diff options
41 files changed, 440 insertions, 191 deletions
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index 48fd7f4af5..2e0e9b2407 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -1434,7 +1434,20 @@ static int security_callback_debug(const SSL *s, const SSL_CTX *ctx, case SSL_SECOP_OTHER_DH: { DH *dh = other; - BIO_printf(sdb->out, "%d", DH_bits(dh)); + EVP_PKEY *pkey = EVP_PKEY_new(); + int fail = 1; + + if (pkey != NULL) { + if (EVP_PKEY_set1_DH(pkey, dh)) { + BIO_printf(sdb->out, "%d", EVP_PKEY_bits(pkey)); + fail = 0; + } + + EVP_PKEY_free(pkey); + } + if (fail) + BIO_printf(sdb->out, "s_cb.c:security_callback_debug op=0x%x", + op); break; } #endif diff --git a/apps/progs.pl b/apps/progs.pl index 1d8c305713..03553efb23 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -92,7 +92,6 @@ EOF my %cmd_disabler = ( ciphers => "sock", - gendh => "dh", pkcs12 => "des", ); my %cmd_deprecated = ( diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index bee414abf7..14c0842455 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/x509.h> diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 829cc87464..940d119d3c 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/bn.h> diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 4832230f6c..85ef17b36f 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/bn.h> diff --git a/crypto/dh/dh_depr.c b/crypto/dh/dh_depr.c index 09403f6ad5..33689d8e1c 100644 --- a/crypto/dh/dh_depr.c +++ b/crypto/dh/dh_depr.c @@ -9,6 +9,12 @@ /* This file contains deprecated functions as wrappers to the new ones */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <openssl/opensslconf.h> #ifdef OPENSSL_NO_DEPRECATED_0_9_8 NON_EMPTY_TRANSLATION_UNIT diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 89264e9fa8..8e2b773703 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -12,6 +12,12 @@ * dh_depr.c as wrappers to these ones. - Geoff */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/bn.h> diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index 6c057d1f1f..d2dd258248 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -9,6 +9,12 @@ /* DH parameters from RFC7919 and RFC3526 */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include "dh_local.h" diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 23bc8acb73..e054aaeff9 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include "e_os.h" #ifndef OPENSSL_NO_CMS diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 14d35466f1..5748be810f 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include "dh_local.h" diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index e6fc3ef2c5..d7fe850f58 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include <openssl/bn.h> #include <openssl/engine.h> diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c index be04b76a44..74f1891c83 100644 --- a/crypto/dh/dh_meth.c +++ b/crypto/dh/dh_meth.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include "dh_local.h" #include <string.h> #include <openssl/err.h> diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 3b163bbe4e..5a83b483dd 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -8,7 +8,7 @@ */ /* - * DSA low level APIs are deprecated for public use, but still ok for + * DH & DSA low level APIs are deprecated for public use, but still ok for * internal use. */ #include "internal/deprecated.h" diff --git a/crypto/dh/dh_prn.c b/crypto/dh/dh_prn.c index d0e1ab3d06..28027a4a4f 100644 --- a/crypto/dh/dh_prn.c +++ b/crypto/dh/dh_prn.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/evp.h> diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c index 3bbfea12d3..c542afc1e9 100644 --- a/crypto/dh/dh_rfc5114.c +++ b/crypto/dh/dh_rfc5114.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include "internal/cryptlib.h" #include "dh_local.h" diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index f4bc49fe0f..49af63845e 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -8,6 +8,12 @@ * https://www.openssl.org/source/license.html */ +/* + * DH low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include <stdlib.h> #include <openssl/engine.h> diff --git a/doc/man3/DH_generate_key.pod b/doc/man3/DH_generate_key.pod index babc91fef1..35fcc020b0 100644 --- a/doc/man3/DH_generate_key.pod +++ b/doc/man3/DH_generate_key.pod @@ -8,12 +8,20 @@ DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange #include <openssl/dh.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + int DH_generate_key(DH *dh); int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); =head1 DESCRIPTION +Both of the functions described on this page are deprecated. +Applications should instead use L<EVP_PKEY_derive_init(3)> +and L<EVP_PKEY_derive(3)>. + DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. By calling DH_compute_key(), these are combined with the other party's public @@ -40,8 +48,13 @@ The error codes can be obtained by L<ERR_get_error(3)>. =head1 SEE ALSO +L<EVP_PKEY_derive(3)>, L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<DH_size(3)> +=head1 HISTORY + +Both of these functions were deprecated in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/DH_generate_parameters.pod b/doc/man3/DH_generate_parameters.pod index 4908dcf515..a01b940795 100644 --- a/doc/man3/DH_generate_parameters.pod +++ b/doc/man3/DH_generate_parameters.pod @@ -12,6 +12,10 @@ parameters #include <openssl/dh.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb); int DH_check(DH *dh, int *codes); @@ -30,6 +34,11 @@ L<openssl_user_macros(7)>: =head1 DESCRIPTION +All of the functions described on this page are deprecated. +Applications should instead use L<EVP_PKEY_check(3)>, +L<EVP_PKEY_public_check(3)>, L<EVP_PKEY_private_check(3)> and +L<EVP_PKEY_param_check(3)>. + DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided B<DH> structure. The pseudo-random number generator must be @@ -144,6 +153,8 @@ L<DH_free(3)> =head1 HISTORY +All of these functions were deprecated in OpenSSL 3.0. + DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead. diff --git a/doc/man3/DH_get0_pqg.pod b/doc/man3/DH_get0_pqg.pod index 4883b670a0..ab49a325f8 100644 --- a/doc/man3/DH_get0_pqg.pod +++ b/doc/man3/DH_get0_pqg.pod @@ -26,6 +26,11 @@ DH_get_length, DH_set_length - Routines for getting and setting data in a DH obj void DH_clear_flags(DH *dh, int flags); int DH_test_flags(const DH *dh, int flags); void DH_set_flags(DH *dh, int flags); + +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + ENGINE *DH_get0_engine(DH *d); long DH_get_length(const DH *dh); int DH_set_length(DH *dh, long length); @@ -78,12 +83,13 @@ zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object. DH_get0_engine() returns a handle to the ENGINE that has been set for this DH -object, or NULL if no such ENGINE has been set. +object, or NULL if no such ENGINE has been set. This function is deprecated. The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is nonzero then it is used, otherwise it is ignored. The B<length> parameter indicates the -length of the secret exponent (private key) in bits. +length of the secret exponent (private key) in bits. These functions are +deprecated. =head1 NOTES @@ -114,6 +120,9 @@ L<DH_set_method(3)>, L<DH_size(3)>, L<DH_meth_new(3)> =head1 HISTORY +The DH_get0_engine(), DH_get_length() and DH_set_length() functions were +deprecated in OpenSSL 3.0. + The functions described here were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/DH_meth_new.pod b/doc/man3/DH_meth_new.pod index 652abaa61a..38c3bd3114 100644 --- a/doc/man3/DH_meth_new.pod +++ b/doc/man3/DH_meth_new.pod @@ -14,6 +14,10 @@ DH_meth_set_generate_params - Routines to build up DH methods #include <openssl/dh.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + DH_METHOD *DH_meth_new(const char *name, int flags); void DH_meth_free(DH_METHOD *dhm); @@ -58,6 +62,9 @@ DH_meth_set_generate_params - Routines to build up DH methods =head1 DESCRIPTION +All of the functions described on this page are deprecated. +Applications should instead use the provider APIs. + The B<DH_METHOD> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities. @@ -153,6 +160,8 @@ L<DH_set_method(3)>, L<DH_size(3)>, L<DH_get0_pqg(3)> =head1 HISTORY +All of these functions were deprecated in OpenSSL 3.0. + The functions described here were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/DH_new_by_nid.pod b/doc/man3/DH_new_by_nid.pod index 5fd71ffb5a..3456b9d57e 100644 --- a/doc/man3/DH_new_by_nid.pod +++ b/doc/man3/DH_new_by_nid.pod @@ -8,6 +8,11 @@ DH_new_by_nid, DH_get_nid - get or find DH named parameters #include <openssl/dh.h> DH *DH_new_by_nid(int nid); + +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + int *DH_get_nid(DH *dh); =head1 DESCRIPTION @@ -18,10 +23,9 @@ B<NID_ffdhe4096>, B<NID_ffdhe6144>, B<NID_ffdhe8192>, B<NID_modp_1536>, B<NID_modp_2048>, B<NID_modp_3072>, B<NID_modp_4096>, B<NID_modp_6144> or B<NID_modp_8192>. - DH_get_nid() determines if the parameters contained in B<dh> match any named set. It returns the NID corresponding to the matching parameters or -B<NID_undef> if there is no match. +B<NID_undef> if there is no match. This function is deprecated. =head1 RETURN VALUES @@ -30,6 +34,10 @@ DH_new_by_nid() returns a set of DH parameters or B<NULL> if an error occurred. DH_get_nid() returns the NID of the matching set of parameters or B<NID_undef> if there is no match. +=head1 HISTORY + +The DH_get_nid() function was deprecated in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/DH_set_method.pod b/doc/man3/DH_set_method.pod index 8c7713de68..ae3d8fa8cd 100644 --- a/doc/man3/DH_set_method.pod +++ b/doc/man3/DH_set_method.pod @@ -9,6 +9,10 @@ DH_set_method, DH_new_method, DH_OpenSSL - select DH method #include <openssl/dh.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + void DH_set_default_method(const DH_METHOD *meth); const DH_METHOD *DH_get_default_method(void); @@ -21,6 +25,9 @@ DH_set_method, DH_new_method, DH_OpenSSL - select DH method =head1 DESCRIPTION +All of the functions described on this page are deprecated. +Applications should instead use the provider APIs. + A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for @@ -76,6 +83,10 @@ returns a pointer to the newly allocated structure. L<DH_new(3)>, L<DH_new(3)>, L<DH_meth_new(3)> +=head1 HISTORY + +All of these functions were deprecated in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/DH_size.pod b/doc/man3/DH_size.pod index 3161ef3ee3..8a206f0ac4 100644 --- a/doc/man3/DH_size.pod +++ b/doc/man3/DH_size.pod @@ -9,6 +9,10 @@ security bits #include <openssl/dh.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + int DH_size(const DH *dh); int DH_bits(const DH *dh); @@ -17,6 +21,10 @@ security bits =head1 DESCRIPTION +All of the functions described on this page are deprecated. +Applications should instead use L<EVP_PKEY_bits(3)>, +L<EVP_PKEY_security_bits(3)> and L<EVP_PKEY_size(3)>. + DH_size() returns the Diffie-Hellman prime size in bytes. It can be used to determine how much memory must be allocated for the shared secret computed by L<DH_compute_key(3)>. @@ -38,11 +46,14 @@ DH_security_bits() returns the number of security bits. =head1 SEE ALSO +L<EVP_PKEY_bits(3)>, L<DH_new(3)>, L<DH_generate_key(3)>, L<BN_num_bits(3)> =head1 HISTORY +All of these functions were deprecated in OpenSSL 3.0. + The DH_bits() function was added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/DSA_dup_DH.pod b/doc/man3/DSA_dup_DH.pod index baaca6de2e..897d9a1e41 100644 --- a/doc/man3/DSA_dup_DH.pod +++ b/doc/man3/DSA_dup_DH.pod @@ -8,10 +8,18 @@ DSA_dup_DH - create a DH structure out of DSA structure #include <openssl/dsa.h> +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B<OPENSSL_API_COMPAT> with a suitable version value, see +L<openssl_user_macros(7)>: + DH *DSA_dup_DH(const DSA *r); =head1 DESCRIPTION +The function described on this page is deprecated. There is no direct +replacement, applications should use the EVP_PKEY APIs for Diffie-Hellman +operations. + DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q is lost during that conversion, but the resulting DH parameters contain its length. @@ -29,6 +37,10 @@ Be careful to avoid small subgroup attacks when using this. L<DH_new(3)>, L<DSA_new(3)>, L<ERR_get_error(3)> +=head1 HISTORY + +This function was deprecated in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. diff --git a/fuzz/asn1.c b/fuzz/asn1.c index 6ef6712e4d..0858bee91d 100644 --- a/fuzz/asn1.c +++ b/fuzz/asn1.c @@ -329,8 +329,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) DO_TEST_NO_PRINT(ESS_CERT_ID_V2, d2i_ESS_CERT_ID_V2, i2d_ESS_CERT_ID_V2); DO_TEST_NO_PRINT(ESS_SIGNING_CERT_V2, d2i_ESS_SIGNING_CERT_V2, i2d_ESS_SIGNING_CERT_V2); #ifndef OPENSSL_NO_DH - DO_TEST(DH, d2i_DHparams, i2d_DHparams, DHparams_print); - DO_TEST(DH, d2i_DHxparams, i2d_DHxparams, DHparams_print); + DO_TEST_NO_PRINT(DH, d2i_DHparams, i2d_DHparams); + DO_TEST_NO_PRINT(DH, d2i_DHxparams, i2d_DHxparams); #endif #ifndef OPENSSL_NO_DSA DO_TEST_NO_PRINT(DSA_SIG, d2i_DSA_SIG, i2d_DSA_SIG); diff --git a/include/openssl/dh.h b/include/openssl/dh.h index e722ae42e1..b26e94e8e9 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -47,6 +47,7 @@ extern "C" { # define DH_FLAG_NO_EXP_CONSTTIME 0x00 # endif +# ifndef OPENSSL_NO_DEPRECATED_3_0 /* * If this flag is set the DH method is FIPS compliant and can be used in * FIPS mode. This is set in the validated module method. If an application @@ -54,7 +55,7 @@ extern "C" { * result is compliant. */ -# define DH_FLAG_FIPS_METHOD 0x0400 +# define DH_FLAG_FIPS_METHOD 0x0400 /* * If this flag is set the operations normally disabled in FIPS mode are @@ -62,7 +63,8 @@ extern "C" { * usage is compliant. */ -# define DH_FLAG_NON_FIPS_ALLOW 0x0400 +# define DH_FLAG_NON_FIPS_ALLOW 0x0400 +# endif /* Already defined in ossl_typ.h */ /* typedef struct dh_st DH; */ @@ -70,29 +72,30 @@ extern "C" { DECLARE_ASN1_ITEM(DHparams) -# define DH_GENERATOR_2 2 -# define DH_GENERATOR_3 3 -# define DH_GENERATOR_5 5 +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define DH_GENERATOR_2 2 +# define DH_GENERATOR_3 3 +# define DH_GENERATOR_5 5 /* DH_check error codes */ /* * NB: These values must align with the equivalently named macros in * internal/ffc.h. */ -# define DH_CHECK_P_NOT_PRIME 0x01 -# define DH_CHECK_P_NOT_SAFE_PRIME 0x02 -# define DH_UNABLE_TO_CHECK_GENERATOR 0x04 -# define DH_NOT_SUITABLE_GENERATOR 0x08 -# define DH_CHECK_Q_NOT_PRIME 0x10 -# define DH_CHECK_INVALID_Q_VALUE 0x20 -# define DH_CHECK_INVALID_J_VALUE 0x40 -# define DH_MODULUS_TOO_SMALL 0x80 -# define DH_MODULUS_TOO_LARGE 0x100 +# define DH_CHECK_P_NOT_PRIME 0x01 +# define DH_CHECK_P_NOT_SAFE_PRIME 0x02 +# define DH_UNABLE_TO_CHECK_GENERATOR 0x04 +# define DH_NOT_SUITABLE_GENERATOR 0x08 +# define DH_CHECK_Q_NOT_PRIME 0x10 +# define DH_CHECK_INVALID_Q_VALUE 0x20 +# define DH_CHECK_INVALID_J_VALUE 0x40 +# define DH_MODULUS_TOO_SMALL |