diff options
| author | Pauli <paul.dale@oracle.com> | 2020-01-16 13:50:03 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-01-25 09:30:59 +1000 |
| commit | c6fec81b88131d08c1022504ccf6effa95497afb (patch) | |
| tree | 8f9875a9f3a83fa13c6404faa8b7fa71f2c1f6f6 /providers | |
| parent | f6edde4f06d2cadaf0949399e5df0b6f6a5b3598 (diff) | |
Deprecate the low level DES functions.
Use of the low level DES functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10858)
Diffstat (limited to 'providers')
11 files changed, 61 insertions, 1 deletions
diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index 74539d3da4..d0547b7060 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "prov/ciphercommon.h" #include "cipher_des.h" #include <openssl/rand.h> diff --git a/providers/implementations/ciphers/cipher_des_hw.c b/providers/implementations/ciphers/cipher_des_hw.c index c3a67080fd..c465c42391 100644 --- a/providers/implementations/ciphers/cipher_des_hw.c +++ b/providers/implementations/ciphers/cipher_des_hw.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "prov/ciphercommon.h" #include "cipher_des.h" diff --git a/providers/implementations/ciphers/cipher_desx.c b/providers/implementations/ciphers/cipher_desx.c index b8447d2c3f..2a67d77aec 100644 --- a/providers/implementations/ciphers/cipher_desx.c +++ b/providers/implementations/ciphers/cipher_desx.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "cipher_tdes_default.h" #include "prov/implementations.h" diff --git a/providers/implementations/ciphers/cipher_desx_hw.c b/providers/implementations/ciphers/cipher_desx_hw.c index ef1b3b0694..afc01b8659 100644 --- a/providers/implementations/ciphers/cipher_desx_hw.c +++ b/providers/implementations/ciphers/cipher_desx_hw.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include <openssl/des.h> #include "cipher_tdes_default.h" diff --git a/providers/implementations/ciphers/cipher_tdes.c b/providers/implementations/ciphers/cipher_tdes.c index 80afcd5fd9..ea0c987a80 100644 --- a/providers/implementations/ciphers/cipher_tdes.c +++ b/providers/implementations/ciphers/cipher_tdes.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "prov/ciphercommon.h" #include "cipher_tdes.h" #include <openssl/rand.h> diff --git a/providers/implementations/ciphers/cipher_tdes_default.c b/providers/implementations/ciphers/cipher_tdes_default.c index 9aefef26b6..4d449804ca 100644 --- a/providers/implementations/ciphers/cipher_tdes_default.c +++ b/providers/implementations/ciphers/cipher_tdes_default.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "cipher_tdes_default.h" #include "prov/implementations.h" diff --git a/providers/implementations/ciphers/cipher_tdes_default_hw.c b/providers/implementations/ciphers/cipher_tdes_default_hw.c index 73169a0e56..5b9e4997f6 100644 --- a/providers/implementations/ciphers/cipher_tdes_default_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_default_hw.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "cipher_tdes_default.h" #define ks1 tks.ks[0] diff --git a/providers/implementations/ciphers/cipher_tdes_hw.c b/providers/implementations/ciphers/cipher_tdes_hw.c index 208e83df0f..c7fe393653 100644 --- a/providers/implementations/ciphers/cipher_tdes_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_hw.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "prov/ciphercommon.h" #include "cipher_tdes.h" diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index 9db60ad2c7..e912b8766c 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -8,7 +8,7 @@ */ /* - * SHA-1 low level APIs are deprecated for public use, but still ok for + * DES and SHA-1 low level APIs are deprecated for public use, but still ok for * internal use. */ #include "internal/deprecated.h" diff --git a/providers/implementations/ciphers/cipher_tdes_wrap_hw.c b/providers/implementations/ciphers/cipher_tdes_wrap_hw.c index 09155b6f48..7790e1e03a 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap_hw.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. + */ +#include "internal/deprecated.h" + #include "cipher_tdes_default.h" #define cipher_hw_tdes_wrap_initkey cipher_hw_tdes_ede3_initkey diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index 08a9495929..ed111708f4 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DES low level APIs are deprecated for public use, but still ok for internal + * use. We access the DES_set_odd_parity(3) function here. + */ +#include "internal/deprecated.h" + #include <stdlib.h> #include <stdarg.h> #include <string.h> |