Remove DER64 functions in trunk: they will never be used again unless the directory authorities switch back to 0.0.9tooearly.

svn:r6376

src/common/crypto.c

@@ -574,70 +574,6 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
   return r;
 }
 
-/** Allocate a new string in *<b>out</b>, containing the public portion of the
- * RSA key in <b>env</b>, encoded first with DER, then in base-64.  Return the
- * length of the encoded representation on success, and -1 on failure.
- *
- * <i>This function is for temporary use only.  We need a simple
- * one-line representation for keys to work around a bug in parsing
- * directories containing "opt keyword\n-----BEGIN OBJECT----" entries
- * in versions of Tor up to 0.0.9pre2.</i>
- */
-int
-crypto_pk_DER64_encode_public_key(crypto_pk_env_t *env, char **out)
-{
-  int len;
-  char buf[PK_BYTES*2]; /* Too long, but hey, stacks are big. */
-  tor_assert(env);
-  tor_assert(out);
-  len = crypto_pk_asn1_encode(env, buf, sizeof(buf));
-  if (len < 0) {
-    return -1;
-  }
-  *out = tor_malloc(len * 2); /* too long, but safe. */
-  if (base64_encode(*out, len*2, buf, len) < 0) {
-    log_warn(LD_CRYPTO, "Error base64-encoding DER-encoded key");
-    tor_free(*out);
-    return -1;
-  }
-  /* Remove spaces */
-  tor_strstrip(*out, " \r\n\t");
-  return strlen(*out);
-}
-
-/** Decode a base-64 encoded DER representation of an RSA key from <b>in</b>,
- * and store the result in <b>env</b>.  Return 0 on success, -1 on failure.
- *
- * <i>This function is for temporary use only.  We need a simple
- * one-line representation for keys to work around a bug in parsing
- * directories containing "opt keyword\n-----BEGIN OBJECT----" entries
- * in versions of Tor up to 0.0.9pre2.</i>
- */
-crypto_pk_env_t *
-crypto_pk_DER64_decode_public_key(const char *in)
-{
-  char partitioned[PK_BYTES*2 + 16];
-  char buf[PK_BYTES*2];
-  int len;
-  tor_assert(in);
-  len = strlen(in);
-
-  if (strlen(in) > PK_BYTES*2) {
-    return NULL;
-  }
-  /* base64_decode doesn't work unless we insert linebreaks every 64
-   * characters.  how dumb. */
-  if (tor_strpartition(partitioned, sizeof(partitioned), in, "\n", 64,
-                       ALWAYS_TERMINATE))
-    return NULL;
-  len = base64_decode(buf, sizeof(buf), partitioned, strlen(partitioned));
-  if (len<0) {
-    log_warn(LD_CRYPTO,"Error base-64 decoding key");
-    return NULL;
-  }
-  return crypto_pk_asn1_decode(buf, len);
-}
-
 /** Return true iff <b>env</b> has a valid key.
  */
 int

src/common/crypto.h

@@ -79,8 +79,6 @@ int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
                                           const char *src, size_t len);
 int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
                                             const char *fname);
-int crypto_pk_DER64_encode_public_key(crypto_pk_env_t *env, char **dest);
-crypto_pk_env_t *crypto_pk_DER64_decode_public_key(const char *in);
 
 int crypto_pk_check_key(crypto_pk_env_t *env);
 int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);

src/or/routerparse.c

@@ -540,14 +540,6 @@ find_dir_signing_key(const char *str)
   if (tok->key) {
     key = tok->key;
     tok->key = NULL; /* steal reference. */
-  } else if (tok->n_args >= 1) {
-    /** XXXX Once all the directories are running 0.1.0.6-rc or later, we
-     * can remove this logic. */
-    key = crypto_pk_DER64_decode_public_key(tok->args[0]);
-    if (!key) {
-      log_warn(LD_DIR, "Unparseable dir-signing-key argument");
-      return NULL;
-    }
   } else {
     log_warn(LD_DIR, "Dir-signing-key token contained no key");
     return NULL;

src/or/test.c

@@ -416,19 +416,6 @@ test_crypto(void)
   test_eq(0, crypto_pk_cmp_keys(pk1, pk2));
   tor_free(cp);
 
-  /* Check DER encoding */
-  i=crypto_pk_DER64_encode_public_key(pk1, &cp);
-  test_assert(i>0);
-  test_assert(cp);
-  test_assert(!strchr(cp, ' '));
-  test_assert(!strchr(cp, '\n'));
-  test_eq(0, crypto_pk_cmp_keys(pk1, pk1));
-  crypto_free_pk_env(pk2);
-  pk2 = crypto_pk_DER64_decode_public_key(cp);
-  test_assert(pk2);
-  test_eq(0, crypto_pk_cmp_keys(pk1, pk2));
-  tor_free(cp);
-
   test_eq(128, crypto_pk_keysize(pk1));
   test_eq(128, crypto_pk_keysize(pk2));