Rewrite obj_xref.c

Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to translate between signature algorithm
OIDs and pairs of OIDs of a message digest and a cipher. The table has
fewer than fifty entries and isn't used in a hot path. Using binary search
is overkill. Just do two linear searches, one for each translation. None
of the original code remains apart from the API.

ok jsing

4 files changed, 291 insertions, 419 deletions

diff --git a/lib/libcrypto/objects/obj_xref.c b/lib/libcrypto/objects/obj_xref.c
index ac1459c1232..7cd3141d14c 100644
--- a/lib/libcrypto/objects/obj_xref.c
+++ b/lib/libcrypto/objects/obj_xref.c
@@ -1,147 +1,313 @@
-/* $OpenBSD: obj_xref.c,v 1.10 2023/07/22 18:12:09 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+/*	$OpenBSD: obj_xref.c,v 1.11 2023/07/22 18:32:05 tb Exp $ */
+
+/*
+ * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
  *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <openssl/objects.h>
-#include "obj_xref.h"
 
-DECLARE_STACK_OF(nid_triple)
-
-static int
-sig_cmp(const nid_triple *a, const nid_triple *b)
-{
-	return a->sign_id - b->sign_id;
-}
+/*
+ * Map between signature nids and pairs of (hash, pkey) nids. If the hash nid
+ * is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's
+ * ASN.1 method needs to handle algorithm identifiers and part of the message
+ * digest.
+ */
 
-static int
-sig_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
-{
-	nid_triple const *a = a_;
-	nid_triple const *b = b_;
-	return sig_cmp(a, b);
-}
+static const struct {
+	int sign_nid;
+	int hash_nid;
+	int pkey_nid;
+} nid_triple[] = {
+	{
+		.sign_nid = NID_md2WithRSAEncryption,
+		.hash_nid = NID_md2,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_md5WithRSAEncryption,
+		.hash_nid = NID_md5,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_shaWithRSAEncryption,
+		.hash_nid = NID_sha,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_sha1WithRSAEncryption,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_dsaWithSHA,
+		.hash_nid = NID_sha,
+		.pkey_nid = NID_dsa,
+	},
+	{
+		.sign_nid = NID_dsaWithSHA1_2,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_dsa_2,
+	},
+	{
+		.sign_nid = NID_mdc2WithRSA,
+		.hash_nid = NID_mdc2,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_md5WithRSA,
+		.hash_nid = NID_md5,
+		.pkey_nid = NID_rsa,
+	},
+	{
+		.sign_nid = NID_dsaWithSHA1,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_dsa,
+	},
+	{
+		.sign_nid = NID_sha1WithRSA,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_rsa,
+	},
+	{
+		.sign_nid = NID_ripemd160WithRSA,
+		.hash_nid = NID_ripemd160,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_md4WithRSAEncryption,
+		.hash_nid = NID_md4,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_SHA1,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_sha256WithRSAEncryption,
+		.hash_nid = NID_sha256,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_sha384WithRSAEncryption,
+		.hash_nid = NID_sha384,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_sha512WithRSAEncryption,
+		.hash_nid = NID_sha512,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_sha224WithRSAEncryption,
+		.hash_nid = NID_sha224,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_Recommended,
+		.hash_nid = NID_undef,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_Specified,
+		.hash_nid = NID_undef,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_SHA224,
+		.hash_nid = NID_sha224,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_SHA256,
+		.hash_nid = NID_sha256,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_SHA384,
+		.hash_nid = NID_sha384,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_ecdsa_with_SHA512,
+		.hash_nid = NID_sha512,
+		.pkey_nid = NID_X9_62_id_ecPublicKey,
+	},
+	{
+		.sign_nid = NID_dsa_with_SHA224,
+		.hash_nid = NID_sha224,
+		.pkey_nid = NID_dsa,
+	},
+	{
+		.sign_nid = NID_dsa_with_SHA256,
+		.hash_nid = NID_sha256,
+		.pkey_nid = NID_dsa,
+	},
+	{
+		.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001,
+		.hash_nid = NID_id_GostR3411_94,
+		.pkey_nid = NID_id_GostR3410_2001,
+	},
+	{
+		.sign_nid = NID_id_GostR3411_94_with_GostR3410_94,
+		.hash_nid = NID_id_GostR3411_94,
+		.pkey_nid = NID_id_GostR3410_94,
+	},
+	{
+		.sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc,
+		.hash_nid = NID_id_GostR3411_94,
+		.pkey_nid = NID_id_GostR3410_94_cc,
+	},
+	{
+		.sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc,
+		.hash_nid = NID_id_GostR3411_94,
+		.pkey_nid = NID_id_GostR3410_2001_cc,
+	},
+	{
+		.sign_nid = NID_rsassaPss,
+		.hash_nid = NID_undef,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256,
+		.hash_nid = NID_id_tc26_gost3411_2012_256,
+		.pkey_nid = NID_id_GostR3410_2001,
+	},
+	{
+		.sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512,
+		.hash_nid = NID_id_tc26_gost3411_2012_512,
+		.pkey_nid = NID_id_GostR3410_2001,
+	},
+	{
+		.sign_nid = NID_Ed25519,
+		.hash_nid = NID_undef,
+		.pkey_nid = NID_Ed25519,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_dh_std_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme,
+		.hash_nid = NID_sha224,
+		.pkey_nid = NID_dh_std_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme,
+		.hash_nid = NID_sha256,
+		.pkey_nid = NID_dh_std_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme,
+		.hash_nid = NID_sha384,
+		.pkey_nid = NID_dh_std_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme,
+		.hash_nid = NID_sha512,
+		.pkey_nid = NID_dh_std_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme,
+		.hash_nid = NID_sha1,
+		.pkey_nid = NID_dh_cofactor_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme,
+		.hash_nid = NID_sha224,
+		.pkey_nid = NID_dh_cofactor_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme,
+		.hash_nid = NID_sha256,
+		.pkey_nid = NID_dh_cofactor_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme,
+		.hash_nid = NID_sha384,
+		.pkey_nid = NID_dh_cofactor_kdf,
+	},
+	{
+		.sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme,
+		.hash_nid = NID_sha512,
+		.pkey_nid = NID_dh_cofactor_kdf,
+	},
+	{
+		.sign_nid = NID_RSA_SHA3_224,
+		.hash_nid = NID_sha3_224,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_RSA_SHA3_256,
+		.hash_nid = NID_sha3_256,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_RSA_SHA3_384,
+		.hash_nid = NID_sha3_384,
+		.pkey_nid = NID_rsaEncryption,
+	},
+	{
+		.sign_nid = NID_RSA_SHA3_512,
+		.hash_nid = NID_sha3_512,
+		.pkey_nid = NID_rsaEncryption,
+	},
+};
 
-static const nid_triple *
-OBJ_bsearch_sig(nid_triple *key, nid_triple const *base, int num)
-{
-	return OBJ_bsearch_(key, base, num, sizeof(nid_triple),
-	    sig_cmp_BSEARCH_CMP_FN);
-}
+#define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0]))
 
-static int
-sigx_cmp(const nid_triple * const *a, const nid_triple * const *b)
+int
+OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid)
 {
-	int ret;
+	size_t i;
 
-	ret = (*a)->hash_id - (*b)->hash_id;
-	if (ret)
-		return ret;
-	return (*a)->pkey_id - (*b)->pkey_id;
-}
+	for (i = 0; i < N_NID_TRIPLES; i++) {
+		if (sign_nid != nid_triple[i].sign_nid)
+			continue;
 
-static int
-sigx_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
-{
-	const nid_triple * const *a = a_;
-	const nid_triple * const *b = b_;
-	return sigx_cmp(a, b);
-}
+		if (hash_nid != NULL)
+			*hash_nid = nid_triple[i].hash_nid;
+		if (pkey_nid != NULL)
+			*pkey_nid = nid_triple[i].pkey_nid;
 
-static const nid_triple * const*
-OBJ_bsearch_sigx(const nid_triple * *key, const nid_triple * const *base, int num)
-{
-	return OBJ_bsearch_(key, base, num, sizeof(const nid_triple *),
-	    sigx_cmp_BSEARCH_CMP_FN);
-}
+		return 1;
+	}
 
-int
-OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
-{
-	nid_triple tmp;
-	const nid_triple *rv = NULL;
-	tmp.sign_id = signid;
-
-	if ((rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
-	    sizeof(sigoid_srt) / sizeof(nid_triple))) == NULL)
-		return 0;
-	if (pdig_nid)
-		*pdig_nid = rv->hash_id;
-	if (ppkey_nid)
-		*ppkey_nid = rv->pkey_id;
-	return 1;
+	return 0;
 }
 LCRYPTO_ALIAS(OBJ_find_sigid_algs);
 
 int
-OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
+OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid)
 {
-	nid_triple tmp;
-	const nid_triple *t = &tmp;
-	const nid_triple *const *rv;
-
-	tmp.hash_id = dig_nid;
-	tmp.pkey_id = pkey_nid;
-
-	if ((rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
-	    sizeof(sigoid_srt_xref) / sizeof(nid_triple *))) == NULL)
-		return 0;
-	if (psignid)
-		*psignid = (*rv)->sign_id;
-	return 1;
+	size_t i;
+
+	for (i = 0; i < N_NID_TRIPLES; i++) {
+		if (hash_nid != nid_triple[i].hash_nid)
+			continue;
+		if (pkey_nid != nid_triple[i].pkey_nid)
+			continue;
+
+		if (sign_nid != NULL)
+			*sign_nid = nid_triple[i].sign_nid;
+
+		return 1;
+	}
+
+	return 0;
 }
 LCRYPTO_ALIAS(OBJ_find_sigid_by_algs);
 
diff --git a/lib/libcrypto/objects/obj_xref.h b/lib/libcrypto/objects/obj_xref.h
deleted file mode 100644
index bff8c685730..00000000000
--- a/lib/libcrypto/objects/obj_xref.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: obj_xref.h,v 1.7 2023/06/15 17:58:27 tb Exp $ */
-/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
-
-__BEGIN_HIDDEN_DECLS
-
-typedef struct
-	{
-	int sign_id;
-	int hash_id;
-	int pkey_id;
-	} nid_triple;
-
-static const nid_triple sigoid_srt[] =
-	{
-	{NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
-	{NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
-	{NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
-	{NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
-	{NID_dsaWithSHA, NID_sha, NID_dsa},
-	{NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
-	{NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
-	{NID_md5WithRSA, NID_md5, NID_rsa},
-	{NID_dsaWithSHA1, NID_sha1, NID_dsa},
-	{NID_sha1WithRSA, NID_sha1, NID_rsa},
-	{NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
-	{NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
-	{NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
-	{NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
-	{NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
-	{NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
-	{NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
-	{NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
-	{NID_dsa_with_SHA224, NID_sha224, NID_dsa},
-	{NID_dsa_with_SHA256, NID_sha256, NID_dsa},
-	{NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
-	{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
-	{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
-	{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
-	{NID_rsassaPss, NID_undef, NID_rsaEncryption},
-	{NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001},
-	{NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001},
-	{NID_Ed25519, NID_undef, NID_Ed25519},
-	{NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
-	{NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
-	{NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
-	{NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
-	{NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
-	{NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
-	{NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
-	{NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
-	{NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
-	{NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
-	{NID_RSA_SHA3_224, NID_sha3_224, NID_rsaEncryption},
-	{NID_RSA_SHA3_256, NID_sha3_256, NID_rsaEncryption},
-	{NID_RSA_SHA3_384, NID_sha3_384, NID_rsaEncryption},
-	{NID_RSA_SHA3_512, NID_sha3_512, NID_rsaEncryption},
-	};
-
-static const nid_triple * const sigoid_srt_xref[] =
-	{
-	&sigoid_srt[29],
-	&sigoid_srt[18],
-	&sigoid_srt[17],
-	&sigoid_srt[32],
-	&sigoid_srt[0],
-	&sigoid_srt[1],
-	&sigoid_srt[7],
-	&sigoid_srt[2],
-	&sigoid_srt[4],
-	&sigoid_srt[3],
-	&sigoid_srt[9],
-	&sigoid_srt[5],
-	&sigoid_srt[8],
-	&sigoid_srt[12],
-	&sigoid_srt[33],
-	&sigoid_srt[38],
-	&sigoid_srt[6],
-	&sigoid_srt[10],
-	&sigoid_srt[11],
-	&sigoid_srt[13],
-	&sigoid_srt[24],
-	&sigoid_srt[20],
-	&sigoid_srt[35],
-	&sigoid_srt[40],
-	&sigoid_srt[14],
-	&sigoid_srt[21],
-	&sigoid_srt[36],
-	&sigoid_srt[41],
-	&sigoid_srt[15],
-	&sigoid_srt[22],
-	&sigoid_srt[37],
-	&sigoid_srt[42],
-	&sigoid_srt[16],
-	&sigoid_srt[23],
-	&sigoid_srt[19],
-	&sigoid_srt[34],
-	&sigoid_srt[39],
-	&sigoid_srt[25],
-	&sigoid_srt[26],
-	&sigoid_srt[27],
-	&sigoid_srt[28],
-	&sigoid_srt[30],
-	&sigoid_srt[31],
-	&sigoid_srt[43],
-	&sigoid_srt[44],
-	&sigoid_srt[45],
-	&sigoid_srt[46],
-	};
-
-__END_HIDDEN_DECLS
diff --git a/lib/libcrypto/objects/obj_xref.txt b/lib/libcrypto/objects/obj_xref.txt
deleted file mode 100644
index 712b21a08e0..00000000000
--- a/lib/libcrypto/objects/obj_xref.txt
+++ /dev/null
@@ -1,68 +0,0 @@
-# OID cross reference table.
-# Links signatures OIDs to their corresponding public key algorithms
-# and digests. The digest "undef" indicates the public key's ASN.1
-# method should handle AlgorithmIdentifiers and (at least part of) the
-# message digest explicitly.
-
-md2WithRSAEncryption	md2	rsaEncryption
-md5WithRSAEncryption	md5	rsaEncryption
-shaWithRSAEncryption	sha	rsaEncryption
-sha1WithRSAEncryption	sha1	rsaEncryption
-md4WithRSAEncryption	md4	rsaEncryption
-sha256WithRSAEncryption sha256	rsaEncryption
-sha384WithRSAEncryption	sha384	rsaEncryption
-sha512WithRSAEncryption	sha512	rsaEncryption
-sha224WithRSAEncryption	sha224	rsaEncryption
-mdc2WithRSA		mdc2	rsaEncryption
-ripemd160WithRSA	ripemd160 rsaEncryption
-RSA_SHA3_224		sha3_224 rsaEncryption
-RSA_SHA3_256		sha3_256 rsaEncryption
-RSA_SHA3_384		sha3_384 rsaEncryption
-RSA_SHA3_512		sha3_512 rsaEncryption
-# For PSS the digest algorithm can vary and depends on the included
-# AlgorithmIdentifier.
-rsassaPss		undef	rsaEncryption
-
-Ed25519			undef	Ed25519
-
-# Alternative deprecated OIDs. By using the older "rsa" OID this
-# type will be recognized by not normally used.
-
-md5WithRSA		md5	rsa
-sha1WithRSA		sha1	rsa
-
-dsaWithSHA		sha	dsa
-dsaWithSHA1		sha1	dsa
-
-dsaWithSHA1_2		sha1	dsa_2
-
-ecdsa_with_SHA1		sha1	X9_62_id_ecPublicKey
-ecdsa_with_SHA224	sha224	X9_62_id_ecPublicKey
-ecdsa_with_SHA256	sha256	X9_62_id_ecPublicKey
-ecdsa_with_SHA384	sha384	X9_62_id_ecPublicKey
-ecdsa_with_SHA512	sha512	X9_62_id_ecPublicKey
-ecdsa_with_Recommended	undef	X9_62_id_ecPublicKey
-ecdsa_with_Specified	undef	X9_62_id_ecPublicKey
-
-dsa_with_SHA224		sha224	dsa
-dsa_with_SHA256		sha256	dsa
-
-id_GostR3411_94_with_GostR3410_2001	id_GostR3411_94 id_GostR3410_2001
-id_GostR3411_94_with_GostR3410_94	id_GostR3411_94 id_GostR3410_94
-id_GostR3411_94_with_GostR3410_94_cc	id_GostR3411_94 id_GostR3410_94_cc
-id_GostR3411_94_with_GostR3410_2001_cc	id_GostR3411_94 id_GostR3410_2001_cc
-id_tc26_signwithdigest_gost3410_2012_256	id_tc26_gost3411_2012_256 id_GostR3410_2001
-id_tc26_signwithdigest_gost3410_2012_512	id_tc26_gost3411_2012_512 id_GostR3410_2001
-
-# ECDH KDFs and their corresponding message digests and schemes
-dhSinglePass_stdDH_sha1kdf_scheme		sha1	dh_std_kdf
-dhSinglePass_stdDH_sha224kdf_scheme		sha224	dh_std_kdf
-dhSinglePass_stdDH_sha256kdf_scheme		sha256	dh_std_kdf
-dhSinglePass_stdDH_sha384kdf_scheme		sha384	dh_std_kdf
-dhSinglePass_stdDH_sha512kdf_scheme		sha512	dh_std_kdf
-
-dhSinglePass_cofactorDH_sha1kdf_scheme		sha1	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha224kdf_scheme	sha224	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha256kdf_scheme	sha256	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha384kdf_scheme	sha384	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha512kdf_scheme	sha512	dh_cofactor_kdf
diff --git a/lib/libcrypto/objects/objxref.pl b/lib/libcrypto/objects/objxref.pl
deleted file mode 100644
index 8873c91ad90..00000000000
--- a/lib/libcrypto/objects/objxref.pl
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/usr/local/bin/perl
-
-use strict;
-
-my %xref_tbl;
-my %oid_tbl;
-
-my ($mac_file, $xref_file) = @ARGV;
-
-open(IN, $mac_file) || die "Can't open $mac_file";
-
-# Read in OID nid values for a lookup table.
-
-while (<IN>)
-	{
-	chomp;
-	my ($name, $num) = /^(\S+)\s+(\S+)$/;
-	$oid_tbl{$name} = $num;
-	}
-close IN;
-
-open(IN, $xref_file) || die "Can't open $xref_file";
-
-my $ln = 1;
-
-while (<IN>)
-	{
-	chomp;
-	s/#.*$//;
-	next if (/^\S*$/);
-	my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
-	check_oid($xr);
-	check_oid($p1);
-	check_oid($p2);
-	$xref_tbl{$xr} = [$p1, $p2, $ln];
-	}
-
-my @xrkeys = keys %xref_tbl;
-
-my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
-
-for(my $i = 0; $i <= $#srt1; $i++)
-	{
-	$xref_tbl{$srt1[$i]}[2] = $i;
-	}
-
-my @srt2 = sort
-	{
-	my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
-	my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
-	return $ap1 - $bp1 if ($ap1 != $bp1);
-	my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
-	my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
-
-	return $ap2 - $bp2;
-	} @xrkeys;
-
-my $pname = $0;
-
-$pname =~ s|^.[^/]/||;
-
-print <<EOF;
-/* \$OpenBSD\$ */
-/* AUTOGENERATED BY $pname, DO NOT EDIT */
-
-__BEGIN_HIDDEN_DECLS
-
-typedef struct
-	{
-	int sign_id;
-	int hash_id;
-	int pkey_id;
-	} nid_triple;
-
-static const nid_triple sigoid_srt[] =
-	{
-EOF
-
-foreach (@srt1)
-	{
-	my $xr = $_;
-	my ($p1, $p2) = @{$xref_tbl{$_}};
-	print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
-	}
-
-print "\t};";
-print <<EOF;
-
-
-static const nid_triple * const sigoid_srt_xref[] =
-	{
-EOF
-
-foreach (@srt2)
-	{
-	my $x = $xref_tbl{$_}[2];
-	print "\t\&sigoid_srt\[$x\],\n";
-	}
-
-print "\t};\n\n";
-print "__END_HIDDEN_DECLS\n";
-
-sub check_oid
-	{
-	my ($chk) = @_;
-	if (!exists $oid_tbl{$chk})
-		{
-		die "Not Found \"$chk\"\n";
-		}
-	}
-