diff options
author | Pauli <paul.dale@oracle.com> | 2020-01-28 12:38:47 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-02-04 20:02:55 +1000 |
commit | 5e3f9aa4e9a915f25b36bb085515d4786a253385 (patch) | |
tree | f4647a215cc450ea54adef7c8a62c08b962d52f7 | |
parent | ee8db22e271201807358c8f87e272d2e74ad8eb7 (diff) |
Deprecate the ECDH functions.
Use of the low level ECDH functions has been informally discouraged for a
long time. We now formally deprecate them.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10960)
-rw-r--r-- | crypto/ec/ec_kmeth.c | 6 | ||||
-rw-r--r-- | crypto/ec/ec_pmeth.c | 6 | ||||
-rw-r--r-- | crypto/ec/ecdh_kdf.c | 6 | ||||
-rw-r--r-- | include/openssl/ec.h | 9 |
4 files changed, 23 insertions, 4 deletions
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 9556a94210..7aa9865d29 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * ECDH and ECDSA low level APIs are deprecated for public use, but still ok + * for internal use. + */ +#include "internal/deprecated.h" + #include <string.h> #include <openssl/ec.h> #include <openssl/engine.h> diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 1750e43d16..d4a59b57ee 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * ECDH and ECDSA low level APIs are deprecated for public use, but still ok + * for internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/asn1t.h> diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c index 000b12a515..bc9c968655 100644 --- a/crypto/ec/ecdh_kdf.c +++ b/crypto/ec/ecdh_kdf.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * ECDH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <string.h> #include <openssl/core_names.h> #include <openssl/ec.h> diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 3787d2f807..81e7bd28b8 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1180,10 +1180,11 @@ DEPRECATEDIN_3_0(int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md)) -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - const EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, - void *out, size_t *outlen)); +DEPRECATEDIN_3_0(int ECDH_compute_key(void *out, size_t outlen, + const EC_POINT *pub_key, + const EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen))) typedef struct ECDSA_SIG_st ECDSA_SIG; |