diff options
author | Richard Levitte <levitte@openssl.org> | 2020-12-17 21:37:15 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-12-20 12:19:42 +0100 |
commit | 3a1ee3c1993c588a22cb80f1d0eb6237f83a1560 (patch) | |
tree | 3e915497790f85855ef9730b2d36bc97a688a9f4 | |
parent | e3577adddf6bc4f0d9d202621a2c576d982d6f0a (diff) |
Drop OPENSSL_NO_RSA everywhere
The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so
this is simply a cleanup of the remains.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13700)
43 files changed, 337 insertions, 489 deletions
@@ -75,7 +75,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx # 386 generate 80386 code in assembly modules # no-sse2 disables IA-32 SSE2 code in assembly modules, the above # mentioned '386' option implies this one -# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...) +# no-<cipher> build without specified algorithm (dsa, idea, rc5, ...) # -<xxx> +<xxx> All options which are unknown to the 'Configure' script are # /<xxx> passed through to the compiler. Unix-style options beginning # with a '-' or '+' are recognized, as well as Windows-style @@ -292,7 +292,7 @@ $config{perlargv} = [ @argvcopy ]; # 'unshift' adds at the front of the list (i.e. in reverse input order). foreach ( reverse sort( 'aes', 'aria', 'bf', 'camellia', 'cast', 'des', 'dh', 'dsa', 'ec', 'hmac', 'idea', 'md2', 'md5', 'mdc2', - 'rc2', 'rc4', 'rc5', 'ripemd', 'rsa', 'seed', 'sha', + 'rc2', 'rc4', 'rc5', 'ripemd', 'seed', 'sha', 'sm2', 'sm3', 'sm4') ) { unshift @argvcopy, "no-$_" if ! -d catdir($srcdir, 'crypto', $_); } diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 703518ce8c..1998a8bc2f 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -34,9 +34,7 @@ #include <openssl/pkcs12.h> #include <openssl/ui.h> #include <openssl/safestack.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif +#include <openssl/rsa.h> #include <openssl/bn.h> #include <openssl/ssl.h> #include <openssl/store.h> diff --git a/apps/list.c b/apps/list.c index 986a288757..72c4205e9a 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1261,9 +1261,6 @@ static void list_disabled(void) #ifdef OPENSSL_NO_RMD160 BIO_puts(bio_out, "RMD160\n"); #endif -#ifdef OPENSSL_NO_RSA - BIO_puts(bio_out, "RSA\n"); -#endif #ifdef OPENSSL_NO_SCRYPT BIO_puts(bio_out, "SCRYPT\n"); #endif diff --git a/apps/req.c b/apps/req.c index 84b6a4c00c..acd0cd09cb 100644 --- a/apps/req.c +++ b/apps/req.c @@ -25,9 +25,7 @@ #include <openssl/pem.h> #include <openssl/bn.h> #include <openssl/lhash.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif +#include <openssl/rsa.h> #ifndef OPENSSL_NO_DSA # include <openssl/dsa.h> #endif @@ -939,7 +937,6 @@ int req_main(int argc, char **argv) goto end; } fprintf(stdout, "Modulus="); -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_is_a(tpubkey, "RSA")) { BIGNUM *n; @@ -947,9 +944,9 @@ int req_main(int argc, char **argv) EVP_PKEY_get_bn_param(pkey, "n", &n); BN_print(out, n); BN_free(n); - } else -#endif + } else { fprintf(stdout, "Wrong Algorithm type"); + } fprintf(stdout, "\n"); } @@ -1596,7 +1593,6 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_CTX_free(gctx); return NULL; } -#ifndef OPENSSL_NO_RSA if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) { if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) { BIO_puts(bio_err, "Error setting RSA keysize\n"); @@ -1605,7 +1601,6 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, return NULL; } } -#endif return gctx; } diff --git a/apps/s_server.c b/apps/s_server.c index 94417a206b..2f9b469953 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -48,9 +48,7 @@ typedef unsigned int u_int; #ifndef OPENSSL_NO_DH # include <openssl/dh.h> #endif -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif +#include <openssl/rsa.h> #ifndef OPENSSL_NO_SRP # include <openssl/srp.h> #endif diff --git a/apps/speed.c b/apps/speed.c index 07c2238ab2..5b944290fc 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -101,7 +101,7 @@ #ifndef OPENSSL_NO_CAST # include <openssl/cast.h> #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 # include <openssl/rsa.h> # include "./testrsa.h" #endif @@ -155,9 +155,10 @@ static int usertime = 1; static double Time_F(int s); static void print_message(const char *s, long num, int length, int tm); -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) static void pkey_print_message(const char *str, const char *str2, long num, unsigned int bits, int sec); #endif @@ -433,7 +434,7 @@ static const OPT_PAIR dsa_choices[DSA_NUM] = { static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */ #endif /* OPENSSL_NO_DSA */ -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 enum { R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680, R_RSA_15360, RSA_NUM @@ -449,7 +450,7 @@ static const OPT_PAIR rsa_choices[RSA_NUM] = { }; static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ -#endif /* OPENSSL_NO_RSA */ +#endif /* OPENSSL_NO_DEPRECATED_3_0 */ #ifndef OPENSSL_NO_DH enum ff_params_t { @@ -575,7 +576,7 @@ typedef struct loopargs_st { unsigned char *key; unsigned int siglen; size_t sigsize; -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 RSA *rsa_key[RSA_NUM]; #endif #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) @@ -1060,7 +1061,7 @@ static int EVP_CMAC_loop(void *args) } #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */ static int RSA_sign_loop(void *args) @@ -1513,9 +1514,10 @@ int speed_main(int argc, char **argv) #ifndef NO_FORK int multi = 0; #endif -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) long op_count = 1; #endif openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS, @@ -1562,7 +1564,7 @@ int speed_main(int argc, char **argv) #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) CAMELLIA_KEY camellia_ks[3]; #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 static const struct { const unsigned char *data; unsigned int length; @@ -1829,7 +1831,7 @@ int speed_main(int argc, char **argv) doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1; continue; } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 if (strcmp(algo, "openssl") == 0) /* just for compatibility */ continue; if (strncmp(algo, "rsa", 3) == 0) { @@ -2009,15 +2011,15 @@ int speed_main(int argc, char **argv) memset(doit, 1, sizeof(doit)); doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0; #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_MDC2] = 0; + doit[D_MDC2] = 0; #endif #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_MD4] = 0; + doit[D_MD4] = 0; #endif #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_RMD160] = 0; + doit[D_RMD160] = 0; #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 memset(rsa_doit, 1, sizeof(rsa_doit)); #endif #ifndef OPENSSL_NO_DH @@ -2044,7 +2046,7 @@ int speed_main(int argc, char **argv) "You have chosen to measure elapsed time " "instead of user CPU time.\n"); -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (i = 0; i < loopargs_len; i++) { if (primes > RSA_DEFAULT_PRIME_NUM) { /* for multi-prime RSA, skip this */ @@ -2214,7 +2216,7 @@ int speed_main(int argc, char **argv) c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1; } -# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +# ifndef OPENSSL_NO_DEPRECATED_3_0 rsa_c[R_RSA_512][0] = count / 2000; rsa_c[R_RSA_512][1] = count / 400; for (i = 1; i < RSA_NUM; i++) { @@ -2983,7 +2985,7 @@ int speed_main(int argc, char **argv) if (RAND_bytes(loopargs[i].buf, 36) <= 0) goto end; -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (testnum = 0; testnum < RSA_NUM; testnum++) { int st = 0; if (!rsa_doit[testnum]) @@ -3073,7 +3075,7 @@ int speed_main(int argc, char **argv) stop_it(rsa_doit, testnum); } } -#endif /* OPENSSL_NO_RSA */ +#endif /* OPENSSL_NO_DEPRECATED_3_0 */ for (i = 0; i < loopargs_len; i++) if (RAND_bytes(loopargs[i].buf, 36) <= 0) @@ -3879,7 +3881,7 @@ int speed_main(int argc, char **argv) } printf("\n"); } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 testnum = 1; for (k = 0; k < RSA_NUM; k++) { if (!rsa_doit[k]) @@ -4026,7 +4028,7 @@ int speed_main(int argc, char **argv) OPENSSL_free(loopargs[i].buf_malloc); OPENSSL_free(loopargs[i].buf2_malloc); -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (k = 0; k < RSA_NUM; k++) RSA_free(loopargs[i].rsa_key[k]); #endif @@ -4109,9 +4111,10 @@ static void print_message(const char *s, long num, int length, int tm) #endif } -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) static void pkey_print_message(const char *str, const char *str2, long num, unsigned int bits, int tm) { @@ -4236,7 +4239,7 @@ static int do_multi(int multi, int size_num) for (j = 0; j < size_num; ++j) results[alg][j] += atof(sstrsep(&p, sep)); } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 else if (strncmp(buf, "+F2:", 4) == 0) { int k; double d; diff --git a/apps/x509.c b/apps/x509.c index 5de25c1e2c..c8fcb7a7ae 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -21,9 +21,7 @@ #include <openssl/x509v3.h> #include <openssl/objects.h> #include <openssl/pem.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif +#include <openssl/rsa.h> #ifndef OPENSSL_NO_DSA # include <openssl/dsa.h> #endif diff --git a/crypto/asn1/asn1_item_list.h b/crypto/asn1/asn1_item_list.h index b5a8661bd4..01d9076350 100644 --- a/crypto/asn1/asn1_item_list.h +++ b/crypto/asn1/asn1_item_list.h @@ -134,13 +134,11 @@ static ASN1_ITEM_EXP *asn1_item_list[] = { ASN1_ITEM_ref(POLICY_MAPPING), ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), ASN1_ITEM_ref(PROXY_POLICY), -#ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +#ifndef OPENSSL_NO_DEPRECATED_3_0 ASN1_ITEM_ref(RSAPrivateKey), ASN1_ITEM_ref(RSAPublicKey), ASN1_ITEM_ref(RSA_OAEP_PARAMS), ASN1_ITEM_ref(RSA_PSS_PARAMS), -# endif #endif #ifndef OPENSSL_NO_SCRYPT ASN1_ITEM_ref(SCRYPT_PARAMS), diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 6b3506e314..b6c7da772c 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -44,14 +44,12 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, } switch (EVP_PKEY_id(ret)) { -#ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } break; -#endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: /* TMP UGLY CAST */ diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c index 3df49a1701..599c512901 100644 --- a/crypto/asn1/i2d_evp.c +++ b/crypto/asn1/i2d_evp.c @@ -107,10 +107,8 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp) return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_structures, pp); } switch (EVP_PKEY_id(a)) { -#ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp); -#endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(a), pp); diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h index 59fa726991..7d225b308a 100644 --- a/crypto/asn1/standard_methods.h +++ b/crypto/asn1/standard_methods.h @@ -13,10 +13,8 @@ * is used to search it. */ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { -#ifndef OPENSSL_NO_RSA &rsa_asn1_meths[0], &rsa_asn1_meths[1], -#endif #ifndef OPENSSL_NO_DH &dh_asn1_meth, #endif @@ -30,9 +28,7 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { #ifndef OPENSSL_NO_EC &eckey_asn1_meth, #endif -#ifndef OPENSSL_NO_RSA &rsa_pss_asn1_meth, -#endif #ifndef OPENSSL_NO_DH &dhx_asn1_meth, #endif diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c index 78537057b7..0cf27715c5 100644 --- a/crypto/engine/eng_fat.c +++ b/crypto/engine/eng_fat.c @@ -20,10 +20,8 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) return 0; if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) return 0; -#ifndef OPENSSL_NO_RSA if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) return 0; -#endif #ifndef OPENSSL_NO_DSA if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) return 0; @@ -96,9 +94,7 @@ int ENGINE_register_complete(ENGINE *e) { ENGINE_register_ciphers(e); ENGINE_register_digests(e); -#ifndef OPENSSL_NO_RSA ENGINE_register_RSA(e); -#endif #ifndef OPENSSL_NO_DSA ENGINE_register_DSA(e); #endif diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index de3475fe22..be08804665 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -250,9 +250,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) { dest->id = src->id; dest->name = src->name; -#ifndef OPENSSL_NO_RSA dest->rsa_meth = src->rsa_meth; -#endif #ifndef OPENSSL_NO_DSA dest->dsa_meth = src->dsa_meth; #endif diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 4214ebdfda..3ca95abc13 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -98,9 +98,7 @@ static int bind_helper(ENGINE *e) || !ENGINE_set_name(e, engine_openssl_name) || !ENGINE_set_destroy_function(e, openssl_destroy) #ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS -# ifndef OPENSSL_NO_RSA || !ENGINE_set_RSA(e, RSA_get_default_method()) -# endif # ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) # endif diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index e90928edef..1d26c19d90 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -51,9 +51,7 @@ int err_load_crypto_strings_int(void) #ifndef OPENSSL_NO_ERR || err_load_ERR_strings_int() == 0 /* include error strings for SYSerr */ || err_load_BN_strings_int() == 0 -# ifndef OPENSSL_NO_RSA || err_load_RSA_strings_int() == 0 -# endif # ifndef OPENSSL_NO_DH || err_load_DH_strings_int() == 0 # endif diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c index c71e88d9b0..6ac344e394 100644 --- a/crypto/evp/p_dec.c +++ b/crypto/evp/p_dec.c @@ -22,11 +22,8 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, { int ret = -1; -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) { -#endif ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef OPENSSL_NO_RSA goto err; } @@ -34,6 +31,5 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv), RSA_PKCS1_PADDING); err: -#endif return ret; } diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c index 4847c752ed..bdc490d884 100644 --- a/crypto/evp/p_enc.c +++ b/crypto/evp/p_enc.c @@ -22,17 +22,13 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, { int ret = 0; -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_id(pubk) != EVP_PKEY_RSA) { -#endif ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef OPENSSL_NO_RSA goto err; } ret = RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk), RSA_PKCS1_PADDING); err: -#endif return ret; } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 8fc309dc99..7c2e648209 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -49,9 +49,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; /* This array needs to be in order of NIDs */ static pmeth_fn standard_methods[] = { -# ifndef OPENSSL_NO_RSA ossl_rsa_pkey_method, -# endif # ifndef OPENSSL_NO_DH dh_pkey_method, # endif @@ -61,9 +59,7 @@ static pmeth_fn standard_methods[] = { # ifndef OPENSSL_NO_EC ec_pkey_method, # endif -# ifndef OPENSSL_NO_RSA ossl_rsa_pss_pkey_method, -# endif # ifndef OPENSSL_NO_DH dhx_pkey_method, # endif diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index ea758f04be..5f73f93ce8 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -25,9 +25,7 @@ #include <openssl/dh.h> #include "pem_local.h" -#ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); -#endif #ifndef OPENSSL_NO_DSA static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); #endif @@ -46,7 +44,6 @@ IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) #ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA /* * We treat RSA or DSA private keys as a special case. For private keys we * read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract @@ -77,7 +74,7 @@ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, return pkey_get_rsa(pktmp, rsa); } -# ifndef OPENSSL_NO_STDIO +# ifndef OPENSSL_NO_STDIO RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) { @@ -86,12 +83,11 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) return pkey_get_rsa(pktmp, rsa); } -# endif +# endif IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) -# endif #endif #ifndef OPENSSL_NO_DSA static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 7537e5a31f..3911fdc5ee 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -124,9 +124,7 @@ STACK_OF(X509_INFO) goto start; } pp = &(xi->crl); - } else -#ifndef OPENSSL_NO_RSA - if (strcmp(name, PEM_STRING_RSA) == 0) { + } else if (strcmp(name, PEM_STRING_RSA) == 0) { d2i = (D2I_OF(void)) d2i_RSAPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret, xi)) @@ -147,7 +145,6 @@ STACK_OF(X509_INFO) if ((int)strlen(header) > 10) /* assume encrypted */ raw = 1; } else -#endif #ifndef OPENSSL_NO_DSA if (strcmp(name, PEM_STRING_DSA) == 0) { d2i = (D2I_OF(void)) d2i_DSAPrivateKey; @@ -335,13 +332,11 @@ int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc, goto err; } else { /* Add DSA/DH */ -#ifndef OPENSSL_NO_RSA /* normal optionally encrypted stuff */ if (PEM_write_bio_RSAPrivateKey(bp, EVP_PKEY_get0_RSA(xi->x_pkey->dec_pkey), enc, kstr, klen, cb, u) <= 0) goto err; -#endif } } diff --git a/crypto/x5 |