diff options
author | Rich Salz <rsalz@akamai.com> | 2015-03-10 19:09:27 -0400 |
---|---|---|
committer | Rich Salz <rsalz@akamai.com> | 2015-03-11 09:29:37 -0400 |
commit | 10bf4fc2c3da332a54247da1f3c0dcb44944f7ff (patch) | |
tree | c2f597e901f98829266ec4045492195cefdd958c | |
parent | ac5a110621ca48f0bebd5b4d76d081de403da29e (diff) |
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
Suggested by John Foley <foleyj@cisco.com>.
Reviewed-by: Matt Caswell <matt@openssl.org>
-rw-r--r-- | CHANGES | 37 | ||||
-rw-r--r-- | apps/req.c | 2 | ||||
-rw-r--r-- | apps/s_cb.c | 2 | ||||
-rw-r--r-- | apps/s_server.c | 6 | ||||
-rw-r--r-- | apps/speed.c | 74 | ||||
-rw-r--r-- | crypto/ec/ec_pmeth.c | 7 | ||||
-rw-r--r-- | crypto/ecdh/ecdh.h | 2 | ||||
-rw-r--r-- | crypto/ecdh/ecdhtest.c | 4 | ||||
-rw-r--r-- | crypto/ecdsa/ecdsa.h | 2 | ||||
-rw-r--r-- | crypto/ecdsa/ecdsatest.c | 4 | ||||
-rw-r--r-- | crypto/engine/eng_fat.c | 8 | ||||
-rw-r--r-- | crypto/engine/eng_list.c | 4 | ||||
-rw-r--r-- | crypto/engine/eng_openssl.c | 4 | ||||
-rw-r--r-- | crypto/engine/engine.h | 4 | ||||
-rw-r--r-- | crypto/err/err_all.c | 8 | ||||
-rw-r--r-- | crypto/evp/c_alld.c | 2 | ||||
-rw-r--r-- | crypto/evp/evp.h | 2 | ||||
-rw-r--r-- | crypto/x509/x509.h | 6 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 24 | ||||
-rw-r--r-- | ssl/s3_lib.c | 39 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 10 | ||||
-rw-r--r-- | ssl/ssl.h | 2 | ||||
-rw-r--r-- | ssl/ssl_algs.c | 2 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 8 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 9 | ||||
-rw-r--r-- | ssl/ssl_conf.c | 4 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 18 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 10 | ||||
-rw-r--r-- | ssl/ssltest.c | 12 | ||||
-rw-r--r-- | ssl/t1_lib.c | 17 | ||||
-rwxr-xr-x | util/mk1mf.pl | 6 |
31 files changed, 129 insertions, 210 deletions
@@ -41,28 +41,33 @@ [Rich Salz] *) Remove various unsupported platforms: - Sony NEWS4 - BEOS and BEOS_R5 - NeXT - SUNOS - MPE/iX - Sinix/ReliantUNIX RM400 - DGUX - NCR - Tandem - Cray - 16-bit platforms such as WIN16 + Sony NEWS4 + BEOS and BEOS_R5 + NeXT + SUNOS + MPE/iX + Sinix/ReliantUNIX RM400 + DGUX + NCR + Tandem + Cray + 16-bit platforms such as WIN16 [Rich Salz] - *) Start cleaning up OPENSSL_NO_xxx #define's - OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 - OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO - Use setbuf() and remove OPENSSL_NO_SETVBUF_IONBF + *) Clean up OPENSSL_NO_xxx #define's + Use setbuf() and remove OPENSSL_NO_SETVBUF_IONBF Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx + OPENSSL_NO_EC{DH,DSA} merged into OPENSSL_NO_EC + OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 + OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO + Remove OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY + OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP + OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK + OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY Remove MS_STATIC; it's a relic from platforms <32 bits. [Rich Salz] - *) Start cleaning up dead code + *) Cleaned up dead code Remove all but one '#ifdef undef' which is to be looked at. [Rich Salz] diff --git a/apps/req.c b/apps/req.c index 6d06ed74a7..231535bfaf 100644 --- a/apps/req.c +++ b/apps/req.c @@ -398,7 +398,7 @@ int MAIN(int argc, char **argv) " -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err, " -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC BIO_printf(bio_err, " -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); #endif diff --git a/apps/s_cb.c b/apps/s_cb.c index 12f7b8cb03..8a66c9a7dc 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -521,7 +521,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) case EVP_PKEY_DH: BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key)); break; -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); diff --git a/apps/s_server.c b/apps/s_server.c index 42088d0e84..874b402aac 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -486,7 +486,7 @@ static void sv_usage(void) " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); BIO_printf(bio_err, " or a default set of parameters is used\n"); -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC BIO_printf(bio_err, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" " Use \"openssl ecparam -list_curves\" for all names\n" @@ -545,7 +545,7 @@ static void sv_usage(void) #ifndef OPENSSL_NO_DH BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n"); #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n"); #endif BIO_printf(bio_err, @@ -1677,7 +1677,7 @@ int MAIN(int argc, char *argv[]) bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE); } } -#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) +#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) if (nocert) #endif { diff --git a/apps/speed.c b/apps/speed.c index 57b53ce32e..44c276ab21 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -172,10 +172,8 @@ # include <openssl/dsa.h> # include "./testdsa.h" #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC # include <openssl/ecdsa.h> -#endif -#ifndef OPENSSL_NO_ECDH # include <openssl/ecdh.h> #endif #include <openssl/modes.h> @@ -242,14 +240,12 @@ static double rsa_results[RSA_NUM][2]; #ifndef OPENSSL_NO_DSA static double dsa_results[DSA_NUM][2]; #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC static double ecdsa_results[EC_NUM][2]; -#endif -#ifndef OPENSSL_NO_ECDH static double ecdh_results[EC_NUM][1]; #endif -#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH)) +#if defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_EC) static const char rnd_seed[] = "string to make the random number generator think it has entropy"; static int rnd_fake = 0; @@ -330,7 +326,7 @@ static double Time_F(int s) } #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) @@ -340,7 +336,7 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); } -#endif /* OPENSSL_NO_ECDH */ +#endif /* OPENSSL_NO_EC */ static void multiblock_speed(const EVP_CIPHER *evp_cipher); @@ -595,30 +591,23 @@ int MAIN(int argc, char **argv) #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC unsigned char ecdsasig[256]; unsigned int ecdsasiglen; EC_KEY *ecdsa[EC_NUM]; long ecdsa_c[EC_NUM][2]; -#endif - -#ifndef OPENSSL_NO_ECDH EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; int secret_size_a, secret_size_b; int ecdh_checks = 0; int secret_idx = 0; long ecdh_c[EC_NUM][2]; + int ecdsa_doit[EC_NUM]; + int ecdh_doit[EC_NUM]; #endif int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; -#ifndef OPENSSL_NO_ECDSA - int ecdsa_doit[EC_NUM]; -#endif -#ifndef OPENSSL_NO_ECDH - int ecdh_doit[EC_NUM]; -#endif int doit[ALGOR_NUM]; int pr_header = 0; const EVP_CIPHER *evp_cipher = NULL; @@ -639,11 +628,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA memset(dsa_key, 0, sizeof(dsa_key)); #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC for (i = 0; i < EC_NUM; i++) ecdsa[i] = NULL; -#endif -#ifndef OPENSSL_NO_ECDH for (i = 0; i < EC_NUM; i++) { ecdh_a[i] = NULL; ecdh_b[i] = NULL; @@ -689,11 +676,9 @@ int MAIN(int argc, char **argv) rsa_doit[i] = 0; for (i = 0; i < DSA_NUM; i++) dsa_doit[i] = 0; -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC for (i = 0; i < EC_NUM; i++) ecdsa_doit[i] = 0; -#endif -#ifndef OPENSSL_NO_ECDH for (i = 0; i < EC_NUM; i++) ecdh_doit[i] = 0; #endif @@ -986,7 +971,7 @@ int MAIN(int argc, char **argv) dsa_doit[R_DSA_2048] = 1; } else #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (strcmp(*argv, "ecdsap160") == 0) ecdsa_doit[R_EC_P160] = 2; else if (strcmp(*argv, "ecdsap192") == 0) @@ -1022,10 +1007,7 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv, "ecdsa") == 0) { for (i = 0; i < EC_NUM; i++) ecdsa_doit[i] = 1; - } else -#endif -#ifndef OPENSSL_NO_ECDH - if (strcmp(*argv, "ecdhp160") == 0) + } else if (strcmp(*argv, "ecdhp160") == 0) ecdh_doit[R_EC_P160] = 2; else if (strcmp(*argv, "ecdhp192") == 0) ecdh_doit[R_EC_P192] = 2; @@ -1135,7 +1117,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n"); #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 " "ecdsap256 ecdsap384 ecdsap521\n"); BIO_printf(bio_err, @@ -1143,8 +1125,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n"); BIO_printf(bio_err, "ecdsa\n"); -#endif -#ifndef OPENSSL_NO_ECDH BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 " "ecdhp256 ecdhp384 ecdhp521\n"); BIO_printf(bio_err, @@ -1234,11 +1214,9 @@ int MAIN(int argc, char **argv) rsa_doit[i] = 1; for (i = 0; i < DSA_NUM; i++) dsa_doit[i] = 1; -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC for (i = 0; i < EC_NUM; i++) ecdsa_doit[i] = 1; -#endif -#ifndef OPENSSL_NO_ECDH for (i = 0; i < EC_NUM; i++) ecdh_doit[i] = 1; #endif @@ -1428,7 +1406,7 @@ int MAIN(int argc, char **argv) } # endif -# ifndef OPENSSL_NO_ECDSA +# ifndef OPENSSL_NO_EC ecdsa_c[R_EC_P160][0] = count / 1000; ecdsa_c[R_EC_P160][1] = count / 1000 / 2; for (i = R_EC_P192; i <= R_EC_P521; i++) { @@ -1471,9 +1449,6 @@ int MAIN(int argc, char **argv) } } } -# endif - -# ifndef OPENSSL_NO_ECDH ecdh_c[R_EC_P160][0] = count / 1000; ecdh_c[R_EC_P160][1] = count / 1000; for (i = R_EC_P192; i <= R_EC_P521; i++) { @@ -2144,7 +2119,7 @@ int MAIN(int argc, char **argv) RAND_cleanup(); #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (RAND_status() != 1) { RAND_seed(rnd_seed, sizeof rnd_seed); rnd_fake = 1; @@ -2236,9 +2211,6 @@ int MAIN(int argc, char **argv) } if (rnd_fake) RAND_cleanup(); -#endif - -#ifndef OPENSSL_NO_ECDH if (RAND_status() != 1) { RAND_seed(rnd_seed, sizeof rnd_seed); rnd_fake = 1; @@ -2423,7 +2395,7 @@ int MAIN(int argc, char **argv) 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]); } #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC j = 1; for (k = 0; k < EC_NUM; k++) { if (!ecdsa_doit[k]) @@ -2445,9 +2417,6 @@ int MAIN(int argc, char **argv) ecdsa_results[k][0], ecdsa_results[k][1], 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]); } -#endif - -#ifndef OPENSSL_NO_ECDH j = 1; for (k = 0; k < EC_NUM; k++) { if (!ecdh_doit[k]) @@ -2488,12 +2457,10 @@ int MAIN(int argc, char **argv) DSA_free(dsa_key[i]); #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC for (i = 0; i < EC_NUM; i++) if (ecdsa[i] != NULL) EC_KEY_free(ecdsa[i]); -#endif -#ifndef OPENSSL_NO_ECDH for (i = 0; i < EC_NUM; i++) { if (ecdh_a[i] != NULL) EC_KEY_free(ecdh_a[i]); @@ -2697,7 +2664,7 @@ static int do_multi(int multi) dsa_results[k][1] = d; } # endif -# ifndef OPENSSL_NO_ECDSA +# ifndef OPENSSL_NO_EC else if (!strncmp(buf, "+F4:", 4)) { int k; double d; @@ -2720,9 +2687,6 @@ static int do_multi(int multi) else ecdsa_results[k][1] = d; } -# endif - -# ifndef OPENSSL_NO_ECDH else if (!strncmp(buf, "+F5:", 4)) { int k; double d; diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 0437dcff60..d789e7e916 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -203,7 +203,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx, return ret; } -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { @@ -302,7 +302,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) EC_GROUP_set_asn1_flag(dctx->gen_group, p1); return 1; -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC case EVP_PKEY_CTRL_EC_ECDH_COFACTOR: if (p1 == -2) { if (dctx->cofactor_mode != -1) @@ -519,12 +519,11 @@ const EVP_PKEY_METHOD ec_pkey_meth = { 0, 0, 0, -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC pkey_ec_kdf_derive, #else 0, #endif - pkey_ec_ctrl, pkey_ec_ctrl_str }; diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h index 0d643a3f05..25ccdc9088 100644 --- a/crypto/ecdh/ecdh.h +++ b/crypto/ecdh/ecdh.h @@ -71,7 +71,7 @@ # include <openssl/opensslconf.h> -# ifdef OPENSSL_NO_ECDH +# ifdef OPENSSL_NO_EC # error ECDH is disabled. # endif diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index 41725f6a8d..578de316be 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -73,7 +73,7 @@ #include "../e_os.h" -#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_EC */ #include <openssl/crypto.h> #include <openssl/bio.h> #include <openssl/bn.h> @@ -82,7 +82,7 @@ #include <openssl/sha.h> #include <openssl/err.h> -#ifdef OPENSSL_NO_ECDH +#ifdef OPENSSL_NO_EC int main(int argc, char *argv[]) { printf("No ECDH support\n"); diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 86cafe2ba1..3876004473 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -61,7 +61,7 @@ # include <openssl/opensslconf.h> -# ifdef OPENSSL_NO_ECDSA +# ifdef OPENSSL_NO_EC # error ECDSA is disabled. # endif diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index d58490f21f..31d9c84e99 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -73,9 +73,9 @@ #include <stdlib.h> #include <string.h> -#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ECDSA is defined */ +#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */ -#ifdef OPENSSL_NO_ECDSA +#ifdef OPENSSL_NO_EC int main(int argc, char *argv[]) { puts("Elliptic curves are disabled."); diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c index 4279dd94b1..af353bd936 100644 --- a/crypto/engine/eng_fat.c +++ b/crypto/engine/eng_fat.c @@ -79,11 +79,9 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) return 0; #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) return 0; -#endif -#ifndef OPENSSL_NO_ECDSA if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) return 0; #endif @@ -159,10 +157,8 @@ int ENGINE_register_complete(ENGINE *e) #ifndef OPENSSL_NO_DH ENGINE_register_DH(e); #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC ENGINE_register_ECDH(e); -#endif -#ifndef OPENSSL_NO_ECDSA ENGINE_register_ECDSA(e); #endif ENGINE_register_RAND(e); diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index c69e8a7eda..9e80eafdde 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -300,10 +300,8 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) #ifndef OPENSSL_NO_DH dest->dh_meth = src->dh_meth; #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC dest->ecdh_meth = src->ecdh_meth; -#endif -#ifndef OPENSSL_NO_ECDSA dest->ecdsa_meth = src->ecdsa_meth; #endif dest->rand_meth = src->rand_meth; diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 3e12ecf760..78fa3c8d45 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -149,10 +149,8 @@ static int bind_helper(ENGINE *e) # ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) # endif -# ifndef OPENSSL_NO_ECDH +# ifndef OPENSSL_NO_EC || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) -# endif -# ifndef OPENSSL_NO_ECDSA || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) # endif # ifndef OPENSSL_NO_DH diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index c931907599..e2f3e5cd9e 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -82,10 +82,8 @@ # ifndef OPENSSL_NO_DH # include <openssl/dh.h> # endif -# ifndef OPENSSL_NO_ECDH +# ifndef OPENSSL_NO_EC # include <openssl/ecdh.h> -# endif -# ifndef OPENSSL_NO_ECDSA # include <openssl/ecdsa.h> # endif # include <openssl/rand.h> diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index 1363fb026a..b844167f94 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -76,10 +76,8 @@ #ifndef OPENSSL_NO_DSA # include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC # include <openssl/ecdsa.h> -#endif -#ifndef OPENSSL_NO_ECDH # include <openssl/ecdh.h> #endif #include <openssl/evp.h> @@ -138,11 +136,7 @@ void ERR_load_crypto_strings(void) # endif # ifndef OPENSSL_NO_EC ERR_load_EC_strings(); -# endif -# ifndef OPENSSL_NO_ECDSA ERR_load_ECDSA_strings(); -# endif -# ifndef OPENSSL_NO_ECDH ERR_load_ECDH_strings(); # endif /* skip ERR_load_SSL_strings() because it is not in this library */ diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 0d4278b86a..94039ef5fd 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -80,7 +80,7 @@ void OpenSSL_add_all_digests(void) EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1"); EVP_add_digest_alias(SN_dsaWithSHA1, "dss1"); # endif -# ifndef OPENSSL_NO_ECDSA +# ifndef OPENSSL_NO_EC EVP_add_digest(EVP_ecdsa()); # endif #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 2e9f83fac7..0d26fd3129 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -234,7 +234,7 @@ typedef int evp_verify_method(int type, const unsigned char *m, # define EVP_PKEY_DSA_method EVP_PKEY_NULL_method # endif -# ifndef OPENSSL_NO_ECDSA +# ifndef OPENSSL_NO_EC # define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \ (evp_verify_method *)ECDSA_verify, \ {EVP_PKEY_EC,0,0,0} diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 1e78e30f5e..9835be5e6c 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -75,13 +75,7 @@ # ifndef OPENSSL_NO_EC # include <openssl/ec.h> -# endif - -# ifndef OPENSSL_NO_ECDSA # include <openssl/ecdsa.h> -# endif - -# ifndef OPENSSL_NO_ECDH # include <openssl/ecdh.h> # endif diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 750217fff6..1e611c44be 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1321,7 +1321,7 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_DH DH *dh = NULL; #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC EC_KEY *ecdh = NULL; BN_CTX *bn_ctx = NULL; EC_POINT *srvr_ecpoint = NULL; @@ -1385,7 +1385,7 @@ int ssl3_get_key_exchange(SSL *s) s->session->sess_cert->peer_dh_tmp = NULL; } #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC if (s->session->sess_cert->peer_ecdh_tmp) { EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp); s->session->sess_cert->peer_ecdh_tmp = NULL; @@ -1724,7 +1724,7 @@ int ssl3_get_key_exchange(SSL *s) } #endif /* !OPENSSL_NO_DH */ -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC else if (alg_k & SSL_kECDHE) { EC_GROUP *ngroup; const EC_GROUP *group; @@ -1822,7 +1822,7 @@ int ssl3_get_key_exchange(SSL *s) X509_get_pubkey(s->session-> sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); # endif -# ifndef OPENSSL_NO_ECDSA +# ifndef OPENSSL_NO_EC else if (alg_a & SSL_aECDSA) pkey = X509_get_pubkey(s->session-> @@ -1841,7 +1841,7 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } -#endif /* !OPENSSL_NO_ECDH */ +#endif /* !OPENSSL_NO_EC */ /* p points to the next byte, there are 'n' bytes left */ @@ -1961,7 +1961,7 @@ int ssl3_get_key_exchange(SSL *s) if (dh != NULL) DH_free(dh); #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC BN_CTX_free(bn_ctx); EC_POINT_free(srvr_ecpoint); if (ecdh != NULL) @@ -2299,7 +2299,7 @@ int ssl3_send_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_KRB5 KSSL_ERR kssl_err; #endif /* OPENSSL_NO_KRB5 */ -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC EC_KEY *clnt_ecdh = NULL; const EC_POINT *srvr_ecpoint = NULL; EVP_PKEY *srvr_pub_pkey = NULL; @@ -2597,7 +2597,7 @@ int ssl3_send_client_key_exchange(SSL *s) } #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC else if (alg_k & (SSL_kECDHE | SSL_kECDHr | SSL_kECDHe)) { const EC_GROUP *srvr_group = NULL; EC_KEY *tkey; @@ -2768,7 +2768,7 @@ int ssl3_send_client_key_exchange(SSL *s) EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); } -#endif /* !OPENSSL_NO_ECDH */ +#endif /* !OPENSSL_NO_EC */ else if (alg_k & SSL_kGOST) { /* GOST key exchange message creation */ EVP_PKEY_CTX *pkey_ctx; @@ -3054,7 +3054,7 @@ int ssl3_send_client_key_exchange(SSL *s) OPENSSL_free(pms); s->cert->pms = NULL; } -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC BN_CTX_free(bn_ctx); if (encodedPoint != NULL) OPENSSL_free(encodedPoint); @@ -3156,7 +3156,7 @@ int ssl3_send_client_verify(SSL *s) n = j + 2; } else #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (pkey->type == EVP_PKEY_EC) { if (!ECDSA_sign(pkey->save_type, &(data[MD5_DIGEST_LENGTH]), @@ -3365,7 +3365,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) /* This is the passed certificate */ idx = sc->peer_cert_type; -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC if (idx == SSL_PKEY_ECC) { if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) { /* check failed */ diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 20ce112e5f..f4369eb928 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2051,7 +2051,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { }, #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC /* Cipher C001 */ { 1, @@ -2451,7 +2451,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { 256, 256, }, -#endif /* OPENSSL_NO_ECDH */ +#endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_SRP /* Cipher C01A */ @@ -2598,7 +2598,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { 256, }, #endif /* OPENSSL_NO_SRP */ -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ @@ -2973,7 +2973,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { 256, 256}, # endif /* OPENSSL_NO_CAMELLIA */ -#endif /* OPENSSL_NO_ECDH */ +#endif /* OPENSSL_NO_EC */ #ifdef TEMP_GOST_TLS /* Cipher FF00 */ @@ -3138,7 +3138,7 @@ void ssl3_free(SSL *s) if (s->s3->tmp.dh != NULL) DH_free(s->s3->tmp.dh); #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC if (s->s3->tmp.ecdh != NULL) EC_KEY_free(s->s3->tmp.ecdh); #endif @@ -3183,7 +3183,7 @@ void ssl3_clear(SSL *s) s->s3->tmp.dh = NULL; } #endif -#ifndef OPENSSL_NO_ECDH +#ifndef OPENSSL_NO_EC if (s->s3->tmp.ecdh != NULL) { EC_KEY_free(s->s3->tmp. |