Google Git
Sign in
boringssl/boringssl.git/refs/heads/main^!/.
commit
cd28a8217b3bc27cd3748be10c1efbdbe159b4c7
[log]
author
David Benjamin <davidben@google.com>
Mon Jun 15 14:41:38 2026 -0400
committer
boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Tue Jun 16 13:53:27 2026 -0700
tree
29185e6607406745feb7e7580bad01d46786801c
parent
06fc6f762f5603bdedaed92b7a5cc30b32b1f1f2 [diff]
Remove PEM_TYPE_* constants

Update-Note: PEM_TYPE_* constants are removed. There was no way for
callers to use them. The numbers were not significant (PEM uses strings)
and no exported function accepted them.

Since the constants were only used in one place, we could actually
inline it entirely into a hardcoded "Proc-Type: 4,ENCRYPTED" because we
don't support other PEM modes anyway.

Bug: 42290574
Change-Id: I246f934f9ec71d55a42934b3f0e756c514e2108b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/97329
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/pem/pem_lib.cc b/crypto/pem/pem_lib.cc
index a5f57ee..0e4d75b 100644
--- a/crypto/pem/pem_lib.cc
+++ b/crypto/pem/pem_lib.cc

@@ -45,25 +45,6 @@
 static int load_iv(const char **fromp, unsigned char *to, size_t num);
 static bool check_pem(std::string_view name, std::string_view expected);
 
-// PEM_proc_type appends a Proc-Type header to `buf`, determined by `type`.
-static void PEM_proc_type(char buf[PEM_BUFSIZE], int type) {
-  const char *str;
-
-  if (type == PEM_TYPE_ENCRYPTED) {
-    str = "ENCRYPTED";
-  } else if (type == PEM_TYPE_MIC_CLEAR) {
-    str = "MIC-CLEAR";
-  } else if (type == PEM_TYPE_MIC_ONLY) {
-    str = "MIC-ONLY";
-  } else {
-    str = "BAD-TYPE";
-  }
-
-  OPENSSL_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
-  OPENSSL_strlcat(buf, str, PEM_BUFSIZE);
-  OPENSSL_strlcat(buf, "\n", PEM_BUFSIZE);
-}
-
 // PEM_dek_info appends a DEK-Info header to `buf`, with an algorithm of `type`
 // and a single parameter, specified by hex-encoding `len` bytes from `str`.
 static void PEM_dek_info(char buf[PEM_BUFSIZE], const char *type, size_t len,
@@ -289,10 +270,8 @@
 
     assert(strlen(objstr) + 23 + 2 * iv_len + 13 <= sizeof(buf));
 
-    buf[0] = '\0';
-    PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
+    OPENSSL_strlcpy(buf, "Proc-Type: 4,ENCRYPTED\n", sizeof(buf));
     PEM_dek_info(buf, objstr, iv_len, (char *)iv);
-    // k=strlen(buf);
 
     ret = 1;
     if (!EVP_EncryptInit_ex(ctx.get(), enc, nullptr, key, iv) ||

diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 991a147..6cd1b05 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h

@@ -369,11 +369,6 @@
 //
 // TODO(crbug.com/42290574): Finish documenting and organizing this header.
 
-#define PEM_TYPE_ENCRYPTED 10
-#define PEM_TYPE_MIC_ONLY 20
-#define PEM_TYPE_MIC_CLEAR 30
-#define PEM_TYPE_CLEAR 40
-
 #define DECLARE_PEM_read_fp(name, type)                      \
   OPENSSL_EXPORT type *PEM_read_##name(FILE *fp, type **out, \
                                        pem_password_cb *cb, void *userdata);