diff options
-rw-r--r-- | crypto/dh/dh_backend.c | 6 | ||||
-rw-r--r-- | include/openssl/dh.h | 53 | ||||
-rw-r--r-- | test/ffc_internal_test.c | 6 | ||||
-rw-r--r-- | util/libcrypto.num | 46 |
4 files changed, 61 insertions, 50 deletions
diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c index cc8d064..660bb48 100644 --- a/crypto/dh/dh_backend.c +++ b/crypto/dh/dh_backend.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <openssl/core_names.h> #include "internal/param_build_set.h" #include "crypto/dh.h" diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 86f0e73..d8666f4 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -136,9 +136,9 @@ DECLARE_ASN1_ITEM(DHparams) ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x) # define i2d_DHxparams_bio(bp, x) \ ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x) -# endif -DECLARE_ASN1_DUP_FUNCTION_name(DH, DHparams) +DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, DH, DHparams) +# endif DEPRECATEDIN_3_0(const DH_METHOD *DH_OpenSSL(void)) @@ -148,9 +148,9 @@ DEPRECATEDIN_3_0(int DH_set_method(DH *dh, const DH_METHOD *meth)) DEPRECATEDIN_3_0(DH *DH_new_method(ENGINE *engine)) DEPRECATEDIN_3_0(DH *DH_new(void)) -void DH_free(DH *dh); -int DH_up_ref(DH *dh); -int DH_bits(const DH *dh); +DEPRECATEDIN_3_0(void DH_free(DH *dh)) +DEPRECATEDIN_3_0(int DH_up_ref(DH *dh)) +DEPRECATEDIN_3_0(int DH_bits(const DH *dh)) DEPRECATEDIN_3_0(int DH_size(const DH *dh)) DEPRECATEDIN_3_0(int DH_security_bits(const DH *dh)) # ifndef OPENSSL_NO_DEPRECATED_3_0 @@ -176,7 +176,7 @@ DEPRECATEDIN_3_0(int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)) /* * TODO(3.0): deprecate DH_check_params once ssl/statem/statem_clnt.c is fixed. */ -int DH_check_params(const DH *dh, int *ret); +DEPRECATEDIN_3_0(int DH_check_params(const DH *dh, int *ret)) DEPRECATEDIN_3_0(int DH_check(const DH *dh, int *codes)) DEPRECATEDIN_3_0(int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes)) @@ -197,13 +197,12 @@ DEPRECATEDIN_3_0(int DHparams_print_fp(FILE *fp, const DH *x)) DEPRECATEDIN_3_0(int DHparams_print(BIO *bp, const DH *x)) /* RFC 5114 parameters */ -DH *DH_get_1024_160(void); -DH *DH_get_2048_224(void); -DH *DH_get_2048_256(void); +DEPRECATEDIN_3_0(DH *DH_get_1024_160(void)) +DEPRECATEDIN_3_0(DH *DH_get_2048_224(void)) +DEPRECATEDIN_3_0(DH *DH_get_2048_256(void)) /* Named parameters, currently RFC7919 and RFC3526 */ -/* TODO(3.0): deprecate DH_new_by_nid() after converting ssl/s3_lib.c */ -DH *DH_new_by_nid(int nid); +DEPRECATEDIN_3_0(DH *DH_new_by_nid(int nid)) DEPRECATEDIN_3_0(int DH_get_nid(const DH *dh)) /* RFC2631 KDF */ @@ -213,23 +212,23 @@ DEPRECATEDIN_3_0(int DH_KDF_X9_42(unsigned char *out, size_t outlen, const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)) -void DH_get0_pqg(const DH *dh, - const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DH_get0_key(const DH *dh, - const BIGNUM **pub_key, const BIGNUM **priv_key); -int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); -const BIGNUM *DH_get0_p(const DH *dh); -const BIGNUM *DH_get0_q(const DH *dh); -const BIGNUM *DH_get0_g(const DH *dh); -const BIGNUM *DH_get0_priv_key(const DH *dh); -const BIGNUM *DH_get0_pub_key(const DH *dh); -void DH_clear_flags(DH *dh, int flags); -int DH_test_flags(const DH *dh, int flags); -void DH_set_flags(DH *dh, int flags); +DEPRECATEDIN_3_0(void DH_get0_pqg(const DH *dh, const BIGNUM **p, + const BIGNUM **q, const BIGNUM **g)) +DEPRECATEDIN_3_0(int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)) +DEPRECATEDIN_3_0(void DH_get0_key(const DH *dh, const BIGNUM **pub_key, + const BIGNUM **priv_key)) +DEPRECATEDIN_3_0(int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)) +DEPRECATEDIN_3_0(const BIGNUM *DH_get0_p(const DH *dh)) +DEPRECATEDIN_3_0(const BIGNUM *DH_get0_q(const DH *dh)) +DEPRECATEDIN_3_0(const BIGNUM *DH_get0_g(const DH *dh)) +DEPRECATEDIN_3_0(const BIGNUM *DH_get0_priv_key(const DH *dh)) +DEPRECATEDIN_3_0(const BIGNUM *DH_get0_pub_key(const DH *dh)) +DEPRECATEDIN_3_0(void DH_clear_flags(DH *dh, int flags)) +DEPRECATEDIN_3_0(int DH_test_flags(const DH *dh, int flags)) +DEPRECATEDIN_3_0(void DH_set_flags(DH *dh, int flags)) DEPRECATEDIN_3_0(ENGINE *DH_get0_engine(DH *d)) -long DH_get_length(const DH *dh); -int DH_set_length(DH *dh, long length); +DEPRECATEDIN_3_0(long DH_get_length(const DH *dh)) +DEPRECATEDIN_3_0(int DH_set_length(DH *dh, long length)) DEPRECATEDIN_3_0(DH_METHOD *DH_meth_new(const char *name, int flags)) DEPRECATEDIN_3_0(void DH_meth_free(DH_METHOD *dhm)) diff --git a/test/ffc_internal_test.c b/test/ffc_internal_test.c index 25b3c58..1cbaec8 100644 --- a/test/ffc_internal_test.c +++ b/test/ffc_internal_test.c @@ -8,6 +8,12 @@ * https://www.openssl.org/source/license.html */ +/* + * This is an internal test that is intentionally using internal APIs. Some of + * those APIs are deprecated for public use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include <stdlib.h> #include <string.h> diff --git a/util/libcrypto.num b/util/libcrypto.num index d81534a..1e27d46 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -311,7 +311,7 @@ PEM_write_bio_PKCS7_stream 316 3_0_0 EXIST::FUNCTION: d2i_X509_CERT_AUX 317 3_0_0 EXIST::FUNCTION: UI_process 318 3_0_0 EXIST::FUNCTION: X509_get_subject_name 319 3_0_0 EXIST::FUNCTION: -DH_get_1024_160 320 3_0_0 EXIST::FUNCTION:DH +DH_get_1024_160 320 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH i2d_ASN1_UNIVERSALSTRING 321 3_0_0 EXIST::FUNCTION: d2i_OCSP_RESPID 322 3_0_0 EXIST::FUNCTION:OCSP BIO_s_accept 323 3_0_0 EXIST::FUNCTION:SOCK @@ -906,7 +906,7 @@ CRYPTO_secure_malloc_initialized 928 3_0_0 EXIST::FUNCTION: o2i_SCT_LIST 929 3_0_0 EXIST::FUNCTION:CT ASN1_PCTX_get_cert_flags 930 3_0_0 EXIST::FUNCTION: X509at_add1_attr_by_NID 931 3_0_0 EXIST::FUNCTION: -DHparams_dup 932 3_0_0 EXIST::FUNCTION:DH +DHparams_dup 932 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH X509_get_ext 933 3_0_0 EXIST::FUNCTION: X509_issuer_and_serial_hash 934 3_0_0 EXIST::FUNCTION: ASN1_BMPSTRING_it 935 3_0_0 EXIST::FUNCTION: @@ -1006,7 +1006,7 @@ X509_policy_check 1031 3_0_0 EXIST::FUNCTION: X509_CRL_METHOD_new 1032 3_0_0 EXIST::FUNCTION: ASN1_ANY_it 1033 3_0_0 EXIST::FUNCTION: d2i_DSA_SIG 1034 3_0_0 EXIST::FUNCTION:DSA -DH_free 1035 3_0_0 EXIST::FUNCTION:DH +DH_free 1035 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH ENGINE_register_all_DSA 1036 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE TS_REQ_set_msg_imprint 1037 3_0_0 EXIST::FUNCTION:TS BN_mod_sub_quick 1038 3_0_0 EXIST::FUNCTION: @@ -1028,7 +1028,7 @@ CRYPTO_free 1054 3_0_0 EXIST::FUNCTION: BN_GF2m_mod_exp 1055 3_0_0 EXIST::FUNCTION:EC2M OPENSSL_buf2hexstr 1056 3_0_0 EXIST::FUNCTION: DES_encrypt2 1057 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DES -DH_up_ref 1058 3_0_0 EXIST::FUNCTION:DH +DH_up_ref 1058 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH RC2_ofb64_encrypt 1059 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RC2 PKCS12_pbe_crypt 1060 3_0_0 EXIST::FUNCTION: ASIdentifiers_free 1061 3_0_0 EXIST::FUNCTION:RFC3779 @@ -1242,7 +1242,7 @@ RC5_32_cfb64_encrypt 1270 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ TS_REQ_set_cert_req 1271 3_0_0 EXIST::FUNCTION:TS TXT_DB_get_by_index 1272 3_0_0 EXIST::FUNCTION: X509_check_ca 1273 3_0_0 EXIST::FUNCTION: -DH_get_2048_224 1274 3_0_0 EXIST::FUNCTION:DH +DH_get_2048_224 1274 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH X509_load_http 1275 3_0_0 EXIST::FUNCTION: i2d_AUTHORITY_INFO_ACCESS 1276 3_0_0 EXIST::FUNCTION: EVP_get_cipherbyname 1277 3_0_0 EXIST::FUNCTION: @@ -2274,7 +2274,7 @@ ASN1_STRING_length 2321 3_0_0 EXIST::FUNCTION: PKCS7_set_digest 2322 3_0_0 EXIST::FUNCTION: PEM_write_bio_PUBKEY 2323 3_0_0 EXIST::FUNCTION: PEM_read_PKCS7 2324 3_0_0 EXIST::FUNCTION:STDIO -DH_get_2048_256 2325 3_0_0 EXIST::FUNCTION:DH +DH_get_2048_256 2325 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH X509at_delete_attr 2326 3_0_0 EXIST::FUNCTION: PEM_write_bio 2327 3_0_0 EXIST::FUNCTION: CMS_signed_get_attr_by_OBJ 2329 3_0_0 EXIST::FUNCTION:CMS @@ -3163,7 +3163,7 @@ ACCESS_DESCRIPTION_free 3228 3_0_0 EXIST::FUNCTION: BN_nist_mod_384 3229 3_0_0 EXIST::FUNCTION: i2d_EC_PUBKEY_fp 3230 3_0_0 EXIST::FUNCTION:EC,STDIO ENGINE_set_default_pkey_meths 3231 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE -DH_bits 3232 3_0_0 EXIST::FUNCTION:DH +DH_bits 3232 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH i2d_X509_ALGORS 3233 3_0_0 EXIST::FUNCTION: EVP_camellia_192_cfb1 3234 3_0_0 EXIST::FUNCTION:CAMELLIA TS_RESP_CTX_add_failure_info 3235 3_0_0 EXIST::FUNCTION:TS @@ -3948,15 +3948,15 @@ RSA_meth_set_init 4031 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ RSA_meth_get_priv_enc 4032 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA RSA_set0_crt_params 4037 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA RSA_get0_crt_params 4038 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA -DH_set0_pqg 4039 3_0_0 EXIST::FUNCTION:DH -DH_clear_flags 4041 3_0_0 EXIST::FUNCTION:DH -DH_get0_key 4042 3_0_0 EXIST::FUNCTION:DH +DH_set0_pqg 4039 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_clear_flags 4041 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_key 4042 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_get0_engine 4043 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH -DH_set0_key 4044 3_0_0 EXIST::FUNCTION:DH -DH_set_length 4045 3_0_0 EXIST::FUNCTION:DH -DH_test_flags 4046 3_0_0 EXIST::FUNCTION:DH -DH_get_length 4047 3_0_0 EXIST::FUNCTION:DH -DH_get0_pqg 4048 3_0_0 EXIST::FUNCTION:DH +DH_set0_key 4044 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_set_length 4045 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_test_flags 4046 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get_length 4047 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_pqg 4048 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_meth_get_compute_key 4049 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_meth_set1_name 4050 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_meth_set_init 4051 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH @@ -3978,7 +3978,7 @@ DH_meth_set_bn_mod_exp 4066 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ DH_meth_set_generate_key 4067 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_meth_free 4068 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_meth_get_generate_key 4069 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH -DH_set_flags 4070 3_0_0 EXIST::FUNCTION:DH +DH_set_flags 4070 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH X509_STORE_CTX_get_obj_by_subject 4071 3_0_0 EXIST::FUNCTION: X509_OBJECT_free 4072 3_0_0 EXIST::FUNCTION: X509_OBJECT_get0_X509 4073 3_0_0 EXIST::FUNCTION: @@ -4091,7 +4091,7 @@ UI_method_get_ex_data 4179 3_0_0 EXIST::FUNCTION: UI_UTIL_wrap_read_pem_callback 4180 3_0_0 EXIST::FUNCTION: X509_VERIFY_PARAM_get_time 4181 3_0_0 EXIST::FUNCTION: EVP_PKEY_get0_poly1305 4182 3_0_0 EXIST::FUNCTION:POLY1305 -DH_check_params 4183 3_0_0 EXIST::FUNCTION:DH +DH_check_params 4183 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH EVP_PKEY_get0_siphash 4184 3_0_0 EXIST::FUNCTION:SIPHASH EVP_aria_256_ofb 4185 3_0_0 EXIST::FUNCTION:ARIA EVP_aria_256_cfb128 4186 3_0_0 EXIST::FUNCTION:ARIA @@ -4236,7 +4236,7 @@ EVP_PKEY_meth_get_check 4342 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ EVP_PKEY_meth_remove 4343 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 OPENSSL_sk_reserve 4344 3_0_0 EXIST::FUNCTION: EVP_PKEY_set1_engine 4347 3_0_0 EXIST::FUNCTION:ENGINE -DH_new_by_nid 4348 3_0_0 EXIST::FUNCTION:DH +DH_new_by_nid 4348 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DH_get_nid 4349 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH CRYPTO_get_alloc_counts 4350 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG OPENSSL_sk_new_reserve 4351 3_0_0 EXIST::FUNCTION: @@ -4345,11 +4345,11 @@ conf_ssl_name_find 4469 3_0_0 EXIST::FUNCTION: conf_ssl_get_cmd 4470 3_0_0 EXIST::FUNCTION: conf_ssl_get 4471 3_0_0 EXIST::FUNCTION: X509_VERIFY_PARAM_get_hostflags 4472 3_0_0 EXIST::FUNCTION: -DH_get0_p 4473 3_0_0 EXIST::FUNCTION:DH -DH_get0_q 4474 3_0_0 EXIST::FUNCTION:DH -DH_get0_g 4475 3_0_0 EXIST::FUNCTION:DH -DH_get0_priv_key 4476 3_0_0 EXIST::FUNCTION:DH -DH_get0_pub_key 4477 3_0_0 EXIST::FUNCTION:DH +DH_get0_p 4473 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_q 4474 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_g 4475 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_priv_key 4476 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH +DH_get0_pub_key 4477 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DSA_get0_priv_key 4478 3_0_0 EXIST::FUNCTION:DSA DSA_get0_pub_key 4479 3_0_0 EXIST::FUNCTION:DSA DSA_get0_q 4480 3_0_0 EXIST::FUNCTION:DSA |