Remove obsolete key formats.

Remove support for RSA_NET and Netscape key format (-keyform n).

Also removed documentation of SGC.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

5 files changed, 6 insertions, 104 deletions

diff --git a/apps/apps.c b/apps/apps.c
index 3f2c049404..80e777774f 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -163,12 +163,6 @@ static int set_table_opts(unsigned long *flags, const char *arg,
 static int set_multi_opts(unsigned long *flags, const char *arg,
                           const NAME_EX_TBL * in_tbl);
 
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-/* Looks like this stuff is worth moving into separate function */
-static EVP_PKEY *load_netscape_key(BIO *key, const char *file,
-                                   const char *key_descrip, int format);
-#endif
-
 int app_init(long mesgwin);
 
 int chopup_args(ARGS *arg, char *buf)
@@ -695,22 +689,7 @@ X509 *load_cert(const char *file, int format,
 
     if (format == FORMAT_ASN1)
         x = d2i_X509_bio(cert, NULL);
-    else if (format == FORMAT_NETSCAPE) {
-        NETSCAPE_X509 *nx;
-        nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
-        if (nx == NULL)
-            goto end;
-
-        if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
-                     nx->header->length) != 0)) {
-            NETSCAPE_X509_free(nx);
-            BIO_printf(bio_err, "Error reading header on certificate\n");
-            goto end;
-        }
-        x = nx->cert;
-        nx->cert = NULL;
-        NETSCAPE_X509_free(nx);
-    } else if (format == FORMAT_PEM)
+    else if (format == FORMAT_PEM)
         x = PEM_read_bio_X509_AUX(cert, NULL,
                                   (pem_password_cb *)password_callback, NULL);
     else if (format == FORMAT_PKCS12) {
@@ -803,10 +782,6 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin,
                                        (pem_password_cb *)password_callback,
                                        &cb_data);
     }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-    else if (format == FORMAT_NETSCAPE)
-        pkey = load_netscape_key(key, file, key_descrip, format);
-#endif
     else if (format == FORMAT_PKCS12) {
         if (!load_pkcs12(key, key_descrip,
                          (pem_password_cb *)password_callback, &cb_data,
@@ -903,10 +878,6 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin,
                                    (pem_password_cb *)password_callback,
                                    &cb_data);
     }
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-    else if (format == FORMAT_NETSCAPE)
-        pkey = load_netscape_key(key, file, key_descrip, format);
-#endif
 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
     else if (format == FORMAT_MSBLOB)
         pkey = b2i_PublicKey_bio(key);
@@ -918,47 +889,6 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin,
     return (pkey);
 }
 
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-static EVP_PKEY *load_netscape_key(BIO *key, const char *file,
-                                   const char *key_descrip, int format)
-{
-    EVP_PKEY *pkey;
-    BUF_MEM *buf;
-    RSA *rsa;
-    const unsigned char *p;
-    int size, i;
-
-    buf = BUF_MEM_new();
-    pkey = EVP_PKEY_new();
-    size = 0;
-    if (buf == NULL || pkey == NULL)
-        goto error;
-    for (;;) {
-        if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
-            goto error;
-        i = BIO_read(key, &(buf->data[size]), 1024 * 10);
-        size += i;
-        if (i == 0)
-            break;
-        if (i < 0) {
-            BIO_printf(bio_err, "Error reading %s %s", key_descrip, file);
-            goto error;
-        }
-    }
-    p = (unsigned char *)buf->data;
-    rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL, 0);
-    if (rsa == NULL)
-        goto error;
-    BUF_MEM_free(buf);
-    EVP_PKEY_set1_RSA(pkey, rsa);
-    return pkey;
- error:
-    BUF_MEM_free(buf);
-    EVP_PKEY_free(pkey);
-    return NULL;
-}
-#endif                          /* ndef OPENSSL_NO_RC4 */
-
 static int load_certs_crls(const char *file, int format,
                            const char *pass, ENGINE *e, const char *desc,
                            STACK_OF(X509) **pcerts,
diff --git a/apps/apps.h b/apps/apps.h
index b83d4b2aee..2823cbcadf 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -532,7 +532,6 @@ void store_setup_crl_download(X509_STORE *st);
 # define FORMAT_ASN1     1
 # define FORMAT_TEXT     2
 # define FORMAT_PEM      3
-# define FORMAT_NETSCAPE 4
 # define FORMAT_PKCS12   5
 # define FORMAT_SMIME    6
 # define FORMAT_ENGINE   7
diff --git a/apps/opt.c b/apps/opt.c
index b81cec4fa7..bfb039e872 100644
--- a/apps/opt.c
+++ b/apps/opt.c
@@ -256,15 +256,11 @@ int opt_format(const char *s, unsigned long flags, int *result)
         break;
     case 'N':
     case 'n':
-        if (strcmp(s, "NSS") == 0 || strcmp(s, "nss") == 0) {
-            if ((flags & OPT_FMT_NSS) == 0)
-                return opt_format_error(s, flags);
-            *result = FORMAT_NSS;
-        } else {
-            if ((flags & OPT_FMT_NETSCAPE) == 0)
-                return opt_format_error(s, flags);
-            *result = FORMAT_NETSCAPE;
-        }
+        if ((flags & OPT_FMT_NSS) == 0)
+            return opt_format_error(s, flags);
+        if (strcmp(s, "NSS") != 0 && strcmp(s, "nss") != 0)
+            return opt_format_error(s, flags);
+        *result = FORMAT_NSS;
         break;
     case 'S':
     case 's':
diff --git a/apps/rsa.c b/apps/rsa.c
index f6961d9baf..c7ad44b75d 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -352,19 +352,6 @@ int rsa_main(int argc, char **argv)
             i = i2d_RSAPrivateKey_bio(out, rsa);
         }
     }
-# ifndef OPENSSL_NO_RC4
-    else if (outformat == FORMAT_NETSCAPE) {
-        unsigned char *p, *save;
-        int size = i2d_RSA_NET(rsa, NULL, NULL, 0);
-
-        save = p = app_malloc(size, "RSA i2d buffer");
-        assert(private);
-        i2d_RSA_NET(rsa, &p, NULL, 0);
-        BIO_write(out, (char *)save, size);
-        OPENSSL_free(save);
-        i = 1;
-    }
-# endif
     else if (outformat == FORMAT_PEM) {
         if (pubout || pubin) {
             if (pubout == 2)
diff --git a/apps/x509.c b/apps/x509.c
index 18e13e7921..2fd92f4dcf 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -913,16 +913,6 @@ int x509_main(int argc, char **argv)
             i = PEM_write_bio_X509_AUX(out, x);
         else
             i = PEM_write_bio_X509(out, x);
-    } else if (outformat == FORMAT_NETSCAPE) {
-        NETSCAPE_X509 nx;
-        ASN1_OCTET_STRING hdr;
-
-        hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
-        hdr.length = strlen(NETSCAPE_CERT_HDR);
-        nx.header = &hdr;
-        nx.cert = x;
-
-        i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
     } else {
         BIO_printf(bio_err, "bad output format specified for outfile\n");
         goto end;