From: Richard Levitte Date: Sun, 2 Jun 2019 07:35:51 +0000 (+0200) Subject: Remove init of MACs from EVP X-Git-Tag: openssl-3.0.0-alpha1~1595 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=6a4f9cd113e7fc0734eb4b62e596488e71961040 Remove init of MACs from EVP Now that all our MACs have moved to the default provider, we let it take over completely Reviewed-by: Matt Caswell Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/8877) --- diff --git a/crypto/evp/build.info b/crypto/evp/build.info index eb675f3f97..2546f48d6c 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -16,7 +16,7 @@ SOURCE[../../libcrypto]=$COMMON\ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ e_chacha20_poly1305.c \ - mac_lib.c mac_meth.c c_allm.c pkey_mac.c exchange.c + mac_lib.c mac_meth.c pkey_mac.c exchange.c SOURCE[../../providers/fips]=$COMMON INCLUDE[e_aes.o]=.. ../modes diff --git a/crypto/evp/c_allm.c b/crypto/evp/c_allm.c deleted file mode 100644 index f5442dfa6c..0000000000 --- a/crypto/evp/c_allm.c +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include "internal/evp_int.h" - -void openssl_add_all_macs_int(void) -{ -#ifndef OPENSSL_NO_BLAKE2 - EVP_add_mac(&blake2b_mac_meth); - EVP_add_mac(&blake2s_mac_meth); -#endif -#ifndef OPENSSL_NO_CMAC - EVP_add_mac(&cmac_meth); -#endif - EVP_add_mac(&gmac_meth); - EVP_add_mac(&hmac_meth); - EVP_add_mac(&kmac128_meth); - EVP_add_mac(&kmac256_meth); -#ifndef OPENSSL_NO_SIPHASH - EVP_add_mac(&siphash_meth); -#endif -#ifndef OPENSSL_NO_POLY1305 - EVP_add_mac(&poly1305_meth); -#endif -} diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 5237bcaf24..82db98a1f2 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -56,22 +56,6 @@ int EVP_add_digest(const EVP_MD *md) return r; } -int EVP_add_mac(const EVP_MAC *m) -{ - int r; - - if (m == NULL) - return 0; - - r = OBJ_NAME_add(OBJ_nid2sn(m->type), OBJ_NAME_TYPE_MAC_METH, - (const char *)m); - if (r == 0) - return 0; - r = OBJ_NAME_add(OBJ_nid2ln(m->type), OBJ_NAME_TYPE_MAC_METH, - (const char *)m); - return r; -} - /* TODO(3.0) Is this needed after changing to providers? */ int EVP_add_kdf(const EVP_KDF *k) { @@ -111,17 +95,6 @@ const EVP_MD *EVP_get_digestbyname(const char *name) return cp; } -const EVP_MAC *EVP_get_macbyname(const char *name) -{ - const EVP_MAC *mp; - - if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_MACS, NULL)) - return NULL; - - mp = (const EVP_MAC *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MAC_METH); - return mp; -} - /* TODO(3.0) Is this API needed after implementing providers? */ const EVP_KDF *EVP_get_kdfbyname(const char *name) { @@ -136,7 +109,6 @@ const EVP_KDF *EVP_get_kdfbyname(const char *name) void evp_cleanup_int(void) { - OBJ_NAME_cleanup(OBJ_NAME_TYPE_MAC_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_KDF_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); @@ -237,48 +209,3 @@ void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md, dc.arg = arg; OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc); } - -/* TODO(3.0) Are these do_all API's needed for MAC? */ -struct doall_mac { - void *arg; - void (*fn) (const EVP_MAC *ciph, - const char *from, const char *to, void *arg); -}; - -static void do_all_mac_fn(const OBJ_NAME *nm, void *arg) -{ - struct doall_mac *dc = arg; - - if (nm->alias) - dc->fn(NULL, nm->name, nm->data, dc->arg); - else - dc->fn((const EVP_MAC *)nm->data, nm->name, NULL, dc->arg); -} - -void EVP_MAC_do_all(void (*fn) - (const EVP_MAC *ciph, const char *from, const char *to, - void *x), void *arg) -{ - struct doall_mac dc; - - /* Ignore errors */ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_MACS, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all(OBJ_NAME_TYPE_MAC_METH, do_all_mac_fn, &dc); -} - -void EVP_MAC_do_all_sorted(void (*fn) - (const EVP_MAC *ciph, const char *from, - const char *to, void *x), void *arg) -{ - struct doall_mac dc; - - /* Ignore errors */ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_MACS, NULL); - - dc.fn = fn; - dc.arg = arg; - OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MAC_METH, do_all_mac_fn, &dc); -} diff --git a/crypto/init.c b/crypto/init.c index d5f0ebd7b7..04fd33087a 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -226,26 +226,6 @@ DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, return 1; } -static CRYPTO_ONCE add_all_macs = CRYPTO_ONCE_STATIC_INIT; -DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_macs) -{ - /* - * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time - * pulling in all the macs during static linking - */ -#ifndef OPENSSL_NO_AUTOALGINIT - OSSL_TRACE(INIT, "openssl_add_all_macs_int()\n"); - openssl_add_all_macs_int(); -#endif - return 1; -} - -DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_macs, ossl_init_add_all_macs) -{ - /* Do nothing */ - return 1; -} - static CRYPTO_ONCE add_all_kdfs = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_kdfs) { @@ -558,15 +538,6 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) return 0; - if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS) - && !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs, - ossl_init_add_all_macs)) - return 0; - - if ((opts & OPENSSL_INIT_ADD_ALL_MACS) - && !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs)) - return 0; - if ((opts & OPENSSL_INIT_NO_ADD_ALL_KDFS) && !RUN_ONCE_ALT(&add_all_kdfs, ossl_init_no_add_all_kdfs, ossl_init_add_all_kdfs))