From d93ec4cfd4f312049232d35942a952bb5be7d33a Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Fri, 9 Mar 2018 09:21:01 +0100
Subject: crypto: Remove undocumented, unused and erroneous functions

crypto:dh_generate_parameters and crypto:dh_check
---
 lib/crypto/c_src/crypto.c | 68 -----------------------------------------------
 lib/crypto/src/crypto.erl | 22 ---------------
 2 files changed, 90 deletions(-)

(limited to 'lib')

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 9a3ea07c97..149387bcee 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -479,8 +479,6 @@ static ERL_NIF_TERM pkey_sign_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
 static ERL_NIF_TERM pkey_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM pkey_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rsa_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM dh_generate_parameters_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM dh_check(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dh_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM privkey_to_pubkey_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -568,8 +566,6 @@ static ErlNifFunc nif_funcs[] = {
     {"pkey_verify_nif", 6, pkey_verify_nif},
     {"pkey_crypt_nif", 6, pkey_crypt_nif},
     {"rsa_generate_key_nif", 2, rsa_generate_key_nif},
-    {"dh_generate_parameters_nif", 2, dh_generate_parameters_nif},
-    {"dh_check", 1, dh_check},
     {"dh_generate_key_nif", 4, dh_generate_key_nif},
     {"dh_compute_key_nif", 3, dh_compute_key_nif},
     {"privkey_to_pubkey_nif", 2, privkey_to_pubkey_nif},
@@ -3006,70 +3002,6 @@ static ERL_NIF_TERM rsa_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF
 			     rsa_generate_key, argc, argv);
 }
 
-static ERL_NIF_TERM dh_generate_parameters_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (PrimeLen, Generator) */
-    int prime_len, generator;
-    DH* dh_params = NULL;
-    int p_len, g_len;
-    unsigned char *p_ptr, *g_ptr;
-    ERL_NIF_TERM ret_p, ret_g;
-    const BIGNUM *dh_p, *dh_q, *dh_g;
-
-    if (!enif_get_int(env, argv[0], &prime_len)
-	|| !enif_get_int(env, argv[1], &generator)) {
-
-	return enif_make_badarg(env);
-    }
-
-    if (DH_generate_parameters_ex(dh_params, prime_len, generator, NULL)) {
-	return atom_error;
-    }
-    DH_get0_pqg(dh_params, &dh_p, &dh_q, &dh_g);
-    DH_free(dh_params);
-    p_len = BN_num_bytes(dh_p);
-    g_len = BN_num_bytes(dh_g);
-    p_ptr = enif_make_new_binary(env, p_len, &ret_p);
-    g_ptr = enif_make_new_binary(env, g_len, &ret_g);
-    BN_bn2bin(dh_p, p_ptr);
-    BN_bn2bin(dh_g, g_ptr);
-    ERL_VALGRIND_MAKE_MEM_DEFINED(p_ptr, p_len);
-    ERL_VALGRIND_MAKE_MEM_DEFINED(g_ptr, g_len);
-    return enif_make_list2(env, ret_p, ret_g);
-}
-
-static ERL_NIF_TERM dh_check(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* ([PrimeLen, Generator]) */
-    DH* dh_params;
-    int i;
-    ERL_NIF_TERM ret, head, tail;
-    BIGNUM *dh_p, *dh_g;
-
-    if (!enif_get_list_cell(env, argv[0], &head, &tail)
-	|| !get_bn_from_bin(env, head, &dh_p)
-	|| !enif_get_list_cell(env, tail, &head, &tail)
-	|| !get_bn_from_bin(env, head, &dh_g)
-	|| !enif_is_empty_list(env,tail)) {
-
-	return enif_make_badarg(env);
-    }
-
-    dh_params = DH_new();
-    DH_set0_pqg(dh_params, dh_p, NULL, dh_g);
-    if (DH_check(dh_params, &i)) {
-	if (i == 0) ret = atom_ok;
-	else if (i & DH_CHECK_P_NOT_PRIME) ret = atom_not_prime;
-	else if (i & DH_CHECK_P_NOT_SAFE_PRIME)	ret = atom_not_strong_prime;
-	else if (i & DH_UNABLE_TO_CHECK_GENERATOR) ret = atom_unable_to_check_generator;
-	else if (i & DH_NOT_SUITABLE_GENERATOR)	ret = atom_not_suitable_generator;
-	else ret = enif_make_tuple2(env, atom_unknown, enif_make_uint(env, i));
-    }
-    else { /* Check Failed */
-	ret = enif_make_tuple2(env, atom_error, atom_check_failed);
-    }
-    DH_free(dh_params);
-    return ret;
-}
-
 static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (PrivKey|undefined, DHParams=[P,G], Mpint, Len|0) */
     DH* dh_params;
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index df259d5419..ec2a1dba0a 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -42,7 +42,6 @@
 -export([stream_init/2, stream_init/3, stream_encrypt/2, stream_decrypt/2]).
 -export([public_encrypt/4, private_decrypt/4]).
 -export([private_encrypt/4, public_decrypt/4]).
--export([dh_generate_parameters/2, dh_check/1]). %% Testing see
 -export([privkey_to_pubkey/2]).
 -export([ec_curve/1, ec_curves/0]).
 -export([rand_seed/1]).
@@ -1090,27 +1089,6 @@ rsa_generate_key_nif(_Bits, _Exp) -> ?nif_stub.
 %% DH Diffie-Hellman functions
 %%
 
-%% Generate (and check) Parameters is not documented because they are implemented
-%% for testing (and offline parameter generation) only.
-%% From the openssl doc:
-%%  DH_generate_parameters() may run for several hours before finding a suitable prime.
-%% Thus dh_generate_parameters may in this implementation block
-%% the emulator for several hours.
-%%
-%% usage: dh_generate_parameters(1024, 2 or 5) ->
-%%    [Prime=mpint(), SharedGenerator=mpint()]
-dh_generate_parameters(PrimeLen, Generator) ->
-    case dh_generate_parameters_nif(PrimeLen, Generator) of
-	error -> erlang:error(generation_failed, [PrimeLen,Generator]);
-	Ret -> Ret
-    end.
-
-dh_generate_parameters_nif(_PrimeLen, _Generator) -> ?nif_stub.
-
-%% Checks that the DHParameters are ok.
-%% DHParameters = [P (Prime)= mpint(), G(Generator) = mpint()]
-dh_check([_Prime,_Gen]) -> ?nif_stub.
-
 %% DHParameters = [P (Prime)= mpint(), G(Generator) = mpint()]
 %% PrivKey = mpint()
 dh_generate_key_nif(_PrivateKey, _DHParameters, _Mpint, _Length) -> ?nif_stub.
-- 
cgit v1.2.3