diff options
| author | Tomas Mraz <tomas@openssl.org> | 2021-02-22 17:28:17 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-02-24 10:44:15 +0100 |
| commit | 76e48c9d6667391189e22d674b2b3b8161ab9442 (patch) | |
| tree | b5c769287c5aba4a7013deb544d067555d317d1d /include | |
| parent | 10315851d0230646947213ac148747bc64c56798 (diff) | |
Deprecated EVP_PKEY_CTX_get0_dh_kdf_ukm() and EVP_PKEY_CTX_get0_ecdh_kdf_ukm()
The functions are not needed and require returning octet ptr parameters
from providers that would like to support them which complicates provider
implementations.
Fixes #12985
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14279)
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/core_names.h | 17 | ||||
| -rw-r--r-- | include/openssl/dh.h | 3 | ||||
| -rw-r--r-- | include/openssl/ec.h | 3 |
3 files changed, 9 insertions, 14 deletions
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index a9ab57dbff..cb8d83ba88 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -432,20 +432,8 @@ extern "C" { #define OSSL_EXCHANGE_PARAM_KDF_DIGEST "kdf-digest" /* utf8_string */ #define OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS "kdf-digest-props" /* utf8_string */ #define OSSL_EXCHANGE_PARAM_KDF_OUTLEN "kdf-outlen" /* size_t */ - -/* - * TODO(3.0): improve this pattern - * - * Currently the sole internal user of OSSL_EXCHANGE_PARAM_KDF_UKM is - * EVP_PKEY_CTX_{set0,get0}_ecdh_kdf_ukm(): - * OSSL_EXCHANGE_PARAM_KDF_UKM is handled as a octet_string on set0, - * and as an octet_ptr on get0. - * - * This pattern is borrowed from the handling of - * OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL in - * EVP_PKEY_CTX_{set0,get0}_rsa_oaep_label(). - */ -#define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm" /* see note above */ +/* The following parameter is an octet_string on set and an octet_ptr on get */ +#define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm" /* Signature parameters */ #define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id" @@ -469,6 +457,7 @@ extern "C" { OSSL_PKEY_PARAM_MGF1_PROPERTIES #define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST OSSL_ALG_PARAM_DIGEST #define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS "digest-props" +/* The following parameter is an octet_string on set and an octet_ptr on get */ #define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label" #define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version" #define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version" diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 67ba0aa687..d17f01334f 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -53,7 +53,10 @@ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len); int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len); int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len); +# ifndef OPENSSL_NO_DEPRECATED_3_0 +OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); +#endif # define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1) # define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2) diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 5f93694f35..c503954b9c 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -44,7 +44,10 @@ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len); int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len); +# ifndef OPENSSL_NO_DEPRECATED_3_0 +OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); +# endif # define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) # define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2) |