[openssl] master update
tomas at openssl.org
tomas at openssl.org
Thu Mar 4 13:15:57 UTC 2021
The branch master has been updated
via 8c631cfaa1f812ed990053c1b0c73f3a3f369aca (commit)
via 2ad5bbe3205264cbcdd25f50a0c5167a7136ce88 (commit)
via 20cca4db9cd69e58b393b09bde85b8731cf12147 (commit)
via 22cd04143b2cd21f3285369659e98617dd0a482d (commit)
via 0be6cf0c7e3770b0b66862a7212dc8922f4fadd7 (commit)
via bffe3ae7b8cc6219de597981370690d31cfe5e01 (commit)
via f40fa7b9adbaa5324402429cd15deefe4e884a03 (commit)
via 946bdd12a0b366d9d558ec8088f89124bbe42cc3 (commit)
via 9522f0a6a9c49d650c773f089ed84b0c1ee0368b (commit)
from 2c8a740a9f0d9532050ae9a386506d1135b3a24a (commit)
- Log -----------------------------------------------------------------
commit 8c631cfaa1f812ed990053c1b0c73f3a3f369aca
Author: Tomas Mraz <tomas at openssl.org>
Date: Wed Mar 3 09:44:25 2021 +0100
ecx_set_priv_key: Try to obtain libctx from the pkey's keymgmt
We can try to do that although for legacy keys the keymgmt
will not be set. This function will disappear with legacy support
removed.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 2ad5bbe3205264cbcdd25f50a0c5167a7136ce88
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Mar 2 17:17:46 2021 +0100
bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module
We do not want tracing in the FIPS module.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 20cca4db9cd69e58b393b09bde85b8731cf12147
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Mar 2 17:05:48 2021 +0100
ecx_set_priv_key: Remove TODO 3.0 related to setting libctx
This function is used only for legacy keys so the TODO is
not relevant.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 22cd04143b2cd21f3285369659e98617dd0a482d
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Mar 2 16:55:48 2021 +0100
do_sigver_init: Remove fallback for missing provider implementations.
We now have everything implemented in providers.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 0be6cf0c7e3770b0b66862a7212dc8922f4fadd7
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Mar 2 16:16:06 2021 +0100
Remove some of the TODO 3.0 in crypto/evp related to legacy support.
The legacy support stays in 3.0. The TODOs are dropped.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit bffe3ae7b8cc6219de597981370690d31cfe5e01
Author: Tomas Mraz <tomas at openssl.org>
Date: Mon Mar 1 17:48:19 2021 +0100
crypto/param_build_set.c: Remove irrelevant TODO 3.0
The OSSL_PARAM_set_BN() pads to data_size so there is no
need for OSSL_PARAM_set_BN_pad().
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit f40fa7b9adbaa5324402429cd15deefe4e884a03
Author: Tomas Mraz <tomas at openssl.org>
Date: Mon Mar 1 17:24:55 2021 +0100
crypto/ppccap.c: Remove useless TODO 3.0
The chacha and poly1305 algorithms are not FIPS approved so
they should stay out of FIPS module.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 946bdd12a0b366d9d558ec8088f89124bbe42cc3
Author: Tomas Mraz <tomas at openssl.org>
Date: Mon Mar 1 16:55:23 2021 +0100
include/crypto: Remove TODOs that are irrelevant for 3.0
The legacy support will not be removed in 3.0. Remove the
related TODO 3.0 marks.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
commit 9522f0a6a9c49d650c773f089ed84b0c1ee0368b
Author: Tomas Mraz <tomas at openssl.org>
Date: Mon Mar 1 16:51:13 2021 +0100
include/internal: Remove TODOs that are irrelevant for 3.0
The sha3 and sm3 legacy support requires these headers.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_ctx.c | 2 +-
crypto/ec/ecx_meth.c | 20 +++++++++++++++-----
crypto/evp/digest.c | 16 ++++++++--------
crypto/evp/evp_enc.c | 24 ++++++++++++------------
crypto/evp/evp_lib.c | 2 +-
crypto/evp/m_sigver.c | 11 -----------
crypto/evp/pmeth_lib.c | 22 ++++++++++++----------
crypto/param_build_set.c | 1 -
crypto/ppccap.c | 4 ----
include/crypto/evp.h | 6 ++----
include/crypto/modes.h | 2 +-
include/internal/sha3.h | 2 +-
include/internal/sm3.h | 2 +-
13 files changed, 54 insertions(+), 60 deletions(-)
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 360b708221..63783dda0e 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -124,7 +124,7 @@ static void ctxdbg(BIO *channel, const char *text, BN_CTX *ctx)
ctxdbg(trc_out, str, ctx); \
} OSSL_TRACE_END(BN_CTX)
#else
-/* TODO(3.0): Consider if we want to do this in FIPS mode */
+/* We do not want tracing in FIPS module */
# define CTXDBG(str, ctx) do {} while(0)
#endif /* FIPS_MODULE */
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 269e270ea6..fac1ba7270 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -14,12 +14,13 @@
#include "internal/deprecated.h"
#include <stdio.h>
-#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/ec.h>
#include <openssl/rand.h>
#include <openssl/core_names.h>
-#include "openssl/param_build.h"
+#include <openssl/param_build.h>
+#include "internal/cryptlib.h"
+#include "internal/provider.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "crypto/ecx.h"
@@ -334,15 +335,24 @@ static int ecd_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
static int ecx_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
size_t len)
{
- /* TODO(3.0): We should pass a libctx here */
+ OSSL_LIB_CTX *libctx = NULL;
+
+ if (pkey->keymgmt != NULL)
+ libctx = ossl_provider_libctx(EVP_KEYMGMT_provider(pkey->keymgmt));
+
return ecx_key_op(pkey, pkey->ameth->pkey_id, NULL, priv, len,
- KEY_OP_PRIVATE, NULL, NULL);
+ KEY_OP_PRIVATE, libctx, NULL);
}
static int ecx_set_pub_key(EVP_PKEY *pkey, const unsigned char *pub, size_t len)
{
+ OSSL_LIB_CTX *libctx = NULL;
+
+ if (pkey->keymgmt != NULL)
+ libctx = ossl_provider_libctx(EVP_KEYMGMT_provider(pkey->keymgmt));
+
return ecx_key_op(pkey, pkey->ameth->pkey_id, NULL, pub, len,
- KEY_OP_PUBLIC, NULL, NULL);
+ KEY_OP_PUBLIC, libctx, NULL);
}
static int ecx_get_priv_key(const EVP_PKEY *pkey, unsigned char *priv,
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 858a9926cf..069eb192c1 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -32,7 +32,7 @@ void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force)
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
}
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
/*
* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
@@ -177,7 +177,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
type = ctx->digest;
}
- /* TODO(3.0): Legacy work around code below. Remove this */
+ /* Code below to be removed when legacy support is dropped. */
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
/*
* Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
@@ -225,7 +225,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
ctx->md_data = NULL;
}
- /* TODO(3.0): Start of non-legacy code below */
+ /* Start of non-legacy code below */
if (type->prov == NULL) {
#ifdef FIPS_MODULE
@@ -274,7 +274,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
return ctx->digest->dinit(ctx->provctx);
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
@@ -381,7 +381,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
}
return ctx->digest->dupdate(ctx->provctx, data, count);
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
return ctx->update(ctx, data, count);
}
@@ -430,7 +430,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
return ret;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
OPENSSL_assert(mdsize <= EVP_MAX_MD_SIZE);
ret = ctx->digest->final(ctx, md);
@@ -542,7 +542,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
return 1;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
/* Make sure it's safe to copy a digest context using an ENGINE */
@@ -787,7 +787,7 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
goto conclude;
-/* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
if (ctx->digest->md_ctrl == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED);
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 851c6d5d9a..40e9f0b6c3 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -43,7 +43,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
return 1;
- /* TODO(3.0): Remove legacy code below */
+ /* Remove legacy code below when legacy support is removed. */
legacy:
if (ctx->cipher != NULL) {
@@ -105,7 +105,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
return 0;
}
- /* TODO(3.0): Legacy work around code below. Remove this */
+ /* Code below to be removed when legacy support is dropped. */
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
/*
@@ -148,7 +148,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
}
- /* TODO(3.0): Start of non-legacy code below */
+ /* Start of non-legacy code below */
/* Ensure a context left lying around from last time is cleared */
if (cipher != NULL && ctx->cipher != NULL) {
@@ -237,7 +237,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
iv == NULL ? 0
: EVP_CIPHER_CTX_iv_length(ctx));
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
if (cipher != NULL) {
@@ -597,7 +597,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return ret;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
return evp_EncryptDecryptUpdate(ctx, out, outl, in, inl);
@@ -657,7 +657,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
return ret;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
@@ -744,7 +744,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return ret;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
b = ctx->cipher->block_size;
@@ -879,7 +879,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
return ret;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
*outl = 0;
@@ -953,7 +953,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
return ok > 0 ? 1 : 0;
}
- /* TODO(3.0) legacy code follows */
+ /* Code below to be removed when legacy support is dropped. */
/*
* Note there have never been any built-in ciphers that define this flag
@@ -1021,7 +1021,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
case EVP_CTRL_INIT:
/*
- * TODO(3.0) EVP_CTRL_INIT is purely legacy, no provider counterpart
+ * EVP_CTRL_INIT is purely legacy, no provider counterpart.
* As a matter of fact, this should be dead code, but some caller
* might still do a direct control call with this command, so...
* Legacy methods return 1 except for exceptional circumstances, so
@@ -1172,7 +1172,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
goto end;
-/* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
if (ctx->cipher->ctrl == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED);
@@ -1329,7 +1329,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
return 1;
- /* TODO(3.0): Remove legacy code below */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index fc2c65b578..dd3173ddd5 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -477,7 +477,7 @@ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
if (rv == EVP_CTRL_RET_UNSUPPORTED)
goto legacy;
return rv != 0 ? (int)v : -1;
- /* TODO (3.0) Remove legacy support */
+ /* Code below to be removed when legacy support is dropped. */
legacy:
if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 795b785983..7650512d2a 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -90,17 +90,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
provkey = evp_pkey_export_to_provider(locpctx->pkey, locpctx->libctx,
&tmp_keymgmt, locpctx->propquery);
if (provkey == NULL) {
- /*
- * If we couldn't find a keymgmt at all try legacy.
- * TODO(3.0): Once all legacy algorithms (SM2, HMAC etc) have provider
- * based implementations this fallback shouldn't be necessary. Either
- * we have an ENGINE based implementation (in which case we should have
- * already fallen back in the test above here), or we don't have the
- * provider based implementation loaded (in which case this is an
- * application config error)
- */
- if (locpctx->keymgmt == NULL)
- goto legacy;
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 2cc30f1af4..b08d0d2e3c 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -197,10 +197,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
}
#ifndef FIPS_MODULE
- /*
- * TODO(3.0) This legacy code section should be removed when we stop
- * supporting engines
- */
+ /* Code below to be removed when legacy support is dropped. */
/* BEGIN legacy */
if (id == -1) {
if (pkey != NULL)
@@ -879,6 +876,7 @@ int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
return EVP_PKEY_CTX_get_params(ctx, params);
}
+/* TODO(3.0): Deprecate in favour of get_signature_md_name */
int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
{
OSSL_PARAM sig_md_params[2], *p = sig_md_params;
@@ -892,7 +890,6 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
return -2;
}
- /* TODO(3.0): Remove this eventually when no more legacy */
if (ctx->op.sig.sigprovctx == NULL)
return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,
EVP_PKEY_CTRL_GET_MD, 0, (void *)(md));
@@ -914,6 +911,10 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
return 1;
}
+/*
+ * TODO(3.0): Deprecate functions calling this in favour of
+ * functions setting md name.
+ */
static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
int fallback, const char *param, int op,
int ctrl)
@@ -927,7 +928,6 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
return -2;
}
- /* TODO(3.0): Remove this eventually when no more legacy */
if (fallback)
return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
@@ -975,9 +975,10 @@ static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
return -2;
}
- /* TODO(3.0): Remove this eventually when no more legacy */
+ /* Code below to be removed when legacy support is dropped. */
if (fallback)
return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
+ /* end of legacy support */
if (datalen < 0) {
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
@@ -1063,11 +1064,11 @@ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
return -2;
}
- /* TODO(3.0): Remove this eventually when no more legacy */
+ /* Code below to be removed when legacy support is dropped. */
if (ctx->op.kex.exchprovctx == NULL)
return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_MODE, mode, NULL);
-
+ /* end of legacy support */
if (mode < 0) {
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
@@ -1111,9 +1112,10 @@ static int evp_pkey_ctx_set_uint64(EVP_PKEY_CTX *ctx, const char *param,
return -2;
}
- /* TODO(3.0): Remove this eventually when no more legacy */
+ /* Code below to be removed when legacy support is dropped. */
if (ctx->op.kex.exchprovctx == NULL)
return EVP_PKEY_CTX_ctrl_uint64(ctx, -1, op, ctrl, val);
+ /* end of legacy support */
*p++ = OSSL_PARAM_construct_uint64(param, &val);
*p = OSSL_PARAM_construct_end();
diff --git a/crypto/param_build_set.c b/crypto/param_build_set.c
index 1ea8097e88..7f62630053 100644
--- a/crypto/param_build_set.c
+++ b/crypto/param_build_set.c
@@ -75,7 +75,6 @@ int ossl_param_build_set_bn_pad(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
if (p != NULL) {
if (sz > p->data_size)
return 0;
- /* TODO(3.0) Change to use OSSL_PARAM_set_BN_pad */
p->data_size = sz;
return OSSL_PARAM_set_BN(p, bn);
}
diff --git a/crypto/ppccap.c b/crypto/ppccap.c
index 0a5976c8a4..9ed1d80db5 100644
--- a/crypto/ppccap.c
+++ b/crypto/ppccap.c
@@ -83,10 +83,6 @@ void sha512_block_data_order(void *ctx, const void *inp, size_t len)
sha512_block_ppc(ctx, inp, len);
}
-/*
- * TODO(3.0): Temporarily disabled some assembler that hasn't been brought into
- * the FIPS module yet.
- */
#ifndef FIPS_MODULE
# ifndef OPENSSL_NO_CHACHA
void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp,
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 9115f47c1f..41487d2af2 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -235,7 +235,6 @@ struct evp_md_st {
int type;
/* Legacy structure members */
- /* TODO(3.0): Remove these */
int pkey_type;
int md_size;
unsigned long flags;
@@ -250,7 +249,7 @@ struct evp_md_st {
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
/* New structure members */
- /* TODO(3.0): Remove above comment when legacy has gone */
+ /* Above comment to be removed when legacy has gone */
int name_id;
OSSL_PROVIDER *prov;
CRYPTO_REF_COUNT refcnt;
@@ -280,7 +279,6 @@ struct evp_cipher_st {
int iv_len;
/* Legacy structure members */
- /* TODO(3.0): Remove these */
/* Various flags */
unsigned long flags;
/* init key */
@@ -303,7 +301,7 @@ struct evp_cipher_st {
void *app_data;
/* New structure members */
- /* TODO(3.0): Remove above comment when legacy has gone */
+ /* Above comment to be removed when legacy has gone */
int name_id;
OSSL_PROVIDER *prov;
CRYPTO_REF_COUNT refcnt;
diff --git a/include/crypto/modes.h b/include/crypto/modes.h
index f5397fca68..119314d172 100644
--- a/include/crypto/modes.h
+++ b/include/crypto/modes.h
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-/* TODO(3.0) Move this header into provider when dependencies are removed */
+/* This header can move into provider when legacy support is removed */
#include <openssl/modes.h>
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
diff --git a/include/internal/sha3.h b/include/internal/sha3.h
index 9bb6cf65f1..80ad86e58e 100644
--- a/include/internal/sha3.h
+++ b/include/internal/sha3.h
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-/* TODO(3.0) Move this header into provider when dependencies are removed */
+/* This header can move into provider when legacy support is removed */
#ifndef OSSL_INTERNAL_SHA3_H
# define OSSL_INTERNAL_SHA3_H
# pragma once
diff --git a/include/internal/sm3.h b/include/internal/sm3.h
index f64eb8ad1a..fe84f1905e 100644
--- a/include/internal/sm3.h
+++ b/include/internal/sm3.h
@@ -8,7 +8,7 @@
* https://www.openssl.org/source/license.html
*/
-/* TODO(3.0) Move this header into provider when dependencies are removed */
+/* This header can move into provider when legacy support is removed */
#ifndef OSSL_INTERNAL_SM3_H
# define OSSL_INTERNAL_SM3_H
# pragma once
More information about the openssl-commits
mailing list