diff options
author | Rich Salz <rsalz@akamai.com> | 2021-02-16 17:51:56 -0500 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-04-18 10:03:07 +0200 |
commit | f6c95e46c03025b2694241e1ad785d8bd3ac083b (patch) | |
tree | 5dcfc46ad06713bc6b581f6bed3ce3e26b0c5970 /doc/man3/EVP_EncryptInit.pod | |
parent | 543e740b95e303790f8fe6ec59458b4ecdcfb56c (diff) |
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
Diffstat (limited to 'doc/man3/EVP_EncryptInit.pod')
-rw-r--r-- | doc/man3/EVP_EncryptInit.pod | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index b07c102e04..b4a00cf76c 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -48,6 +48,8 @@ EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, +EVP_CIPHER_CTX_get0_cipher, +EVP_CIPHER_CTX_get1_cipher, EVP_CIPHER_CTX_name, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_get_params, @@ -153,7 +155,8 @@ EVP_CIPHER_do_all_provided unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e); int EVP_CIPHER_type(const EVP_CIPHER *cipher); - const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); + const EVP_CIPHER *EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX *ctx); + EVP_CIPHER *EVP_CIPHER_CTX_get1_cipher(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); const char *EVP_CIPHER_CTX_name(const EVP_CIPHER_CTX *ctx); @@ -181,6 +184,12 @@ EVP_CIPHER_do_all_provided void (*fn)(EVP_CIPHER *cipher, void *arg), void *arg); +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + + const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); + =head1 DESCRIPTION The EVP cipher routines are a high-level interface to certain @@ -417,8 +426,10 @@ cipher implementation. EVP_CIPHER_provider() returns an B<OSSL_PROVIDER> pointer to the provider that implements the given B<EVP_CIPHER>. -EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed +EVP_CIPHER_CTX_get0_cipher() returns the B<EVP_CIPHER> structure when passed an B<EVP_CIPHER_CTX> structure. +EVP_CIPHER_CTX_get1_cipher() is the same except the ownership is passed to +the caller. EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, @@ -938,8 +949,12 @@ EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset(). +The EVP_CIPHER_CTX_cipher() function was deprecated in OpenSSL 3.0; use +EVP_CIPHER_CTX_get0_cipher() instead. + The EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2(), EVP_CIPHER_fetch(), EVP_CIPHER_free(), EVP_CIPHER_up_ref(), +EVP_CIPHER_CTX_get0_cipher(), EVP_CIPHER_CTX_get1_cipher(), EVP_CIPHER_get_params(), EVP_CIPHER_CTX_set_params(), EVP_CIPHER_CTX_get_params(), EVP_CIPHER_gettable_params(), EVP_CIPHER_settable_ctx_params(), EVP_CIPHER_gettable_ctx_params(), |