From d1eec097b99c3d16ada855505b406daa9ceb7d4f Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Wed, 12 Feb 2020 10:10:44 +1000
Subject: Deprecate EC command line apps.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11106)
---
 apps/pkeyparam.c | 15 +++++++--------
 apps/progs.c     |  8 ++++----
 apps/progs.pl    |  3 ++-
 3 files changed, 13 insertions(+), 13 deletions(-)

(limited to 'apps')

diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 552ba56d99..5521909d99 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -9,6 +9,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <stdlib.h>
 #include "apps.h"
 #include "progs.h"
 #include <openssl/pem.h>
@@ -44,9 +45,11 @@ int pkeyparam_main(int argc, char **argv)
     ENGINE *e = NULL;
     BIO *in = NULL, *out = NULL;
     EVP_PKEY *pkey = NULL;
-    int text = 0, noout = 0, ret = 1, check = 0;
+    EVP_PKEY_CTX *ctx = NULL;
+    int text = 0, noout = 0, ret = EXIT_FAILURE, check = 0, r;
     OPTION_CHOICE o;
     char *infile = NULL, *outfile = NULL, *prog;
+    unsigned long err;
 
     prog = opt_init(argc, argv, pkeyparam_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -98,9 +101,6 @@ int pkeyparam_main(int argc, char **argv)
     }
 
     if (check) {
-        int r;
-        EVP_PKEY_CTX *ctx;
-
         ctx = EVP_PKEY_CTX_new(pkey, e);
         if (ctx == NULL) {
             ERR_print_errors(bio_err);
@@ -116,8 +116,6 @@ int pkeyparam_main(int argc, char **argv)
              * Note: at least for RSA keys if this function returns
              * -1, there will be no error reasons.
              */
-            unsigned long err;
-
             BIO_printf(out, "Parameters are invalid\n");
 
             while ((err = ERR_peek_error()) != 0) {
@@ -125,8 +123,8 @@ int pkeyparam_main(int argc, char **argv)
                            ERR_reason_error_string(err));
                 ERR_get_error(); /* remove err from error stack */
             }
+            goto end;
         }
-        EVP_PKEY_CTX_free(ctx);
     }
 
     if (!noout)
@@ -135,9 +133,10 @@ int pkeyparam_main(int argc, char **argv)
     if (text)
         EVP_PKEY_print_params(out, pkey, 0, NULL);
 
-    ret = 0;
+    ret = EXIT_SUCCESS;
 
  end:
+    EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
     release_engine(e);
     BIO_free_all(out);
diff --git a/apps/progs.c b/apps/progs.c
index eba50e8daf..c4fb1790e6 100644
--- a/apps/progs.c
+++ b/apps/progs.c
@@ -33,11 +33,11 @@ FUNCTION functions[] = {
 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     {FT_general, "dsaparam", dsaparam_main, dsaparam_options, "pkeyparam"},
 #endif
-#ifndef OPENSSL_NO_EC
-    {FT_general, "ec", ec_main, ec_options, NULL},
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+    {FT_general, "ec", ec_main, ec_options, "pkey"},
 #endif
-#ifndef OPENSSL_NO_EC
-    {FT_general, "ecparam", ecparam_main, ecparam_options, NULL},
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+    {FT_general, "ecparam", ecparam_main, ecparam_options, "pkeyparam"},
 #endif
     {FT_general, "enc", enc_main, enc_options, NULL},
 #ifndef OPENSSL_NO_ENGINE
diff --git a/apps/progs.pl b/apps/progs.pl
index 4f1d1c29af..b4ff4b7d55 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -95,7 +95,6 @@ EOF
         genrsa   => "rsa",
         rsautl   => "rsa",
         gendh    => "dh",
-        ecparam  => "ec",
         pkcs12   => "des",
     );
     my %cmd_deprecated = (
@@ -103,6 +102,8 @@ EOF
         dsaparam => [ "3_0", "pkeyparam", "dsa" ],
         dsa      => [ "3_0", "pkey",      "dsa" ],
         gendsa   => [ "3_0", "genpkey",   "dsa" ],
+        ec       => [ "3_0", "pkey",      "ec" ],
+        ecparam  => [ "3_0", "pkeyparam", "ec" ],
     );
 
     print "FUNCTION functions[] = {\n";
-- 
cgit v1.2.3