Commit f3f70e170f for openssl.org
commit f3f70e170fdd14d5c7575f26a42c3b9c5a177656
Author: Matt Caswell <matt@openssl.org>
Date: Thu Dec 11 12:29:29 2025 +0000
Remove custom EVP_PKEY_METHODs
We retain custom EVP_PKEY_ASN1_METHODs for now - to be removed in some
subsequent PR.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
diff --git a/apps/list.c b/apps/list.c
index e4825ae3b1..f735101aab 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -1274,23 +1274,6 @@ static void list_pkey(void)
static void list_pkey_meth(void)
{
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- size_t i;
- size_t meth_count = EVP_PKEY_meth_get_count();
-
- if (select_name == NULL && include_legacy()) {
- BIO_printf(bio_out, "Legacy:\n");
- for (i = 0; i < meth_count; i++) {
- const EVP_PKEY_METHOD *pmeth = EVP_PKEY_meth_get0(i);
- int pkey_id, pkey_flags;
-
- EVP_PKEY_meth_get0_info(&pkey_id, &pkey_flags, pmeth);
- BIO_printf(bio_out, " %s\n", OBJ_nid2ln(pkey_id));
- BIO_printf(bio_out, "\tType: %s Algorithm\n",
- pkey_flags & ASN1_PKEY_DYNAMIC ? "External" : "Builtin");
- }
- }
-#endif
BIO_printf(bio_out, "Provided:\n");
BIO_printf(bio_out, " Encryption:\n");
list_asymciphers();
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 0129732542..81029feb87 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -190,8 +190,6 @@ void evp_cleanup_int(void)
EVP_PBE_cleanup();
OBJ_sigid_free();
-
- evp_app_cleanup_int();
}
struct doall_cipher {
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 70abf69b81..22e7259b2d 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -46,91 +46,6 @@ static void evp_pkey_ctx_free_all_cached_data(EVP_PKEY_CTX *ctx);
typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
-static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
-
-/* This array needs to be in order of NIDs */
-static pmeth_fn standard_methods[] = {
- ossl_rsa_pkey_method,
-#ifndef OPENSSL_NO_DH
- ossl_dh_pkey_method,
-#endif
-#ifndef OPENSSL_NO_DSA
- ossl_dsa_pkey_method,
-#endif
-#ifndef OPENSSL_NO_EC
- ossl_ec_pkey_method,
-#endif
- ossl_rsa_pss_pkey_method,
-#ifndef OPENSSL_NO_DH
- ossl_dhx_pkey_method,
-#endif
-#ifndef OPENSSL_NO_ECX
- ossl_ecx25519_pkey_method,
- ossl_ecx448_pkey_method,
- ossl_ed25519_pkey_method,
- ossl_ed448_pkey_method,
-#endif
-};
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
-
-static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b)
-{
- return ((*a)->pkey_id - ((**b)())->pkey_id);
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
-
-static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
- const EVP_PKEY_METHOD *const *b)
-{
- return ((*a)->pkey_id - (*b)->pkey_id);
-}
-
-static const EVP_PKEY_METHOD *evp_pkey_meth_find_added_by_application(int type)
-{
- if (app_pkey_methods != NULL) {
- int idx;
- EVP_PKEY_METHOD tmp;
-
- tmp.pkey_id = type;
- idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
- if (idx >= 0)
- return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
- }
- return NULL;
-}
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
-{
- pmeth_fn *ret;
- EVP_PKEY_METHOD tmp;
- const EVP_PKEY_METHOD *t;
-
- if ((t = evp_pkey_meth_find_added_by_application(type)) != NULL)
- return t;
-
- tmp.pkey_id = type;
- t = &tmp;
- ret = OBJ_bsearch_pmeth_func(&t, standard_methods,
- OSSL_NELEM(standard_methods));
- if (ret == NULL || *ret == NULL)
- return NULL;
- return (**ret)();
-}
-
-EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
-{
- EVP_PKEY_METHOD *pmeth;
-
- pmeth = OPENSSL_zalloc(sizeof(*pmeth));
- if (pmeth == NULL)
- return NULL;
-
- pmeth->pkey_id = id;
- pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
- return pmeth;
-}
#endif /* FIPS_MODULE */
int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx)
@@ -159,7 +74,6 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey,
{
EVP_PKEY_CTX *ret = NULL;
- const EVP_PKEY_METHOD *pmeth = NULL, *app_pmeth = NULL;
EVP_KEYMGMT *keymgmt = NULL;
/* Code below to be removed when legacy support is dropped. */
@@ -181,9 +95,6 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey,
#endif
}
}
- /* If no ID was found here, we can only resort to find a keymgmt */
- if (id == -1)
- goto common;
#ifndef FIPS_MODULE
/*
@@ -191,22 +102,16 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey,
* supporting usage with implementations from providers, to make
* for a smooth transition from legacy stuff to provider based stuff.
*/
- if (pkey == NULL || pkey->foreign == 0)
+ if (id != -1)
keytype = OBJ_nid2sn(id);
- if (pkey != NULL && pkey->foreign)
- pmeth = EVP_PKEY_meth_find(id);
- else
- app_pmeth = pmeth = evp_pkey_meth_find_added_by_application(id);
-
/* END legacy */
#endif /* FIPS_MODULE */
-common:
/*
* If there's no app supplied pmeth and there's a name, we try
* fetching a provider implementation.
*/
- if (app_pmeth == NULL && keytype != NULL) {
+ if (keytype != NULL) {
/*
* If |pkey| is given and is provided, we take a reference to its
* keymgmt. Otherwise, we fetch one for the keytype we got. This
@@ -254,7 +159,7 @@ common:
#endif
}
- if (pmeth == NULL && keymgmt == NULL) {
+ if (keymgmt == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM);
} else {
ret = OPENSSL_zalloc(sizeof(*ret));
@@ -276,7 +181,6 @@ common:
ret->keytype = keytype;
ret->keymgmt = keymgmt;
ret->legacy_keytype = id;
- ret->pmeth = pmeth;
ret->operation = EVP_PKEY_OP_UNDEFINED;
if (pkey != NULL && !EVP_PKEY_up_ref(pkey)) {
@@ -286,14 +190,6 @@ common:
ret->pkey = pkey;
- if (pmeth != NULL && pmeth->init != NULL) {
- if (pmeth->init(ret) <= 0) {
- ret->pmeth = NULL;
- EVP_PKEY_CTX_free(ret);
- return NULL;
- }
- }
-
return ret;
}
@@ -365,34 +261,6 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
}
#ifndef FIPS_MODULE
-
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
- const EVP_PKEY_METHOD *meth)
-{
- if (ppkey_id)
- *ppkey_id = meth->pkey_id;
- if (pflags)
- *pflags = meth->flags;
-}
-
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
-{
- int pkey_id = dst->pkey_id;
- int flags = dst->flags;
-
- *dst = *src;
-
- /* We only copy the function pointers so restore the other values */
- dst->pkey_id = pkey_id;
- dst->flags = flags;
-}
-
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
-{
- if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
- OPENSSL_free(pmeth);
-}
-
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
{
if (!ossl_assert(e == NULL))
@@ -558,59 +426,6 @@ err:
EVP_PKEY_CTX_free(rctx);
return NULL;
}
-
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
-{
- if (app_pkey_methods == NULL) {
- app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
- if (app_pkey_methods == NULL) {
- ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
- return 0;
- }
- }
- if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {
- ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
- return 0;
- }
- sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
- return 1;
-}
-
-void evp_app_cleanup_int(void)
-{
- if (app_pkey_methods != NULL)
- sk_EVP_PKEY_METHOD_pop_free(app_pkey_methods, EVP_PKEY_meth_free);
-}
-
-int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth)
-{
- const EVP_PKEY_METHOD *ret;
-
- ret = sk_EVP_PKEY_METHOD_delete_ptr(app_pkey_methods, pmeth);
-
- return ret == NULL ? 0 : 1;
-}
-
-size_t EVP_PKEY_meth_get_count(void)
-{
- size_t rv = OSSL_NELEM(standard_methods);
-
- if (app_pkey_methods)
- rv += sk_EVP_PKEY_METHOD_num(app_pkey_methods);
- return rv;
-}
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx)
-{
- if (idx < OSSL_NELEM(standard_methods))
- return (standard_methods[idx])();
- if (app_pkey_methods == NULL)
- return NULL;
- idx -= OSSL_NELEM(standard_methods);
- if (idx >= (size_t)sk_EVP_PKEY_METHOD_num(app_pkey_methods))
- return NULL;
- return sk_EVP_PKEY_METHOD_value(app_pkey_methods, (int)idx);
-}
#endif
int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype)
@@ -1612,401 +1427,4 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
{
return ctx->app_data;
}
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
- int (*init)(EVP_PKEY_CTX *ctx))
-{
- pmeth->init = init;
-}
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
- int (*copy)(EVP_PKEY_CTX *dst,
- const EVP_PKEY_CTX *src))
-{
- pmeth->copy = copy;
-}
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
- void (*cleanup)(EVP_PKEY_CTX *ctx))
-{
- pmeth->cleanup = cleanup;
-}
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
- int (*paramgen_init)(EVP_PKEY_CTX *ctx),
- int (*paramgen)(EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey))
-{
- pmeth->paramgen_init = paramgen_init;
- pmeth->paramgen = paramgen;
-}
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
- int (*keygen_init)(EVP_PKEY_CTX *ctx),
- int (*keygen)(EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey))
-{
- pmeth->keygen_init = keygen_init;
- pmeth->keygen = keygen;
-}
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
- int (*sign_init)(EVP_PKEY_CTX *ctx),
- int (*sign)(EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- pmeth->sign_init = sign_init;
- pmeth->sign = sign;
-}
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
- int (*verify_init)(EVP_PKEY_CTX *ctx),
- int (*verify)(EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- pmeth->verify_init = verify_init;
- pmeth->verify = verify;
-}
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
- int (*verify_recover_init)(EVP_PKEY_CTX
- *ctx),
- int (*verify_recover)(EVP_PKEY_CTX
- *ctx,
- unsigned char
- *sig,
- size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- pmeth->verify_recover_init = verify_recover_init;
- pmeth->verify_recover = verify_recover;
-}
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
- int (*signctx_init)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (*signctx)(EVP_PKEY_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- EVP_MD_CTX *mctx))
-{
- pmeth->signctx_init = signctx_init;
- pmeth->signctx = signctx;
-}
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
- int (*verifyctx_init)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (*verifyctx)(EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- int siglen,
- EVP_MD_CTX *mctx))
-{
- pmeth->verifyctx_init = verifyctx_init;
- pmeth->verifyctx = verifyctx;
-}
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
- int (*encrypt_init)(EVP_PKEY_CTX *ctx),
- int (*encryptfn)(EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen))
-{
- pmeth->encrypt_init = encrypt_init;
- pmeth->encrypt = encryptfn;
-}
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
- int (*decrypt_init)(EVP_PKEY_CTX *ctx),
- int (*decrypt)(EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen))
-{
- pmeth->decrypt_init = decrypt_init;
- pmeth->decrypt = decrypt;
-}
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
- int (*derive_init)(EVP_PKEY_CTX *ctx),
- int (*derive)(EVP_PKEY_CTX *ctx,
- unsigned char *key,
- size_t *keylen))
-{
- pmeth->derive_init = derive_init;
- pmeth->derive = derive;
-}
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
- int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1,
- void *p2),
- int (*ctrl_str)(EVP_PKEY_CTX *ctx,
- const char *type,
- const char *value))
-{
- pmeth->ctrl = ctrl;
- pmeth->ctrl_str = ctrl_str;
-}
-
-void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
- int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen))
-{
- pmeth->digestsign = digestsign;
-}
-
-void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
- int (*digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen))
-{
- pmeth->digestverify = digestverify;
-}
-
-void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
- int (*check)(EVP_PKEY *pkey))
-{
- pmeth->check = check;
-}
-
-void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
- int (*check)(EVP_PKEY *pkey))
-{
- pmeth->public_check = check;
-}
-
-void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
- int (*check)(EVP_PKEY *pkey))
-{
- pmeth->param_check = check;
-}
-
-void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
- int (*digest_custom)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx))
-{
- pmeth->digest_custom = digest_custom;
-}
-
-void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
- int (**pinit)(EVP_PKEY_CTX *ctx))
-{
- *pinit = pmeth->init;
-}
-
-void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
- int (**pcopy)(EVP_PKEY_CTX *dst,
- const EVP_PKEY_CTX *src))
-{
- *pcopy = pmeth->copy;
-}
-
-void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
- void (**pcleanup)(EVP_PKEY_CTX *ctx))
-{
- *pcleanup = pmeth->cleanup;
-}
-
-void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
- int (**pparamgen_init)(EVP_PKEY_CTX *ctx),
- int (**pparamgen)(EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey))
-{
- if (pparamgen_init)
- *pparamgen_init = pmeth->paramgen_init;
- if (pparamgen)
- *pparamgen = pmeth->paramgen;
-}
-
-void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
- int (**pkeygen_init)(EVP_PKEY_CTX *ctx),
- int (**pkeygen)(EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey))
-{
- if (pkeygen_init)
- *pkeygen_init = pmeth->keygen_init;
- if (pkeygen)
- *pkeygen = pmeth->keygen;
-}
-
-void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
- int (**psign_init)(EVP_PKEY_CTX *ctx),
- int (**psign)(EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- if (psign_init)
- *psign_init = pmeth->sign_init;
- if (psign)
- *psign = pmeth->sign;
-}
-
-void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
- int (**pverify_init)(EVP_PKEY_CTX *ctx),
- int (**pverify)(EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- if (pverify_init)
- *pverify_init = pmeth->verify_init;
- if (pverify)
- *pverify = pmeth->verify;
-}
-
-void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
- int (**pverify_recover_init)(EVP_PKEY_CTX
- *ctx),
- int (**pverify_recover)(EVP_PKEY_CTX
- *ctx,
- unsigned char
- *sig,
- size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen))
-{
- if (pverify_recover_init)
- *pverify_recover_init = pmeth->verify_recover_init;
- if (pverify_recover)
- *pverify_recover = pmeth->verify_recover;
-}
-
-void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
- int (**psignctx_init)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (**psignctx)(EVP_PKEY_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- EVP_MD_CTX *mctx))
-{
- if (psignctx_init)
- *psignctx_init = pmeth->signctx_init;
- if (psignctx)
- *psignctx = pmeth->signctx;
-}
-
-void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
- int (**pverifyctx_init)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (**pverifyctx)(EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- int siglen,
- EVP_MD_CTX *mctx))
-{
- if (pverifyctx_init)
- *pverifyctx_init = pmeth->verifyctx_init;
- if (pverifyctx)
- *pverifyctx = pmeth->verifyctx;
-}
-
-void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
- int (**pencrypt_init)(EVP_PKEY_CTX *ctx),
- int (**pencryptfn)(EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen))
-{
- if (pencrypt_init)
- *pencrypt_init = pmeth->encrypt_init;
- if (pencryptfn)
- *pencryptfn = pmeth->encrypt;
-}
-
-void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
- int (**pdecrypt_init)(EVP_PKEY_CTX *ctx),
- int (**pdecrypt)(EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen))
-{
- if (pdecrypt_init)
- *pdecrypt_init = pmeth->decrypt_init;
- if (pdecrypt)
- *pdecrypt = pmeth->decrypt;
-}
-
-void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
- int (**pderive_init)(EVP_PKEY_CTX *ctx),
- int (**pderive)(EVP_PKEY_CTX *ctx,
- unsigned char *key,
- size_t *keylen))
-{
- if (pderive_init)
- *pderive_init = pmeth->derive_init;
- if (pderive)
- *pderive = pmeth->derive;
-}
-
-void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
- int (**pctrl)(EVP_PKEY_CTX *ctx, int type, int p1,
- void *p2),
- int (**pctrl_str)(EVP_PKEY_CTX *ctx,
- const char *type,
- const char *value))
-{
- if (pctrl)
- *pctrl = pmeth->ctrl;
- if (pctrl_str)
- *pctrl_str = pmeth->ctrl_str;
-}
-
-void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth,
- int (**digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen))
-{
- if (digestsign)
- *digestsign = pmeth->digestsign;
-}
-
-void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth,
- int (**digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen))
-{
- if (digestverify)
- *digestverify = pmeth->digestverify;
-}
-
-void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck)(EVP_PKEY *pkey))
-{
- if (pcheck != NULL)
- *pcheck = pmeth->check;
-}
-
-void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck)(EVP_PKEY *pkey))
-{
- if (pcheck != NULL)
- *pcheck = pmeth->public_check;
-}
-
-void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck)(EVP_PKEY *pkey))
-{
- if (pcheck != NULL)
- *pcheck = pmeth->param_check;
-}
-
-void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth,
- int (**pdigest_custom)(EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx))
-{
- if (pdigest_custom != NULL)
- *pdigest_custom = pmeth->digest_custom;
-}
-
#endif /* FIPS_MODULE */
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 7d1c28b675..40d92d2852 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -767,7 +767,6 @@ struct evp_skey_st {
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void evp_cleanup_int(void);
-void evp_app_cleanup_int(void);
void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
EVP_KEYMGMT **keymgmt,
const char *propquery);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 0114e1bafe..b00c2044c0 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1733,19 +1733,6 @@ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
* Method handles all operations: don't assume any digest related defaults.
*/
#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
-OSSL_DEPRECATEDIN_3_0 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
- const EVP_PKEY_METHOD *meth);
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst,
- const EVP_PKEY_METHOD *src);
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
-OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
-OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
-OSSL_DEPRECATEDIN_3_0 size_t EVP_PKEY_meth_get_count(void);
-OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
-#endif
EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
@@ -2039,103 +2026,6 @@ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
- int (*init)(EVP_PKEY_CTX *ctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup)(EVP_PKEY_CTX *ctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init)(EVP_PKEY_CTX *ctx),
- int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init)(EVP_PKEY_CTX *ctx),
- int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign_init)(EVP_PKEY_CTX *ctx),
- int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify_init)(EVP_PKEY_CTX *ctx),
- int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
- const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
- int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
- int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- EVP_MD_CTX *mctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
- int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
- EVP_MD_CTX *mctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encrypt_init)(EVP_PKEY_CTX *ctx),
- int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt_init)(EVP_PKEY_CTX *ctx),
- int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init)(EVP_PKEY_CTX *ctx),
- int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
- int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
- int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
- int (*digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth, int (*digest_custom)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, int (**pinit)(EVP_PKEY_CTX *ctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, int (**pcopy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth, void (**pcleanup)(EVP_PKEY_CTX *ctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth, int (**pparamgen_init)(EVP_PKEY_CTX *ctx),
- int (**pparamgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth, int (**pkeygen_init)(EVP_PKEY_CTX *ctx),
- int (**pkeygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth, int (**psign_init)(EVP_PKEY_CTX *ctx),
- int (**psign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth, int (**pverify_init)(EVP_PKEY_CTX *ctx),
- int (**pverify)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
- int (**pverify_recover_init)(EVP_PKEY_CTX *ctx),
- int (**pverify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
- int (**psignctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
- int (**psignctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- EVP_MD_CTX *mctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
- int (**pverifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
- int (**pverifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
- int siglen, EVP_MD_CTX *mctx));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth, int (**pencrypt_init)(EVP_PKEY_CTX *ctx),
- int (**pencryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth, int (**pdecrypt_init)(EVP_PKEY_CTX *ctx),
- int (**pdecrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth, int (**pderive_init)(EVP_PKEY_CTX *ctx),
- int (**pderive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
- int (**pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
- int (**pctrl_str)(EVP_PKEY_CTX *ctx, const char *type,
- const char *value));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth,
- int (**digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth,
- int (**digestverify)(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck)(EVP_PKEY *pkey));
-OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth,
- int (**pdigest_custom)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx));
-#endif
void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 870bc80cb7..9c94dc1b64 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -695,48 +695,6 @@ static const unsigned char kExampleED25519PubKeyDER[] = {
0xef, 0x5b, 0x7c, 0x20, 0xe8, 0x66, 0x28, 0x30, 0x3c, 0x8a, 0x82, 0x40,
0x97, 0xa3, 0x08, 0xdc, 0x65, 0x80, 0x39, 0x29
};
-
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-static const unsigned char kExampleX25519KeyDER[] = {
- 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x6e,
- 0x04, 0x22, 0x04, 0x20, 0xa0, 0x24, 0x3a, 0x31, 0x24, 0xc3, 0x3f, 0xf6,
- 0x7b, 0x96, 0x0b, 0xd4, 0x8f, 0xd1, 0xee, 0x67, 0xf2, 0x9b, 0x88, 0xac,
- 0x50, 0xce, 0x97, 0x36, 0xdd, 0xaf, 0x25, 0xf6, 0x10, 0x34, 0x96, 0x6e
-};
-#endif
-#endif
-#endif
-
-/* kExampleDHKeyDER is a DH private key in ASN.1, DER format. */
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-#ifndef OPENSSL_NO_DH
-static const unsigned char kExampleDHKeyDER[] = {
- 0x30, 0x82, 0x01, 0x21, 0x02, 0x01, 0x00, 0x30, 0x81, 0x95, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03, 0x01, 0x30, 0x81, 0x87,
- 0x02, 0x81, 0x81, 0x00, 0xf7, 0x52, 0xc2, 0x68, 0xcc, 0x66, 0xc4, 0x8d,
- 0x03, 0x3f, 0xfa, 0x9c, 0x52, 0xd0, 0xd8, 0x33, 0xf2, 0xe1, 0xc9, 0x9e,
- 0xb7, 0xe7, 0x6e, 0x90, 0x97, 0xeb, 0x92, 0x91, 0x6a, 0x9a, 0x85, 0x63,
- 0x92, 0x79, 0xab, 0xb6, 0x3d, 0x23, 0x58, 0x5a, 0xe8, 0x45, 0x06, 0x81,
- 0x97, 0x77, 0xe1, 0xcc, 0x34, 0x4e, 0xae, 0x36, 0x80, 0xf2, 0xc4, 0x7f,
- 0x8a, 0x52, 0xb8, 0xdb, 0x58, 0xc8, 0x4b, 0x12, 0x4c, 0xf1, 0x4c, 0x53,
- 0xc1, 0x89, 0x39, 0x8d, 0xb6, 0x06, 0xd8, 0xea, 0x7f, 0x2d, 0x36, 0x53,
- 0x96, 0x29, 0xbe, 0xb6, 0x75, 0xfc, 0xe7, 0xf3, 0x36, 0xd6, 0xf4, 0x8f,
- 0x16, 0xa6, 0xc7, 0xec, 0x7b, 0xce, 0x42, 0x8d, 0x48, 0x2e, 0xb7, 0x74,
- 0x00, 0x11, 0x52, 0x61, 0xb4, 0x19, 0x35, 0xec, 0x5c, 0xe4, 0xbe, 0x34,
- 0xc6, 0x59, 0x64, 0x5e, 0x42, 0x61, 0x70, 0x54, 0xf4, 0xe9, 0x6b, 0x53,
- 0x02, 0x01, 0x02, 0x04, 0x81, 0x83, 0x02, 0x81, 0x80, 0x64, 0xc2, 0xe3,
- 0x09, 0x69, 0x37, 0x3c, 0xd2, 0x4a, 0xba, 0xc3, 0x78, 0x6a, 0x9b, 0x8a,
- 0x2a, 0xdb, 0xe7, 0xe6, 0xc0, 0xfa, 0x3a, 0xbe, 0x39, 0x67, 0xc0, 0xa9,
- 0x2a, 0xf0, 0x0a, 0xc1, 0x53, 0x1c, 0xdb, 0xfa, 0x1a, 0x26, 0x98, 0xb0,
- 0x8c, 0xc6, 0x06, 0x4a, 0xa2, 0x48, 0xd3, 0xa4, 0x3b, 0xbd, 0x05, 0x48,
- 0xea, 0x59, 0xdb, 0x18, 0xa4, 0xca, 0x66, 0xd9, 0x5d, 0xb8, 0x95, 0xd1,
- 0xeb, 0x97, 0x3d, 0x66, 0x97, 0x5c, 0x86, 0x8f, 0x7e, 0x90, 0xd3, 0x43,
- 0xd1, 0xa2, 0x0d, 0xcb, 0xe7, 0xeb, 0x90, 0xea, 0x09, 0x40, 0xb1, 0x6f,
- 0xf7, 0x4c, 0xf2, 0x41, 0x83, 0x1d, 0xd0, 0x76, 0xef, 0xaf, 0x55, 0x6f,
- 0x5d, 0xa9, 0xa3, 0x55, 0x81, 0x2a, 0xd1, 0x5d, 0x9d, 0x22, 0x77, 0x97,
- 0x83, 0xde, 0xad, 0xb6, 0x5d, 0x19, 0xc1, 0x53, 0xec, 0xfb, 0xaf, 0x06,
- 0x2e, 0x87, 0x2a, 0x0b, 0x7a
-};
#endif
#endif
@@ -1106,30 +1064,6 @@ static int test_ml_dsa_seed_only(int idx)
}
#endif
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-#ifndef OPENSSL_NO_DH
-static EVP_PKEY *load_example_dh_key(void)
-{
- return load_example_key("DH", kExampleDHKeyDER,
- sizeof(kExampleDHKeyDER));
-}
-#endif
-
-#ifndef OPENSSL_NO_ECX
-static EVP_PKEY *load_example_ed25519_key(void)
-{
- return load_example_key("ED25519", kExampleED25519KeyDER,
- sizeof(kExampleED25519KeyDER));
-}
-
-static EVP_PKEY *load_example_x25519_key(void)
-{
- return load_example_key("X25519", kExampleX25519KeyDER,
- sizeof(kExampleX25519KeyDER));
-}
-#endif
-#endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
static EVP_PKEY *load_example_hmac_key(void)
{
EVP_PKEY *pkey = NULL;
@@ -3443,33 +3377,11 @@ static int test_set_get_raw_keys(int tst)
&& test_set_get_raw_keys_int(tst, 1, 1);
}
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-static int pkey_custom_check(EVP_PKEY *pkey)
-{
- return 0xbeef;
-}
-
-static int pkey_custom_pub_check(EVP_PKEY *pkey)
-{
- return 0xbeef;
-}
-
-static int pkey_custom_param_check(EVP_PKEY *pkey)
-{
- return 0xbeef;
-}
-
-static EVP_PKEY_METHOD *custom_pmeth;
-#endif
-
static int test_EVP_PKEY_check(int i)
{
int ret = 0;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- EVP_PKEY_CTX *ctx2 = NULL;
-#endif
const APK_DATA *ak = &keycheckdata[i];
const unsigned char *input = ak->kder;
size_t input_len = ak->size;
@@ -3497,31 +3409,10 @@ static int test_EVP_PKEY_check(int i)
if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
goto done;
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
- /* assign the pkey directly, as an internal test */
- if (!EVP_PKEY_up_ref(pkey))
- goto done;
-
- ctx2->pkey = pkey;
-
- if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
- goto done;
-
- if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
- goto done;
-
- if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
- goto done;
-#endif
-
ret = 1;
done:
EVP_PKEY_CTX_free(ctx);
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- EVP_PKEY_CTX_free(ctx2);
-#endif
EVP_PKEY_free(pkey);
return ret;
}
@@ -5736,261 +5627,6 @@ err:
return res;
}
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-static EVP_PKEY_METHOD *custom_pmeth = NULL;
-static const EVP_PKEY_METHOD *orig_pmeth = NULL;
-
-#define EVP_PKEY_CTRL_MY_COMMAND 9999
-
-static int custom_pmeth_init(EVP_PKEY_CTX *ctx)
-{
- int (*pinit)(EVP_PKEY_CTX *ctx);
-
- EVP_PKEY_meth_get_init(orig_pmeth, &pinit);
- return pinit(ctx);
-}
-
-static void custom_pmeth_cleanup(EVP_PKEY_CTX *ctx)
-{
- void (*pcleanup)(EVP_PKEY_CTX *ctx);
-
- EVP_PKEY_meth_get_cleanup(orig_pmeth, &pcleanup);
- pcleanup(ctx);
-}
-
-static int custom_pmeth_sign(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *in,
- size_t inlen)
-{
- int (*psign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
-
- EVP_PKEY_meth_get_sign(orig_pmeth, NULL, &psign);
- return psign(ctx, out, outlen, in, inlen);
-}
-
-static int custom_pmeth_digestsign(EVP_MD_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbslen)
-{
- int (*pdigestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
-
- EVP_PKEY_meth_get_digestsign(orig_pmeth, &pdigestsign);
- return pdigestsign(ctx, sig, siglen, tbs, tbslen);
-}
-
-static int custom_pmeth_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
- size_t *keylen)
-{
- int (*pderive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
- EVP_PKEY_meth_get_derive(orig_pmeth, NULL, &pderive);
- return pderive(ctx, key, keylen);
-}
-
-static int custom_pmeth_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
-{
- int (*pcopy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
-
- EVP_PKEY_meth_get_copy(orig_pmeth, &pcopy);
- return pcopy(dst, src);
-}
-
-static int ctrl_called;
-
-static int custom_pmeth_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
- int (*pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
-
- EVP_PKEY_meth_get_ctrl(orig_pmeth, &pctrl, NULL);
-
- if (type == EVP_PKEY_CTRL_MY_COMMAND) {
- ctrl_called = 1;
- return 1;
- }
-
- return pctrl(ctx, type, p1, p2);
-}
-
-static int test_custom_pmeth(int idx)
-{
- EVP_PKEY_CTX *pctx = NULL;
- EVP_MD_CTX *ctx = NULL;
- EVP_PKEY *pkey = NULL;
- int id, orig_id, orig_flags;
- int testresult = 0;
- size_t reslen;
- unsigned char *res = NULL;
- unsigned char msg[] = { 'H', 'e', 'l', 'l', 'o' };
- const EVP_MD *md = EVP_sha256();
- int doderive = 0;
-
- ctrl_called = 0;
-
- /* We call deprecated APIs so this test doesn't support a custom libctx */
- if (testctx != NULL)
- return 1;
-
- switch (idx) {
- case 0:
- case 6:
- id = EVP_PKEY_RSA;
- pkey = load_example_rsa_key();
- break;
- case 1:
- case 7:
-#ifndef OPENSSL_NO_DSA
- id = EVP_PKEY_DSA;
- pkey = load_example_dsa_key();
- break;
-#else
- return 1;
-#endif
- case 2:
- case 8:
-#ifndef OPENSSL_NO_EC
- id = EVP_PKEY_EC;
- pkey = load_example_ec_key();
- break;
-#else
- return 1;
-#endif
- case 3:
- case 9:
-#ifndef OPENSSL_NO_ECX
- id = EVP_PKEY_ED25519;
- md = NULL;
- pkey = load_example_ed25519_key();
- break;
-#else
- return 1;
-#endif
- case 4:
- case 10:
-#ifndef OPENSSL_NO_DH
- id = EVP_PKEY_DH;
- doderive = 1;
- pkey = load_example_dh_key();
- break;
-#else
- return 1;
-#endif
- case 5:
- case 11:
-#ifndef OPENSSL_NO_ECX
- id = EVP_PKEY_X25519;
- doderive = 1;
- pkey = load_example_x25519_key();
- break;
-#else
- return 1;
-#endif
- default:
- TEST_error("Should not happen");
- goto err;
- }
-
- if (!TEST_ptr(pkey))
- goto err;
-
- if (idx < 6) {
- if (!TEST_true(evp_pkey_is_provided(pkey)))
- goto err;
- } else {
- EVP_PKEY *tmp = pkey;
-
- /* Convert to a legacy key */
- pkey = EVP_PKEY_new();
- if (!TEST_ptr(pkey)) {
- pkey = tmp;
- goto err;
- }
- if (!TEST_true(evp_pkey_copy_downgraded(&pkey, tmp))) {
- EVP_PKEY_free(tmp);
- goto err;
- }
- EVP_PKEY_free(tmp);
- if (!TEST_true(evp_pkey_is_legacy(pkey)))
- goto err;
- }
-
- if (!TEST_ptr(orig_pmeth = EVP_PKEY_meth_find(id))
- || !TEST_ptr(pkey))
- goto err;
-
- EVP_PKEY_meth_get0_info(&orig_id, &orig_flags, orig_pmeth);
- if (!TEST_int_eq(orig_id, id)
- || !TEST_ptr(custom_pmeth = EVP_PKEY_meth_new(id, orig_flags)))
- goto err;
-
- if (id == EVP_PKEY_ED25519) {
- EVP_PKEY_meth_set_digestsign(custom_pmeth, custom_pmeth_digestsign);
- }
- if (id == EVP_PKEY_DH || id == EVP_PKEY_X25519) {
- EVP_PKEY_meth_set_derive(custom_pmeth, NULL, custom_pmeth_derive);
- } else {
- EVP_PKEY_meth_set_sign(custom_pmeth, NULL, custom_pmeth_sign);
- }
- if (id != EVP_PKEY_ED25519 && id != EVP_PKEY_X25519) {
- EVP_PKEY_meth_set_init(custom_pmeth, custom_pmeth_init);
- EVP_PKEY_meth_set_cleanup(custom_pmeth, custom_pmeth_cleanup);
- EVP_PKEY_meth_set_copy(custom_pmeth, custom_pmeth_copy);
- }
- EVP_PKEY_meth_set_ctrl(custom_pmeth, custom_pmeth_ctrl, NULL);
- if (!TEST_true(EVP_PKEY_meth_add0(custom_pmeth)))
- goto err;
-
- if (doderive) {
- pctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (!TEST_ptr(pctx)
- || !TEST_int_eq(EVP_PKEY_derive_init(pctx), 1)
- || !TEST_int_ge(EVP_PKEY_CTX_ctrl(pctx, -1, -1,
- EVP_PKEY_CTRL_MY_COMMAND, 0, NULL),
- 1)
- || !TEST_int_eq(ctrl_called, 1)
- || !TEST_int_ge(EVP_PKEY_derive_set_peer(pctx, pkey), 1)
- || !TEST_int_ge(EVP_PKEY_derive(pctx, NULL, &reslen), 1)
- || !TEST_ptr(res = OPENSSL_malloc(reslen))
- || !TEST_int_ge(EVP_PKEY_derive(pctx, res, &reslen), 1))
- goto err;
- } else {
- ctx = EVP_MD_CTX_new();
- reslen = EVP_PKEY_size(pkey);
- res = OPENSSL_malloc(reslen);
- if (!TEST_ptr(ctx)
- || !TEST_ptr(res)
- || !TEST_true(EVP_DigestSignInit(ctx, &pctx, md, NULL, pkey))
- || !TEST_int_ge(EVP_PKEY_CTX_ctrl(pctx, -1, -1,
- EVP_PKEY_CTRL_MY_COMMAND, 0, NULL),
- 1)
- || !TEST_int_eq(ctrl_called, 1))
- goto err;
-
- if (id == EVP_PKEY_ED25519) {
- if (!TEST_true(EVP_DigestSign(ctx, res, &reslen, msg, sizeof(msg))))
- goto err;
- } else {
- if (!TEST_true(EVP_DigestUpdate(ctx, msg, sizeof(msg)))
- || !TEST_true(EVP_DigestSignFinal(ctx, res, &reslen)))
- goto err;
- }
- }
-
- testresult = 1;
-err:
- OPENSSL_free(res);
- EVP_MD_CTX_free(ctx);
- if (doderive)
- EVP_PKEY_CTX_free(pctx);
- EVP_PKEY_free(pkey);
- EVP_PKEY_meth_remove(custom_pmeth);
- EVP_PKEY_meth_free(custom_pmeth);
- custom_pmeth = NULL;
- return testresult;
-}
-#endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
#ifndef OPENSSL_NO_ECX
static int ecxnids[] = {
NID_X25519,
@@ -6727,16 +6363,6 @@ int setup_tests(void)
ADD_TEST(test_EVP_SM2_verify);
#endif
ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
- if (!TEST_ptr(custom_pmeth))
- return 0;
- EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
- EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
- EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
- if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
- return 0;
-#endif
ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
#ifndef OPENSSL_NO_CMAC
ADD_TEST(test_CMAC_keygen);
@@ -6809,10 +6435,6 @@ int setup_tests(void)
if (OSSL_NELEM(keylen_change_ciphers) - 1 > 0)
ADD_ALL_TESTS(test_keylen_change, OSSL_NELEM(keylen_change_ciphers) - 1);
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- ADD_ALL_TESTS(test_custom_pmeth, 12);
-#endif
-
#ifndef OPENSSL_NO_ECX
ADD_ALL_TESTS(test_ecx_short_keys, OSSL_NELEM(ecxnids));
ADD_ALL_TESTS(test_ecx_not_private_key, OSSL_NELEM(keys));
diff --git a/test/pkey_meth_test.c b/test/pkey_meth_test.c
index 46b39efc3b..15d62e0a93 100644
--- a/test/pkey_meth_test.c
+++ b/test/pkey_meth_test.c
@@ -53,42 +53,10 @@ static int test_asn1_meths(void)
}
#endif
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-/* Test of EVP_PKEY_METHOD ordering */
-static int test_pkey_meths(void)
-{
- size_t i;
- int prev = -1;
- int good = 1;
- int pkey_id;
- const EVP_PKEY_METHOD *pmeth;
-
- for (i = 0; i < EVP_PKEY_meth_get_count(); i++) {
- pmeth = EVP_PKEY_meth_get0(i);
- EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth);
- if (pkey_id < prev)
- good = 0;
- prev = pkey_id;
- }
- if (!good) {
- TEST_error("EVP_PKEY_METHOD table out of order");
- for (i = 0; i < EVP_PKEY_meth_get_count(); i++) {
- pmeth = EVP_PKEY_meth_get0(i);
- EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth);
- TEST_note("%d : %s", pkey_id, OBJ_nid2ln(pkey_id));
- }
- }
- return good;
-}
-#endif
-
int setup_tests(void)
{
#ifndef OPENSSL_NO_DEPRECATED_3_6
ADD_TEST(test_asn1_meths);
-#endif
-#ifndef OPENSSL_NO_DEPRECATED_3_0
- ADD_TEST(test_pkey_meths);
#endif
return 1;
}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 46452b2f7e..5e4e18b0fe 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1368,15 +1368,6 @@ EVP_PKEY_CTX_get1_id_len ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_set_kem_op ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_get0_type_name ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_set_mac_key ? 4_0_0 EXIST::FUNCTION:
-EVP_PKEY_meth_find ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_new ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get0_info ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_free ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_add0 ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_remove ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_count ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get0 ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_KEYMGMT_fetch ? 4_0_0 EXIST::FUNCTION:
EVP_KEYMGMT_up_ref ? 4_0_0 EXIST::FUNCTION:
EVP_KEYMGMT_free ? 4_0_0 EXIST::FUNCTION:
@@ -1546,46 +1537,6 @@ EVP_PKEY_get_ex_data ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_set_cb ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get_cb ? 4_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get_keygen_info ? 4_0_0 EXIST::FUNCTION:
-EVP_PKEY_meth_set_init ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_cleanup ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_paramgen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_keygen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_sign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_verify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_verify_recover ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_signctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_verifyctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_encrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_decrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_derive ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_ctrl ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_digestsign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_digestverify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_public_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_param_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_set_digest_custom ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_init ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_copy ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_cleanup ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_paramgen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_keygen ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_sign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_verify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_verify_recover ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_signctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_verifyctx ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_encrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_decrypt ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_derive ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_ctrl ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_digestsign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_digestverify ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_public_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_param_check ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-EVP_PKEY_meth_get_digest_custom ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_KEYEXCH_free ? 4_0_0 EXIST::FUNCTION:
EVP_KEYEXCH_up_ref ? 4_0_0 EXIST::FUNCTION:
EVP_KEYEXCH_fetch ? 4_0_0 EXIST::FUNCTION: