Remove the deprecated API from BN

4 files changed, 5 insertions, 174 deletions

diff --git a/lib/libcrypto/bn/bn.h b/lib/libcrypto/bn/bn.h
index b15e6311f94..c1d28cb10df 100644
--- a/lib/libcrypto/bn/bn.h
+++ b/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn.h,v 1.69 2023/04/25 19:53:30 tb Exp $ */
+/* $OpenBSD: bn.h,v 1.70 2023/04/25 19:57:59 tb Exp $ */
 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -201,15 +201,6 @@ extern "C" {
                                       * BN_mod_inverse() will call BN_mod_inverse_no_branch.
                                       */
 
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
-                                      /* avoid leaking exponent information through timings
-                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_FREE		0x8000	/* used for debugging */
-#endif
 void BN_set_flags(BIGNUM *b, int n);
 int BN_get_flags(const BIGNUM *b, int n);
 void BN_with_flags(BIGNUM *dest, const BIGNUM *src, int flags);
@@ -443,20 +434,6 @@ void	BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
 
 int	BN_security_bits(int L, int N);
 
-/* Deprecated versions */
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
-    const BIGNUM *add, const BIGNUM *rem,
-    void (*callback)(int, int, void *), void *cb_arg);
-int	BN_is_prime(const BIGNUM *p, int nchecks,
-    void (*callback)(int, int, void *),
-    BN_CTX *ctx, void *cb_arg);
-int	BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
-    void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
-    int do_trial_division);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
 int	BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
     const BIGNUM *rem, BN_GENCB *cb);
 int	BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
@@ -487,10 +464,7 @@ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
 int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
 int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-#endif
+
 CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
 unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
 void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
@@ -500,11 +474,6 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
     BN_MONT_CTX *m_ctx);
 
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul, int high, int low, int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-#endif
-
 /* Primes from RFC 2409 */
 BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
 BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
diff --git a/lib/libcrypto/bn/bn_blind.c b/lib/libcrypto/bn/bn_blind.c
index 9c07f33e1f8..77ba691b6df 100644
--- a/lib/libcrypto/bn/bn_blind.c
+++ b/lib/libcrypto/bn/bn_blind.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_blind.c,v 1.21 2023/03/27 10:25:02 tb Exp $ */
+/* $OpenBSD: bn_blind.c,v 1.22 2023/04/25 19:57:59 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
@@ -124,10 +124,6 @@ struct bn_blinding_st {
 	BIGNUM *Ai;
 	BIGNUM *e;
 	BIGNUM *mod; /* just a reference */
-#ifndef OPENSSL_NO_DEPRECATED
-	unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b;
-				  * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */
-#endif
 	CRYPTO_THREADID tid;
 	int counter;
 	unsigned long flags;
@@ -279,20 +275,6 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
 	return (ret);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long
-BN_BLINDING_get_thread_id(const BN_BLINDING *b)
-{
-	return b->thread_id;
-}
-
-void
-BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
-{
-	b->thread_id = n;
-}
-#endif
-
 CRYPTO_THREADID *
 BN_BLINDING_thread_id(BN_BLINDING *b)
 {
diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c
index 78410e2133d..439bdb1e9d3 100644
--- a/lib/libcrypto/bn/bn_lib.c
+++ b/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.84 2023/04/19 11:12:43 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.85 2023/04/25 19:57:59 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -120,71 +120,6 @@ BN_clear_free(BIGNUM *bn)
 	BN_free(bn);
 }
 
-/* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
-/* For a 32 bit machine
- * 2 -   4 ==  128
- * 3 -   8 ==  256
- * 4 -  16 ==  512
- * 5 -  32 == 1024
- * 6 -  64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits = 0;
-static int bn_limit_num = 8;        /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low = 0;
-static int bn_limit_num_low = 8;    /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high = 0;
-static int bn_limit_num_high = 8;   /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont = 0;
-static int bn_limit_num_mont = 8;   /* (1<<bn_limit_bits_mont) */
-
-void
-BN_set_params(int mult, int high, int low, int mont)
-{
-	if (mult >= 0) {
-		if (mult > (int)(sizeof(int) * 8) - 1)
-			mult = sizeof(int) * 8 - 1;
-		bn_limit_bits = mult;
-		bn_limit_num = 1 << mult;
-	}
-	if (high >= 0) {
-		if (high > (int)(sizeof(int) * 8) - 1)
-			high = sizeof(int) * 8 - 1;
-		bn_limit_bits_high = high;
-		bn_limit_num_high = 1 << high;
-	}
-	if (low >= 0) {
-		if (low > (int)(sizeof(int) * 8) - 1)
-			low = sizeof(int) * 8 - 1;
-		bn_limit_bits_low = low;
-		bn_limit_num_low = 1 << low;
-	}
-	if (mont >= 0) {
-		if (mont > (int)(sizeof(int) * 8) - 1)
-			mont = sizeof(int) * 8 - 1;
-		bn_limit_bits_mont = mont;
-		bn_limit_num_mont = 1 << mont;
-	}
-}
-
-int
-BN_get_params(int which)
-{
-	if (which == 0)
-		return (bn_limit_bits);
-	else if (which == 1)
-		return (bn_limit_bits_high);
-	else if (which == 2)
-		return (bn_limit_bits_low);
-	else if (which == 3)
-		return (bn_limit_bits_mont);
-	else
-		return (0);
-}
-#endif
-
 void
 BN_set_flags(BIGNUM *b, int n)
 {
diff --git a/lib/libcrypto/bn/bn_prime.c b/lib/libcrypto/bn/bn_prime.c
index 6e46a3912ca..c2fd0fc2e9f 100644
--- a/lib/libcrypto/bn/bn_prime.c
+++ b/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_prime.c,v 1.30 2023/01/28 17:13:26 jsing Exp $ */
+/* $OpenBSD: bn_prime.c,v 1.31 2023/04/25 19:57:59 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -151,35 +151,6 @@ BN_GENCB_call(BN_GENCB *cb, int a, int b)
 	return 0;
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *
-BN_generate_prime(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
-    const BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg)
-{
-	BN_GENCB cb;
-	BIGNUM *rnd = NULL;
-	int found = 0;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-
-	if (ret == NULL) {
-		if ((rnd = BN_new()) == NULL)
-			goto err;
-	} else
-		rnd = ret;
-	if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb))
-		goto err;
-
-	/* we have a prime :-) */
-	found = 1;
-
-err:
-	if (!found && (ret == NULL) && (rnd != NULL))
-		BN_free(rnd);
-	return (found ? rnd : NULL);
-}
-#endif
-
 int
 BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
     const BIGNUM *rem, BN_GENCB *cb)
@@ -260,38 +231,12 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
 	return found;
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
-int
-BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, void *),
-    BN_CTX *ctx_passed, void *cb_arg)
-{
-	BN_GENCB cb;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-	return BN_is_prime_ex(a, checks, ctx_passed, &cb);
-}
-#endif
-
 int
 BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb)
 {
 	return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
-int
-BN_is_prime_fasttest(const BIGNUM *a, int checks,
-    void (*callback)(int, int, void *), BN_CTX *ctx_passed, void *cb_arg,
-    int do_trial_division)
-{
-	BN_GENCB cb;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-	return BN_is_prime_fasttest_ex(a, checks, ctx_passed,
-	    do_trial_division, &cb);
-}
-#endif
-
 int
 BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
     int do_trial_division, BN_GENCB *cb)