From 9453b196343db579c590130adc63d35d2ff87188 Mon Sep 17 00:00:00 2001 From: Antoine Salon Date: Tue, 16 Oct 2018 10:54:26 -0700 Subject: [PATCH] Deprecate ECDH_KDF_X9_62() Signed-off-by: Antoine Salon Reviewed-by: Matt Caswell Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/7345) --- CHANGES | 4 ++++ crypto/ec/ecdh_kdf.c | 2 ++ include/openssl/ec.h | 4 ++-- util/libcrypto.num | 2 +- 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 3124db2255..e540c9c60d 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,10 @@ Changes between 1.1.1 and 1.1.2 [xx XXX xxxx] + *) Deprecate ECDH_KDF_X9_62() and mark its replacement as internal. Users + should use the EVP interface instead (EVP_PKEY_CTX_set_ecdh_kdf_type). + [Antoine Salon] + *) Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names are retained for backwards compatibility. diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c index d686f9d897..c21e788078 100644 --- a/crypto/ec/ecdh_kdf.c +++ b/crypto/ec/ecdh_kdf.c @@ -72,6 +72,7 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, * The old name for ecdh_KDF_X9_63 * Retained for ABI compatibility */ +#if OPENSSL_API_COMPAT < 0x10200000L int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const unsigned char *sinfo, size_t sinfolen, @@ -79,3 +80,4 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, { return ecdh_KDF_X9_63(out, outlen, Z, Zlen, sinfo, sinfolen, md); } +#endif diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 347cfb6d09..747239a5a6 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1112,10 +1112,10 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine); * it is actually specified in ANSI X9.63. * This identifier is retained for backwards compatibility */ -int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, +DEPRECATEDIN_1_2_0(int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const unsigned char *sinfo, size_t sinfolen, - const EVP_MD *md); + const EVP_MD *md)) int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, const EC_KEY *ecdh, diff --git a/util/libcrypto.num b/util/libcrypto.num index ecece3824f..31f8781158 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -285,7 +285,7 @@ X509V3_EXT_get_nid 285 1_1_0 EXIST::FUNCTION: BIO_s_log 286 1_1_0 EXIST::FUNCTION: EC_POINT_set_to_infinity 287 1_1_0 EXIST::FUNCTION:EC EVP_des_ede_ofb 288 1_1_0 EXIST::FUNCTION:DES -ECDH_KDF_X9_62 289 1_1_0 EXIST::FUNCTION:EC +ECDH_KDF_X9_62 289 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_2_0,EC ASN1_UNIVERSALSTRING_to_string 290 1_1_0 EXIST::FUNCTION: CRYPTO_gcm128_setiv 291 1_1_0 EXIST::FUNCTION: ASN1_PCTX_set_oid_flags 292 1_1_0 EXIST::FUNCTION: -- 2.25.1