Retire EVP_CTRL_GET_IV

It is superseded by EVP_CIPHER_CTX_get_iv(), is only present on master, and had only a couple of in-tree callers that are easy to convert. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233)
2024-11-21 01:15:20 +08:00 · 2020-07-02 13:03:58 -07:00 · 2020-07-02 13:03:58 -07:00 · 37322687b0
commit 37322687b0
parent c76ffc78a5
5 changed files with 6 additions and 20 deletions
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@ -2588,14 +2588,6 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
        memcpy(ptr, c->buf, arg);
        return 1;

-    case EVP_CTRL_GET_IV:
-        if (gctx->iv_gen != 1 && gctx->iv_gen_rand != 1)
-            return 0;
-        if (gctx->ivlen != arg)
-            return 0;
-        memcpy(ptr, gctx->iv, arg);
-        return 1;
-
    case EVP_CTRL_GCM_SET_IV_FIXED:
        /* Special case: -1 length restores whole IV */
        if (arg == -1) {
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@ -971,12 +971,6 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
    case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
    default:
        goto end;
-    case EVP_CTRL_GET_IV:
-        set_params = 0;
-        params[0] =
-            OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV_STATE, ptr,
-                                              sz);
-        break;
    case EVP_CTRL_AEAD_SET_IVLEN:
        if (arg < 0)
            return 0;
--- a/include/internal/ktls.h
+++ b/include/internal/ktls.h
@ -346,9 +346,10 @@ static ossl_inline int ktls_configure_crypto(const EVP_CIPHER *c, int tls_versio

    if (tls_version == TLS1_2_VERSION &&
        EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
-        EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GET_IV,
-                            EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN,
-                            geniv);
+        if (!EVP_CIPHER_CTX_get_iv_state(dd, geniv,
+                                         EVP_GCM_TLS_FIXED_IV_LEN
+                                         + EVP_GCM_TLS_EXPLICIT_IV_LEN))
+            return 0;
        iiv = geniv;
    }

--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@ -386,8 +386,7 @@ DEPRECATEDIN_3_0(int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))
 # define         EVP_CTRL_SET_PIPELINE_INPUT_LENS        0x24
 /* Get the IV length used by the cipher */
 # define         EVP_CTRL_GET_IVLEN                      0x25
-/* Get the IV used by the cipher */
-# define         EVP_CTRL_GET_IV                         0x26
+/* 0x26 is unused */
 /* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */
 # define         EVP_CTRL_SET_SPEED                      0x27
 /* Get the unprotectedAttrs from cipher ctx */
--- a/test/aesgcmtest.c
+++ b/test/aesgcmtest.c
@ -58,7 +58,7 @@ static int do_encrypt(unsigned char *iv_gen, unsigned char *ct, int *ct_len,
          && TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
                                           tag) > 0)
          && TEST_true(iv_gen == NULL
-                  || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_IV, 12, iv_gen) > 0);
+                  || EVP_CIPHER_CTX_get_iv(ctx, iv_gen, 12));
    EVP_CIPHER_CTX_free(ctx);
    return ret;
 }