From: Kevin Jones Date: Fri, 16 Oct 2020 16:49:03 +0000 (-0400) Subject: Remove unused Unix PKCS12 shims X-Git-Tag: submit/tizen/20210909.063632~5051 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=149964acb7dd9bbeaa270a755aa8a80fadfc0ef1;p=platform%2Fupstream%2Fdotnet%2Fruntime.git Remove unused Unix PKCS12 shims Because the PKCS#12/PFX import is now done with managed code, the PKCS12 shim was dead code. --- diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Pkcs12.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Pkcs12.cs deleted file mode 100644 index c52d2c5..0000000 --- a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Pkcs12.cs +++ /dev/null @@ -1,44 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. - -using System; -using System.Runtime.InteropServices; -using System.Security.Cryptography; -using Microsoft.Win32.SafeHandles; - -internal static partial class Interop -{ - internal static partial class Crypto - { - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_DecodePkcs12")] - internal static extern unsafe SafePkcs12Handle DecodePkcs12(byte[] buf, int len); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_DecodePkcs12FromBio")] - internal static extern SafePkcs12Handle DecodePkcs12FromBio(SafeBioHandle bio); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_Pkcs12Destroy")] - internal static extern void Pkcs12Destroy(IntPtr p12); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_Pkcs12Create", CharSet = CharSet.Ansi)] - internal static extern SafePkcs12Handle Pkcs12Create( - SafePasswordHandle pass, - SafeEvpPKeyHandle pkey, - SafeX509Handle cert, - SafeX509StackHandle ca); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetPkcs12DerSize")] - internal static extern int GetPkcs12DerSize(SafePkcs12Handle p12); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EncodePkcs12")] - internal static extern int EncodePkcs12(SafePkcs12Handle p12, byte[] buf); - - [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_Pkcs12Parse")] - [return: MarshalAs(UnmanagedType.Bool)] - internal static extern bool Pkcs12Parse( - SafePkcs12Handle p12, - SafePasswordHandle pass, - out SafeEvpPKeyHandle pkey, - out SafeX509Handle cert, - out SafeX509StackHandle ca); - } -} diff --git a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafePkcs12Handle.Unix.cs b/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafePkcs12Handle.Unix.cs deleted file mode 100644 index 0a4cdcf..0000000 --- a/src/libraries/Common/src/Microsoft/Win32/SafeHandles/SafePkcs12Handle.Unix.cs +++ /dev/null @@ -1,28 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. - -using System; -using System.Runtime.InteropServices; - -namespace Microsoft.Win32.SafeHandles -{ - internal sealed class SafePkcs12Handle : SafeHandle - { - private SafePkcs12Handle() : - base(IntPtr.Zero, ownsHandle: true) - { - } - - protected override bool ReleaseHandle() - { - Interop.Crypto.Pkcs12Destroy(handle); - SetHandle(IntPtr.Zero); - return true; - } - - public override bool IsInvalid - { - get { return handle == IntPtr.Zero; } - } - } -} diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt b/src/libraries/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt index 42f845d..e59120b 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt @@ -59,7 +59,6 @@ set(NATIVECRYPTO_SOURCES pal_evp_cipher.c pal_hmac.c pal_ocsp.c - pal_pkcs12.c pal_pkcs7.c pal_rsa.c pal_ssl.c diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h index 0bfdde8..e48ba5f 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h @@ -246,8 +246,6 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi REQUIRED_FUNCTION(d2i_BASIC_CONSTRAINTS) \ REQUIRED_FUNCTION(d2i_EXTENDED_KEY_USAGE) \ REQUIRED_FUNCTION(d2i_OCSP_RESPONSE) \ - REQUIRED_FUNCTION(d2i_PKCS12) \ - REQUIRED_FUNCTION(d2i_PKCS12_bio) \ REQUIRED_FUNCTION(d2i_PKCS12_fp) \ REQUIRED_FUNCTION(d2i_PKCS7) \ REQUIRED_FUNCTION(d2i_PKCS7_bio) \ @@ -396,7 +394,6 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi REQUIRED_FUNCTION(i2d_ASN1_TYPE) \ REQUIRED_FUNCTION(i2d_OCSP_REQUEST) \ REQUIRED_FUNCTION(i2d_OCSP_RESPONSE) \ - REQUIRED_FUNCTION(i2d_PKCS12) \ REQUIRED_FUNCTION(i2d_PKCS7) \ REQUIRED_FUNCTION(i2d_X509) \ REQUIRED_FUNCTION(i2d_X509_PUBKEY) \ @@ -438,7 +435,6 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi REQUIRED_FUNCTION(PEM_read_bio_X509_AUX) \ REQUIRED_FUNCTION(PEM_read_bio_X509_CRL) \ REQUIRED_FUNCTION(PEM_write_bio_X509_CRL) \ - REQUIRED_FUNCTION(PKCS12_create) \ REQUIRED_FUNCTION(PKCS12_free) \ REQUIRED_FUNCTION(PKCS12_parse) \ REQUIRED_FUNCTION(PKCS7_sign) \ @@ -660,8 +656,6 @@ FOR_ALL_OPENSSL_FUNCTIONS #define d2i_BASIC_CONSTRAINTS d2i_BASIC_CONSTRAINTS_ptr #define d2i_EXTENDED_KEY_USAGE d2i_EXTENDED_KEY_USAGE_ptr #define d2i_OCSP_RESPONSE d2i_OCSP_RESPONSE_ptr -#define d2i_PKCS12 d2i_PKCS12_ptr -#define d2i_PKCS12_bio d2i_PKCS12_bio_ptr #define d2i_PKCS12_fp d2i_PKCS12_fp_ptr #define d2i_PKCS7 d2i_PKCS7_ptr #define d2i_PKCS7_bio d2i_PKCS7_bio_ptr @@ -810,7 +804,6 @@ FOR_ALL_OPENSSL_FUNCTIONS #define i2d_ASN1_TYPE i2d_ASN1_TYPE_ptr #define i2d_OCSP_REQUEST i2d_OCSP_REQUEST_ptr #define i2d_OCSP_RESPONSE i2d_OCSP_RESPONSE_ptr -#define i2d_PKCS12 i2d_PKCS12_ptr #define i2d_PKCS7 i2d_PKCS7_ptr #define i2d_X509 i2d_X509_ptr #define i2d_X509_PUBKEY i2d_X509_PUBKEY_ptr @@ -852,7 +845,6 @@ FOR_ALL_OPENSSL_FUNCTIONS #define PEM_read_bio_X509_AUX PEM_read_bio_X509_AUX_ptr #define PEM_read_bio_X509_CRL PEM_read_bio_X509_CRL_ptr #define PEM_write_bio_X509_CRL PEM_write_bio_X509_CRL_ptr -#define PKCS12_create PKCS12_create_ptr #define PKCS12_free PKCS12_free_ptr #define PKCS12_parse PKCS12_parse_ptr #define PKCS7_sign PKCS7_sign_ptr diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.c deleted file mode 100644 index 91eba78..0000000 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.c +++ /dev/null @@ -1,67 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. - -#include "pal_pkcs12.h" - -PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return NULL; - } - - return d2i_PKCS12(NULL, &buf, len); -} - -PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio) -{ - return d2i_PKCS12_bio(bio, NULL); -} - -void CryptoNative_Pkcs12Destroy(PKCS12* p12) -{ - if (p12 != NULL) - { - PKCS12_free(p12); - } -} - -PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca) -{ - return PKCS12_create( - pass, NULL, pkey, cert, ca, NID_undef, NID_undef, PKCS12_DEFAULT_ITER, PKCS12_DEFAULT_ITER, 0); -} - -int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12) -{ - return i2d_PKCS12(p12, NULL); -} - -int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf) -{ - return i2d_PKCS12(p12, &buf); -} - -int32_t CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_PKEY** pkey, X509** cert, X509Stack** ca) -{ - int32_t ret = PKCS12_parse(p12, pass, pkey, cert, ca); - - if (ret) - { - // PKCS12_parse's main loop can put a lot of spurious errors into the - // error queue. If we're returning success, clear the error queue. - ERR_clear_error(); - } - else - { - // If PKCS12_parse encounters an error it will free the handles it - // created, but it does not clear the output parameters they were - // placed in. - // If those handles make it back into managed code they will crash - // the coreclr when Disposed. - *pkey = NULL; - *cert = NULL; - } - - return ret; -} diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h deleted file mode 100644 index c1ccc94..0000000 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h +++ /dev/null @@ -1,57 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. - -#include "pal_crypto_types.h" -#include "pal_compiler.h" -#include "opensslshim.h" - -/* -Shims the d2i_PKCS12 method and makes it easier to invoke from managed code. -*/ -PALEXPORT PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len); - -/* -Shims the d2i_PKCS12_bio method. - -Returns the new PKCS12 instance. -*/ -PALEXPORT PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio); - -/* -Cleans up and deletes a PKCS12 instance. - -Implemented by calling PKCS12_free. - -No-op if p12 is null. -The given PKCS12 pointer is invalid after this call. -Always succeeds. -*/ -PALEXPORT void CryptoNative_Pkcs12Destroy(PKCS12* p12); - -/* -Shims the PKCS12_create method. - -Returns the new PKCS12 instance. -*/ -PALEXPORT PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca); - -/* -Returns the number of bytes it will take to convert -the PKCS12 to a DER format. -*/ -PALEXPORT int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12); - -/* -Shims the i2d_PKCS12 method. - -Returns the number of bytes written to buf. -*/ -PALEXPORT int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf); - -/* -Shims the PKCS12_parse method. - -Returns 1 on success, otherwise 0. -*/ -PALEXPORT int32_t -CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_PKEY** pkey, X509** cert, X509Stack** ca); diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj b/src/libraries/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj index 8d95ba2..726b4b7 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj +++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj @@ -342,8 +342,6 @@ Link="Common\Interop\Unix\System.Security.Cryptography.Native\Interop.Initialization.cs" /> - -