From 3a1ee3c1993c588a22cb80f1d0eb6237f83a1560 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 17 Dec 2020 21:37:15 +0100 Subject: Drop OPENSSL_NO_RSA everywhere The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so this is simply a cleanup of the remains. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13700) --- Configure | 4 +- apps/lib/apps.c | 4 +- apps/list.c | 3 - apps/req.c | 11 +- apps/s_server.c | 4 +- apps/speed.c | 57 +++--- apps/x509.c | 4 +- crypto/asn1/asn1_item_list.h | 4 +- crypto/asn1/d2i_pu.c | 2 - crypto/asn1/i2d_evp.c | 2 - crypto/asn1/standard_methods.h | 4 - crypto/engine/eng_fat.c | 4 - crypto/engine/eng_list.c | 2 - crypto/engine/eng_openssl.c | 2 - crypto/err/err_all.c | 2 - crypto/evp/p_dec.c | 4 - crypto/evp/p_enc.c | 4 - crypto/evp/pmeth_lib.c | 4 - crypto/pem/pem_all.c | 8 +- crypto/pem/pem_info.c | 7 +- crypto/x509/x_all.c | 7 +- crypto/x509/x_pubkey.c | 2 - engines/e_devcrypto.c | 2 - include/crypto/evp.h | 2 - include/openssl/evp.h | 8 +- include/openssl/pem.h | 2 - include/openssl/rsa.h | 180 +++++++++--------- include/openssl/ssl.h.in | 16 +- include/openssl/x509.h.in | 6 - providers/fips/self_test_data.inc | 7 - ssl/s3_lib.c | 4 - ssl/ssl_ciph.c | 4 - ssl/statem/statem_clnt.c | 7 - ssl/statem/statem_srvr.c | 6 - test/acvp_test.c | 10 - test/acvp_test.inc | 3 - test/evp_test.c | 4 - test/rsa_mp_test.c | 8 +- test/rsa_sp800_56b_test.c | 12 +- test/rsa_test.c | 12 +- test/ssl_old_test.c | 4 +- util/libcrypto.num | 372 +++++++++++++++++++------------------- util/libssl.num | 12 +- 43 files changed, 337 insertions(+), 489 deletions(-) diff --git a/Configure b/Configure index 064171bbf9..f0ad787bc4 100755 --- a/Configure +++ b/Configure @@ -75,7 +75,7 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # 386 generate 80386 code in assembly modules # no-sse2 disables IA-32 SSE2 code in assembly modules, the above # mentioned '386' option implies this one -# no- build without specified algorithm (rsa, idea, rc5, ...) +# no- build without specified algorithm (dsa, idea, rc5, ...) # - + All options which are unknown to the 'Configure' script are # / passed through to the compiler. Unix-style options beginning # with a '-' or '+' are recognized, as well as Windows-style @@ -292,7 +292,7 @@ $config{perlargv} = [ @argvcopy ]; # 'unshift' adds at the front of the list (i.e. in reverse input order). foreach ( reverse sort( 'aes', 'aria', 'bf', 'camellia', 'cast', 'des', 'dh', 'dsa', 'ec', 'hmac', 'idea', 'md2', 'md5', 'mdc2', - 'rc2', 'rc4', 'rc5', 'ripemd', 'rsa', 'seed', 'sha', + 'rc2', 'rc4', 'rc5', 'ripemd', 'seed', 'sha', 'sm2', 'sm3', 'sm4') ) { unshift @argvcopy, "no-$_" if ! -d catdir($srcdir, 'crypto', $_); } diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 703518ce8c..1998a8bc2f 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -34,9 +34,7 @@ #include #include #include -#ifndef OPENSSL_NO_RSA -# include -#endif +#include #include #include #include diff --git a/apps/list.c b/apps/list.c index 986a288757..72c4205e9a 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1261,9 +1261,6 @@ static void list_disabled(void) #ifdef OPENSSL_NO_RMD160 BIO_puts(bio_out, "RMD160\n"); #endif -#ifdef OPENSSL_NO_RSA - BIO_puts(bio_out, "RSA\n"); -#endif #ifdef OPENSSL_NO_SCRYPT BIO_puts(bio_out, "SCRYPT\n"); #endif diff --git a/apps/req.c b/apps/req.c index 84b6a4c00c..acd0cd09cb 100644 --- a/apps/req.c +++ b/apps/req.c @@ -25,9 +25,7 @@ #include #include #include -#ifndef OPENSSL_NO_RSA -# include -#endif +#include #ifndef OPENSSL_NO_DSA # include #endif @@ -939,7 +937,6 @@ int req_main(int argc, char **argv) goto end; } fprintf(stdout, "Modulus="); -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_is_a(tpubkey, "RSA")) { BIGNUM *n; @@ -947,9 +944,9 @@ int req_main(int argc, char **argv) EVP_PKEY_get_bn_param(pkey, "n", &n); BN_print(out, n); BN_free(n); - } else -#endif + } else { fprintf(stdout, "Wrong Algorithm type"); + } fprintf(stdout, "\n"); } @@ -1596,7 +1593,6 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_CTX_free(gctx); return NULL; } -#ifndef OPENSSL_NO_RSA if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) { if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) { BIO_puts(bio_err, "Error setting RSA keysize\n"); @@ -1605,7 +1601,6 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, return NULL; } } -#endif return gctx; } diff --git a/apps/s_server.c b/apps/s_server.c index 94417a206b..2f9b469953 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -48,9 +48,7 @@ typedef unsigned int u_int; #ifndef OPENSSL_NO_DH # include #endif -#ifndef OPENSSL_NO_RSA -# include -#endif +#include #ifndef OPENSSL_NO_SRP # include #endif diff --git a/apps/speed.c b/apps/speed.c index 07c2238ab2..5b944290fc 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -101,7 +101,7 @@ #ifndef OPENSSL_NO_CAST # include #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 # include # include "./testrsa.h" #endif @@ -155,9 +155,10 @@ static int usertime = 1; static double Time_F(int s); static void print_message(const char *s, long num, int length, int tm); -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) static void pkey_print_message(const char *str, const char *str2, long num, unsigned int bits, int sec); #endif @@ -433,7 +434,7 @@ static const OPT_PAIR dsa_choices[DSA_NUM] = { static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */ #endif /* OPENSSL_NO_DSA */ -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 enum { R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680, R_RSA_15360, RSA_NUM @@ -449,7 +450,7 @@ static const OPT_PAIR rsa_choices[RSA_NUM] = { }; static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ -#endif /* OPENSSL_NO_RSA */ +#endif /* OPENSSL_NO_DEPRECATED_3_0 */ #ifndef OPENSSL_NO_DH enum ff_params_t { @@ -575,7 +576,7 @@ typedef struct loopargs_st { unsigned char *key; unsigned int siglen; size_t sigsize; -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 RSA *rsa_key[RSA_NUM]; #endif #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) @@ -1060,7 +1061,7 @@ static int EVP_CMAC_loop(void *args) } #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */ static int RSA_sign_loop(void *args) @@ -1513,9 +1514,10 @@ int speed_main(int argc, char **argv) #ifndef NO_FORK int multi = 0; #endif -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) long op_count = 1; #endif openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS, @@ -1562,7 +1564,7 @@ int speed_main(int argc, char **argv) #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0) CAMELLIA_KEY camellia_ks[3]; #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 static const struct { const unsigned char *data; unsigned int length; @@ -1829,7 +1831,7 @@ int speed_main(int argc, char **argv) doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1; continue; } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 if (strcmp(algo, "openssl") == 0) /* just for compatibility */ continue; if (strncmp(algo, "rsa", 3) == 0) { @@ -2009,15 +2011,15 @@ int speed_main(int argc, char **argv) memset(doit, 1, sizeof(doit)); doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0; #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_MDC2] = 0; + doit[D_MDC2] = 0; #endif #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_MD4] = 0; + doit[D_MD4] = 0; #endif #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0) - doit[D_RMD160] = 0; + doit[D_RMD160] = 0; #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 memset(rsa_doit, 1, sizeof(rsa_doit)); #endif #ifndef OPENSSL_NO_DH @@ -2044,7 +2046,7 @@ int speed_main(int argc, char **argv) "You have chosen to measure elapsed time " "instead of user CPU time.\n"); -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (i = 0; i < loopargs_len; i++) { if (primes > RSA_DEFAULT_PRIME_NUM) { /* for multi-prime RSA, skip this */ @@ -2214,7 +2216,7 @@ int speed_main(int argc, char **argv) c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1; } -# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +# ifndef OPENSSL_NO_DEPRECATED_3_0 rsa_c[R_RSA_512][0] = count / 2000; rsa_c[R_RSA_512][1] = count / 400; for (i = 1; i < RSA_NUM; i++) { @@ -2983,7 +2985,7 @@ int speed_main(int argc, char **argv) if (RAND_bytes(loopargs[i].buf, 36) <= 0) goto end; -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (testnum = 0; testnum < RSA_NUM; testnum++) { int st = 0; if (!rsa_doit[testnum]) @@ -3073,7 +3075,7 @@ int speed_main(int argc, char **argv) stop_it(rsa_doit, testnum); } } -#endif /* OPENSSL_NO_RSA */ +#endif /* OPENSSL_NO_DEPRECATED_3_0 */ for (i = 0; i < loopargs_len; i++) if (RAND_bytes(loopargs[i].buf, 36) <= 0) @@ -3879,7 +3881,7 @@ int speed_main(int argc, char **argv) } printf("\n"); } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 testnum = 1; for (k = 0; k < RSA_NUM; k++) { if (!rsa_doit[k]) @@ -4026,7 +4028,7 @@ int speed_main(int argc, char **argv) OPENSSL_free(loopargs[i].buf_malloc); OPENSSL_free(loopargs[i].buf2_malloc); -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 for (k = 0; k < RSA_NUM; k++) RSA_free(loopargs[i].rsa_key[k]); #endif @@ -4109,9 +4111,10 @@ static void print_message(const char *s, long num, int length, int tm) #endif } -#if (!defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || (!defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)) \ - || !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +#if !defined(OPENSSL_NO_DEPRECATED_3_0) \ + || !defined(OPENSSL_NO_DSA) \ + || !defined(OPENSSL_NO_DH) \ + || !defined(OPENSSL_NO_EC) static void pkey_print_message(const char *str, const char *str2, long num, unsigned int bits, int tm) { @@ -4236,7 +4239,7 @@ static int do_multi(int multi, int size_num) for (j = 0; j < size_num; ++j) results[alg][j] += atof(sstrsep(&p, sep)); } -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) +#ifndef OPENSSL_NO_DEPRECATED_3_0 else if (strncmp(buf, "+F2:", 4) == 0) { int k; double d; diff --git a/apps/x509.c b/apps/x509.c index 5de25c1e2c..c8fcb7a7ae 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -21,9 +21,7 @@ #include #include #include -#ifndef OPENSSL_NO_RSA -# include -#endif +#include #ifndef OPENSSL_NO_DSA # include #endif diff --git a/crypto/asn1/asn1_item_list.h b/crypto/asn1/asn1_item_list.h index b5a8661bd4..01d9076350 100644 --- a/crypto/asn1/asn1_item_list.h +++ b/crypto/asn1/asn1_item_list.h @@ -134,13 +134,11 @@ static ASN1_ITEM_EXP *asn1_item_list[] = { ASN1_ITEM_ref(POLICY_MAPPING), ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), ASN1_ITEM_ref(PROXY_POLICY), -#ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +#ifndef OPENSSL_NO_DEPRECATED_3_0 ASN1_ITEM_ref(RSAPrivateKey), ASN1_ITEM_ref(RSAPublicKey), ASN1_ITEM_ref(RSA_OAEP_PARAMS), ASN1_ITEM_ref(RSA_PSS_PARAMS), -# endif #endif #ifndef OPENSSL_NO_SCRYPT ASN1_ITEM_ref(SCRYPT_PARAMS), diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 6b3506e314..b6c7da772c 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -44,14 +44,12 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, } switch (EVP_PKEY_id(ret)) { -#ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } break; -#endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: /* TMP UGLY CAST */ diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c index 3df49a1701..599c512901 100644 --- a/crypto/asn1/i2d_evp.c +++ b/crypto/asn1/i2d_evp.c @@ -107,10 +107,8 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp) return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_structures, pp); } switch (EVP_PKEY_id(a)) { -#ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp); -#endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(a), pp); diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h index 59fa726991..7d225b308a 100644 --- a/crypto/asn1/standard_methods.h +++ b/crypto/asn1/standard_methods.h @@ -13,10 +13,8 @@ * is used to search it. */ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { -#ifndef OPENSSL_NO_RSA &rsa_asn1_meths[0], &rsa_asn1_meths[1], -#endif #ifndef OPENSSL_NO_DH &dh_asn1_meth, #endif @@ -30,9 +28,7 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { #ifndef OPENSSL_NO_EC &eckey_asn1_meth, #endif -#ifndef OPENSSL_NO_RSA &rsa_pss_asn1_meth, -#endif #ifndef OPENSSL_NO_DH &dhx_asn1_meth, #endif diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c index 78537057b7..0cf27715c5 100644 --- a/crypto/engine/eng_fat.c +++ b/crypto/engine/eng_fat.c @@ -20,10 +20,8 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) return 0; if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) return 0; -#ifndef OPENSSL_NO_RSA if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) return 0; -#endif #ifndef OPENSSL_NO_DSA if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) return 0; @@ -96,9 +94,7 @@ int ENGINE_register_complete(ENGINE *e) { ENGINE_register_ciphers(e); ENGINE_register_digests(e); -#ifndef OPENSSL_NO_RSA ENGINE_register_RSA(e); -#endif #ifndef OPENSSL_NO_DSA ENGINE_register_DSA(e); #endif diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index de3475fe22..be08804665 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -250,9 +250,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) { dest->id = src->id; dest->name = src->name; -#ifndef OPENSSL_NO_RSA dest->rsa_meth = src->rsa_meth; -#endif #ifndef OPENSSL_NO_DSA dest->dsa_meth = src->dsa_meth; #endif diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 4214ebdfda..3ca95abc13 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -98,9 +98,7 @@ static int bind_helper(ENGINE *e) || !ENGINE_set_name(e, engine_openssl_name) || !ENGINE_set_destroy_function(e, openssl_destroy) #ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS -# ifndef OPENSSL_NO_RSA || !ENGINE_set_RSA(e, RSA_get_default_method()) -# endif # ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) # endif diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index e90928edef..1d26c19d90 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -51,9 +51,7 @@ int err_load_crypto_strings_int(void) #ifndef OPENSSL_NO_ERR || err_load_ERR_strings_int() == 0 /* include error strings for SYSerr */ || err_load_BN_strings_int() == 0 -# ifndef OPENSSL_NO_RSA || err_load_RSA_strings_int() == 0 -# endif # ifndef OPENSSL_NO_DH || err_load_DH_strings_int() == 0 # endif diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c index c71e88d9b0..6ac344e394 100644 --- a/crypto/evp/p_dec.c +++ b/crypto/evp/p_dec.c @@ -22,11 +22,8 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, { int ret = -1; -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) { -#endif ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef OPENSSL_NO_RSA goto err; } @@ -34,6 +31,5 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv), RSA_PKCS1_PADDING); err: -#endif return ret; } diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c index 4847c752ed..bdc490d884 100644 --- a/crypto/evp/p_enc.c +++ b/crypto/evp/p_enc.c @@ -22,17 +22,13 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, { int ret = 0; -#ifndef OPENSSL_NO_RSA if (EVP_PKEY_id(pubk) != EVP_PKEY_RSA) { -#endif ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef OPENSSL_NO_RSA goto err; } ret = RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk), RSA_PKCS1_PADDING); err: -#endif return ret; } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 8fc309dc99..7c2e648209 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -49,9 +49,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; /* This array needs to be in order of NIDs */ static pmeth_fn standard_methods[] = { -# ifndef OPENSSL_NO_RSA ossl_rsa_pkey_method, -# endif # ifndef OPENSSL_NO_DH dh_pkey_method, # endif @@ -61,9 +59,7 @@ static pmeth_fn standard_methods[] = { # ifndef OPENSSL_NO_EC ec_pkey_method, # endif -# ifndef OPENSSL_NO_RSA ossl_rsa_pss_pkey_method, -# endif # ifndef OPENSSL_NO_DH dhx_pkey_method, # endif diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index ea758f04be..5f73f93ce8 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -25,9 +25,7 @@ #include #include "pem_local.h" -#ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); -#endif #ifndef OPENSSL_NO_DSA static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); #endif @@ -46,7 +44,6 @@ IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) #ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA /* * We treat RSA or DSA private keys as a special case. For private keys we * read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract @@ -77,7 +74,7 @@ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, return pkey_get_rsa(pktmp, rsa); } -# ifndef OPENSSL_NO_STDIO +# ifndef OPENSSL_NO_STDIO RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) { @@ -86,12 +83,11 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) return pkey_get_rsa(pktmp, rsa); } -# endif +# endif IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) -# endif #endif #ifndef OPENSSL_NO_DSA static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 7537e5a31f..3911fdc5ee 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -124,9 +124,7 @@ STACK_OF(X509_INFO) goto start; } pp = &(xi->crl); - } else -#ifndef OPENSSL_NO_RSA - if (strcmp(name, PEM_STRING_RSA) == 0) { + } else if (strcmp(name, PEM_STRING_RSA) == 0) { d2i = (D2I_OF(void)) d2i_RSAPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret, xi)) @@ -147,7 +145,6 @@ STACK_OF(X509_INFO) if ((int)strlen(header) > 10) /* assume encrypted */ raw = 1; } else -#endif #ifndef OPENSSL_NO_DSA if (strcmp(name, PEM_STRING_DSA) == 0) { d2i = (D2I_OF(void)) d2i_DSAPrivateKey; @@ -335,13 +332,11 @@ int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc, goto err; } else { /* Add DSA/DH */ -#ifndef OPENSSL_NO_RSA /* normal optionally encrypted stuff */ if (PEM_write_bio_RSAPrivateKey(bp, EVP_PKEY_get0_RSA(xi->x_pkey->dec_pkey), enc, kstr, klen, cb, u) <= 0) goto err; -#endif } } diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 96dda91a95..680a1cf48c 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -226,9 +226,7 @@ int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req) return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); } -#ifndef OPENSSL_NO_RSA - -# ifndef OPENSSL_NO_STDIO +#ifndef OPENSSL_NO_STDIO RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) { return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); @@ -260,7 +258,7 @@ int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa) { return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa); } -# endif +#endif RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) { @@ -291,7 +289,6 @@ int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa) { return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa); } -#endif #ifndef OPENSSL_NO_DSA # ifndef OPENSSL_NO_STDIO diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index f2caa0b834..a9beef682b 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -360,7 +360,6 @@ int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp) /* * The following are equivalents but which return RSA and DSA keys */ -#ifndef OPENSSL_NO_RSA RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) { EVP_PKEY *pkey; @@ -400,7 +399,6 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) EVP_PKEY_free(pktmp); return ret; } -#endif #ifndef OPENSSL_NO_DSA DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c index 85815e2e5a..d54ca3bbc1 100644 --- a/engines/e_devcrypto.c +++ b/engines/e_devcrypto.c @@ -1252,9 +1252,7 @@ static int bind_devcrypto(ENGINE *e) { * /Richard Levitte, 2017-05-11 */ #if 0 -# ifndef OPENSSL_NO_RSA && ENGINE_set_RSA(e, devcrypto_rsa) -# endif # ifndef OPENSSL_NO_DSA && ENGINE_set_DSA(e, devcrypto_dsa) # endif diff --git a/include/crypto/evp.h b/include/crypto/evp.h index c6cbd787a7..20335e9a32 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -600,9 +600,7 @@ struct evp_pkey_st { ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */ union { void *ptr; -# ifndef OPENSSL_NO_RSA struct rsa_st *rsa; /* RSA */ -# endif # ifndef OPENSSL_NO_DSA struct dsa_st *dsa; /* DSA */ # endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 4978d6e204..692a6832c3 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -481,10 +481,8 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, int en_de); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA -# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ +# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ (rsa)) -# endif # endif # ifndef OPENSSL_NO_DSA @@ -765,7 +763,6 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen); -# ifndef OPENSSL_NO_RSA __owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv); @@ -775,7 +772,6 @@ __owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk); __owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -# endif EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void); void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx); @@ -1243,7 +1239,6 @@ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len); # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA struct rsa_st; OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); @@ -1251,7 +1246,6 @@ OSSL_DEPRECATEDIN_3_0 struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey); OSSL_DEPRECATEDIN_3_0 struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); -# endif # endif # ifndef OPENSSL_NO_DSA struct dsa_st; diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 37e9666b8f..97d52e729b 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -444,11 +444,9 @@ DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) DECLARE_PEM_rw(PKCS8, X509_SIG) DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, RSAPrivateKey, RSA) DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSAPublicKey, RSA) DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSA_PUBKEY, RSA) -# endif # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DSA diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index 31bd0b239e..82f4a9adba 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -18,59 +18,58 @@ # include -# ifndef OPENSSL_NO_RSA -# include -# include -# include -# include -# ifndef OPENSSL_NO_DEPRECATED_1_1_0 -# include -# endif -# include -# include +# include +# include +# include +# include +# ifndef OPENSSL_NO_DEPRECATED_1_1_0 +# include +# endif +# include +# include -# ifdef __cplusplus +# ifdef __cplusplus extern "C" { -# endif +# endif -# ifndef OPENSSL_RSA_MAX_MODULUS_BITS -# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 -# endif +# ifndef OPENSSL_RSA_MAX_MODULUS_BITS +# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 +# endif -# define RSA_3 0x3L -# define RSA_F4 0x10001L +# define RSA_3 0x3L +# define RSA_F4 0x10001L -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 /* The types RSA and RSA_METHOD are defined in ossl_typ.h */ -# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 2048 +# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 2048 -# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS -# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 -# endif +# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS +# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 +# endif /* exponent limit enforced for "large" modulus only */ -# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS -# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 -# endif +# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS +# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 +# endif /* based on RFC 8017 appendix A.1.2 */ -# define RSA_ASN1_VERSION_DEFAULT 0 -# define RSA_ASN1_VERSION_MULTI 1 +# define RSA_ASN1_VERSION_DEFAULT 0 +# define RSA_ASN1_VERSION_MULTI 1 -# define RSA_DEFAULT_PRIME_NUM 2 +# define RSA_DEFAULT_PRIME_NUM 2 -# define RSA_METHOD_FLAG_NO_CHECK 0x0001 -# define RSA_FLAG_CACHE_PUBLIC 0x0002 -# define RSA_FLAG_CACHE_PRIVATE 0x0004 -# define RSA_FLAG_BLINDING 0x0008 -# define RSA_FLAG_THREAD_SAFE 0x0010 +# define RSA_METHOD_FLAG_NO_CHECK 0x0001 +# define RSA_FLAG_CACHE_PUBLIC 0x0002 +# define RSA_FLAG_CACHE_PRIVATE 0x0004 +# define RSA_FLAG_BLINDING 0x0008 +# define RSA_FLAG_THREAD_SAFE 0x0010 /* * This flag means the private key operations will be handled by rsa_mod_exp * and that they do not depend on the private key components being present: * for example a key stored in external hardware. Without this flag * bn_mod_exp gets called when private key components are absent. */ -# define RSA_FLAG_EXT_PKEY 0x0020 +# define RSA_FLAG_EXT_PKEY 0x0020 /* * new with 0.9.6j and 0.9.7b; the built-in @@ -78,14 +77,14 @@ extern "C" { * default (ignoring RSA_FLAG_BLINDING), * but other engines might not need it */ -# define RSA_FLAG_NO_BLINDING 0x0080 -# endif /* OPENSSL_NO_DEPRECATED_3_0 */ +# define RSA_FLAG_NO_BLINDING 0x0080 +# endif /* OPENSSL_NO_DEPRECATED_3_0 */ /* * Does nothing. Previously this switched off constant time behaviour. */ -# ifndef OPENSSL_NO_DEPRECATED_1_1_0 -# define RSA_FLAG_NO_CONSTTIME 0x0000 -# endif +# ifndef OPENSSL_NO_DEPRECATED_1_1_0 +# define RSA_FLAG_NO_CONSTTIME 0x0000 +# endif /* deprecated name for the flag*/ /* * new with 0.9.7h; the built-in RSA @@ -95,9 +94,9 @@ extern "C" { * faster variable sliding window method to * be used for all exponents. */ -# ifndef OPENSSL_NO_DEPRECATED_0_9_8 -# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME -# endif +# ifndef OPENSSL_NO_DEPRECATED_0_9_8 +# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME +# endif /*- * New with 3.0: use part of the flags to denote exact type of RSA key, @@ -112,10 +111,10 @@ extern "C" { * * 4 bits allow for 16 types */ -# define RSA_FLAG_TYPE_MASK 0xF000 -# define RSA_FLAG_TYPE_RSA 0x0000 -# define RSA_FLAG_TYPE_RSASSAPSS 0x1000 -# define RSA_FLAG_TYPE_RSAESOAEP 0x2000 +# define RSA_FLAG_TYPE_MASK 0xF000 +# define RSA_FLAG_TYPE_RSA 0x0000 +# define RSA_FLAG_TYPE_RSASSAPSS 0x1000 +# define RSA_FLAG_TYPE_RSAESOAEP 0x2000 int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad_mode); int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad_mode); @@ -127,19 +126,19 @@ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int bits); int EVP_PKEY_CTX_set1_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp); int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes); int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, int saltlen); -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp); -# endif +# endif /* Salt length matches digest */ -# define RSA_PSS_SALTLEN_DIGEST -1 +# define RSA_PSS_SALTLEN_DIGEST -1 /* Verify only: auto detect salt length */ -# define RSA_PSS_SALTLEN_AUTO -2 +# define RSA_PSS_SALTLEN_AUTO -2 /* Set salt length to maximum possible */ -# define RSA_PSS_SALTLEN_MAX -3 +# define RSA_PSS_SALTLEN_MAX -3 /* Old compatible max salt length for sign only */ -# define RSA_PSS_SALTLEN_MAX_SIGN -2 +# define RSA_PSS_SALTLEN_MAX_SIGN -2 int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname, @@ -160,47 +159,47 @@ int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name, int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen); int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label); -# define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \ +# define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, \ EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD, \ 0, (void *)(md)) -# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) -# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) +# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) +# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) -# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) -# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) -# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5) +# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) +# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) +# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5) -# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6) -# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7) -# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8) +# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6) +# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7) +# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8) -# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9) -# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10) +# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9) +# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10) -# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11) -# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12) +# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11) +# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12) -# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13) +# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13) -# define RSA_PKCS1_PADDING 1 -# define RSA_SSLV23_PADDING 2 -# define RSA_NO_PADDING 3 -# define RSA_PKCS1_OAEP_PADDING 4 -# define RSA_X931_PADDING 5 +# define RSA_PKCS1_PADDING 1 +# define RSA_SSLV23_PADDING 2 +# define RSA_NO_PADDING 3 +# define RSA_PKCS1_OAEP_PADDING 4 +# define RSA_X931_PADDING 5 /* EVP_PKEY_ only */ -# define RSA_PKCS1_PSS_PADDING 6 -# define RSA_PKCS1_WITH_TLS_PADDING 7 +# define RSA_PKCS1_PSS_PADDING 6 +# define RSA_PKCS1_WITH_TLS_PADDING 7 -# define RSA_PKCS1_PADDING_SIZE 11 +# define RSA_PKCS1_PADDING_SIZE 11 -# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) -# define RSA_get_app_data(s) RSA_get_ex_data(s,0) +# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) +# define RSA_get_app_data(s) RSA_get_ex_data(s,0) -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void); OSSL_DEPRECATEDIN_3_0 RSA *RSA_new_method(ENGINE *engine); OSSL_DEPRECATEDIN_3_0 int RSA_bits(const RSA *rsa); @@ -246,17 +245,17 @@ OSSL_DEPRECATEDIN_3_0 int RSA_test_flags(const RSA *r, int flags); OSSL_DEPRECATEDIN_3_0 void RSA_set_flags(RSA *r, int flags); OSSL_DEPRECATEDIN_3_0 int RSA_get_version(RSA *r); OSSL_DEPRECATEDIN_3_0 ENGINE *RSA_get0_engine(const RSA *r); -# endif /* !OPENSSL_NO_DEPRECATED_3_0 */ +# endif /* !OPENSSL_NO_DEPRECATED_3_0 */ /* Deprecated version */ -# ifndef OPENSSL_NO_DEPRECATED_0_9_8 +# ifndef OPENSSL_NO_DEPRECATED_0_9_8 OSSL_DEPRECATEDIN_0_9_8 RSA *RSA_generate_key(int bits, unsigned long e, void (*callback) (int, int, void *), void *cb_arg); -# endif +# endif /* New version */ -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); /* Multi-prime version */ @@ -308,7 +307,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPublicKey) DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPrivateKey) -# endif /* !OPENSSL_NO_DEPRECATED_3_0 */ +# endif /* !OPENSSL_NO_DEPRECATED_3_0 */ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2); @@ -333,10 +332,10 @@ typedef struct rsa_oaep_params_st { DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS) -# ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_STDIO +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_STDIO OSSL_DEPRECATEDIN_3_0 int RSA_print_fp(FILE *fp, const RSA *r, int offset); -# endif +# endif OSSL_DEPRECATEDIN_3_0 int RSA_print(BIO *bp, const RSA *r, int offset); @@ -446,7 +445,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen); -# define RSA_get_ex_new_index(l, p, newf, dupf, freef) \ +# define RSA_get_ex_new_index(l, p, newf, dupf, freef) \ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef) OSSL_DEPRECATEDIN_3_0 int RSA_set_ex_data(RSA *r, int idx, void *arg); OSSL_DEPRECATEDIN_3_0 void *RSA_get_ex_data(const RSA *r, int idx); @@ -461,7 +460,7 @@ DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPrivateKey) * result is compliant. */ -# define RSA_FLAG_FIPS_METHOD 0x0400 +# define RSA_FLAG_FIPS_METHOD 0x0400 /* * If this flag is set the operations normally disabled in FIPS mode are @@ -469,12 +468,12 @@ DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPrivateKey) * usage is compliant. */ -# define RSA_FLAG_NON_FIPS_ALLOW 0x0400 +# define RSA_FLAG_NON_FIPS_ALLOW 0x0400 /* * Application has decided PRNG is good enough to generate a key: don't * check. */ -# define RSA_FLAG_CHECKED 0x0800 +# define RSA_FLAG_CHECKED 0x0800 OSSL_DEPRECATEDIN_3_0 RSA_METHOD *RSA_meth_new(const char *name, int flags); OSSL_DEPRECATEDIN_3_0 void RSA_meth_free(RSA_METHOD *meth); @@ -604,8 +603,7 @@ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth, BN_GENCB *cb)); #endif /* !OPENSSL_NO_DEPRECATED_3_0 */ -# ifdef __cplusplus +# ifdef __cplusplus } -# endif # endif #endif diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index 6f2a7f42d1..37b4c82f02 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -1607,13 +1607,11 @@ __owur SSL_verify_cb SSL_get_verify_callback(const SSL *s); void SSL_set_verify(SSL *s, int mode, SSL_verify_cb callback); void SSL_set_verify_depth(SSL *s, int depth); void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg); -# ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 __owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); OSSL_DEPRECATEDIN_3_0 __owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len); -# endif # endif __owur int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); __owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, @@ -1636,22 +1634,18 @@ __owur int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, size_t serverinfo_length); __owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file); -#ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +#ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 __owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); -# endif #endif __owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); __owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type); -#ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +#ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 __owur int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); -# endif #endif __owur int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); @@ -1761,14 +1755,12 @@ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, void *arg); void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg), void *arg); -# ifndef OPENSSL_NO_RSA -# ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 __owur int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); OSSL_DEPRECATEDIN_3_0 __owur int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); -# endif # endif __owur int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); __owur int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in index 0418d41f9a..825c941aeb 100644 --- a/include/openssl/x509.h.in +++ b/include/openssl/x509.h.in @@ -415,14 +415,12 @@ int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl); X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa); OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa); OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa); -# endif # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DSA @@ -461,14 +459,12 @@ int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl); X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa); OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa); OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa); -# endif # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DSA @@ -552,9 +548,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY) EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, OSSL_LIB_CTX *libctx, const char *propq); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# ifndef OPENSSL_NO_RSA DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,RSA, RSA_PUBKEY) -# endif # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DSA diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index ad47037345..4a9bcf450e 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -1008,7 +1008,6 @@ static const ST_KAT_KAS st_kat_kas_tests[] = }; #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */ -#if !defined(OPENSSL_NO_RSA) /* RSA key data */ static const unsigned char rsa_n[] = { 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF, @@ -1275,8 +1274,6 @@ static const unsigned char rsa_asym_expected_encrypt[256] = { 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab, }; -#endif /* OPENSSL_NO_RSA */ - #ifndef OPENSSL_NO_EC /* ECDSA key data */ static const char ecd_curve_name[] = "secp224r1"; @@ -1433,7 +1430,6 @@ static const ST_KAT_PARAM dsa_key[] = { #endif /* OPENSSL_NO_DSA */ static const ST_KAT_SIGN st_kat_sign_tests[] = { -#ifndef OPENSSL_NO_RSA { OSSL_SELF_TEST_DESC_SIGN_RSA, "RSA", @@ -1441,7 +1437,6 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { rsa_crt_key, ITM(rsa_expected_sig) }, -#endif /* OPENSSL_NO_RSA */ #ifndef OPENSSL_NO_EC { OSSL_SELF_TEST_DESC_SIGN_ECDSA, @@ -1469,7 +1464,6 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { }; static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = { -#ifndef OPENSSL_NO_RSA { OSSL_SELF_TEST_DESC_ASYM_RSA_ENC, "RSA", @@ -1497,5 +1491,4 @@ static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = { ITM(rsa_asym_expected_encrypt), ITM(rsa_asym_plaintext_encrypt), }, -#endif /* OPENSSL_NO_RSA */ }; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index c2bdef6eae..298efdc1cb 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4386,20 +4386,16 @@ int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt) if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) { #ifndef OPENSSL_NO_DH -# ifndef OPENSSL_NO_RSA if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH)) return 0; -# endif # ifndef OPENSSL_NO_DSA if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH)) return 0; # endif #endif /* !OPENSSL_NO_DH */ } -#ifndef OPENSSL_NO_RSA if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN)) return 0; -#endif #ifndef OPENSSL_NO_DSA if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN)) return 0; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index b1d3f7919e..64ecc543ba 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -354,10 +354,6 @@ int ssl_load_ciphers(SSL_CTX *ctx) ctx->disabled_mkey_mask = 0; ctx->disabled_auth_mask = 0; -#ifdef OPENSSL_NO_RSA - ctx->disabled_mkey_mask |= SSL_kRSA | SSL_kRSAPSK; - dctx->isabled_auth_mask |= SSL_aRSA; -#endif #ifdef OPENSSL_NO_DSA ctx->disabled_auth_mask |= SSL_aDSS; #endif diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 277998f954..875ea59589 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2808,7 +2808,6 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt) static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt) { -#ifndef OPENSSL_NO_RSA unsigned char *encdata = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = NULL; @@ -2886,10 +2885,6 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt) EVP_PKEY_CTX_free(pctx); return 0; -#else - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; -#endif } static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt) @@ -3556,13 +3551,11 @@ int ssl3_check_cert_and_algorithm(SSL *s) return 0; } #endif -#ifndef OPENSSL_NO_RSA if (alg_k & (SSL_kRSA | SSL_kRSAPSK) && idx != SSL_PKEY_RSA) { SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_MISSING_RSA_ENCRYPTING_CERT); return 0; } -#endif #ifndef OPENSSL_NO_DH if ((alg_k & SSL_kDHE) && (s->s3.peer_tmp == NULL)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 16bd24d103..cc09a23960 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2856,7 +2856,6 @@ static int tls_process_cke_psk_preamble(SSL *s, PACKET *pkt) static int tls_process_cke_rsa(SSL *s, PACKET *pkt) { -#ifndef OPENSSL_NO_RSA size_t outlen; PACKET enc_premaster; EVP_PKEY *rsa = NULL; @@ -2950,11 +2949,6 @@ static int tls_process_cke_rsa(SSL *s, PACKET *pkt) OPENSSL_free(rsa_decrypt); EVP_PKEY_CTX_free(ctx); return ret; -#else - /* Should never happen */ - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; -#endif } static int tls_process_cke_dhe(SSL *s, PACKET *pkt) diff --git a/test/acvp_test.c b/test/acvp_test.c index 5c4a38749f..3d4214c784 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -58,8 +58,6 @@ const OPTIONS *test_get_options(void) return test_options; } -#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \ - || !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) static int pkey_get_bn_bytes(EVP_PKEY *pkey, const char *name, unsigned char **out, size_t *out_len) { @@ -85,10 +83,7 @@ err: BN_free(bn); return 0; } -#endif -#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \ - || !defined(OPENSSL_NO_RSA) static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, const unsigned char *msg, size_t msg_len, unsigned char **sig_out, size_t *sig_out_len) @@ -114,7 +109,6 @@ err: EVP_MD_CTX_free(md_ctx); return ret; } -#endif #ifndef OPENSSL_NO_EC static int ecdsa_keygen_test(int id) @@ -1010,7 +1004,6 @@ err: #endif /* OPENSSL_NO_DH */ -#ifndef OPENSSL_NO_RSA static EVP_PKEY *rsa_keygen(int bits) { EVP_PKEY *key = NULL; @@ -1302,7 +1295,6 @@ err: BN_CTX_free(bn_ctx); return ret; } -#endif /* OPENSSL_NO_RSA */ static int self_test_events(const OSSL_PARAM params[], void *varg) { @@ -1443,13 +1435,11 @@ int setup_tests(void) ADD_ALL_TESTS(aes_ccm_enc_dec_test, OSSL_NELEM(aes_ccm_enc_data)); ADD_ALL_TESTS(aes_gcm_enc_dec_test, OSSL_NELEM(aes_gcm_enc_data)); -#ifndef OPENSSL_NO_RSA ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data)); ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data)); ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data)); ADD_ALL_TESTS(rsa_decryption_primitive_test, OSSL_NELEM(rsa_decrypt_prim_data)); -#endif /* OPENSSL_NO_RSA */ #ifndef OPENSSL_NO_DH ADD_ALL_TESTS(dh_safe_prime_keygen_test, diff --git a/test/acvp_test.inc b/test/acvp_test.inc index eea66c0802..ad11d3ae1e 100644 --- a/test/acvp_test.inc +++ b/test/acvp_test.inc @@ -1010,7 +1010,6 @@ static const struct dh_safe_prime_keyver_st dh_safe_prime_keyver_data[] = { #endif /* OPENSSL_NO_DH */ -#ifndef OPENSSL_NO_RSA struct rsa_keygen_st { size_t mod; const unsigned char *e; @@ -1981,8 +1980,6 @@ static const struct rsa_decrypt_prim_st rsa_decrypt_prim_data[] = { }, }; -#endif /* OPENSSL_NO_RSA */ - struct drbg_st { const char *drbg_name; const char *cipher; diff --git a/test/evp_test.c b/test/evp_test.c index cc579ff310..fecbd9e09d 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -3654,10 +3654,6 @@ static int is_digest_disabled(const char *name) static int is_pkey_disabled(const char *name) { -#ifdef OPENSSL_NO_RSA - if (STR_STARTS_WITH(name, "RSA")) - return 1; -#endif #ifdef OPENSSL_NO_EC if (STR_STARTS_WITH(name, "EC")) return 1; diff --git a/test/rsa_mp_test.c b/test/rsa_mp_test.c index 0f3db5d4da..5405df3424 100644 --- a/test/rsa_mp_test.c +++ b/test/rsa_mp_test.c @@ -26,9 +26,8 @@ #include "testutil.h" -#ifndef OPENSSL_NO_RSA -# include -# include "crypto/rsa.h" +#include +#include "crypto/rsa.h" #define NUM_EXTRA_PRIMES 1 @@ -289,12 +288,9 @@ err: RSA_free(key); return ret; } -#endif int setup_tests(void) { -#ifndef OPENSSL_NO_RSA ADD_ALL_TESTS(test_rsa_mp, 2); -#endif return 1; } diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c index 94369ce701..033983d58e 100644 --- a/test/rsa_sp800_56b_test.c +++ b/test/rsa_sp800_56b_test.c @@ -25,15 +25,8 @@ #include "testutil.h" -#ifdef OPENSSL_NO_RSA -int setup_tests(void) -{ - /* No tests */ - return 1; -} -#else -# include "rsa_local.h" -# include +#include "rsa_local.h" +#include /* taken from RSA2 cavs data */ static const unsigned char cav_e[] = { @@ -550,4 +543,3 @@ int setup_tests(void) ADD_ALL_TESTS(test_sp80056b_keygen, (int)OSSL_NELEM(keygen_size)); return 1; } -#endif diff --git a/test/rsa_test.c b/test/rsa_test.c index 5e7529876a..6badbc7076 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c @@ -27,16 +27,9 @@ #include "testutil.h" -#ifdef OPENSSL_NO_RSA -int setup_tests(void) -{ - /* No tests */ - return 1; -} -#else -# include +#include -# define SetKey \ +#define SetKey \ RSA_set0_key(key, \ BN_bin2bn(n, sizeof(n)-1, NULL), \ BN_bin2bn(e, sizeof(e)-1, NULL), \ @@ -436,4 +429,3 @@ int setup_tests(void) ADD_ALL_TESTS(test_rsa_security_bit, OSSL_NELEM(rsa_security_bits_cases)); return 1; } -#endif diff --git a/test/ssl_old_test.c b/test/ssl_old_test.c index f63aa58b12..4114d94917 100644 --- a/test/ssl_old_test.c +++ b/test/ssl_old_test.c @@ -46,9 +46,7 @@ #include #include #include -#ifndef OPENSSL_NO_RSA -# include -#endif +#include #ifndef OPENSSL_NO_DSA # include #endif diff --git a/util/libcrypto.num b/util/libcrypto.num index d76fd2c1e0..93ca779831 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -41,7 +41,7 @@ EVP_PKEY_meth_set_verify_recover 41 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_ UI_set_method 42 3_0_0 EXIST::FUNCTION: PKCS7_ISSUER_AND_SERIAL_it 43 3_0_0 EXIST::FUNCTION: EC_GROUP_method_of 44 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC -RSA_blinding_on 45 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_blinding_on 45 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_get0_signature 47 3_0_0 EXIST::FUNCTION: X509_REVOKED_get0_extensions 48 3_0_0 EXIST::FUNCTION: NETSCAPE_SPKI_verify 49 3_0_0 EXIST::FUNCTION: @@ -62,7 +62,7 @@ BIO_free_all 63 3_0_0 EXIST::FUNCTION: EVP_idea_ofb 64 3_0_0 EXIST::FUNCTION:IDEA DSO_bind_func 65 3_0_0 EXIST::FUNCTION: EVP_PKEY_meth_get_copy 66 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -RSA_up_ref 67 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_up_ref 67 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_PKEY_meth_set_ctrl 68 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 OCSP_basic_sign 69 3_0_0 EXIST::FUNCTION:OCSP BN_GENCB_set 70 3_0_0 EXIST::FUNCTION: @@ -107,7 +107,7 @@ ASN1_OBJECT_free 108 3_0_0 EXIST::FUNCTION: X509_REQ_get_extensions 109 3_0_0 EXIST::FUNCTION: X509_get_version 110 3_0_0 EXIST::FUNCTION: OCSP_CERTID_dup 111 3_0_0 EXIST::FUNCTION:OCSP -RSA_PSS_PARAMS_free 112 3_0_0 EXIST::FUNCTION:RSA +RSA_PSS_PARAMS_free 112 3_0_0 EXIST::FUNCTION: i2d_TS_MSG_IMPRINT 113 3_0_0 EXIST::FUNCTION:TS EC_POINT_mul 114 3_0_0 EXIST::FUNCTION:EC WHIRLPOOL_Final 115 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,WHIRLPOOL @@ -205,7 +205,7 @@ d2i_CRL_DIST_POINTS 208 3_0_0 EXIST::FUNCTION: X509_CRL_INFO_free 209 3_0_0 EXIST::FUNCTION: ERR_load_UI_strings 210 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ERR_load_strings 211 3_0_0 EXIST::FUNCTION: -RSA_X931_hash_id 212 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_X931_hash_id 212 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EC_KEY_set_method 213 3_0_0 EXIST::FUNCTION:EC PEM_write_PKCS8_PRIV_KEY_INFO 214 3_0_0 EXIST::FUNCTION:STDIO X509at_get0_data_by_OBJ 215 3_0_0 EXIST::FUNCTION: @@ -241,7 +241,7 @@ MDC2 245 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3 BN_clear_free 246 3_0_0 EXIST::FUNCTION: ENGINE_get_pkey_asn1_meths 247 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE DSO_merge 248 3_0_0 EXIST::FUNCTION: -RSA_get_ex_data 249 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_get_ex_data 249 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_PKEY_meth_get_decrypt 250 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 DES_cfb_encrypt 251 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DES CMS_SignerInfo_set1_signer_cert 252 3_0_0 EXIST::FUNCTION:CMS @@ -263,7 +263,7 @@ BIO_dgram_sctp_wait_for_dry 268 3_0_0 EXIST::FUNCTION:DGRAM,SCTP ASN1_OCTET_STRING_NDEF_it 269 3_0_0 EXIST::FUNCTION: EVP_PKEY_asn1_get_count 270 3_0_0 EXIST::FUNCTION: WHIRLPOOL_Init 271 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,WHIRLPOOL -EVP_OpenInit 272 3_0_0 EXIST::FUNCTION:RSA +EVP_OpenInit 272 3_0_0 EXIST::FUNCTION: OCSP_response_get1_basic 273 3_0_0 EXIST::FUNCTION:OCSP CRYPTO_gcm128_tag 274 3_0_0 EXIST::FUNCTION: OSSL_HTTP_parse_url 275 3_0_0 EXIST::FUNCTION: @@ -275,7 +275,7 @@ d2i_PKCS7_ENC_CONTENT 280 3_0_0 EXIST::FUNCTION: BUF_MEM_grow 281 3_0_0 EXIST::FUNCTION: TS_REQ_free 282 3_0_0 EXIST::FUNCTION:TS PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO -RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509V3_EXT_get_nid 285 3_0_0 EXIST::FUNCTION: BIO_s_log 286 3_0_0 EXIST::FUNCTION: EC_POINT_set_to_infinity 287 3_0_0 EXIST::FUNCTION:EC @@ -324,7 +324,7 @@ RAND_load_file 329 3_0_0 EXIST::FUNCTION: BIO_ctrl_reset_read_request 330 3_0_0 EXIST::FUNCTION: CRYPTO_ccm128_tag 331 3_0_0 EXIST::FUNCTION: BIO_new_dgram_sctp 332 3_0_0 EXIST::FUNCTION:DGRAM,SCTP -d2i_RSAPrivateKey_fp 333 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA,STDIO +d2i_RSAPrivateKey_fp 333 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,STDIO s2i_ASN1_IA5STRING 334 3_0_0 EXIST::FUNCTION: UI_get_ex_data 335 3_0_0 EXIST::FUNCTION: EVP_EncryptUpdate 336 3_0_0 EXIST::FUNCTION: @@ -345,7 +345,7 @@ RC4 350 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3 PKCS7_stream 352 3_0_0 EXIST::FUNCTION: i2t_ASN1_OBJECT 353 3_0_0 EXIST::FUNCTION: EC_GROUP_get0_generator 354 3_0_0 EXIST::FUNCTION:EC -RSA_padding_add_PKCS1_PSS_mgf1 355 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_padding_add_PKCS1_PSS_mgf1 355 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_MD_meth_set_init 356 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_get_issuer_name 357 3_0_0 EXIST::FUNCTION: EVP_SignFinal 358 3_0_0 EXIST::FUNCTION: @@ -367,7 +367,7 @@ BIO_new_mem_buf 373 3_0_0 EXIST::FUNCTION: UI_get_input_flags 374 3_0_0 EXIST::FUNCTION: X509V3_EXT_REQ_add_nconf 375 3_0_0 EXIST::FUNCTION: X509v3_asid_subset 376 3_0_0 EXIST::FUNCTION:RFC3779 -RSA_check_key_ex 377 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_check_key_ex 377 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 d2i_TS_MSG_IMPRINT_bio 378 3_0_0 EXIST::FUNCTION:TS i2d_ASN1_TYPE 379 3_0_0 EXIST::FUNCTION: EVP_aes_256_wrap_pad 380 3_0_0 EXIST::FUNCTION: @@ -419,7 +419,7 @@ EVP_aes_128_cbc_hmac_sha1 426 3_0_0 EXIST::FUNCTION: ERR_load_CMS_strings 427 3_0_0 EXIST::FUNCTION:CMS,DEPRECATEDIN_3_0 EVP_MD_CTX_md 428 3_0_0 EXIST::FUNCTION: X509_REVOKED_get_ext 429 3_0_0 EXIST::FUNCTION: -d2i_RSA_PSS_PARAMS 430 3_0_0 EXIST::FUNCTION:RSA +d2i_RSA_PSS_PARAMS 430 3_0_0 EXIST::FUNCTION: USERNOTICE_free 431 3_0_0 EXIST::FUNCTION: MD4_Transform 432 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD4 EVP_CIPHER_block_size 433 3_0_0 EXIST::FUNCTION: @@ -440,7 +440,7 @@ X509_get_default_private_dir 447 3_0_0 EXIST::FUNCTION: X509_STORE_CTX_set0_dane 448 3_0_0 EXIST::FUNCTION: EVP_des_ecb 449 3_0_0 EXIST::FUNCTION:DES OCSP_resp_get0 450 3_0_0 EXIST::FUNCTION:OCSP -RSA_X931_generate_key_ex 452 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA +RSA_X931_generate_key_ex 452 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_get_serialNumber 453 3_0_0 EXIST::FUNCTION: BIO_sock_should_retry 454 3_0_0 EXIST::FUNCTION:SOCK ENGINE_get_digests 455 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE @@ -461,20 +461,20 @@ DH_new 469 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3 OCSP_RESPID_free 470 3_0_0 EXIST::FUNCTIO