OCF: Remove support for asymmetric cryptographic operations.

There haven't been any non-obscure drivers that supported this
functionality and it has been impossible to test to ensure that it
still works.  The only known consumer of this interface was the engine
in OpenSSL < 1.1.  Modern OpenSSL versions do not include support for
this interface as it was not well-documented.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D29736

15 files changed, 56 insertions, 1347 deletions

diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
index 1019436f1e28..39cb638129e9 100644
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@@ -40,6 +40,13 @@
 #   xargs -n1 | sort | uniq -d;
 # done
 
+# 20210412: Remove kernel asymmetric crypto
+OLD_FILES+=usr/share/man/man9/crypto_asym.9
+OLD_FILES+=usr/share/man/man9/crypto_kdispatch.9
+OLD_FILES+=usr/share/man/man9/crypto_kdone.9
+OLD_FILES+=usr/share/man/man9/crypto_kregister.9
+OLD_FILES+=usr/share/man/man9/CRYPTODEV_KPROCESS.9
+
 # 20210410: remove unused libexec/rc.d/archdep
 OLD_FILES+=etc/rc.d/archdep
 
diff --git a/share/man/man4/crypto.4 b/share/man/man4/crypto.4
index f146b50ecd4b..56fd4f484c3b 100644
--- a/share/man/man4/crypto.4
+++ b/share/man/man4/crypto.4
@@ -60,7 +60,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd November 24, 2020
+.Dd April 12, 2021
 .Dt CRYPTO 4
 .Os
 .Sh NAME
@@ -93,53 +93,32 @@ then issue
 calls on the descriptor.
 User-mode access to
 .Pa /dev/crypto
-is controlled by two
+is controlled by the
+.Ic kern.cryptodevallowsoft
 .Xr sysctl 8
-variables:
-.Ic kern.userasymcrypto
-and
-.Ic kern.cryptodevallowsoft .
-.Pp
-The
-.Nm
-device provides two distinct modes of operation: one mode for
-symmetric-keyed cryptographic requests and digests, and a second mode for
-both asymmetric-key (public-key/private-key) requests and
-modular arithmetic (for Diffie-Hellman key exchange and other
-cryptographic protocols).
-The two modes are described separately below.
-.Sh DEPRECATION NOTICE
-The asymmetric-key operations supported by this interface will not be
-present in
-.Fx 14.0
-and later.
+variable.
+If this variable is zero,
+then user-mode sessions are only permitted to use cryptography coprocessors.
 .Sh THEORY OF OPERATION
-Regardless of whether symmetric-key or asymmetric-key operations are
-to be performed, use of the device requires a basic series of steps:
+Use of the device requires a basic series of steps:
 .Bl -enum
 .It
 Open the
 .Pa /dev/crypto
 device.
 .It
-If any symmetric-keyed cryptographic or digest operations will be performed,
-create a session with
+Create a session with
 .Dv CIOCGSESSION
 or
 .Dv CIOCGSESSION2 .
-Most applications will require at least one symmetric session.
+Applications will require at least one symmetric session.
 Since cipher and MAC keys are tied to sessions, many
 applications will require more.
-Asymmetric operations do not use sessions.
 .It
 Submit requests, synchronously with
 .Dv CIOCCRYPT
-(symmetric),
-.Dv CIOCCRYPTAEAD
-(symmetric),
 or
-.Dv CIOCKEY
-(asymmetric).
+.Dv CIOCCRYPTAEAD .
 .It
 Optionally destroy a session with
 .Dv CIOCFSESSION .
@@ -151,22 +130,27 @@ This will automatically close any remaining sessions associated with the
 file desriptor.
 .El
 .Sh SYMMETRIC-KEY OPERATION
-The symmetric-key operation mode provides a context-based API
+.Nm cryptodev
+provides a context-based API
 to traditional symmetric-key encryption (or privacy) algorithms,
-or to keyed and unkeyed one-way hash (HMAC and MAC) algorithms.
-The symmetric-key mode also permits encrypt-then-authenticate fused operation,
-where the hardware performs both a privacy algorithm and an integrity-check
+keyed and unkeyed one-way hash (HMAC and MAC) algorithms,
+encrypt-then-authenticate (ETA) fused operations,
+and authenticated encryption with additional data (AEAD) operations.
+For ETA operations,
+drivers perform both a privacy algorithm and an integrity-check
 algorithm in a single pass over the data: either a fused
 encrypt/HMAC-generate operation, or a fused HMAC-verify/decrypt operation.
+Similarly, for AEAD operations,
+drivers perform either an encrypt/MAC-generate operation
+or a MAC-verify/decrypt operation.
 .Pp
-To use symmetric mode, you must first create a session specifying
-the algorithm(s) and key(s) to use; then issue encrypt or decrypt
-requests against the session.
+The algorithm(s) and key(s) to use are specified when a session is
+created.
+Individual requests are able to specify per-request initialization vectors
+or nonces.
 .Ss Algorithms
 For a list of supported algorithms, see
-.Xr crypto 7
-and
-.Xr crypto 9 .
+.Xr crypto 7 .
 .Ss IOCTL Request Descriptions
 .\"
 .Bl -tag -width CIOCGSESSION
@@ -216,11 +200,13 @@ privacy algorithm, integrity algorithm, and keys specified in
 The special value 0 for either privacy or integrity
 is reserved to indicate that the indicated operation (privacy or integrity)
 is not desired for this session.
+ETA sessions specify both privacy and integrity algorithms.
+AEAD sessions specify only a privacy algorithm.
 .Pp
 Multiple sessions may be bound to a single file descriptor.
 The session ID returned in
 .Fa sessp-\*[Gt]ses
-is supplied as a required field in the symmetric-operation structure
+is supplied as a required field in the operation structure
 .Fa crypt_op
 for future encryption or hashing requests.
 .\" .Pp
@@ -229,7 +215,7 @@ for future encryption or hashing requests.
 .\" .Nx
 .\" extension.
 .Pp
-For non-zero symmetric-key privacy algorithms, the privacy algorithm
+For non-zero privacy algorithms, the privacy algorithm
 must be specified in
 .Fa sessp-\*[Gt]cipher ,
 the key length in
@@ -290,7 +276,7 @@ struct crypt_op {
 };
 
 .Ed
-Request a symmetric-key (or hash) operation.
+Request an encryption/decryption (or hash) operation.
 To encrypt, set
 .Fa cr_op-\*[Gt]op
 to
@@ -344,75 +330,6 @@ to include in the authentication mode.
 Destroys the session identified by
 .Fa ses_id .
 .El
-.\"
-.Sh ASYMMETRIC-KEY OPERATION
-.Ss Asymmetric-key algorithms
-Contingent upon hardware support, the following asymmetric
-(public-key/private-key; or key-exchange subroutine) operations may
-also be available:
-.Pp
-.Bl -column "CRK_DH_COMPUTE_KEY" "Input parameter" "Output parameter" -offset indent -compact
-.It Em "Algorithm" Ta "Input parameter" Ta "Output parameter"
-.It Em " " Ta "Count" Ta "Count"
-.It Dv CRK_MOD_EXP Ta 3 Ta 1
-.It Dv CRK_MOD_EXP_CRT Ta 6 Ta 1
-.It Dv CRK_DSA_SIGN Ta 5 Ta 2
-.It Dv CRK_DSA_VERIFY Ta 7 Ta 0
-.It Dv CRK_DH_COMPUTE_KEY Ta 3 Ta 1
-.El
-.Pp
-See below for discussion of the input and output parameter counts.
-.Ss Asymmetric-key commands
-.Bl -tag -width CIOCKEY
-.It Dv CIOCASYMFEAT Fa int *feature_mask
-Returns a bitmask of supported asymmetric-key operations.
-Each of the above-listed asymmetric operations is present
-if and only if the bit position numbered by the code for that operation
-is set.
-For example,
-.Dv CRK_MOD_EXP
-is available if and only if the bit
-.Pq 1 \*[Lt]\*[Lt] Dv CRK_MOD_EXP
-is set.
-.It Dv CIOCKEY Fa struct crypt_kop *kop
-.Bd -literal
-struct crypt_kop {
-    u_int crk_op;		/* e.g. CRK_MOD_EXP */
-    u_int crk_status;		/* return status */
-    u_short crk_iparams;	/* # of input params */
-    u_short crk_oparams;	/* # of output params */
-    u_int crk_pad1;
-    struct crparam crk_param[CRK_MAXPARAM];
-};
-
-/* Bignum parameter, in packed bytes. */
-struct crparam {
-    void * crp_p;
-    u_int crp_nbits;
-};
-
-.Ed
-Performs an asymmetric-key operation from the list above.
-The specific operation is supplied in
-.Fa kop-\*[Gt]crk_op ;
-final status for the operation is returned in
-.Fa kop-\*[Gt]crk_status .
-The number of input arguments and the number of output arguments
-is specified in
-.Fa kop-\*[Gt]crk_iparams
-and
-.Fa kop-\*[Gt]crk_iparams ,
-respectively.
-The field
-.Fa crk_param[]
-must be filled in with exactly
-.Fa kop-\*[Gt]crk_iparams + kop-\*[Gt]crk_oparams
-arguments, each encoded as a
-.Fa struct crparam
-(address, bitlength) pair.
-.Pp
-The semantics of these arguments are currently undocumented.
-.El
 .Sh SEE ALSO
 .Xr aesni 4 ,
 .Xr hifn 4 ,
@@ -444,5 +361,3 @@ must follow whether privacy or integrity algorithms were specified for
 session: if you request a
 .No non- Ns Dv NULL
 algorithm, you must supply a suitably-sized buffer.
-.Pp
-The scheme for passing arguments for asymmetric requests is baroque.
diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index efdd8b2f6e9c..1a68b1f80882 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -72,7 +72,6 @@ MAN=	accept_filter.9 \
 	cr_seeothergids.9 \
 	cr_seeotheruids.9 \
 	crypto.9 \
-	crypto_asym.9 \
 	crypto_buffer.9 \
 	crypto_driver.9 \
 	crypto_request.9 \
@@ -913,10 +912,6 @@ MLINKS+=cpuset.9 CPUSET_T_INITIALIZER.9 \
 	cpuset.9 CPU_COPY_STORE_REL.9
 MLINKS+=critical_enter.9 critical.9 \
 	critical_enter.9 critical_exit.9
-MLINKS+=crypto_asym.9 crypto_kdispatch.9 \
-	crypto_asym.9 crypto_kdone.9 \
-	crypto_asym.9 crypto_kregister.9 \
-	crypto_asym.9 CRYPTODEV_KPROCESS.9
 MLINKS+=crypto_buffer.9 crypto_apply.9 \
 	crypto_buffer.9 crypto_apply_buf.9 \
 	crypto_buffer.9 crypto_buffer_contiguous_segment.9 \
diff --git a/share/man/man9/crypto.9 b/share/man/man9/crypto.9
index 69fe3339a757..d78daa253945 100644
--- a/share/man/man9/crypto.9
+++ b/share/man/man9/crypto.9
@@ -17,7 +17,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 18, 2021
+.Dd April 12, 2021
 .Dt CRYPTO 9
 .Os
 .Sh NAME
@@ -35,15 +35,10 @@ through the
 device.
 .Pp
 .Nm
-supports two modes of operation:
-one mode for symmetric-keyed cryptographic requests and digest,
-and a second mode for asymmetric-key requests and modular arithmetic.
-.Ss Symmetric-Key Mode
-Symmetric-key operations include encryption and decryption operations
+supports encryption and decryption operations
 using block and stream ciphers as well as computation and verification
 of message authentication codes (MACs).
-In this mode,
-consumers allocate sessions to describe a transform as discussed in
+Consumers allocate sessions to describe a transform as discussed in
 .Xr crypto_session 9 .
 Consumers then allocate request objects to describe each transformation
 such as encrypting a network packet or decrypting a disk sector.
@@ -56,18 +51,6 @@ consumers.
 describes the interfaces drivers use to register with the framework,
 helper routines the framework provides to faciliate request processing,
 and the interfaces drivers are required to provide.
-.Ss Asymmetric-Key Mode
-Assymteric-key operations do not use sessions.
-Instead,
-these operations perform individual mathematical operations using a set
-of input and output parameters.
-These operations are described in
-.Xr crypto_asym 9 .
-Drivers that support asymmetric operations use additional interfaces
-described in
-.Xr crypto_asym 9
-in addition to the base interfaces described in
-.Xr crypto_driver 9 .
 .Ss Callbacks
 Since the consumers may not be associated with a process, drivers may
 not
@@ -83,10 +66,9 @@ Errors are reported to the callback function.
 Session initialization does not use callbacks and returns errors
 synchronously.
 .Ss Session Migration
-For symmetric-key operations,
-a specific error code,
+Operations may fail with a specific error code,
 .Er EAGAIN ,
-is used to indicate that a session handle has changed and that the
+to indicate that a session handle has changed and that the
 request may be re-submitted immediately with the new session.
 The consumer should update its saved copy of the session handle
 to the value of
@@ -95,9 +77,6 @@ so that future requests use the new session.
 .Ss Supported Algorithms
 More details on some algorithms may be found in
 .Xr crypto 7 .
-These algorithms are used for symmetric-mode operations.
-Asymmetric-mode operations support operations described in
-.Xr crypto_asym 9 .
 .Pp
 The following authentication algorithms are supported:
 .Pp
@@ -156,7 +135,6 @@ most of the framework code
 .Xr crypto 4 ,
 .Xr ipsec 4 ,
 .Xr crypto 7 ,
-.Xr crypto_asym 9 ,
 .Xr crypto_driver 9 ,
 .Xr crypto_request 9 ,
 .Xr crypto_session 9 ,
diff --git a/share/man/man9/crypto_asym.9 b/share/man/man9/crypto_asym.9
deleted file mode 100644
index c21a72f8d1c4..000000000000
--- a/share/man/man9/crypto_asym.9
+++ /dev/null
@@ -1,178 +0,0 @@
-.\" Copyright (c) 2020, Chelsio Inc
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright notice,
-.\"    this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" 3. Neither the name of the Chelsio Inc nor the names of its
-.\"    contributors may be used to endorse or promote products derived from
-.\"    this software without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-.\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-.\" POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" * Other names and brands may be claimed as the property of others.
-.\"
-.\" $FreeBSD$
-.\"
-.Dd March 27, 2020
-.Dt CRYPTO_ASYM 9
-.Os
-.Sh NAME
-.Nm crypto_asym
-.Nd asymmetric cryptographic operations
-.Sh SYNOPSIS
-.In opencrypto/cryptodev.h
-.Ft int
-.Fn crypto_kdispatch "struct cryptkop *krp"
-.Ft void
-.Fn crypto_kdone "struct cryptkop *krp"
-.Ft int
-.Fn crypto_kregister "uint32_t driverid" "int kalg" "uint32_t flags"
-.Ft int
-.Fn CRYPTODEV_KPROCESS "device_t dev" "struct cryptop *krp" "int flags"
-.Sh DESCRIPTION
-The in-kernel cryptographic kernel framework supports asymmetric
-requests (keying requests) in addition to symmetric operations.
-There are currently no in-kernel users of these requests,
-but applications can make requests of hardware drivers via the
-.Pa /dev/crypto
-device .
-.Pp
-Some APIs are shared with the framework's symmetric request support.
-This manual describes the APIs and data structures unique to
-asymmetric requests.
-.Pp
-.Ss Request Objects
-A request is described by a
-.Vt struct cryptkop
-containing the following fields:
-.Bl -tag -width "krp_callback"
-.It Fa krp_op
-Operation to perform.
-Available operations include
-.Dv CRK_MOD_EXP ,
-.Dv CRK_MOD_EXP_CRT ,
-.Dv CRK_DSA_SIGN ,
-.Dv CRK_DSA_VERIFY ,
-and
-.Dv CRK_DH_COMPUTE_KEY .
-.It Fa krp_status
-Error status.
-Either zero on success,
-or an error if an operation fails.
-Set by drivers prior to completing a request via
-.Fn crypto_kdone .
-.It Fa krp_iparams
-Count of input parameters.
-.It Fa krp_oparams
-Count of output parameters.
-.It Fa krp_crid
-Requested device.
-.It Fa krp_hid
-Device used to complete the request.
-.It Fa krp_param
-Array of parameters.
-The array contains the input parameters first followed by the output
-parameters.
-Each parameter is stored as a bignum.
-Each bignum is described by a
-.Vt struct crparam
-containing the following fields:
-.Bl -tag -width "crp_nbits"
-.It Fa crp_p
-Pointer to array of packed bytes.
-.It Fa crp_nbits
-Size of bignum in bits.
-.El
-.It Fa krp_callback
-Callback function.
-This must point to a callback function of type
-.Vt void (*)(struct cryptkop *) .
-The callback function should inspect
-.Fa krp_status
-to determine the status of the completed operation.
-.El
-.Pp
-New requests should be initialized to zero before setting fields to
-appropriate values.
-Once the request has been populated,
-it should be passed to
-.Fn crypto_kdispatch .
-.Pp
-.Fn crypto_kdispatch
-will choose a device driver to perform the operation described by
-.Fa krp
-and invoke that driver's
-.Fn CRYPTO_KPROCESS
-method.
-.Ss Driver API
-Drivers register support for asymmetric operations by calling
-.Fn crypto_kregister
-for each supported algorithm.
-.Fa driverid
-should be the value returned by an earlier call to
-.Fn crypto_get_driverid .
-.Fa kalg
-should list one of the operations that can be set in
-.Fa krp_op .
-.Fa flags
-is a bitmask of zero or more of the following values:
-.Bl -tag -width "CRYPTO_ALG_FLAG_RNG_ENABLE"
-.It Dv CRYPTO_ALG_FLAG_RNG_ENABLE
-Device has a hardware RNG for DH/DSA.
-.It Dv CRYPTO_ALG_FLAG_DSA_SHA
-Device can compute a SHA digest of a message.
-.El
-.Pp
-Drivers unregister with the framework via
-.Fn crypto_unregister_all .
-.Pp
-Similar to
-.Fn CRYPTO_PROCESS ,
-.Fn CRYPTO_KPROCESS
-should complete the request or schedule it for asynchronous
-completion.
-If this method is not able to complete a request due to insufficient
-resources,
-it can defer the request (and future asymmetric requests) by returning
-.Dv ERESTART .
-Once resources are available,
-the driver should invoke
-.Fn crypto_unblock
-with
-.Dv CRYPTO_ASYMQ
-to resume processing of asymmetric requests.
-.Pp
-Once a request is completed,
-the driver should set
-.Fa krp_status
-and then call
-.Fn crypto_kdone .
-.Sh RETURN VALUES
-.Fn crypto_kdispatch ,
-.Fn crypto_kregister ,
-and
-.Fn CRYPTODEV_KPROCESS
-return zero on success or an error on failure.
-.Sh SEE ALSO
-.Xr crypto 7 ,
-.Xr crypto 9 ,
-.Xr crypto_driver 9 ,
-.Xr crypto_request 9 ,
-.Xr crypto_session 9
diff --git a/share/man/man9/crypto_driver.9 b/share/man/man9/crypto_driver.9
index 930cc0d8bde4..b0032e7fa385 100644
--- a/share/man/man9/crypto_driver.9
+++ b/share/man/man9/crypto_driver.9
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 9, 2020
+.Dd April 12, 2021
 .Dt CRYPTO_DRIVER 9
 .Os
 .Sh NAME
@@ -285,13 +285,10 @@ is the value returned by
 .Fn crypto_get_driverid .
 .Fa what
 indicates which types of requests the driver is able to handle again:
-.Bl -tag -width "CRYPTO_ASYMQ"
+.Bl -tag -width "CRYPTO_SYMQ"
 .It Dv CRYPTO_SYMQ
 indicates that the driver is able to handle symmetric requests passed to
 .Fn CRYPTODEV_PROCESS .
-.It Dv CRYPTO_ASYMQ
-indicates that the driver is able to handle asymmetric requests passed to
-.Fn CRYPTODEV_KPROCESS .
 .El
 .Pp
 .Pp
diff --git a/sys/dev/hifn/hifn7751.c b/sys/dev/hifn/hifn7751.c
index 240d801e5b12..033ef7edf10d 100644
--- a/sys/dev/hifn/hifn7751.c
+++ b/sys/dev/hifn/hifn7751.c
@@ -2252,7 +2252,7 @@ hifn_intr(void *arg)
 	HIFN_UNLOCK(sc);
 
 	if (sc->sc_needwakeup) {		/* XXX check high watermark */
-		int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ);
+		int wakeup = sc->sc_needwakeup & CRYPTO_SYMQ;
 #ifdef HIFN_DEBUG
 		if (hifn_debug)
 			device_printf(sc->sc_dev,
diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c
index 46cd8e1b6147..cc1f16fc9ed3 100644
--- a/sys/dev/safe/safe.c
+++ b/sys/dev/safe/safe.c
@@ -385,8 +385,6 @@ safe_attach(device_t dev)
 #if 0
 		printf(" key");
 		sc->sc_flags |= SAFE_FLAGS_KEY;
-		crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0);
-		crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0);
 #endif
 	}
 	if (sc->sc_devinfo & SAFE_DEVINFO_DES) {
@@ -584,7 +582,7 @@ safe_intr(void *arg)
 	}
 
 	if (sc->sc_needwakeup) {		/* XXX check high watermark */
-		int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ);
+		int wakeup = sc->sc_needwakeup & CRYPTO_SYMQ;
 		DPRINTF(("%s: wakeup crypto %x\n", __func__,
 			sc->sc_needwakeup));
 		sc->sc_needwakeup &= ~wakeup;
diff --git a/sys/mips/nlm/dev/sec/nlmsec.c b/sys/mips/nlm/dev/sec/nlmsec.c
index c28eaf334613..9318206a04fd 100644
--- a/sys/mips/nlm/dev/sec/nlmsec.c
+++ b/sys/mips/nlm/dev/sec/nlmsec.c
@@ -281,7 +281,7 @@ nlm_xlpsec_msgring_handler(int vc, int size, int code, int src_id,
 		atomic_add_int(&creditleft, sc->sec_msgsz);
 		if (creditleft >= (NLM_CRYPTO_LEFT_REQS)) {
 			crypto_unblock(sc->sc_cid, sc->sc_needwakeup);
-			sc->sc_needwakeup &= (~(CRYPTO_SYMQ | CRYPTO_ASYMQ));
+			sc->sc_needwakeup &= ~CRYPTO_SYMQ;
 		}
 	}
 	if (cmd->hash_dst_len != 0) {
diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index 1c9d79af8c91..b56d0fb70698 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -98,8 +98,7 @@ SDT_PROVIDER_DEFINE(opencrypto);
 
 /*
  * Crypto drivers register themselves by allocating a slot in the
- * crypto_drivers table with crypto_get_driverid() and then registering
- * each asym algorithm they support with crypto_kregister().
+ * crypto_drivers table with crypto_get_driverid().
  */
 static	struct mtx crypto_drivers_mtx;		/* lock on driver table */
 #define	CRYPTO_DRIVER_LOCK()	mtx_lock(&crypto_drivers_mtx)
@@ -118,13 +117,10 @@ struct cryptocap {
 	device_t	cc_dev;
 	uint32_t	cc_hid;
 	uint32_t	cc_sessions;		/* (d) # of sessions */
-	uint32_t	cc_koperations;		/* (d) # os asym operations */
-	uint8_t		cc_kalg[CRK_ALGORITHM_MAX + 1];
 
 	int		cc_flags;		/* (d) flags */
 #define CRYPTOCAP_F_CLEANUP	0x80000000	/* needs resource cleanup */
 	int		cc_qblocked;		/* (q) symmetric q blocked */
-	int		cc_kqblocked;		/* (q) asymmetric q blocked */
 	size_t		cc_session_size;
 	volatile int	cc_refs;
 };
@@ -139,16 +135,8 @@ struct crypto_session {
 	/* Driver softc follows. */
 };
 
-/*
- * There are two queues for crypto requests; one for symmetric (e.g.
- * cipher) operations and one for asymmetric (e.g. MOD)operations.
- * A single mutex is used to lock access to both queues.  We could
- * have one per-queue but having one simplifies handling of block/unblock
- * operations.
- */
 static	int crp_sleep = 0;
 static	TAILQ_HEAD(cryptop_q ,cryptop) crp_q;		/* request queues */
-static	TAILQ_HEAD(,cryptkop) crp_kq;
 static	struct mtx crypto_q_mtx;
 #define	CRYPTO_Q_LOCK()		mtx_lock(&crypto_q_mtx)
 #define	CRYPTO_Q_UNLOCK()	mtx_unlock(&crypto_q_mtx)
@@ -172,7 +160,6 @@ struct crypto_ret_worker {
 
 	TAILQ_HEAD(,cryptop) crp_ordered_ret_q;	/* ordered callback queue for symetric jobs */
 	TAILQ_HEAD(,cryptop) crp_ret_q;		/* callback queue for symetric jobs */
-	TAILQ_HEAD(,cryptkop) crp_ret_kq;	/* callback queue for asym jobs */
 
 	uint32_t reorder_ops;		/* total ordered sym jobs received */
 	uint32_t reorder_cur_seq;	/* current sym job dispatched */
@@ -201,16 +188,6 @@ SYSCTL_INT(_kern, OID_AUTO, crypto_workers_num, CTLFLAG_RDTUN,
 
 static	uma_zone_t cryptop_zone;
 
-int	crypto_userasymcrypto = 1;
-SYSCTL_INT(_kern_crypto, OID_AUTO, asym_enable, CTLFLAG_RW,
-	   &crypto_userasymcrypto, 0,
-	   "Enable user-mode access to asymmetric crypto support");
-#ifdef COMPAT_FREEBSD12
-SYSCTL_INT(_kern, OID_AUTO, userasymcrypto, CTLFLAG_RW,
-	   &crypto_userasymcrypto, 0,
-	   "Enable/disable user-mode access to asymmetric crypto support");
-#endif
-
 int	crypto_devallowsoft = 0;
 SYSCTL_INT(_kern_crypto, OID_AUTO, allow_soft, CTLFLAG_RW,
 	   &crypto_devallowsoft, 0,
@@ -228,7 +205,6 @@ static	struct proc *cryptoproc;
 static	void crypto_ret_proc(struct crypto_ret_worker *ret_worker);
 static	void crypto_destroy(void);
 static	int crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint);
-static	int crypto_kinvoke(struct cryptkop *krp);
 static	void crypto_task_invoke(void *ctx, int pending);
 static void crypto_batch_enqueue(struct cryptop *crp);
 
@@ -308,8 +284,6 @@ cap_rele(struct cryptocap *cap)
 
 	KASSERT(cap->cc_sessions == 0,
 	    ("freeing crypto driver with active sessions"));
-	KASSERT(cap->cc_koperations == 0,
-	    ("freeing crypto driver with active key operations"));
 
 	free(cap, M_CRYPTO_DATA);
 }
@@ -324,7 +298,6 @@ crypto_init(void)
 		MTX_DEF|MTX_QUIET);
 
 	TAILQ_INIT(&crp_q);
-	TAILQ_INIT(&crp_kq);
 	mtx_init(&crypto_q_mtx, "crypto", "crypto op queues", MTX_DEF);
 
 	cryptop_zone = uma_zcreate("cryptop",
@@ -358,7 +331,6 @@ crypto_init(void)
 	FOREACH_CRYPTO_RETW(ret_worker) {
 		TAILQ_INIT(&ret_worker->crp_ordered_ret_q);
 		TAILQ_INIT(&ret_worker->crp_ret_q);
-		TAILQ_INIT(&ret_worker->crp_ret_kq);
 
 		ret_worker->reorder_ops = 0;
 		ret_worker->reorder_cur_seq = 0;
@@ -1115,43 +1087,6 @@ crypto_getcaps(int hid)
 }
 
 /*
- * Register support for a key-related algorithm.  This routine
- * is called once for each algorithm supported a driver.
- */
-int
-crypto_kregister(uint32_t driverid, int kalg, uint32_t flags)
-{
-	struct cryptocap *cap;
-	int err;
-
-	CRYPTO_DRIVER_LOCK();
-
-	cap = crypto_checkdriver(driverid);
-	if (cap != NULL &&
-	    (CRK_ALGORITM_MIN <= kalg && kalg <= CRK_ALGORITHM_MAX)) {
-		/*
-		 * XXX Do some performance testing to determine placing.
-		 * XXX We probably need an auxiliary data structure that
-		 * XXX describes relative performances.
-		 */
-
-		cap->cc_kalg[kalg] = flags | CRYPTO_ALG_FLAG_SUPPORTED;
-		if (bootverbose)
-			printf("crypto: %s registers key alg %u flags %u\n"
-				, device_get_nameunit(cap->cc_dev)
-				, kalg
-				, flags
-			);
-		gone_in_dev(cap->cc_dev, 14, "asymmetric crypto");
-		err = 0;
-	} else
-		err = EINVAL;
-
-	CRYPTO_DRIVER_UNLOCK();
-	return err;
-}
-
-/*
  * Unregister all algorithms associated with a crypto driver.
  * If there are pending sessions using it, leave enough information
  * around so that subsequent calls using those sessions will
@@ -1177,7 +1112,7 @@ crypto_unregister_all(uint32_t driverid)
 	 * XXX: This doesn't do anything to kick sessions that
 	 * have no pending operations.
 	 */
-	while (cap->cc_sessions != 0 || cap->cc_koperations != 0)
+	while (cap->cc_sessions != 0)
 		mtx_sleep(cap, &crypto_drivers_mtx, 0, "cryunreg", 0);
 	CRYPTO_DRIVER_UNLOCK();
 	cap_rele(cap);
@@ -1200,8 +1135,6 @@ crypto_unblock(uint32_t driverid, int what)
 	if (cap != NULL) {
 		if (what & CRYPTO_SYMQ)
 			cap->cc_qblocked = 0;
-		if (what & CRYPTO_ASYMQ)
-			cap->cc_kqblocked = 0;
 		if (crp_sleep)
 			wakeup_one(&crp_q);
 		err = 0;
@@ -1499,189 +1432,6 @@ crypto_batch_enqueue(struct cryptop *crp)
 	CRYPTO_Q_UNLOCK();
 }
 
-/*
- * Add an asymetric crypto request to a queue,
- * to be processed by the kernel thread.
- */
-int
-crypto_kdispatch(struct cryptkop *krp)
-{
-	int error;
-
-	CRYPTOSTAT_INC(cs_kops);
-
-	krp->krp_cap = NULL;
-	error = crypto_kinvoke(krp);
-	if (error == ERESTART) {
-		CRYPTO_Q_LOCK();
-		TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next);
-		if (crp_sleep)
-			wakeup_one(&crp_q);
-		CRYPTO_Q_UNLOCK();
-		error = 0;
-	}
-	return error;
-}
-
-/*
- * Verify a driver is suitable for the specified operation.
- */
-static __inline int
-kdriver_suitable(const struct cryptocap *cap, const struct cryptkop *krp)
-{
-	return (cap->cc_kalg[krp->krp_op] & CRYPTO_ALG_FLAG_SUPPORTED) != 0;
-}
-
-/*
- * Select a driver for an asym operation.  The driver must
- * support the necessary algorithm.  The caller can constrain
- * which device is selected with the flags parameter.  The
- * algorithm we use here is pretty stupid; just use the first
- * driver that supports the algorithms we need. If there are
- * multiple suitable drivers we choose the driver with the
- * fewest active operations.  We prefer hardware-backed
- * drivers to software ones when either may be used.
- */
-static struct cryptocap *
-crypto_select_kdriver(const struct cryptkop *krp, int flags)
-{
-	struct cryptocap *cap, *best;
-	int match, hid;
-
-	CRYPTO_DRIVER_ASSERT();
-
-	/*
-	 * Look first for hardware crypto devices if permitted.
-	 */
-	if (flags & CRYPTOCAP_F_HARDWARE)
-		match = CRYPTOCAP_F_HARDWARE;
-	else
-		match = CRYPTOCAP_F_SOFTWARE;
-	best = NULL;
-again:
-	for (hid = 0; hid < crypto_drivers_size; hid++) {
-		/*
-		 * If there is no driver for this slot, or the driver
-		 * is not appropriate (hardware or software based on
-		 * match), then skip.
-		 */
-		cap = crypto_drivers[hid];
-		if (cap == NULL ||
-		    (cap->cc_flags & match) == 0)
-			continue;
-
-		/* verify all the algorithms are supported. */
-		if (kdriver_suitable(cap, krp)) {
-			if (best == NULL ||
-			    cap->cc_koperations < best->cc_koperations)
-				best = cap;
-		}
-	}
-	if (best != NULL)
-		return best;
-	if (match == CRYPTOCAP_F_HARDWARE && (flags & CRYPTOCAP_F_SOFTWARE)) {
-		/* sort of an Algol 68-style for loop */
-		match = CRYPTOCAP_F_SOFTWARE;
-		goto again;
-	}
-	return best;
-}
-
-/*
- * Choose a driver for an asymmetric crypto request.
- */
-static struct cryptocap *
-crypto_lookup_kdriver(struct cryptkop *krp)
-{
-	struct cryptocap *cap;
-	uint32_t crid;
-
-	/* If this request is requeued, it might already have a driver. */
-	cap = krp->krp_cap;
-	if (cap != NULL)
-		return (cap);
-
-	/* Use krp_crid to choose a driver. */
-	crid = krp->krp_crid;
-	if ((crid & (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)) == 0) {
-		cap = crypto_checkdriver(crid);
-		if (cap != NULL) {
-			/*
-			 * Driver present, it must support the
-			 * necessary algorithm and, if s/w drivers are
-			 * excluded, it must be registered as
-			 * hardware-backed.
-			 */
-			if (!kdriver_suitable(cap, krp) ||
-			    (!crypto_devallowsoft &&
-			    (cap->cc_flags & CRYPTOCAP_F_HARDWARE) == 0))
-				cap = NULL;
-		}
-	} else {
-		/*
-		 * No requested driver; select based on crid flags.
-		 */
-		if (!crypto_devallowsoft)	/* NB: disallow s/w drivers */
-			crid &= ~CRYPTOCAP_F_SOFTWARE;
-		cap = crypto_select_kdriver(krp, crid);
-	}
-
-	if (cap != NULL) {
-		krp->krp_cap = cap_ref(cap);
-		krp->krp_hid = cap->cc_hid;
-	}
-	return (cap);
-}
-
-/*
- * Dispatch an asymmetric crypto request.
- */
-static int
-crypto_kinvoke(struct cryptkop *krp)
-{
-	struct cryptocap *cap = NULL;
-	int error;
-
-	KASSERT(krp != NULL, ("%s: krp == NULL", __func__));
-	KASSERT(krp->krp_callback != NULL,
-	    ("%s: krp->crp_callback == NULL", __func__));
-
-	CRYPTO_DRIVER_LOCK();
-	cap = crypto_lookup_kdriver(krp);
-	if (cap == NULL) {
-		CRYPTO_DRIVER_UNLOCK();
-		krp->krp_status = ENODEV;
-		crypto_kdone(krp);
-		return (0);
-	}
-
-	/*
-	 * If the device is blocked, return ERESTART to requeue it.
-	 */
-	if (cap->cc_kqblocked) {
-		/*
-		 * XXX: Previously this set krp_status to ERESTART and
-		 * invoked crypto_kdone but the caller would still
-		 * requeue it.
-		 */
-		CRYPTO_DRIVER_UNLOCK();
-		return (ERESTART);
-	}
-
-	cap->cc_koperations++;
-	CRYPTO_DRIVER_UNLOCK();
-	error = CRYPTODEV_KPROCESS(cap->cc_dev, krp, 0);
-	if (error == ERESTART) {
-		CRYPTO_DRIVER_LOCK();
-		cap->cc_koperations--;
-		CRYPTO_DRIVER_UNLOCK();
-		return (error);
-	}
-
-	KASSERT(error == 0, ("error %d returned from crypto_kprocess", error));
-	return (0);
-}
-
 static void
 crypto_task_invoke(void *ctx, int pending)
 {
@@ -1895,62 +1645,6 @@ crypto_done(struct cryptop *crp)
 }
 
 /*
- * Invoke the callback on behalf of the driver.
- */
-void
-crypto_kdone(struct cryptkop *krp)
-{
-	struct crypto_ret_worker *ret_worker;
-	struct cryptocap *cap;
-
-	if (krp->krp_status != 0)
-		CRYPTOSTAT_INC(cs_kerrs);
-	cap = krp->krp_cap;
-	if (cap != NULL) {
-		CRYPTO_DRIVER_LOCK();
-		KASSERT(cap->cc_koperations > 0, ("cc_koperations == 0"));
-		cap->cc_koperations--;
-		if (cap->cc_koperations == 0 &&
-		    cap->cc_flags & CRYPTOCAP_F_CLEANUP)
-			wakeup(cap);
-		CRYPTO_DRIVER_UNLOCK();
-		krp->krp_cap = NULL;
-		cap_rele(cap);
-	}
-
-	ret_worker = CRYPTO_RETW(0);
-
-	CRYPTO_RETW_LOCK(ret_worker);
-	if (TAILQ_EMPTY(&ret_worker->crp_ret_kq))
-		wakeup_one(&ret_worker->crp_ret_q);		/* shared wait channel */
-	TAILQ_INSERT_TAIL(&ret_worker->crp_ret_kq, krp, krp_next);
-	CRYPTO_RETW_UNLOCK(ret_worker);
-}
-
-int
-crypto_getfeat(int *featp)
-{
-	int hid, kalg, feat = 0;
-
-	CRYPTO_DRIVER_LOCK();
-	for (hid = 0; hid < crypto_drivers_size; hid++) {
-		const struct cryptocap *cap = crypto_drivers[hid];
-
-		if (cap == NULL ||
-		    ((cap->cc_flags & CRYPTOCAP_F_SOFTWARE) &&
-		    !crypto_devallowsoft)) {
-			continue;
-		}
-		for (kalg = 0; kalg < CRK_ALGORITHM_MAX; kalg++)
-			if (cap->cc_kalg[kalg] & CRYPTO_ALG_FLAG_SUPPORTED)
-				feat |=  1 << kalg;
-	}
-	CRYPTO_DRIVER_UNLOCK();
-	*featp = feat;
-	return (0);
-}
-
-/*
  * Terminate a thread at module unload.  The process that
  * initiated this is waiting for us to signal that we're gone;
  * wake it up and exit.  We use the driver table lock to insure
@@ -1975,7 +1669,6 @@ static void
 crypto_proc(void)
 {
 	struct cryptop *crp, *submit;
-	struct cryptkop *krp;
 	struct cryptocap *cap;
 	int result, hint;
 
@@ -2046,46 +1739,7 @@ crypto_proc(void)
 				TAILQ_INSERT_HEAD(&crp_q, submit, crp_next);
 				CRYPTOSTAT_INC(cs_blocks);
 			}
-		}
-
-		/* As above, but for key ops */
-		TAILQ_FOREACH(krp, &crp_kq, krp_next) {
-			cap = krp->krp_cap;
-			if (cap->cc_flags & CRYPTOCAP_F_CLEANUP) {
-				/*
-				 * Operation needs to be migrated,
-				 * clear krp_cap so a new driver is
-				 * selected.
-				 */
-				krp->krp_cap = NULL;
-				cap_rele(cap);
-				break;
-			}
-			if (!cap->cc_kqblocked)
-				break;
-		}
-		if (krp != NULL) {
-			TAILQ_REMOVE(&crp_kq, krp, krp_next);
-			CRYPTO_Q_UNLOCK();
-			result = crypto_kinvoke(krp);
-			CRYPTO_Q_LOCK();
-			if (result == ERESTART) {
-				/*
-				 * The driver ran out of resources, mark the
-				 * driver ``blocked'' for cryptkop's and put
-				 * the request back in the queue.  It would
-				 * best to put the request back where we got
-				 * it but that's hard so for now we put it
-				 * at the front.  This should be ok; putting
-				 * it at the end does not work.
-				 */
-				krp->krp_cap->cc_kqblocked = 1;
-				TAILQ_INSERT_HEAD(&crp_kq, krp, krp_next);
-				CRYPTOSTAT_INC(cs_kblocks);
-			}
-		}
-
-		if (submit == NULL && krp == NULL) {
+		} else {
 			/*
 			 * Nothing more to be processed.  Sleep until we're
 			 * woken because there are more ops to process.
@@ -2120,7 +1774,6 @@ static void
 crypto_ret_proc(struct crypto_ret_worker *ret_worker)
 {
 	struct cryptop *crpt;
-	struct cryptkop *krpt;
 
 	CRYPTO_RETW_LOCK(ret_worker);
 	for (;;) {
@@ -2141,19 +1794,13 @@ crypto_ret_proc(struct crypto_ret_worker *ret_worker)
 				TAILQ_REMOVE(&ret_worker->crp_ret_q, crpt, crp_next);
 		}
 
-		krpt = TAILQ_FIRST(&ret_worker->crp_ret_kq);
-		if (krpt != NULL)
-			TAILQ_REMOVE(&ret_worker->crp_ret_kq, krpt, krp_next);
-
-		if (crpt != NULL || krpt != NULL) {
+		if (crpt != NULL) {
 			CRYPTO_RETW_UNLOCK(ret_worker);
 			/*
 			 * Run callbacks unlocked.
 			 */
 			if (crpt != NULL)
 				crpt->crp_callback(crpt);
-			if (krpt != NULL)
-				krpt->krp_callback(krpt);
 			CRYPTO_RETW_LOCK(ret_worker);
 		} else {
 			/*
@@ -2178,25 +1825,21 @@ db_show_drivers(void)
 {
 	int hid;
 
-	db_printf("%12s %4s %4s %8s %2s %2s\n"
+	db_printf("%12s %4s %8s %2s\n"
 		, "Device"
 		, "Ses"
-		, "Kops"
 		, "Flags"
 		, "QB"
-		, "KB"
 	);
 	for (hid = 0; hid < crypto_drivers_size; hid++) {
 		const struct cryptocap *cap = crypto_drivers[hid];
 		if (cap == NULL)
 			continue;
-		db_printf("%-12s %4u %4u %08x %2u %2u\n"
+		db_printf("%-12s %4u %08x %2u\n"
 		    , device_get_nameunit(cap->cc_dev)
 		    , cap->cc_sessions
-		    , cap->cc_koperations
 		    , cap->cc_flags
 		    , cap->cc_qblocked
-		    , cap->cc_kqblocked
 		);
 	}
 }
@@ -2239,41 +1882,6 @@ DB_SHOW_COMMAND(crypto, db_show_crypto)
 		}
 	}
 }
-
-DB_SHOW_COMMAND(kcrypto, db_show_kcrypto)
-{
-	struct cryptkop *krp;
-	struct crypto_ret_worker *ret_worker;
-
-	db_show_drivers();
-	db_printf("\n");
-
-	db_printf("%4s %5s %4s %4s %8s %4s %8s\n",
-	    "Op", "Status", "#IP", "#OP", "CRID", "HID", "Callback");
-	TAILQ_FOREACH(krp, &crp_kq, krp_next) {
-		db_printf("%4u %5u %4u %4u %08x %4u %8p\n"
-		    , krp->krp_op
-		    , krp->krp_status
-		    , krp->krp_iparams, krp->krp_oparams
-		    , krp->krp_crid, krp->krp_hid
-		    , krp->krp_callback
-		);
-	}
-
-	ret_worker = CRYPTO_RETW(0);
-	if (!TAILQ_EMPTY(&ret_worker->crp_ret_q)) {
-		db_printf("%4s %5s %8s %4s %8s\n",
-		    "Op", "Status", "CRID", "HID", "Callback");
-		TAILQ_FOREACH(krp, &ret_worker->crp_ret_kq, krp_next) {
-			db_printf("%4u %5u %08x %4u %8p\n"
-			    , krp->krp_op
-			    , krp->krp_status
-			    , krp->krp_crid, krp->krp_hid
-			    , krp->krp_callback
-			);
-		}
-	}
-}
 #endif
 
 int crypto_modevent(module_t mod, int type, void *unused);
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index ed7e3cfd0354..f102b59b82ac 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -127,25 +127,9 @@ struct crypt_aead32 {
 	uint32_t	iv;
 };
 
-struct crparam32 {
-	uint32_t	crp_p;
-	u_int		crp_nbits;
-};
-
-struct crypt_kop32 {
-	u_int		crk_op;
-	u_int		crk_status;
-	u_short		crk_iparams;
-	u_short		crk_oparams;
-	u_int		crk_crid;
-	struct crparam32	crk_param[CRK_MAXPARAM];
-};
-
 #define	CIOCGSESSION32	_IOWR('c', 101, struct session_op32)
 #define	CIOCCRYPT32	_IOWR('c', 103, struct crypt_op32)
-#define	CIOCKEY32	_IOWR('c', 104, struct crypt_kop32)
 #define	CIOCGSESSION232	_IOWR('c', 106, struct session2_op32)
-#define	CIOCKEY232	_IOWR('c', 107, struct crypt_kop32)
 #define	CIOCCRYPTAEAD32	_IOWR('c', 109, struct crypt_aead32)
 
 static void
@@ -253,50 +237,6 @@ crypt_aead_to_32(const struct crypt_aead *from, struct crypt_aead32 *to)
 	PTROUT_CP(*from, *to, tag);
 	PTROUT_CP(*from, *to, iv);
 }
-
-static void
-crparam_from_32(const struct crparam32 *from, struct crparam *to)
-{
-
-	PTRIN_CP(*from, *to, crp_p);
-	CP(*from, *to, crp_nbits);
-}
-
-static void
-crparam_to_32(const struct crparam *from, struct crparam32 *to)
-{
-
-	PTROUT_CP(*from, *to, crp_p);
-	CP(*from, *to, crp_nbits);
-}
-
-static void
-crypt_kop_from_32(const struct crypt_kop32 *from, struct crypt_kop *to)
-{
-	int i;
-
-	CP(*from, *to, crk_op);
-	CP(*from, *to, crk_status);
-	CP(*from, *to, crk_iparams);
-	CP(*from, *to, crk_oparams);
-	CP(*from, *to, crk_crid);
-	for (i = 0; i < CRK_MAXPARAM; i++)
-		crparam_from_32(&from->crk_param[i], &to->crk_param[i]);
-}
-
-static void
-crypt_kop_to_32(const struct crypt_kop *from, struct crypt_kop32 *to)
-{
-	int i;
-
-	CP(*from, *to, crk_op);
-	CP(*from, *to, crk_status);
-	CP(*from, *to, crk_iparams);
-	CP(*from, *to, crk_oparams);
-	CP(*from, *to, crk_crid);
-	for (i = 0; i < CRK_MAXPARAM; i++)
-		crparam_to_32(&from->crk_param[i], &to->crk_param[i]);
-}
 #endif
 
 static void
@@ -356,11 +296,6 @@ SYSCTL_BOOL(_kern_crypto, OID_AUTO, cryptodev_separate_aad, CTLFLAG_RW,
     &use_separate_aad, 0,
     "Use separate AAD buffer for /dev/crypto requests.");
 
-static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 };
-SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, cryptodev_warn_interval, CTLFLAG_RW,
-    &warninterval,
-    "Delay in seconds between warnings of deprecated /dev/crypto algorithms");
-
 /*
  * Check a crypto identifier to see if it requested
  * a software device/driver.  This can be done either
@@ -1208,131 +1143,6 @@ bail:
 	return (error);
 }
 
-static void
-cryptodevkey_cb(struct cryptkop *krp)
-{
-
-	wakeup_one(krp);
-}
-
-static int
-cryptodev_key(struct crypt_kop *kop)
-{
-	struct cryptkop *krp = NULL;
-	int error = EINVAL;
-	int in, out, size, i;
-
-	if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) {
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EFBIG);
-	}
-
-	in = kop->crk_iparams;
-	out = kop->crk_oparams;
-	switch (kop->crk_op) {
-	case CRK_MOD_EXP:
-		if (in == 3 && out == 1)
-			break;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	case CRK_MOD_EXP_CRT:
-		if (in == 6 && out == 1)
-			break;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	case CRK_DSA_SIGN:
-		if (in == 5 && out == 2)
-			break;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	case CRK_DSA_VERIFY:
-		if (in == 7 && out == 0)
-			break;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	case CRK_DH_COMPUTE_KEY:
-		if (in == 3 && out == 1)
-			break;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	default:
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		return (EINVAL);
-	}
-
-	krp = malloc(sizeof(*krp), M_XDATA, M_WAITOK | M_ZERO);
-	krp->krp_op = kop->crk_op;
-	krp->krp_status = kop->crk_status;
-	krp->krp_iparams = kop->crk_iparams;
-	krp->krp_oparams = kop->crk_oparams;
-	krp->krp_crid = kop->crk_crid;
-	krp->krp_status = 0;
-	krp->krp_callback = cryptodevkey_cb;
-
-	for (i = 0; i < CRK_MAXPARAM; i++) {
-		if (kop->crk_param[i].crp_nbits > 65536) {
-			/* Limit is the same as in OpenBSD */
-			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-			goto fail;
-		}
-		krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
-	}
-	for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) {
-		size = (krp->krp_param[i].crp_nbits + 7) / 8;
-		if (size == 0)
-			continue;
-		krp->krp_param[i].crp_p = malloc(size, M_XDATA, M_WAITOK);
-		if (i >= krp->krp_iparams)
-			continue;
-		error = copyin(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p, size);
-		if (error) {
-			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-			goto fail;
-		}
-	}
-
-	error = crypto_kdispatch(krp);
-	if (error) {
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		goto fail;
-	}
-	error = tsleep(krp, PSOCK, "crydev", 0);
-	if (error) {
-		/* XXX can this happen?  if so, how do we recover? */
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		goto fail;
-	}
-	
-	kop->crk_crid = krp->krp_hid;		/* device that did the work */
-	if (krp->krp_status != 0) {
-		error = krp->krp_status;
-		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-		goto fail;
-	}
-
-	for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) {
-		size = (krp->krp_param[i].crp_nbits + 7) / 8;
-		if (size == 0)
-			continue;
-		error = copyout(krp->krp_param[i].crp_p, kop->crk_param[i].crp_p, size);
-		if (error) {
-			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-			goto fail;
-		}
-	}
-
-fail:
-	if (krp) {
-		kop->crk_status = krp->krp_status;
-		for (i = 0; i < CRK_MAXPARAM; i++) {
-			if (krp->krp_param[i].crp_p)
-				free(krp->krp_param[i].crp_p, M_XDATA);
-		}
-		free(krp, M_XDATA);
-	}
-	return (error);
-}
-
 static int
 cryptodev_find(struct crypt_find_op *find)
 {
@@ -1390,13 +1200,11 @@ static int
 crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
     struct thread *td)
 {
-	static struct timeval keywarn, featwarn;
 	struct fcrypt *fcr;
 	struct csession *cse;
 	struct session2_op *sop;
 	struct crypt_op *cop;
 	struct crypt_aead *caead;
-	struct crypt_kop *kop;
 	uint32_t ses;
 	int error = 0;
 	union {
@@ -1404,7 +1212,6 @@ crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
 #ifdef COMPAT_FREEBSD32
 		struct crypt_op copc;
 		struct crypt_aead aeadc;
-		struct crypt_kop kopc;
 #endif
 	} thunk;
 #ifdef COMPAT_FREEBSD32
@@ -1443,17 +1250,6 @@ crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
 		data = (void *)&thunk.aeadc;
 		crypt_aead_from_32((struct crypt_aead32 *)data32, &thunk.aeadc);
 		break;
-	case CIOCKEY32:
-	case CIOCKEY232:
-		cmd32 = cmd;
-		data32 = data;
-		if (cmd == CIOCKEY32)
-			cmd = CIOCKEY;
-		else
-			cmd = CIOCKEY2;
-		data = (void *)&thunk.kopc;
-		crypt_kop_from_32((struct crypt_kop32 *)data32, &thunk.kopc);
-		break;
 	}
 #endif
 
@@ -1504,46 +1300,6 @@ crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
 		error = cryptodev_op(cse, cop);
 		cse_free(cse);
 		break;
-	case CIOCKEY:
-	case CIOCKEY2:
-		if (ratecheck(&keywarn, &warninterval))
-			gone_in(14,
-			    "Asymmetric crypto operations via /dev/crypto");
-
-		if (!crypto_userasymcrypto) {
-			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-			return (EPERM);		/* XXX compat? */
-		}
-		kop = (struct crypt_kop *)data;
-		if (cmd == CIOCKEY) {
-			/* NB: crypto core enforces s/w driver use */
-			kop->crk_crid =
-			    CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE;
-		}
-		mtx_lock(&Giant);
-		error = cryptodev_key(kop);
-		mtx_unlock(&Giant);
-		break;
-	case CIOCASYMFEAT:
-		if (ratecheck(&featwarn, &warninterval))
-			gone_in(14,
-			    "Asymmetric crypto features via /dev/crypto");
-
-		if (!crypto_userasymcrypto) {
-			/*
-			 * NB: if user asym crypto operations are
-			 * not permitted return "no algorithms"
-			 * so well-behaved applications will just
-			 * fallback to doing them in software.
-			 */
-			*(int *)data = 0;
-		} else {
-			error = crypto_getfeat((int *)data);
-			if (error)
-				SDT_PROBE1(opencrypto, dev, ioctl, error,
-				    __LINE__);
-		}
-		break;
 	case CIOCFINDDEV:
 		error = cryptodev_find((struct crypt_find_op *)data);
 		break;
@@ -1581,10 +1337,6 @@ crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
 		if (error == 0)
 			crypt_aead_to_32((void *)data, data32);
 		break;
-	case CIOCKEY32:
-	case CIOCKEY232:
-		crypt_kop_to_32((void *)data, data32);
-		break;
 	}
 #endif
 	return (error);
diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h
index bd9e65eb9428..862ad1d4f6e5 100644
--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@@ -192,11 +192,6 @@
 #define	CRYPTO_ALGO_VALID(x)	((x) >= CRYPTO_ALGORITHM_MIN && \
 				 (x) <= CRYPTO_ALGORITHM_MAX)
 
-/* Algorithm flags */
-#define	CRYPTO_ALG_FLAG_SUPPORTED	0x01 /* Algorithm is supported */
-#define	CRYPTO_ALG_FLAG_RNG_ENABLE	0x02 /* Has HW RNG for DH/DSA */
-#define	CRYPTO_ALG_FLAG_DSA_SHA		0x04 /* Can do SHA on msg */
-
 /*
  * Crypto driver/device flags.  They can set in the crid
  * parameter when creating a session or submitting a key
@@ -289,43 +284,10 @@ struct crypt_find_op {
 	char		name[32];	/* device/driver name */
 };
 
-/* bignum parameter, in packed bytes, ... */
-struct crparam {
-	void		*crp_p;
-	u_int		crp_nbits;
-};
-
-#define CRK_MAXPARAM	8
-
-struct crypt_kop {
-	u_int		crk_op;		/* ie. CRK_MOD_EXP or other */
-	u_int		crk_status;	/* return status */
-	u_short		crk_iparams;	/* # of input parameters */
-	u_short		crk_oparams;	/* # of output parameters */
-	u_int		crk_crid;	/* NB: only used by CIOCKEY2 (rw) */
-	struct crparam	crk_param[CRK_MAXPARAM];
-};
-#define	CRK_ALGORITM_MIN	0
-#define CRK_MOD_EXP		0
-#define CRK_MOD_EXP_CRT		1
-#define CRK_DSA_SIGN		2
-#define CRK_DSA_VERIFY		3
-#define CRK_DH_COMPUTE_KEY	4
-#define CRK_ALGORITHM_MAX	4 /* Keep updated - see below */
-
-#define CRF_MOD_EXP		(1 << CRK_MOD_EXP)
-#define CRF_MOD_EXP_CRT		(1 << CRK_MOD_EXP_CRT)
-#define CRF_DSA_SIGN		(1 << CRK_DSA_SIGN)
-#define CRF_DSA_VERIFY		(1 << CRK_DSA_VERIFY)
-#define CRF_DH_COMPUTE_KEY	(1 << CRK_DH_COMPUTE_KEY)
-
 #define	CIOCGSESSION	_IOWR('c', 101, struct session_op)
 #define	CIOCFSESSION	_IOW('c', 102, uint32_t)
 #define CIOCCRYPT	_IOWR('c', 103, struct crypt_op)
-#define CIOCKEY		_IOWR('c', 104, struct crypt_kop)
-#define CIOCASYMFEAT	_IOR('c', 105, uint32_t)
 #define	CIOCGSESSION2	_IOWR('c', 106, struct session2_op)
-#define	CIOCKEY2	_IOWR('c', 107, struct crypt_kop)
 #define	CIOCFINDDEV	_IOWR('c', 108, struct crypt_find_op)
 #define	CIOCCRYPTAEAD	_IOWR('c', 109, struct crypt_aead)
 
@@ -602,20 +564,6 @@ crypto_use_output_uio(struct cryptop *crp, struct uio *uio)
  */
 #define	CRYPTO_HINT_MORE	0x1	/* more ops coming shortly */
 
-struct cryptkop {
-	TAILQ_ENTRY(cryptkop) krp_next;
-
-	u_int		krp_op;		/* ie. CRK_MOD_EXP or other */
-	u_int		krp_status;	/* return status */
-	u_short		krp_iparams;	/* # of input parameters */
-	u_short		krp_oparams;	/* # of output parameters */
-	u_int		krp_crid;	/* desired device, etc. */
-	uint32_t	krp_hid;	/* device used */
-	struct crparam	krp_param[CRK_MAXPARAM];	/* kvm */
-	void		(*krp_callback)(struct cryptkop *);
-	struct cryptocap *krp_cap;
-};
-
 uint32_t crypto_ses2hid(crypto_session_t crypto_session);
 uint32_t crypto_ses2caps(crypto_session_t crypto_session);
 void *crypto_get_driver_session(crypto_session_t crypto_session);
@@ -640,19 +588,14 @@ extern	int32_t crypto_get_driverid(device_t dev, size_t session_size,
 extern	int crypto_find_driver(const char *);
 extern	device_t crypto_find_device_byhid(int hid);
 extern	int crypto_getcaps(int hid);
-extern	int crypto_kregister(uint32_t, int, uint32_t);
 extern	int crypto_unregister_all(uint32_t driverid);
 extern	int crypto_dispatch(struct cryptop *crp);
 #define	CRYPTO_ASYNC_ORDERED	0x1	/* complete in order dispatched */
 extern	int crypto_dispatch_async(struct cryptop *crp, int flags);
 extern	void crypto_dispatch_batch(struct cryptopq *crpq, int flags);
-extern	int crypto_kdispatch(struct cryptkop *);
 #define	CRYPTO_SYMQ	0x1
-#define	CRYPTO_ASYMQ	0x2
 extern	int crypto_unblock(uint32_t, int);
 extern	void crypto_done(struct cryptop *crp);
-extern	void crypto_kdone(struct cryptkop *);
-extern	int crypto_getfeat(int *);
 
 extern	void crypto_destroyreq(struct cryptop *crp);
 extern	void crypto_initreq(struct cryptop *crp, crypto_session_t cses);
@@ -660,7 +603,6 @@ extern	void crypto_freereq(struct cryptop *crp);
 extern	struct cryptop *crypto_getreq(crypto_session_t cses, int how);
 
 extern	int crypto_usercrypto;		/* userland may do crypto requests */
-extern	int crypto_userasymcrypto;	/* userland may do asym crypto reqs */
 extern	int crypto_devallowsoft;	/* only use hardware crypto */
 
 #ifdef SYSCTL_DECL
diff --git a/sys/opencrypto/cryptodev_if.m b/sys/opencrypto/cryptodev_if.m
index ceb2564b8af5..acbf93161de4 100644
--- a/sys/opencrypto/cryptodev_if.m
+++ b/sys/opencrypto/cryptodev_if.m
@@ -116,9 +116,9 @@ METHOD void freesession {
 } DEFAULT null_freesession;
 
 /**
- * @brief Perform a symmetric crypto operation
+ * @brief Perform a crypto operation
  *
- * The crypto framework invokes this method for each symmetric crypto
+ * The crypto framework invokes this method for each crypto
  * operation performed on a session.  A reference to the containing
  * session is stored as a member of 'struct cryptop'.  This routine
  * should not block, but queue the operation if necessary.
@@ -145,35 +145,3 @@ METHOD int process {
 	struct cryptop	*op;
 	int		flags;
 };
-
-/**
- * @brief Perform an asymmetric crypto operation
- *
- * The crypto framework invokes this method for each asymmetric crypto
- * operation.  Each asymmetric crypto operation should be
- * self-contained and is not assicated with any persistent session.
- * This routine should not block, but queue the operation if
- * necessary.
- *
- * This method may return ERESTART to indicate that any internal
- * queues are full so the operation should be queued in the crypto
- * framework and retried in the future.
- *
- * To report errors with a crypto operation, 'krp_status' should be set
- * and the operation completed by calling 'crypto_kdone'.  This method
- * should then return zero.
- *
- * @param dev		the crypto driver device
- * @param op		crypto operation to perform
- * @param flags		set to CRYPTO_HINT_MORE if additional asymmetric
- *			crypto operations are queued for this driver;
- *			otherwise set to zero.
- *
- * @retval 0		success
- * @retval ERESTART	internal queue is full
- */
-METHOD int kprocess {
-	device_t	dev;
-	struct cryptkop	*op;
-	int		flags;
-};
diff --git a/tools/tools/crypto/Makefile b/tools/tools/crypto/Makefile
index d8445ded087a..6d9daaa17f15 100644
--- a/tools/tools/crypto/Makefile
+++ b/tools/tools/crypto/Makefile
@@ -26,7 +26,7 @@
 # SUCH DAMAGE.
 #
 
-PROGS=	cryptocheck cryptotest cryptokeytest cryptostats \
+PROGS=	cryptocheck cryptotest cryptostats \
 	hifnstats ipsecstats safestats
 MAN=
 BINDIR?=	/usr/local/bin
@@ -34,9 +34,6 @@ BINDIR?=	/usr/local/bin
 # cryptocheck: test symmetric crypto functions
 LIBADD.cryptocheck+=	crypto util
 
-# cryptokeytest: test asymmetric crypto functions
-LIBADD.cryptokeytest+=	crypto
-
 # cryptostats: dump statistics kept by the core crypto code
 # hifnstats: print statistics kept by the HIFN driver
 # safestats: statistics kept by the SafeNet driver
diff --git a/tools/tools/crypto/cryptokeytest.c b/tools/tools/crypto/cryptokeytest.c
deleted file mode 100644
index 5f0ad74b8eba..000000000000
--- a/tools/tools/crypto/cryptokeytest.c
+++ /dev/null
@@ -1,270 +0,0 @@
-/* $FreeBSD$ */
-/*
- * The big num stuff is a bit broken at the moment and I've not yet fixed it.
- * The symtom is that odd size big nums will fail.  Test code below (it only
- * uses modexp currently).
- * 
- * --Jason L. Wright
- */
-#include <sys/types.h>
-#include <sys/endian.h>
-#include <sys/ioctl.h>
-#include <sys/time.h>
-#include <crypto/cryptodev.h>
-
-#include <err.h>
-#include <fcntl.h>
-#include <paths.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-int	crid = CRYPTO_FLAG_HARDWARE;
-int	verbose = 0;
-
-static int
-devcrypto(void)
-{
-	static int fd = -1;
-
-	if (fd < 0) {
-		fd = open(_PATH_DEV "crypto", O_RDWR, 0);
-		if (fd < 0)
-			err(1, _PATH_DEV "crypto");
-		if (fcntl(fd, F_SETFD, 1) == -1)
-			err(1, "fcntl(F_SETFD) (devcrypto)");
-	}
-	return fd;
-}
-
-static int
-crlookup(const char *devname)
-{
-	struct crypt_find_op find;
-
-	find.crid = -1;
-	strlcpy(find.name, devname, sizeof(find.name));
-	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
-		err(1, "ioctl(CIOCFINDDEV)");
-	return find.crid;
-}
-
-static const char *
-crfind(int crid)
-{
-	static struct crypt_find_op find;
-
-	bzero(&find, sizeof(find));
-	find.crid = crid;
-	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
-		err(1, "ioctl(CIOCFINDDEV)");
-	return find.name;
-}
-
-/*
- * Convert a little endian byte string in 'p' that is 'plen' bytes long to a
- * BIGNUM.  A new BIGNUM is allocated.  Returns NULL on failure.
- */
-static BIGNUM *
-le_to_bignum(BIGNUM *res, const void *p, int plen)
-{
-
-	res = BN_lebin2bn(p, plen, res);
-	if (res == NULL)
-		ERR_print_errors_fp(stderr);
-
-	return (res);
-}
-
-/*
- * Convert a BIGNUM to a little endian byte string.  Space for BN_num_bytes(n)
- * is allocated.
- * Returns NULL on failure.
- */
-static void *
-bignum_to_le(const BIGNUM *n)
-{
-	int blen, error;
-	void *rd;
-
-	blen = BN_num_bytes(n);
-	if (blen == 0)
-		return (NULL);
-
-	rd = malloc(blen);
-	if (rd == NULL)
-		return (NULL);
-
-	error = BN_bn2lebinpad(n, rd, blen);
-	if (error < 0) {
-		ERR_print_errors_fp(stderr);
-		free(rd);
-		return (NULL);
-	}
-
-	return (rd);
-}
-
-static int
-UB_mod_exp(BIGNUM *res, const BIGNUM *a, const BIGNUM *b, const BIGNUM *c)
-{
-	struct crypt_kop kop;
-	void *ale, *ble, *cle;
-	int crypto_fd = devcrypto();
-
-	if ((ale = bignum_to_le(a)) == NULL)
-		err(1, "bignum_to_le, a");
-	if ((ble = bignum_to_le(b)) == NULL)
-		err(1, "bignum_to_le, b");
-	if ((cle = bignum_to_le(c)) == NULL)
-		err(1, "bignum_to_le, c");
-
-	bzero(&kop, sizeof(kop));
-	kop.crk_op = CRK_MOD_EXP;
-	kop.crk_iparams = 3;
-	kop.crk_oparams = 1;
-	kop.crk_crid = crid;
-	kop.crk_param[0].crp_p = ale;
-	kop.crk_param[0].crp_nbits = BN_num_bytes(a) * 8;
-	kop.crk_param[1].crp_p = ble;
-	kop.crk_param[1].crp_nbits = BN_num_bytes(b) * 8;
-	kop.crk_param[2].crp_p = cle;
-	kop.crk_param[2].crp_nbits = BN_num_bytes(c) * 8;
-	kop.crk_param[3].crp_p = cle;
-	kop.crk_param[3].crp_nbits = BN_num_bytes(c) * 8;
-
-	if (ioctl(crypto_fd, CIOCKEY2, &kop) == -1)
-		err(1, "CIOCKEY2");
-	if (verbose)
-		printf("device = %s\n", crfind(kop.crk_crid));
-
-	explicit_bzero(ale, BN_num_bytes(a));
-	free(ale);
-	explicit_bzero(ble, BN_num_bytes(b));
-	free(ble);
-
-	if (kop.crk_status != 0) {
-		printf("error %d\n", kop.crk_status);
-		explicit_bzero(cle, BN_num_bytes(c));
-		free(cle);
-		return (-1);
-	} else {
-		res = le_to_bignum(res, cle, BN_num_bytes(c));
-		explicit_bzero(cle, BN_num_bytes(c));
-		free(cle);
-		if (res == NULL)
-			err(1, "le_to_bignum");
-		return (0);
-	}
-	return (0);
-}
-
-static void
-show_result(const BIGNUM *a, const BIGNUM *b, const BIGNUM *c,
-    const BIGNUM *sw, const BIGNUM *hw)
-{
-	printf("\n");
-
-	printf("A = ");
-	BN_print_fp(stdout, a);
-	printf("\n");
-
-	printf("B = ");
-	BN_print_fp(stdout, b);
-	printf("\n");
-
-	printf("C = ");
-	BN_print_fp(stdout, c);
-	printf("\n");
-
-	printf("sw= ");
-	BN_print_fp(stdout, sw);
-	printf("\n");
-
-	printf("hw= ");
-	BN_print_fp(stdout, hw);
-	printf("\n");
-
-	printf("\n");
-}
-
-static void
-testit(void)
-{
-	BIGNUM *a, *b, *c, *r1, *r2;
-	BN_CTX *ctx;
-
-	ctx = BN_CTX_new();
-
-	a = BN_new();
-	b = BN_new();
-	c = BN_new();
-	r1 = BN_new();
-	r2 = BN_new();
-
-	BN_pseudo_rand(a, 1023, 0, 0);
-	BN_pseudo_rand(b, 1023, 0, 0);
-	BN_pseudo_rand(c, 1024, 0, 0);
-
-	if (BN_cmp(a, c) > 0) {
-		BIGNUM *rem = BN_new();
-
-		BN_mod(rem, a, c, ctx);
-		UB_mod_exp(r2, rem, b, c);
-		BN_free(rem);
-	} else {
-		UB_mod_exp(r2, a, b, c);
-	}
-	BN_mod_exp(r1, a, b, c, ctx);
-
-	if (BN_cmp(r1, r2) != 0) {
-		show_result(a, b, c, r1, r2);
-	}
-
-	BN_free(r2);
-	BN_free(r1);
-	BN_free(c);
-	BN_free(b);
-	BN_free(a);
-	BN_CTX_free(ctx);
-}
-
-static void
-usage(const char* cmd)
-{
-	printf("usage: %s [-d dev] [-v] [count]\n", cmd);
-	printf("count is the number of bignum ops to do\n");
-	printf("\n");
-	printf("-d use specific device\n");
-	printf("-v be verbose\n");
-	exit(-1);
-}
-
-int
-main(int argc, char *argv[])
-{
-	int c, i;
-
-	while ((c = getopt(argc, argv, "d:v")) != -1) {
-		switch (c) {
-		case 'd':
-			crid = crlookup(optarg);
-			break;
-		case 'v':
-			verbose = 1;
-			break;
-		default:
-			usage(argv[0]);
-		}
-	}
-	argc -= optind, argv += optind;
-
-	for (i = 0; i < 1000; i++) {
-		fprintf(stderr, "test %d\n", i);
-		testit();
-	}
-	return (0);
-}