Remove EVP_PBE_* API from public visibility

You can no longer add your custom PBE algorithm. Pity. EVP_PBE_CipherInit()
stays for internal use, the rest goes away copmletely.

ok jsing

4 files changed, 6 insertions, 67 deletions

diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index a7181eb38e3..28f115da06c 100644
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -1269,11 +1269,6 @@ EVP_MD_size
 EVP_MD_type
 EVP_OpenFinal
 EVP_OpenInit
-EVP_PBE_CipherInit
-EVP_PBE_alg_add
-EVP_PBE_alg_add_type
-EVP_PBE_cleanup
-EVP_PBE_find
 EVP_PKCS82PKEY
 EVP_PKEY2PKCS8
 EVP_PKEY_CTX_ctrl
@@ -2007,7 +2002,6 @@ PKCS12_unpack_p7data
 PKCS12_unpack_p7encdata
 PKCS12_verify_mac
 PKCS1_MGF1
-PKCS5_PBE_add
 PKCS5_PBE_keyivgen
 PKCS5_PBKDF2_HMAC
 PKCS5_PBKDF2_HMAC_SHA1
diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h
index eba3ab3869d..b810e727670 100644
--- a/lib/libcrypto/evp/evp.h
+++ b/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.127 2024/03/02 10:04:40 tb Exp $ */
+/* $OpenBSD: evp.h,v 1.128 2024/03/02 10:06:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -897,26 +897,6 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
     ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
     int en_de);
 
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-    ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-
-/* PBE type */
-
-/* Can appear as the outermost AlgorithmIdentifier */
-#define EVP_PBE_TYPE_OUTER	0x0
-/* Is an PRF type OID */
-#define EVP_PBE_TYPE_PRF	0x1
-
-int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
-    EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-    EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
-    EVP_PBE_KEYGEN **pkeygen);
-void EVP_PBE_cleanup(void);
-
 #define ASN1_PKEY_ALIAS		0x1
 #define ASN1_PKEY_DYNAMIC	0x2
 #define ASN1_PKEY_SIGPARAM_NULL	0x4
diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h
index 65d23547bca..0e6b6bdfa2f 100644
--- a/lib/libcrypto/evp/evp_local.h
+++ b/lib/libcrypto/evp/evp_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_local.h,v 1.16 2024/02/18 15:43:21 tb Exp $ */
+/* $OpenBSD: evp_local.h,v 1.17 2024/03/02 10:06:48 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -373,6 +373,9 @@ struct evp_aead_ctx_st {
 	void *aead_state;
 };
 
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+    ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
 int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str);
 int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex);
 int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name);
diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c
index eb8d5c4157d..e33f2cb08f4 100644
--- a/lib/libcrypto/evp/evp_pbe.c
+++ b/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pbe.c,v 1.42 2024/02/18 15:45:42 tb Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.43 2024/03/02 10:06:48 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -640,41 +640,3 @@ PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	return ret;
 }
 LCRYPTO_ALIAS(PKCS12_PBE_keyivgen);
-
-/*
- * XXX - remove the functions below in the next major bump
- */
-
-int
-EVP_PBE_find(int type, int pbe_nid, int *out_cipher_nid, int *out_md_nid,
-    EVP_PBE_KEYGEN **out_keygen)
-{
-	EVPerror(ERR_R_DISABLED);
-	return 0;
-}
-
-int
-EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
-    EVP_PBE_KEYGEN *keygen)
-{
-	EVPerror(ERR_R_DISABLED);
-	return 0;
-}
-
-int
-EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-    EVP_PBE_KEYGEN *keygen)
-{
-	EVPerror(ERR_R_DISABLED);
-	return 0;
-}
-
-void
-EVP_PBE_cleanup(void)
-{
-}
-
-void
-PKCS5_PBE_add(void)
-{
-}