case SSL_SECOP_OTHER_DH:
{
DH *dh = other;
- BIO_printf(sdb->out, "%d", DH_bits(dh));
+ EVP_PKEY *pkey = EVP_PKEY_new();
+ int fail = 1;
+
+ if (pkey != NULL) {
+ if (EVP_PKEY_set1_DH(pkey, dh)) {
+ BIO_printf(sdb->out, "%d", EVP_PKEY_bits(pkey));
+ fail = 0;
+ }
+
+ EVP_PKEY_free(pkey);
+ }
+ if (fail)
+ BIO_printf(sdb->out, "s_cb.c:security_callback_debug op=0x%x",
+ op);
break;
}
#endif
my %cmd_disabler = (
ciphers => "sock",
- gendh => "dh",
pkcs12 => "des",
);
my %cmd_deprecated = (
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/x509.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
/* This file contains deprecated functions as wrappers to the new ones */
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_DEPRECATED_0_9_8
NON_EMPTY_TRANSLATION_UNIT
* dh_depr.c as wrappers to these ones. - Geoff
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
/* DH parameters from RFC7919 and RFC3526 */
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include "dh_local.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include "e_os.h"
#ifndef OPENSSL_NO_CMS
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include "dh_local.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <openssl/bn.h>
#include <openssl/engine.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include "dh_local.h"
#include <string.h>
#include <openssl/err.h>
*/
/*
- * DSA low level APIs are deprecated for public use, but still ok for
+ * DH & DSA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include "dh_local.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <openssl/engine.h>
#include <openssl/dh.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
int DH_generate_key(DH *dh);
int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
=head1 DESCRIPTION
+Both of the functions described on this page are deprecated.
+Applications should instead use L<EVP_PKEY_derive_init(3)>
+and L<EVP_PKEY_derive(3)>.
+
DH_generate_key() performs the first step of a Diffie-Hellman key
exchange by generating private and public DH values. By calling
DH_compute_key(), these are combined with the other party's public
=head1 SEE ALSO
+L<EVP_PKEY_derive(3)>,
L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<DH_size(3)>
+=head1 HISTORY
+
+Both of these functions were deprecated in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
#include <openssl/dh.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
int DH_check(DH *dh, int *codes);
=head1 DESCRIPTION
+All of the functions described on this page are deprecated.
+Applications should instead use L<EVP_PKEY_check(3)>,
+L<EVP_PKEY_public_check(3)>, L<EVP_PKEY_private_check(3)> and
+L<EVP_PKEY_param_check(3)>.
+
DH_generate_parameters_ex() generates Diffie-Hellman parameters that can
be shared among a group of users, and stores them in the provided B<DH>
structure. The pseudo-random number generator must be
=head1 HISTORY
+All of these functions were deprecated in OpenSSL 3.0.
+
DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use
DH_generate_parameters_ex() instead.
void DH_clear_flags(DH *dh, int flags);
int DH_test_flags(const DH *dh, int flags);
void DH_set_flags(DH *dh, int flags);
+
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
ENGINE *DH_get0_engine(DH *d);
long DH_get_length(const DH *dh);
int DH_set_length(DH *dh, long length);
within the DH object.
DH_get0_engine() returns a handle to the ENGINE that has been set for this DH
-object, or NULL if no such ENGINE has been set.
+object, or NULL if no such ENGINE has been set. This function is deprecated.
The DH_get_length() and DH_set_length() functions get and set the optional
length parameter associated with this DH object. If the length is nonzero then
it is used, otherwise it is ignored. The B<length> parameter indicates the
-length of the secret exponent (private key) in bits.
+length of the secret exponent (private key) in bits. These functions are
+deprecated.
=head1 NOTES
=head1 HISTORY
+The DH_get0_engine(), DH_get_length() and DH_set_length() functions were
+deprecated in OpenSSL 3.0.
+
The functions described here were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
#include <openssl/dh.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
DH_METHOD *DH_meth_new(const char *name, int flags);
void DH_meth_free(DH_METHOD *dhm);
=head1 DESCRIPTION
+All of the functions described on this page are deprecated.
+Applications should instead use the provider APIs.
+
The B<DH_METHOD> type is a structure used for the provision of custom DH
implementations. It provides a set of functions used by OpenSSL for the
implementation of the various DH capabilities.
=head1 HISTORY
+All of these functions were deprecated in OpenSSL 3.0.
+
The functions described here were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
#include <openssl/dh.h>
DH *DH_new_by_nid(int nid);
+
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
int *DH_get_nid(DH *dh);
=head1 DESCRIPTION
B<NID_modp_1536>, B<NID_modp_2048>, B<NID_modp_3072>,
B<NID_modp_4096>, B<NID_modp_6144> or B<NID_modp_8192>.
-
DH_get_nid() determines if the parameters contained in B<dh> match
any named set. It returns the NID corresponding to the matching parameters or
-B<NID_undef> if there is no match.
+B<NID_undef> if there is no match. This function is deprecated.
=head1 RETURN VALUES
DH_get_nid() returns the NID of the matching set of parameters or
B<NID_undef> if there is no match.
+=head1 HISTORY
+
+The DH_get_nid() function was deprecated in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
#include <openssl/dh.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
void DH_set_default_method(const DH_METHOD *meth);
const DH_METHOD *DH_get_default_method(void);
=head1 DESCRIPTION
+All of the functions described on this page are deprecated.
+Applications should instead use the provider APIs.
+
A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
operations. By modifying the method, alternative implementations
such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
L<DH_new(3)>, L<DH_new(3)>, L<DH_meth_new(3)>
+=head1 HISTORY
+
+All of these functions were deprecated in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
#include <openssl/dh.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
int DH_size(const DH *dh);
int DH_bits(const DH *dh);
=head1 DESCRIPTION
+All of the functions described on this page are deprecated.
+Applications should instead use L<EVP_PKEY_bits(3)>,
+L<EVP_PKEY_security_bits(3)> and L<EVP_PKEY_size(3)>.
+
DH_size() returns the Diffie-Hellman prime size in bytes. It can be used
to determine how much memory must be allocated for the shared secret
computed by L<DH_compute_key(3)>.
=head1 SEE ALSO
+L<EVP_PKEY_bits(3)>,
L<DH_new(3)>, L<DH_generate_key(3)>,
L<BN_num_bits(3)>
=head1 HISTORY
+All of these functions were deprecated in OpenSSL 3.0.
+
The DH_bits() function was added in OpenSSL 1.1.0.
=head1 COPYRIGHT
#include <openssl/dsa.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
DH *DSA_dup_DH(const DSA *r);
=head1 DESCRIPTION
+The function described on this page is deprecated. There is no direct
+replacement, applications should use the EVP_PKEY APIs for Diffie-Hellman
+operations.
+
DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
is lost during that conversion, but the resulting DH parameters
contain its length.
L<DH_new(3)>, L<DSA_new(3)>, L<ERR_get_error(3)>
+=head1 HISTORY
+
+This function was deprecated in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
DO_TEST_NO_PRINT(ESS_CERT_ID_V2, d2i_ESS_CERT_ID_V2, i2d_ESS_CERT_ID_V2);
DO_TEST_NO_PRINT(ESS_SIGNING_CERT_V2, d2i_ESS_SIGNING_CERT_V2, i2d_ESS_SIGNING_CERT_V2);
#ifndef OPENSSL_NO_DH
- DO_TEST(DH, d2i_DHparams, i2d_DHparams, DHparams_print);
- DO_TEST(DH, d2i_DHxparams, i2d_DHxparams, DHparams_print);
+ DO_TEST_NO_PRINT(DH, d2i_DHparams, i2d_DHparams);
+ DO_TEST_NO_PRINT(DH, d2i_DHxparams, i2d_DHxparams);
#endif
#ifndef OPENSSL_NO_DSA
DO_TEST_NO_PRINT(DSA_SIG, d2i_DSA_SIG, i2d_DSA_SIG);
# define DH_FLAG_NO_EXP_CONSTTIME 0x00
# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* If this flag is set the DH method is FIPS compliant and can be used in
* FIPS mode. This is set in the validated module method. If an application
* result is compliant.
*/
-# define DH_FLAG_FIPS_METHOD 0x0400
+# define DH_FLAG_FIPS_METHOD 0x0400
/*
* If this flag is set the operations normally disabled in FIPS mode are
* usage is compliant.
*/
-# define DH_FLAG_NON_FIPS_ALLOW 0x0400
+# define DH_FLAG_NON_FIPS_ALLOW 0x0400
+# endif
/* Already defined in ossl_typ.h */
/* typedef struct dh_st DH; */
DECLARE_ASN1_ITEM(DHparams)
-# define DH_GENERATOR_2 2
-# define DH_GENERATOR_3 3
-# define DH_GENERATOR_5 5
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DH_GENERATOR_2 2
+# define DH_GENERATOR_3 3
+# define DH_GENERATOR_5 5
/* DH_check error codes */
/*
* NB: These values must align with the equivalently named macros in
* internal/ffc.h.
*/
-# define DH_CHECK_P_NOT_PRIME 0x01
-# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
-# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
-# define DH_NOT_SUITABLE_GENERATOR 0x08
-# define DH_CHECK_Q_NOT_PRIME 0x10
-# define DH_CHECK_INVALID_Q_VALUE 0x20
-# define DH_CHECK_INVALID_J_VALUE 0x40
-# define DH_MODULUS_TOO_SMALL 0x80
-# define DH_MODULUS_TOO_LARGE 0x100
+# define DH_CHECK_P_NOT_PRIME 0x01
+# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
+# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+# define DH_NOT_SUITABLE_GENERATOR 0x08
+# define DH_CHECK_Q_NOT_PRIME 0x10
+# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_J_VALUE 0x40
+# define DH_MODULUS_TOO_SMALL 0x80
+# define DH_MODULUS_TOO_LARGE 0x100
/* DH_check_pub_key error codes */
-# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
-# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
-# define DH_CHECK_PUBKEY_INVALID 0x04
+# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
+# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
+# define DH_CHECK_PUBKEY_INVALID 0x04
/*
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
/* DH parameter generation types used by EVP_PKEY_CTX_set_dh_paramgen_type() */
-# define DH_PARAMGEN_TYPE_GENERATOR 0 /* Use a generator g */
-# define DH_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */
-# define DH_PARAMGEN_TYPE_FIPS_186_4 2 /* Use FIPS186-4 standard */
-
-# define d2i_DHparams_fp(fp,x) \
- (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams, \
- (fp), \
- (unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) \
- ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) \
- ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
-# define i2d_DHparams_bio(bp,x) \
- ASN1_i2d_bio_of(DH,i2d_DHparams,bp,x)
-
-# define d2i_DHxparams_fp(fp,x) \
- (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
- (char *(*)())d2i_DHxparams, \
- (fp), \
- (unsigned char **)(x))
-# define i2d_DHxparams_fp(fp,x) \
- ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
-# define d2i_DHxparams_bio(bp,x) \
- ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
-# define i2d_DHxparams_bio(bp,x) \
- ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x)
+# define DH_PARAMGEN_TYPE_GENERATOR 0 /* Use a generator g */
+# define DH_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */
+# define DH_PARAMGEN_TYPE_FIPS_186_4 2 /* Use FIPS186-4 standard */
+
+# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
+
+# define d2i_DHparams_fp(fp, x) \
+ (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams, \
+ (fp), \
+ (unsigned char **)(x))
+# define i2d_DHparams_fp(fp, x) \
+ ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+# define d2i_DHparams_bio(bp, x) \
+ ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+# define i2d_DHparams_bio(bp, x) \
+ ASN1_i2d_bio_of(DH, i2d_DHparams, bp, x)
+
+# define d2i_DHxparams_fp(fp,x) \
+ (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHxparams, \
+ (fp), \
+ (unsigned char **)(x))
+# define i2d_DHxparams_fp(fp, x) \
+ ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+# define d2i_DHxparams_bio(bp, x) \
+ ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+# define i2d_DHxparams_bio(bp, x) \
+ ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x)
+# endif
DECLARE_ASN1_DUP_FUNCTION_name(DH, DHparams)
-const DH_METHOD *DH_OpenSSL(void);
+DEPRECATEDIN_3_0(const DH_METHOD *DH_OpenSSL(void))
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
+DEPRECATEDIN_3_0(void DH_set_default_method(const DH_METHOD *meth))
+DEPRECATEDIN_3_0(const DH_METHOD *DH_get_default_method(void))
+DEPRECATEDIN_3_0(int DH_set_method(DH *dh, const DH_METHOD *meth))
+DEPRECATEDIN_3_0(DH *DH_new_method(ENGINE *engine))
DH *DH_new(void);
void DH_free(DH *dh);
int DH_up_ref(DH *dh);
-int DH_bits(const DH *dh);
-int DH_size(const DH *dh);
-int DH_security_bits(const DH *dh);
-# define DH_get_ex_new_index(l, p, newf, dupf, freef) \
- CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef)
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
+DEPRECATEDIN_3_0(int DH_bits(const DH *dh))
+DEPRECATEDIN_3_0(int DH_size(const DH *dh))
+DEPRECATEDIN_3_0(int DH_security_bits(const DH *dh))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DH_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef)
+# endif
+DEPRECATEDIN_3_0(int DH_set_ex_data(DH *d, int idx, void *arg))
+DEPRECATEDIN_3_0(void *DH_get_ex_data(DH *d, int idx))
/* Deprecated version */
DEPRECATEDIN_0_9_8(DH *DH_generate_parameters(int prime_len, int generator,
void *cb_arg))
/* New version */
-int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
- BN_GENCB *cb);
+DEPRECATEDIN_3_0(int DH_generate_parameters_ex(DH *dh, int prime_len,
+ int generator, BN_GENCB *cb))
-int DH_check_params_ex(const DH *dh);
-int DH_check_ex(const DH *dh);
-int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);
+DEPRECATEDIN_3_0(int DH_check_params_ex(const DH *dh))
+DEPRECATEDIN_3_0(int DH_check_ex(const DH *dh))
+DEPRECATEDIN_3_0(int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key))
+/*
+ * TODO(3.0): deprecate DH_check_params once ssl/statem/statem_clnt.c is fixed.
+ */
int DH_check_params(const DH *dh, int *ret);
-int DH_check(const DH *dh, int *codes);
-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
-int DH_generate_key(DH *dh);
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+DEPRECATEDIN_3_0(int DH_check(const DH *dh, int *codes))
+DEPRECATEDIN_3_0(int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key,
+ int *codes))
+DEPRECATEDIN_3_0(int DH_generate_key(DH *dh))
+DEPRECATEDIN_3_0(int DH_compute_key(unsigned char *key, const BIGNUM *pub_key,
+ DH *dh))
+DEPRECATEDIN_3_0(int DH_compute_key_padded(unsigned char *key,
+ const BIGNUM *pub_key, DH *dh))
DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHparams)
DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHxparams)
# ifndef OPENSSL_NO_STDIO
-int DHparams_print_fp(FILE *fp, const DH *x);
+DEPRECATEDIN_3_0(int DHparams_print_fp(FILE *fp, const DH *x))
# endif
-int DHparams_print(BIO *bp, const DH *x);
+DEPRECATEDIN_3_0(int DHparams_print(BIO *bp, const DH *x))
/* RFC 5114 parameters */
DH *DH_get_1024_160(void);
DH *DH_get_2048_256(void);
/* Named parameters, currently RFC7919 and RFC3526 */
+/* TODO(3.0): deprecate DH_new_by_nid() after converting ssl/s3_lib.c */
DH *DH_new_by_nid(int nid);
-int DH_get_nid(DH *dh);
+DEPRECATEDIN_3_0(int DH_get_nid(DH *dh))
# ifndef OPENSSL_NO_CMS
/* RFC2631 KDF */
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- ASN1_OBJECT *key_oid,
- const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+DEPRECATEDIN_3_0(int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ ASN1_OBJECT *key_oid,
+ const unsigned char *ukm,
+ size_t ukmlen, const EVP_MD *md))
# endif
void DH_get0_pqg(const DH *dh,
void DH_clear_flags(DH *dh, int flags);
int DH_test_flags(const DH *dh, int flags);
void DH_set_flags(DH *dh, int flags);
-ENGINE *DH_get0_engine(DH *d);
-long DH_get_length(const DH *dh);
-int DH_set_length(DH *dh, long length);
-
-DH_METHOD *DH_meth_new(const char *name, int flags);
-void DH_meth_free(DH_METHOD *dhm);
-DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
-const char *DH_meth_get0_name(const DH_METHOD *dhm);
-int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
-int DH_meth_get_flags(const DH_METHOD *dhm);
-int DH_meth_set_flags(DH_METHOD *dhm, int flags);
-void *DH_meth_get0_app_data(const DH_METHOD *dhm);
-int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
-int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *);
-int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key) (DH *));
-int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
- (unsigned char *key, const BIGNUM *pub_key, DH *dh);
-int DH_meth_set_compute_key(DH_METHOD *dhm,
- int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh));
-int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
- (const DH *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
- BN_CTX *, BN_MONT_CTX *);
-int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
- int (*bn_mod_exp) (const DH *, BIGNUM *, const BIGNUM *, const BIGNUM *,
- const BIGNUM *, BN_CTX *, BN_MONT_CTX *));
-int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
-int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
-int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *);
-int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *));
-int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
- (DH *, int, int, BN_GENCB *);
-int DH_meth_set_generate_params(DH_METHOD *dhm,
- int (*generate_params) (DH *, int, int, BN_GENCB *));
-
+DEPRECATEDIN_3_0(ENGINE *DH_get0_engine(DH *d))
+DEPRECATEDIN_3_0(long DH_get_length(const DH *dh))
+DEPRECATEDIN_3_0(int DH_set_length(DH *dh, long length))
+
+DEPRECATEDIN_3_0(DH_METHOD *DH_meth_new(const char *name, int flags))
+DEPRECATEDIN_3_0(void DH_meth_free(DH_METHOD *dhm))
+DEPRECATEDIN_3_0(DH_METHOD *DH_meth_dup(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(const char *DH_meth_get0_name(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set1_name(DH_METHOD *dhm, const char *name))
+DEPRECATEDIN_3_0(int DH_meth_get_flags(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set_flags(DH_METHOD *dhm, int flags))
+DEPRECATEDIN_3_0(void *DH_meth_get0_app_data(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data))
+DEPRECATEDIN_3_0(int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_generate_key(DH_METHOD *dhm,
+ int (*generate_key) (DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+ (unsigned char *key,
+ const BIGNUM *pub_key, DH *dh))
+DEPRECATEDIN_3_0(int DH_meth_set_compute_key(DH_METHOD *dhm,
+ int (*compute_key)
+ (unsigned char *key,
+ const BIGNUM *pub_key,
+ DH *dh)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+ (const DH *, BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *))
+DEPRECATEDIN_3_0(int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+ int (*bn_mod_exp)
+ (const DH *, BIGNUM *,
+ const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+ (DH *, int, int,
+ BN_GENCB *))
+DEPRECATEDIN_3_0(int DH_meth_set_generate_params(DH_METHOD *dhm,
+ int (*generate_params)
+ (DH *, int, int,
+ BN_GENCB *)))
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
# define EVP_PKEY_DH_KDF_X9_42 2
# endif
-
# ifdef __cplusplus
}
# endif
/*
* Convert DSA structure (key or just parameters) into DH structure (be
* careful to avoid small subgroup attacks when using this!)
- *
- * TODO(3.0): figure out how to remove this monstrosity
*/
-DH *DSA_dup_DH(const DSA *r);
+DEPRECATEDIN_3_0(DH *DSA_dup_DH(const DSA *r))
# endif
# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/bn.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/dh.h>
#include <openssl/err.h>
#include "prov/bio.h" /* ossl_prov_bio_printf() */
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/pem.h>
#include <openssl/dh.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/err.h>
#include <openssl/pem.h>
|| (dh = DH_new_by_nid(ginf->nid)) == NULL
|| !EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
- ERR_R_EVP_LIB);
+ ERR_R_EVP_LIB);
DH_free(dh);
EVP_PKEY_free(pkey);
pkey = NULL;
}
if (EVP_PKEY_CTX_set_dh_nid(pctx, ginf->nid) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
- ERR_R_EVP_LIB);
+ ERR_R_EVP_LIB);
EVP_PKEY_free(pkey);
pkey = NULL;
goto err;
/*
* Generate parameters from a group ID
*/
-EVP_PKEY *ssl_generate_param_group(uint16_t id)
+EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id)
{
EVP_PKEY_CTX *pctx = NULL;
EVP_PKEY *pkey = NULL;
const char *str);
__owur EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id);
__owur int tls_valid_group(SSL *s, uint16_t group_id, int version);
-__owur EVP_PKEY *ssl_generate_param_group(uint16_t id);
+__owur EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id);
# ifndef OPENSSL_NO_EC
void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
size_t *num_formats);
continue;
}
- if ((s->s3.peer_tmp = ssl_generate_param_group(group_id)) == NULL) {
+ if ((s->s3.peer_tmp = ssl_generate_param_group(s, group_id)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE,
SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
return 0;
}
bnpub_key = NULL;
- if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) {
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE,
- SSL_R_DH_KEY_TOO_SMALL);
- goto err;
- }
-
if (EVP_PKEY_assign_DH(peer_tmp, dh) == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_SKE_DHE,
ERR_R_EVP_LIB);
goto err;
}
+ if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp),
+ 0, dh)) {
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE,
+ SSL_R_DH_KEY_TOO_SMALL);
+ goto err;
+ }
+
s->s3.peer_tmp = peer_tmp;
/*
return 0;
}
- if ((s->s3.peer_tmp = ssl_generate_param_group(curve_id)) == NULL) {
+ if ((s->s3.peer_tmp = ssl_generate_param_group(s, curve_id)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_SKE_ECDHE,
SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
return 0;
sanitytest rsa_complex exdatatest bntest \
ectest ecstresstest gmdifftest pbelutest \
destest mdc2test \
- dhtest enginetest \
- ssltest_old exptest \
+ enginetest exptest \
evp_pkey_provided_test evp_test evp_extra_test evp_fetch_prov_test \
v3nametest v3ext \
crltest danetest bad_dtls_test lhash_test sparse_array_test \
INCLUDE[mdc2test]=../include ../apps/include
DEPEND[mdc2test]=../libcrypto libtestutil.a
- SOURCE[dhtest]=dhtest.c
- INCLUDE[dhtest]=../include ../apps/include
- DEPEND[dhtest]=../libcrypto libtestutil.a
-
SOURCE[enginetest]=enginetest.c
INCLUDE[enginetest]=../include ../apps/include
DEPEND[enginetest]=../libcrypto libtestutil.a
- SOURCE[ssltest_old]=ssltest_old.c
- INCLUDE[ssltest_old]=.. ../include ../apps/include
- DEPEND[ssltest_old]=../libcrypto ../libssl
-
SOURCE[exptest]=exptest.c
INCLUDE[exptest]=../include ../apps/include
DEPEND[exptest]=../libcrypto libtestutil.a
rdrand_sanitytest property_test ideatest rsa_mp_test \
rsa_sp800_56b_test bn_internal_test ecdsatest rsa_test \
rc2test rc4test rc5test hmactest ffc_internal_test \
- asn1_dsa_internal_test dsatest dsa_no_digest_size_test
+ asn1_dsa_internal_test dsatest dsa_no_digest_size_test \
+ dhtest ssltest_old
IF[{- !$disabled{poly1305} -}]
PROGRAMS{noinst}=poly1305_internal_test
INCLUDE[sparse_array_test]=../crypto/include ../include ../apps/include
DEPEND[sparse_array_test]=../libcrypto.a libtestutil.a
+ SOURCE[dhtest]=dhtest.c
+ INCLUDE[dhtest]=../include ../apps/include
+ DEPEND[dhtest]=../libcrypto.a libtestutil.a
+
SOURCE[hmactest]=hmactest.c
INCLUDE[hmactest]=../include ../apps/include
DEPEND[hmactest]=../libcrypto.a libtestutil.a
SOURCE[mdc2_internal_test]=mdc2_internal_test.c
INCLUDE[mdc2_internal_test]=.. ../include ../apps/include
DEPEND[mdc2_internal_test]=../libcrypto.a libtestutil.a
+
+ SOURCE[ssltest_old]=ssltest_old.c
+ INCLUDE[ssltest_old]=.. ../include ../apps/include
+ DEPEND[ssltest_old]=../libcrypto.a ../libssl.a
ENDIF
PROGRAMS{noinst}=asn1_time_test
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include "e_os.h"
/* Or gethostname won't be declared properly on Linux and GNU platforms. */
BF_set_key 102 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0
d2i_DHparams 103 3_0_0 EXIST::FUNCTION:DH
i2d_PKCS7_ENC_CONTENT 104 3_0_0 EXIST::FUNCTION:
-DH_generate_key 105 3_0_0 EXIST::FUNCTION:DH
+DH_generate_key 105 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
ENGINE_add_conf_module 106 3_0_0 EXIST::FUNCTION:ENGINE
BIO_new_socket 107 3_0_0 EXIST::FUNCTION:SOCK
ASN1_OBJECT_free 108 3_0_0 EXIST::FUNCTION:
BIO_sock_should_retry 454 3_0_0 EXIST::FUNCTION:SOCK
ENGINE_get_digests 455 3_0_0 EXIST::FUNCTION:ENGINE
TS_MSG_IMPRINT_get_algo 456 3_0_0 EXIST::FUNCTION:TS
-DH_new_method 457 3_0_0 EXIST::FUNCTION:DH
+DH_new_method 457 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
BF_ecb_encrypt 458 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0
PEM_write_bio_DHparams 459 3_0_0 EXIST::FUNCTION:DH
EVP_DigestFinal 460 3_0_0 EXIST::FUNCTION:
EC_GROUP_get_mont_data 576 3_0_0 EXIST::FUNCTION:EC
CMAC_CTX_copy 577 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
EVP_camellia_128_cfb128 579 3_0_0 EXIST::FUNCTION:CAMELLIA
-DH_compute_key_padded 580 3_0_0 EXIST::FUNCTION:DH
+DH_compute_key_padded 580 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
ERR_load_CONF_strings 581 3_0_0 EXIST::FUNCTION:
ESS_ISSUER_SERIAL_dup 582 3_0_0 EXIST::FUNCTION:
BN_GF2m_mod_exp_arr 583 3_0_0 EXIST::FUNCTION:EC2M
d2i_DSA_PUBKEY_fp 633 3_0_0 EXIST::FUNCTION:DSA,STDIO
OCSP_REQ_CTX_nbio_d2i 634 3_0_0 EXIST::FUNCTION:SOCK
d2i_X509_REQ_fp 635 3_0_0 EXIST::FUNCTION:STDIO
-DH_OpenSSL 636 3_0_0 EXIST::FUNCTION:DH
+DH_OpenSSL 636 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
BN_get_rfc3526_prime_8192 637 3_0_0 EXIST::FUNCTION:DH
X509_REVOKED_it 638 3_0_0 EXIST::FUNCTION:
CRYPTO_THREAD_write_lock 639 3_0_0 EXIST::FUNCTION:
CMS_RecipientInfo_ktri_get0_signer_id 689 3_0_0 EXIST::FUNCTION:CMS
OCSP_REQUEST_add1_ext_i2d 690 3_0_0 EXIST::FUNCTION:OCSP
EVP_PBE_CipherInit 691 3_0_0 EXIST::FUNCTION:
-DSA_dup_DH 692 3_0_0 EXIST::FUNCTION:DH,DSA
+DSA_dup_DH 692 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,DSA
CONF_imodule_get_value 693 3_0_0 EXIST::FUNCTION:
OCSP_id_issuer_cmp 694 3_0_0 EXIST::FUNCTION:OCSP
ASN1_INTEGER_free 695 3_0_0 EXIST::FUNCTION:
BN_get0_nist_prime_224 696 3_0_0 EXIST::FUNCTION:
OPENSSL_isservice 697 3_0_0 EXIST::FUNCTION:
-DH_compute_key 698 3_0_0 EXIST::FUNCTION:DH
+DH_compute_key 698 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
TS_RESP_CTX_set_signer_key 699 3_0_0 EXIST::FUNCTION:TS
i2d_DSAPrivateKey_bio 700 3_0_0 EXIST::FUNCTION:DSA
ASN1_item_d2i 702 3_0_0 EXIST::FUNCTION:
CMS_unsigned_add1_attr_by_NID 737 3_0_0 EXIST::FUNCTION:CMS
BN_mod_exp_mont 738 3_0_0 EXIST::FUNCTION:
d2i_DHxparams 739 3_0_0 EXIST::FUNCTION:DH
-DH_size 740 3_0_0 EXIST::FUNCTION:DH
+DH_size 740 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
CONF_imodule_get_name 741 3_0_0 EXIST::FUNCTION:
ENGINE_get_pkey_meth_engine 742 3_0_0 EXIST::FUNCTION:ENGINE
OCSP_BASICRESP_free 743 3_0_0 EXIST::FUNCTION:OCSP
BN_nist_mod_func 990 3_0_0 EXIST::FUNCTION:
OCSP_ONEREQ_new 991 3_0_0 EXIST::FUNCTION:OCSP
DSA_SIG_new 992 3_0_0 EXIST::FUNCTION:DSA
-DH_get_default_method 993 3_0_0 EXIST::FUNCTION:DH
+DH_get_default_method 993 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
PEM_proc_type 994 3_0_0 EXIST::FUNCTION:
BIO_printf 995 3_0_0 EXIST::FUNCTION:
a2i_IPADDRESS 996 3_0_0 EXIST::FUNCTION:
X509v3_addr_validate_resource_set 1367 3_0_0 EXIST::FUNCTION:RFC3779
d2i_X509_VAL 1368 3_0_0 EXIST::FUNCTION:
CRYPTO_gcm128_decrypt_ctr32 1370 3_0_0 EXIST::FUNCTION:
-DHparams_print 1371 3_0_0 EXIST::FUNCTION:DH
+DHparams_print 1371 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
OPENSSL_sk_unshift 1372 3_0_0 EXIST::FUNCTION:
BN_GENCB_set_old 1373 3_0_0 EXIST::FUNCTION:
PEM_write_bio_X509 1374 3_0_0 EXIST::FUNCTION:
ASYNC_init_thread 1755 3_0_0 EXIST::FUNCTION:
OCSP_BASICRESP_get_ext_by_OBJ 1756 3_0_0 EXIST::FUNCTION:OCSP
X509_reject_clear 1757 3_0_0 EXIST::FUNCTION:
-DH_security_bits 1758 3_0_0 EXIST::FUNCTION:DH
+DH_security_bits 1758 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
LONG_it 1759 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ASN1_dup 1760 3_0_0 EXIST::FUNCTION:
TS_RESP_new 1761 3_0_0 EXIST::FUNCTION:TS
EVP_PKEY_meth_get_verifyctx 2065 3_0_0 EXIST::FUNCTION:
CT_POLICY_EVAL_CTX_get0_cert 2066 3_0_0 EXIST::FUNCTION:CT
PEM_write_DHparams 2067 3_0_0 EXIST::FUNCTION:DH,STDIO
-DH_set_ex_data 2068 3_0_0 EXIST::FUNCTION:DH
+DH_set_ex_data 2068 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
OCSP_SIGNATURE_free 2069 3_0_0 EXIST::FUNCTION:OCSP
CRYPTO_128_unwrap_pad 2070 3_0_0 EXIST::FUNCTION:
BIO_new_CMS 2071 3_0_0 EXIST::FUNCTION:CMS
ENGINE_register_pkey_meths 2108 3_0_0 EXIST::FUNCTION:ENGINE
ENGINE_load_public_key 2109 3_0_0 EXIST::FUNCTION:ENGINE
ASIdOrRange_it 2110 3_0_0 EXIST::FUNCTION:RFC3779
-DHparams_print_fp 2111 3_0_0 EXIST::FUNCTION:DH,STDIO
+DHparams_print_fp 2111 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO
ERR_load_CRYPTO_strings 2112 3_0_0 EXIST:!VMS:FUNCTION:
ERR_load_CRYPTOlib_strings 2112 3_0_0 EXIST:VMS:FUNCTION:
X509_REQ_set_version 2113 3_0_0 EXIST::FUNCTION:
ASN1_PRINTABLE_type 2338 3_0_0 EXIST::FUNCTION:
TS_CONF_set_ess_cert_id_chain 2339 3_0_0 EXIST::FUNCTION:TS
PEM_read_DSAPrivateKey 2340 3_0_0 EXIST::FUNCTION:DSA,STDIO
-DH_generate_parameters_ex 2341 3_0_0 EXIST::FUNCTION:DH
+DH_generate_parameters_ex 2341 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
UI_dup_input_string 2342 3_0_0 EXIST::FUNCTION:
X509_keyid_set1 2343 3_0_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1 2344 3_0_0 EXIST::FUNCTION:
X509at_add1_attr_by_txt 2364 3_0_0 EXIST::FUNCTION:
PKCS7_SIGN_ENVELOPE_free 2365 3_0_0 EXIST::FUNCTION:
BIO_dgram_is_sctp 2366 3_0_0 EXIST::FUNCTION:DGRAM,SCTP
-DH_check 2367 3_0_0 EXIST::FUNCTION:DH
+DH_check 2367 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
Camellia_set_key 2368 3_0_0 EXIST::FUNCTION:CAMELLIA,DEPRECATEDIN_3_0
X509_LOOKUP_by_issuer_serial 2369 3_0_0 EXIST::FUNCTION:
ASN1_BMPSTRING_free 2370 3_0_0 EXIST::FUNCTION:
X509_STORE_CTX_set_time 2599 3_0_0 EXIST::FUNCTION:
ENGINE_set_default_DH 2600 3_0_0 EXIST::FUNCTION:ENGINE
X509_ocspid_print 2601 3_0_0 EXIST::FUNCTION:
-DH_set_method 2602 3_0_0 EXIST::FUNCTION:DH
+DH_set_method 2602 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
EVP_rc2_64_cbc 2603 3_0_0 EXIST::FUNCTION:RC2
CRYPTO_THREAD_get_current_id 2604 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_set_cb 2605 3_0_0 EXIST::FUNCTION:
X509_REQ_print 2903 3_0_0 EXIST::FUNCTION:
RSA_size 2904 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
EVP_CIPHER_CTX_iv_noconst 2905 3_0_0 EXIST::FUNCTION:
-DH_set_default_method 2906 3_0_0 EXIST::FUNCTION:DH
+DH_set_default_method 2906 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
X509_ALGOR_new 2907 3_0_0 EXIST::FUNCTION:
EVP_aes_192_ofb 2908 3_0_0 EXIST::FUNCTION:
EVP_des_ede3_cfb1 2909 3_0_0 EXIST::FUNCTION:DES
BIO_pop 2974 3_0_0 EXIST::FUNCTION:
SHA256_Final 2975 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set1_DH 2976 3_0_0 EXIST::FUNCTION:DH
-DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DH
+DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
CRYPTO_secure_malloc 2978 3_0_0 EXIST::FUNCTION:
TS_RESP_get_status_info 2979 3_0_0 EXIST::FUNCTION:TS
HMAC_CTX_new 2980 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BIO_f_nbio_test 3002 3_0_0 EXIST::FUNCTION:
SEED_ofb128_encrypt 3003 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,SEED
d2i_RSAPrivateKey_bio 3004 3_0_0 EXIST::FUNCTION:RSA
-DH_KDF_X9_42 3005 3_0_0 EXIST::FUNCTION:CMS,DH
+DH_KDF_X9_42 3005 3_0_0 EXIST::FUNCTION:CMS,DEPRECATEDIN_3_0,DH
EVP_PKEY_meth_set_signctx 3006 3_0_0 EXIST::FUNCTION:
X509_CRL_get_version 3007 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get0_info 3008 3_0_0 EXIST::FUNCTION:
BN_nist_mod_384 3229 3_0_0 EXIST::FUNCTION:
i2d_EC_PUBKEY_fp 3230 3_0_0 EXIST::FUNCTION:EC,STDIO
ENGINE_set_default_pkey_meths 3231 3_0_0 EXIST::FUNCTION:ENGINE
-DH_bits 3232 3_0_0 EXIST::FUNCTION:DH
+DH_bits 3232 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
i2d_X509_ALGORS 3233 3_0_0 EXIST::FUNCTION:
EVP_camellia_192_cfb1 3234 3_0_0 EXIST::FUNCTION:CAMELLIA
TS_RESP_CTX_add_failure_info 3235 3_0_0 EXIST::FUNCTION:TS
RSA_padding_add_X931 3413 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
BN_get0_nist_prime_256 3414 3_0_0 EXIST::FUNCTION:
CRYPTO_memcmp 3415 3_0_0 EXIST::FUNCTION:
-DH_check_pub_key 3416 3_0_0 EXIST::FUNCTION:DH
+DH_check_pub_key 3416 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
ASN1_mbstring_copy 3417 3_0_0 EXIST::FUNCTION:
PKCS7_set_type 3418 3_0_0 EXIST::FUNCTION:
BIO_gets 3419 3_0_0 EXIST::FUNCTION:
DH_set0_pqg 4039 3_0_0 EXIST::FUNCTION:DH
DH_clear_flags 4041 3_0_0 EXIST::FUNCTION:DH
DH_get0_key 4042 3_0_0 EXIST::FUNCTION:DH
-DH_get0_engine 4043 3_0_0 EXIST::FUNCTION:DH
+DH_get0_engine 4043 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
DH_set0_key 4044 3_0_0 EXIST::FUNCTION:DH
-DH_set_length 4045 3_0_0 EXIST::FUNCTION:DH
+DH_set_length 4045 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
DH_test_flags 4046 3_0_0 EXIST::FUNCTION:DH
-DH_get_length 4047 3_0_0 EXIST::FUNCTION:DH
+DH_get_length 4047 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
DH_get0_pqg 4048 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_compute_key 4049 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set1_name 4050 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_init 4051 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_finish 4052 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get0_name 4053 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_generate_params 4054 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_compute_key 4055 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_flags 4056 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_generate_params 4057 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_flags 4058 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_finish 4059 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get0_app_data 4060 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set0_app_data 4061 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_init 4062 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_bn_mod_exp 4063 3_0_0 EXIST::FUNCTION:DH
-DH_meth_new 4064 3_0_0 EXIST::FUNCTION:DH
-DH_meth_dup 4065 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_bn_mod_exp 4066 3_0_0 EXIST::FUNCTION:DH
-DH_meth_set_generate_key 4067 3_0_0 EXIST::FUNCTION:DH
-DH_meth_free 4068 3_0_0 EXIST::FUNCTION:DH
-DH_meth_get_generate_key 4069 3_0_0 EXIST::FUNCTION:DH
+DH_meth_get_compute_key 4049 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set1_name 4050 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_init 4051 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_finish 4052 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get0_name 4053 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_generate_params 4054 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_compute_key 4055 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_flags 4056 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_generate_params 4057 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_flags 4058 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_finish 4059 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get0_app_data 4060 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set0_app_data 4061 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_init 4062 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_bn_mod_exp 4063 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_new 4064 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_dup 4065 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_bn_mod_exp 4066 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_set_generate_key 4067 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_free 4068 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_meth_get_generate_key 4069 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
DH_set_flags 4070 3_0_0 EXIST::FUNCTION:DH
X509_STORE_CTX_get_obj_by_subject 4071 3_0_0 EXIST::FUNCTION:
X509_OBJECT_free 4072 3_0_0 EXIST::FUNCTION:
OPENSSL_sk_reserve 4344 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set1_engine 4347 3_0_0 EXIST::FUNCTION:ENGINE
DH_new_by_nid 4348 3_0_0 EXIST::FUNCTION:DH
-DH_get_nid 4349 3_0_0 EXIST::FUNCTION:DH
+DH_get_nid 4349 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
CRYPTO_get_alloc_counts 4350 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
OPENSSL_sk_new_reserve 4351 3_0_0 EXIST::FUNCTION:
EVP_PKEY_asn1_set_check 4352 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_param_check 4366 3_0_0 EXIST::FUNCTION:
EVP_PKEY_asn1_set_public_check 4367 3_0_0 EXIST::FUNCTION:
EVP_PKEY_asn1_set_param_check 4368 3_0_0 EXIST::FUNCTION:
-DH_check_ex 4369 3_0_0 EXIST::FUNCTION:DH
-DH_check_pub_key_ex 4370 3_0_0 EXIST::FUNCTION:DH
-DH_check_params_ex 4371 3_0_0 EXIST::FUNCTION:DH
+DH_check_ex 4369 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_check_pub_key_ex 4370 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+DH_check_params_ex 4371 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
RSA_generate_multi_prime_key 4372 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
RSA_get_multi_prime_extra_count 4373 3_0_0 EXIST::FUNCTION:RSA
OCSP_resp_get0_signer 4374 3_0_0 EXIST::FUNCTION:OCSP
projects / oweals / openssl.git / commitdiff