- static int nm##_init(EVP_MD_CTX *ctx) \
- { \
- return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
- } \
- static int nm##_update(EVP_MD_CTX *ctx, const void *data, size_t count) \
- { \
- return fn##_update(EVP_MD_CTX_get0_md_data(ctx), data, count); \
- } \
- static int nm##_final(EVP_MD_CTX *ctx, unsigned char *md) \
- { \
- KECCAK1600_CTX *kctx = EVP_MD_CTX_get0_md_data(ctx); \
- return fn##_final(kctx, md, kctx->md_size); \
- }
-#define IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(nm, fn, tag) \
- static int nm##_init(EVP_MD_CTX *ctx) \
- { \
- return fn##_init(EVP_MD_CTX_get0_md_data(ctx), tag, ctx->digest->md_size * 8); \
- }
-
-#define sha512_224_Init sha512_224_init
-#define sha512_256_Init sha512_256_init
-
-#define sha512_224_Update SHA512_Update
-#define sha512_224_Final SHA512_Final
-#define sha512_256_Update SHA512_Update
-#define sha512_256_Final SHA512_Final
-
-IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha256, SHA256)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha384, SHA384)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512, SHA512)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512_224_int, sha512_224)
-IMPLEMENT_LEGACY_EVP_MD_METH(sha512_256_int, sha512_256)
-IMPLEMENT_LEGACY_EVP_MD_METH_SHA3(sha3_int, ossl_sha3, '\x06')
-IMPLEMENT_LEGACY_EVP_MD_METH_SHAKE(shake, ossl_sha3, '\x1f')
-
-static int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
-{
- return ossl_sha1_ctrl(ctx != NULL ? EVP_MD_CTX_get0_md_data(ctx) : NULL,
- cmd, p1, p2);
-}
-
-static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
-{
- KECCAK1600_CTX *ctx;
-
- if (evp_ctx == NULL)
- return 0;
- ctx = evp_ctx->md_data;
-
- switch (cmd) {
- case EVP_MD_CTRL_XOF_LEN:
- ctx->md_size = p1;
- return 1;
- default:
- return 0;
- }
-}
-
static const EVP_MD sha1_md = {
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha1_init, sha1_update, sha1_final, sha1_int_ctrl,
- SHA_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA_CBLOCK)
};
const EVP_MD *EVP_sha1(void)
@@ -108,8 +41,7 @@ static const EVP_MD sha224_md = {
SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha224_init, sha224_update, sha224_final, NULL,
- SHA256_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA256_CBLOCK)
};
const EVP_MD *EVP_sha224(void)
@@ -123,8 +55,7 @@ static const EVP_MD sha256_md = {
SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha256_init, sha256_update, sha256_final, NULL,
- SHA256_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA256_CBLOCK)
};
const EVP_MD *EVP_sha256(void)
@@ -138,8 +69,7 @@ static const EVP_MD sha512_224_md = {
SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha512_224_int_init, sha512_224_int_update,
- sha512_224_int_final, NULL, SHA512_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
};
const EVP_MD *EVP_sha512_224(void)
@@ -153,8 +83,7 @@ static const EVP_MD sha512_256_md = {
SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha512_256_int_init, sha512_256_int_update,
- sha512_256_int_final, NULL, SHA512_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
};
const EVP_MD *EVP_sha512_256(void)
@@ -168,8 +97,7 @@ static const EVP_MD sha384_md = {
SHA384_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha384_init, sha384_update, sha384_final, NULL,
- SHA512_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK)
};
const EVP_MD *EVP_sha384(void)
@@ -183,8 +111,7 @@ static const EVP_MD sha512_md = {
SHA512_DIGEST_LENGTH,
EVP_MD_FLAG_DIGALGID_ABSENT,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sha512_init, sha512_update, sha512_final, NULL,
- SHA512_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SHA512_CBLOCK),
};
const EVP_MD *EVP_sha512(void)
@@ -192,34 +119,31 @@ const EVP_MD *EVP_sha512(void)
return &sha512_md;
}
-#define EVP_MD_SHA3(bitlen) \
- const EVP_MD *EVP_sha3_##bitlen(void) \
- { \
- static const EVP_MD sha3_##bitlen##_md = { \
- NID_sha3_##bitlen, \
- NID_RSA_SHA3_##bitlen, \
- bitlen / 8, \
- EVP_MD_FLAG_DIGALGID_ABSENT, \
- EVP_ORIG_GLOBAL, \
- LEGACY_EVP_MD_METH_TABLE(sha3_int_init, sha3_int_update, \
- sha3_int_final, NULL, \
- (KECCAK1600_WIDTH - bitlen * 2) / 8), \
- }; \
- return &sha3_##bitlen##_md; \
+#define EVP_MD_SHA3(bitlen) \
+ const EVP_MD *EVP_sha3_##bitlen(void) \
+ { \
+ static const EVP_MD sha3_##bitlen##_md = { \
+ NID_sha3_##bitlen, \
+ NID_RSA_SHA3_##bitlen, \
+ bitlen / 8, \
+ EVP_MD_FLAG_DIGALGID_ABSENT, \
+ EVP_ORIG_GLOBAL, \
+ LEGACY_EVP_MD_METH_TABLE((KECCAK1600_WIDTH - bitlen * 2) / 8) \
+ }; \
+ return &sha3_##bitlen##_md; \
}
-#define EVP_MD_SHAKE(bitlen) \
- const EVP_MD *EVP_shake##bitlen(void) \
- { \
- static const EVP_MD shake##bitlen##_md = { \
- NID_shake##bitlen, \
- 0, \
- bitlen / 8, \
- EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT, \
- EVP_ORIG_GLOBAL, \
- LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final, \
- shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8), \
- }; \
- return &shake##bitlen##_md; \
+#define EVP_MD_SHAKE(bitlen) \
+ const EVP_MD *EVP_shake##bitlen(void) \
+ { \
+ static const EVP_MD shake##bitlen##_md = { \
+ NID_shake##bitlen, \
+ 0, \
+ bitlen / 8, \
+ EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT, \
+ EVP_ORIG_GLOBAL, \
+ LEGACY_EVP_MD_METH_TABLE((KECCAK1600_WIDTH - bitlen * 2) / 8) \
+ }; \
+ return &shake##bitlen##_md; \
}
EVP_MD_SHA3(224)
diff --git a/crypto/evp/legacy_wp.c b/crypto/evp/legacy_wp.c
index 21865e6350..7a1f4d253f 100644
--- a/crypto/evp/legacy_wp.c
+++ b/crypto/evp/legacy_wp.c
@@ -17,16 +17,13 @@
#include "crypto/evp.h"
#include "legacy_meth.h"
-IMPLEMENT_LEGACY_EVP_MD_METH(wp, WHIRLPOOL)
-
static const EVP_MD whirlpool_md = {
NID_whirlpool,
0,
WHIRLPOOL_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(wp_init, wp_update, wp_final, NULL,
- WHIRLPOOL_BBLOCK / 8),
+ LEGACY_EVP_MD_METH_TABLE(WHIRLPOOL_BBLOCK / 8)
};
const EVP_MD *EVP_whirlpool(void)
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
index 7b310d7047..316b964fc0 100644
--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -14,34 +14,12 @@
#include <openssl/x509.h>
#include "crypto/evp.h"
-static int init(EVP_MD_CTX *ctx)
-{
- return 1;
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return 1;
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return 1;
-}
-
static const EVP_MD null_md = {
NID_undef,
NID_undef,
0,
0,
- EVP_ORIG_GLOBAL,
- init,
- update,
- final,
- NULL,
- NULL,
- 0,
- sizeof(EVP_MD *),
+ EVP_ORIG_GLOBAL
};
const EVP_MD *EVP_md_null(void)
diff --git a/crypto/sm3/legacy_sm3.c b/crypto/sm3/legacy_sm3.c
index 7f5ee97807..df3a474a55 100644
--- a/crypto/sm3/legacy_sm3.c
+++ b/crypto/sm3/legacy_sm3.c
@@ -12,16 +12,13 @@
#include "../evp/legacy_meth.h"
#include "internal/sm3.h"
-IMPLEMENT_LEGACY_EVP_MD_METH_LC(sm3_int, ossl_sm3)
-
static const EVP_MD sm3_md = {
NID_sm3,
NID_sm3WithRSAEncryption,
SM3_DIGEST_LENGTH,
0,
EVP_ORIG_GLOBAL,
- LEGACY_EVP_MD_METH_TABLE(sm3_int_init, sm3_int_update, sm3_int_final, NULL,
- SM3_CBLOCK),
+ LEGACY_EVP_MD_METH_TABLE(SM3_CBLOCK)
};
const EVP_MD *EVP_sm3(void)