cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/784?usp=email )
Change subject: Remove unused methods write_key/read_key ...................................................................... Remove unused methods write_key/read_key These were used in the key-method 1 that we remove by commit 36bef1b52 in 2020. That commit unfortunately missed that these methods were only used for directly sending/receiving key material over the control channel. Change-Id: Ib480e57b62ea33f2aea52bee895badaf5607b72d Signed-off-by: Arne Schwabe <a...@rfc2549.org> Acked-by: Gert Doering <g...@greenie.muc.de> Message-Id: <20241018063123.11631-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29595.html Signed-off-by: Gert Doering <g...@greenie.muc.de> --- M src/openvpn/crypto.c M src/openvpn/crypto.h 2 files changed, 0 insertions(+), 86 deletions(-) diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 064e59e..8f34eaa 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1540,87 +1540,6 @@ } } -/* given a key and key_type, write key to buffer */ -bool -write_key(const struct key *key, const struct key_type *kt, - struct buffer *buf) -{ - ASSERT(cipher_kt_key_size(kt->cipher) <= MAX_CIPHER_KEY_LENGTH - && md_kt_size(kt->digest) <= MAX_HMAC_KEY_LENGTH); - - const uint8_t cipher_length = (uint8_t)cipher_kt_key_size(kt->cipher); - if (!buf_write(buf, &cipher_length, 1)) - { - return false; - } - - uint8_t hmac_length = (uint8_t)md_kt_size(kt->digest); - - if (!buf_write(buf, &hmac_length, 1)) - { - return false; - } - if (!buf_write(buf, key->cipher, cipher_kt_key_size(kt->cipher))) - { - return false; - } - if (!buf_write(buf, key->hmac, hmac_length)) - { - return false; - } - - return true; -} - -/* - * Given a key_type and buffer, read key from buffer. - * Return: 1 on success - * -1 read failure - * 0 on key length mismatch - */ -int -read_key(struct key *key, const struct key_type *kt, struct buffer *buf) -{ - uint8_t cipher_length; - uint8_t hmac_length; - - CLEAR(*key); - if (!buf_read(buf, &cipher_length, 1)) - { - goto read_err; - } - if (!buf_read(buf, &hmac_length, 1)) - { - goto read_err; - } - - if (cipher_length != cipher_kt_key_size(kt->cipher) || hmac_length != md_kt_size(kt->digest)) - { - goto key_len_err; - } - - if (!buf_read(buf, key->cipher, cipher_length)) - { - goto read_err; - } - if (!buf_read(buf, key->hmac, hmac_length)) - { - goto read_err; - } - - return 1; - -read_err: - msg(D_TLS_ERRORS, "TLS Error: error reading key from remote"); - return -1; - -key_len_err: - msg(D_TLS_ERRORS, - "TLS Error: key length mismatch, local cipher/hmac %d/%d, remote cipher/hmac %d/%d", - cipher_kt_key_size(kt->cipher), md_kt_size(kt->digest), cipher_length, hmac_length); - return 0; -} - void prng_bytes(uint8_t *output, int len) { diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h index d91de74..074dad6 100644 --- a/src/openvpn/crypto.h +++ b/src/openvpn/crypto.h @@ -313,11 +313,6 @@ bool check_key(struct key *key, const struct key_type *kt); -bool write_key(const struct key *key, const struct key_type *kt, - struct buffer *buf); - -int read_key(struct key *key, const struct key_type *kt, struct buffer *buf); - /** * Initialize a key_type structure with. * -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/784?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib480e57b62ea33f2aea52bee895badaf5607b72d Gerrit-Change-Number: 784 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos <arne-open...@rfc2549.org> Gerrit-Reviewer: cron2 <g...@greenie.muc.de> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-MessageType: merged
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
