Deprecate the low level RC5 functions

Use of the low level RC5 functions has been informally discouraged for a long
time.  We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10834)

14 files changed, 111 insertions, 38 deletions

diff --git a/apps/speed.c b/apps/speed.c
index f567b48d2e..d741f315e2 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -372,7 +372,7 @@ static const OPT_PAIR doit_choices[] = {
     {"rc2-cbc", D_CBC_RC2},
     {"rc2", D_CBC_RC2},
 #endif
-#ifndef OPENSSL_NO_RC5
+#if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     {"rc5-cbc", D_CBC_RC5},
     {"rc5", D_CBC_RC5},
 #endif
@@ -1449,7 +1449,7 @@ int speed_main(int argc, char **argv)
                                     EdDSA_SECONDS, SM2_SECONDS };
 
     /* What follows are the buffers and key material. */
-#ifndef OPENSSL_NO_RC5
+#if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     RC5_32_KEY rc5_ks;
 #endif
 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
@@ -1981,7 +1981,7 @@ int speed_main(int argc, char **argv)
     if (doit[D_CBC_RC2])
         RC2_set_key(&rc2_ks, 16, key16, 128);
 #endif
-#ifndef OPENSSL_NO_RC5
+#if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     if (doit[D_CBC_RC5])
         if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
             BIO_printf(bio_err, "Failed setting RC5 key\n");
@@ -2628,7 +2628,7 @@ int speed_main(int argc, char **argv)
         }
     }
 #endif
-#ifndef OPENSSL_NO_RC5
+#if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     if (doit[D_CBC_RC5]) {
         if (async_jobs > 0) {
             BIO_printf(bio_err, "Async mode is not supported with %s\n",
diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index 4783cc31ca..96066e8532 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 
diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c
index 51c14fd54d..39c36b6156 100644
--- a/crypto/rc5/rc5_ecb.c
+++ b/crypto/rc5/rc5_ecb.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/rc5.h>
 #include "rc5_local.h"
 #include <openssl/opensslv.h>
diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c
index c91fa99ce8..0fa80a50af 100644
--- a/crypto/rc5/rc5_enc.c
+++ b/crypto/rc5/rc5_enc.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include <openssl/rc5.h>
 #include "rc5_local.h"
diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c
index 22a5df1486..dc8617f6d5 100644
--- a/crypto/rc5/rc5_skey.c
+++ b/crypto/rc5/rc5_skey.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/rc5.h>
 #include "rc5_local.h"
 
diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c
index 001e1240ab..99b1753ad1 100644
--- a/crypto/rc5/rc5cfb64.c
+++ b/crypto/rc5/rc5cfb64.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/rc5.h>
 #include "rc5_local.h"
 
diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c
index c3ae5d8c05..7fc19fd1ed 100644
--- a/crypto/rc5/rc5ofb64.c
+++ b/crypto/rc5/rc5ofb64.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/rc5.h>
 #include "rc5_local.h"
 
diff --git a/doc/man3/RC4_set_key.pod b/doc/man3/RC4_set_key.pod
index 661a694479..2b314f022b 100644
--- a/doc/man3/RC4_set_key.pod
+++ b/doc/man3/RC4_set_key.pod
@@ -8,6 +8,10 @@ RC4_set_key, RC4 - RC4 encryption
 
  #include <openssl/rc4.h>
 
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
  void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
 
  void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
@@ -15,6 +19,10 @@ RC4_set_key, RC4 - RC4 encryption
 
 =head1 DESCRIPTION
 
+All of the functions described on this page are deprecated. Applications should
+instead use L<EVP_EncryptInit_ex(3)>, L<EVP_EncryptUpdate(3)> and
+L<EVP_EncryptFinal_ex(3)> or the equivalently named decrypt functions.
+
 This library implements the Alleged RC4 cipher, which is described for
 example in I<Applied Cryptography>.  It is believed to be compatible
 with RC4[TM], a proprietary cipher of RSA Security Inc.
@@ -54,6 +62,10 @@ multiple encryptions using the same key stream.
 
 L<EVP_EncryptInit(3)>
 
+=head1 HISTORY
+
+All of these functions were deprecated in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/rc5.h b/include/openssl/rc5.h
index 22bdeca237..a9c06d31d6 100644
--- a/include/openssl/rc5.h
+++ b/include/openssl/rc5.h
@@ -23,43 +23,50 @@
 extern "C" {
 #  endif
 
-#  define RC5_ENCRYPT     1
-#  define RC5_DECRYPT     0
-
-#  define RC5_32_INT unsigned int
-
 #  define RC5_32_BLOCK            8
 #  define RC5_32_KEY_LENGTH       16/* This is a default, max is 255 */
 
+#  ifndef OPENSSL_NO_DEPRECATED_3_0
+#   define RC5_ENCRYPT     1
+#   define RC5_DECRYPT     0
+
+#   define RC5_32_INT unsigned int
+
 /*
  * This are the only values supported.  Tweak the code if you want more The
  * most supported modes will be RC5-32/12/16 RC5-32/16/8
  */
-#  define RC5_8_ROUNDS    8
-#  define RC5_12_ROUNDS   12
-#  define RC5_16_ROUNDS   16
+#   define RC5_8_ROUNDS    8
+#   define RC5_12_ROUNDS   12
+#   define RC5_16_ROUNDS   16
 
 typedef struct rc5_key_st {
     /* Number of rounds */
     int rounds;
     RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
 } RC5_32_KEY;
+#  endif
 
-int RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
-                   int rounds);
-void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                        RC5_32_KEY *key, int enc);
-void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, RC5_32_KEY *ks, unsigned char *iv,
-                        int enc);
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num, int enc);
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num);
+DEPRECATEDIN_3_0(int RC5_32_set_key(RC5_32_KEY *key, int len,
+                                    const unsigned char *data, int rounds))
+DEPRECATEDIN_3_0(void RC5_32_ecb_encrypt(const unsigned char *in,
+                                         unsigned char *out, RC5_32_KEY *key,
+                                         int enc))
+DEPRECATEDIN_3_0(void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key))
+DEPRECATEDIN_3_0(void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key))
+DEPRECATEDIN_3_0(void RC5_32_cbc_encrypt(const unsigned char *in,
+                                         unsigned char *out, long length,
+                                         RC5_32_KEY *ks, unsigned char *iv,
+                                         int enc))
+DEPRECATEDIN_3_0(void RC5_32_cfb64_encrypt(const unsigned char *in,
+                                           unsigned char *out, long length,
+                                           RC5_32_KEY *schedule,
+                                           unsigned char *ivec, int *num,
+                                           int enc))
+DEPRECATEDIN_3_0(void RC5_32_ofb64_encrypt(const unsigned char *in,
+                                           unsigned char *out, long length,
+                                           RC5_32_KEY *schedule,
+                                           unsigned char *ivec, int *num))
 
 #  ifdef  __cplusplus
 }
diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c
index e2e1cb6a31..d6026c48f6 100644
--- a/providers/implementations/ciphers/cipher_rc5.c
+++ b/providers/implementations/ciphers/cipher_rc5.c
@@ -9,6 +9,12 @@
 
 /* Dispatch functions for RC5 cipher modes ecb, cbc, ofb, cfb */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_rc5.h"
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
diff --git a/providers/implementations/ciphers/cipher_rc5_hw.c b/providers/implementations/ciphers/cipher_rc5_hw.c
index a9a05ba32f..5d858811fc 100644
--- a/providers/implementations/ciphers/cipher_rc5_hw.c
+++ b/providers/implementations/ciphers/cipher_rc5_hw.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_rc5.h"
 
 static int cipher_hw_rc5_initkey(PROV_CIPHER_CTX *ctx,
diff --git a/test/build.info b/test/build.info
index c5040718a2..9afbdfdbe7 100644
--- a/test/build.info
+++ b/test/build.info
@@ -119,10 +119,6 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[hmactest]=../include ../apps/include
   DEPEND[hmactest]=../libcrypto libtestutil.a
 
-  SOURCE[rc5test]=rc5test.c
-  INCLUDE[rc5test]=../include ../apps/include
-  DEPEND[rc5test]=../libcrypto libtestutil.a
-
   SOURCE[destest]=destest.c
   INCLUDE[destest]=../include ../apps/include
   DEPEND[destest]=../libcrypto libtestutil.a
@@ -593,6 +589,10 @@ IF[{- !$disabled{tests} -}]
     INCLUDE[rc4test]=../include ../apps/include
     DEPEND[rc4test]=../libcrypto.a libtestutil.a
 
+    SOURCE[rc5test]=rc5test.c
+    INCLUDE[rc5test]=../include ../apps/include
+    DEPEND[rc5test]=../libcrypto.a libtestutil.a
+
     SOURCE[ec_internal_test]=ec_internal_test.c
     INCLUDE[ec_internal_test]=../include ../crypto/ec ../apps/include ../crypto/include
     DEPEND[ec_internal_test]=../libcrypto.a libtestutil.a
diff --git a/test/rc5test.c b/test/rc5test.c
index 39a113e859..70f88f0915 100644
--- a/test/rc5test.c
+++ b/test/rc5test.c
@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * RC5 low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <string.h>
 
 #include "internal/nelem.h"
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 926ab06eaa..049380a715 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1238,7 +1238,7 @@ HMAC_CTX_copy                           1266	3_0_0	EXIST::FUNCTION:
 CRYPTO_gcm128_init                      1267	3_0_0	EXIST::FUNCTION:
 i2d_X509_CINF                           1268	3_0_0	EXIST::FUNCTION:
 X509_REVOKED_delete_ext                 1269	3_0_0	EXIST::FUNCTION:
-RC5_32_cfb64_encrypt                    1270	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_cfb64_encrypt                    1270	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 TS_REQ_set_cert_req                     1271	3_0_0	EXIST::FUNCTION:TS
 TXT_DB_get_by_index                     1272	3_0_0	EXIST::FUNCTION:
 X509_check_ca                           1273	3_0_0	EXIST::FUNCTION:
@@ -1673,7 +1673,7 @@ UI_dup_verify_string                    1711	3_0_0	EXIST::FUNCTION:
 d2i_PKCS7_bio                           1712	3_0_0	EXIST::FUNCTION:
 ENGINE_set_default_digests              1713	3_0_0	EXIST::FUNCTION:ENGINE
 i2d_PublicKey                           1714	3_0_0	EXIST::FUNCTION:
-RC5_32_set_key                          1715	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_set_key                          1715	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 AES_unwrap_key                          1716	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_Cipher                              1717	3_0_0	EXIST::FUNCTION:
 AES_set_decrypt_key                     1718	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
@@ -1771,7 +1771,7 @@ OPENSSL_LH_delete                       1812	3_0_0	EXIST::FUNCTION:
 TS_STATUS_INFO_dup                      1813	3_0_0	EXIST::FUNCTION:TS
 X509v3_addr_get_range                   1814	3_0_0	EXIST::FUNCTION:RFC3779
 X509_EXTENSION_get_data                 1815	3_0_0	EXIST::FUNCTION:
-RC5_32_encrypt                          1816	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_encrypt                          1816	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 DIST_POINT_set_dpname                   1817	3_0_0	EXIST::FUNCTION:
 BIO_sock_info                           1818	3_0_0	EXIST::FUNCTION:SOCK
 OPENSSL_hexstr2buf                      1819	3_0_0	EXIST::FUNCTION:
@@ -1946,7 +1946,7 @@ GENERAL_NAME_it                         1991	3_0_0	EXIST::FUNCTION:
 EVP_des_ede_ecb                         1992	3_0_0	EXIST::FUNCTION:DES
 i2d_CRL_DIST_POINTS                     1993	3_0_0	EXIST::FUNCTION:
 PEM_write_bio_X509_REQ_NEW              1994	3_0_0	EXIST::FUNCTION:
-RC5_32_ofb64_encrypt                    1995	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_ofb64_encrypt                    1995	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 i2d_PKCS7                               1996	3_0_0	EXIST::FUNCTION:
 BN_mod_lshift_quick                     1997	3_0_0	EXIST::FUNCTION:
 DIST_POINT_NAME_it                      1998	3_0_0	EXIST::FUNCTION:
@@ -2694,7 +2694,7 @@ X509_REQ_to_X509                        2750	3_0_0	EXIST::FUNCTION:
 EVP_aes_192_wrap_pad                    2751	3_0_0	EXIST::FUNCTION:
 PKCS7_SIGN_ENVELOPE_new                 2752	3_0_0	EXIST::FUNCTION:
 TS_REQ_get_policy_id                    2753	3_0_0	EXIST::FUNCTION:TS
-RC5_32_cbc_encrypt                      2754	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_cbc_encrypt                      2754	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 BN_is_zero                              2755	3_0_0	EXIST::FUNCTION:
 CT_POLICY_EVAL_CTX_new                  2756	3_0_0	EXIST::FUNCTION:CT
 NETSCAPE_SPKI_it                        2757	3_0_0	EXIST::FUNCTION:
@@ -2856,7 +2856,7 @@ X509_STORE_CTX_free                     2917	3_0_0	EXIST::FUNCTION:
 AUTHORITY_KEYID_it                      2918	3_0_0	EXIST::FUNCTION:
 X509V3_get_value_int                    2919	3_0_0	EXIST::FUNCTION:
 ASN1_UTCTIME_set_string                 2920	3_0_0	EXIST::FUNCTION:
-RC5_32_decrypt                          2921	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_decrypt                          2921	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 i2d_X509_REQ_INFO                       2922	3_0_0	EXIST::FUNCTION:
 EVP_des_cfb1                            2923	3_0_0	EXIST::FUNCTION:DES
 OBJ_NAME_cleanup                        2924	3_0_0	EXIST::FUNCTION:
@@ -3477,7 +3477,7 @@ BN_dec2bn                               3549	3_0_0	EXIST::FUNCTION:
 CMS_decrypt                             3550	3_0_0	EXIST::FUNCTION:CMS
 BN_mpi2bn                               3551	3_0_0	EXIST::FUNCTION:
 EVP_aes_128_cfb128                      3552	3_0_0	EXIST::FUNCTION:
-RC5_32_ecb_encrypt                      3554	3_0_0	EXIST::FUNCTION:RC5
+RC5_32_ecb_encrypt                      3554	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RC5
 EVP_CIPHER_meth_new                     3555	3_0_0	EXIST::FUNCTION:
 i2d_RSA_OAEP_PARAMS                     3556	3_0_0	EXIST::FUNCTION:RSA
 SXNET_get_id_ulong                      3557	3_0_0	EXIST::FUNCTION: