mirror of https://github.com/openssl/openssl.git
Undeprecate DH, DSA and RSA _bits() functions.
These were deemed information and useful and that they should not be deprecated. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11669)
This commit is contained in:
Pauli
parent
036ee37063
commit
588d5d01fe
80
CHANGES.md
80
CHANGES.md
|
|
@ -101,24 +101,22 @@ OpenSSL 3.0
|
|||
|
||||
* All of the low level RSA functions have been deprecated including:
|
||||
|
||||
RSA_new_method, RSA_bits, RSA_size, RSA_security_bits,
|
||||
RSA_get0_pss_params, RSA_get_version, RSA_get0_engine,
|
||||
RSA_generate_key_ex, RSA_generate_multi_prime_key,
|
||||
RSA_X931_derive_ex, RSA_X931_generate_key_ex, RSA_check_key,
|
||||
RSA_check_key_ex, RSA_public_encrypt, RSA_private_encrypt,
|
||||
RSA_new_method, RSA_size, RSA_security_bits, RSA_get0_pss_params,
|
||||
RSA_get_version, RSA_get0_engine, RSA_generate_key_ex,
|
||||
RSA_generate_multi_prime_key, RSA_X931_derive_ex, RSA_X931_generate_key_ex,
|
||||
RSA_check_key, RSA_check_key_ex, RSA_public_encrypt, RSA_private_encrypt,
|
||||
RSA_public_decrypt, RSA_private_decrypt, RSA_set_default_method,
|
||||
RSA_get_default_method, RSA_null_method, RSA_get_method, RSA_set_method,
|
||||
RSA_PKCS1_OpenSSL, RSA_print_fp, RSA_print, RSA_sign, RSA_verify,
|
||||
RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING,
|
||||
RSA_blinding_on, RSA_blinding_off, RSA_setup_blinding,
|
||||
RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
|
||||
RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
|
||||
PKCS1_MGF1, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
|
||||
RSA_padding_add_PKCS1_OAEP_mgf1, RSA_padding_check_PKCS1_OAEP_mgf1,
|
||||
RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
|
||||
RSA_padding_add_none, RSA_padding_check_none, RSA_padding_add_X931,
|
||||
RSA_padding_check_X931, RSA_X931_hash_id, RSA_verify_PKCS1_PSS,
|
||||
RSA_padding_add_PKCS1_PSS, RSA_verify_PKCS1_PSS_mgf1,
|
||||
RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING, RSA_blinding_on,
|
||||
RSA_blinding_off, RSA_setup_blinding, RSA_padding_add_PKCS1_type_1,
|
||||
RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2,
|
||||
RSA_padding_check_PKCS1_type_2, PKCS1_MGF1, RSA_padding_add_PKCS1_OAEP,
|
||||
RSA_padding_check_PKCS1_OAEP, RSA_padding_add_PKCS1_OAEP_mgf1,
|
||||
RSA_padding_check_PKCS1_OAEP_mgf1, RSA_padding_add_SSLv23,
|
||||
RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none,
|
||||
RSA_padding_add_X931, RSA_padding_check_X931, RSA_X931_hash_id,
|
||||
RSA_verify_PKCS1_PSS, RSA_padding_add_PKCS1_PSS, RSA_verify_PKCS1_PSS_mgf1,
|
||||
RSA_padding_add_PKCS1_PSS_mgf1, RSA_set_ex_data, RSA_get_ex_data,
|
||||
RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name,
|
||||
RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags,
|
||||
|
|
@ -171,20 +169,19 @@ OpenSSL 3.0
|
|||
|
||||
* All of the low level DH functions have been deprecated including:
|
||||
|
||||
DH_OpenSSL, DH_set_default_method, DH_get_default_method,
|
||||
DH_set_method, DH_new_method, DH_bits, DH_size, DH_security_bits,
|
||||
DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data,
|
||||
DH_generate_parameters_ex, DH_check_params_ex, DH_check_ex,
|
||||
DH_check_pub_key_ex, DH_check, DH_check_pub_key, DH_generate_key,
|
||||
DH_compute_key, DH_compute_key_padded, DHparams_print_fp,
|
||||
DHparams_print, DH_get_nid, DH_KDF_X9_42, DH_get0_engine, DH_meth_new,
|
||||
DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name,
|
||||
DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data,
|
||||
DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key,
|
||||
DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp,
|
||||
DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init,
|
||||
DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params
|
||||
and DH_meth_set_generate_params.
|
||||
DH_OpenSSL, DH_set_default_method, DH_get_default_method, DH_set_method,
|
||||
DH_new_method, DH_size, DH_security_bits, DH_get_ex_new_index,
|
||||
DH_set_ex_data, DH_get_ex_data, DH_generate_parameters_ex,
|
||||
DH_check_params_ex, DH_check_ex, DH_check_pub_key_ex,
|
||||
DH_check, DH_check_pub_key, DH_generate_key, DH_compute_key,
|
||||
DH_compute_key_padded, DHparams_print_fp, DHparams_print, DH_get_nid,
|
||||
DH_KDF_X9_42, DH_get0_engine, DH_meth_new, DH_meth_free, DH_meth_dup,
|
||||
DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags,
|
||||
DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key,
|
||||
DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key,
|
||||
DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init,
|
||||
DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish,
|
||||
DH_meth_get_generate_params and DH_meth_set_generate_params.
|
||||
|
||||
Use of these low level functions has been informally discouraged for a long
|
||||
time. Instead applications should use L<EVP_PKEY_derive_init(3)>
|
||||
|
|
@ -195,18 +192,19 @@ OpenSSL 3.0
|
|||
* All of the low level DSA functions have been deprecated including:
|
||||
|
||||
DSA_do_sign, DSA_do_verify, DSA_OpenSSL, DSA_set_default_method,
|
||||
DSA_get_default_method, DSA_set_method, DSA_get_method, DSA_new_method,
|
||||
DSA_sign_setup, DSA_sign, DSA_verify, DSA_get_ex_new_index,
|
||||
DSA_set_ex_data, DSA_get_ex_data, DSA_generate_parameters_ex,
|
||||
DSA_generate_key, DSA_meth_new, DSA_get0_engine, DSA_meth_free,
|
||||
DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags,
|
||||
DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data,
|
||||
DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup,
|
||||
DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify,
|
||||
DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp,
|
||||
DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init,
|
||||
DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen,
|
||||
DSA_meth_set_paramgen, DSA_meth_get_keygen and DSA_meth_set_keygen.
|
||||
DSA_get_default_method, DSA_set_method, DSA_get_method,
|
||||
DSA_new_method, DSA_size, DSA_security_bits, DSA_sign_setup, DSA_sign,
|
||||
DSA_verify, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data,
|
||||
DSA_generate_parameters_ex, DSA_generate_key, DSA_meth_new, DSA_get0_engine,
|
||||
DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name,
|
||||
DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data,
|
||||
DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign,
|
||||
DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify,
|
||||
DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp,
|
||||
DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init,
|
||||
DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish,
|
||||
DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen and
|
||||
DSA_meth_set_keygen.
|
||||
|
||||
Use of these low level functions has been informally discouraged for a long
|
||||
time. Instead applications should use L<EVP_DigestSignInit_ex(3)>,
|
||||
|
|
|
|||
|
|
@ -9,39 +9,39 @@ security bits
|
|||
|
||||
#include <openssl/dh.h>
|
||||
|
||||
int DH_bits(const DH *dh);
|
||||
|
||||
Deprecated since OpenSSL 3.0, can be hidden entirely by defining
|
||||
B<OPENSSL_API_COMPAT> with a suitable version value, see
|
||||
L<openssl_user_macros(7)>:
|
||||
|
||||
int DH_size(const DH *dh);
|
||||
|
||||
int DH_bits(const DH *dh);
|
||||
|
||||
int DH_security_bits(const DH *dh);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
All of the functions described on this page are deprecated.
|
||||
Applications should instead use L<EVP_PKEY_bits(3)>,
|
||||
L<EVP_PKEY_security_bits(3)> and L<EVP_PKEY_size(3)>.
|
||||
DH_bits() returns the number of significant bits.
|
||||
|
||||
B<dh> and B<dh-E<gt>p> must not be B<NULL>.
|
||||
|
||||
The remaining functions described on this page are deprecated.
|
||||
Applications should instead use L<EVP_PKEY_security_bits(3)> and
|
||||
L<EVP_PKEY_size(3)>.
|
||||
|
||||
DH_size() returns the Diffie-Hellman prime size in bytes. It can be used
|
||||
to determine how much memory must be allocated for the shared secret
|
||||
computed by L<DH_compute_key(3)>.
|
||||
|
||||
DH_bits() returns the number of significant bits.
|
||||
|
||||
B<dh> and B<dh-E<gt>p> must not be B<NULL>.
|
||||
|
||||
DH_security_bits() returns the number of security bits of the given B<dh>
|
||||
key. See L<BN_security_bits(3)>.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
DH_size() returns the prime size of Diffie-Hellman in bytes.
|
||||
|
||||
DH_bits() returns the number of bits in the key.
|
||||
|
||||
DH_size() returns the prime size of Diffie-Hellman in bytes.
|
||||
|
||||
DH_security_bits() returns the number of security bits.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
|
@ -52,7 +52,7 @@ L<BN_num_bits(3)>
|
|||
|
||||
=head1 HISTORY
|
||||
|
||||
All of these functions were deprecated in OpenSSL 3.0.
|
||||
The DH_size() and DH_security_bits() functions were deprecated in OpenSSL 3.0.
|
||||
|
||||
The DH_bits() function was added in OpenSSL 1.1.0.
|
||||
|
||||
|
|
|
|||
|
|
@ -8,19 +8,24 @@ DSA_size, DSA_bits, DSA_security_bits - get DSA signature size, key bits or secu
|
|||
|
||||
#include <openssl/dsa.h>
|
||||
|
||||
int DSA_bits(const DSA *dsa);
|
||||
|
||||
Deprecated since OpenSSL 3.0, can be hidden entirely by defining
|
||||
B<OPENSSL_API_COMPAT> with a suitable version value, see
|
||||
L<openssl_user_macros(7)>:
|
||||
|
||||
int DSA_size(const DSA *dsa);
|
||||
int DSA_bits(const DSA *dsa);
|
||||
|
||||
int DSA_security_bits(const DSA *dsa);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
All of the functions described on this page are deprecated.
|
||||
Applications should instead use L<EVP_PKEY_bits(3)>,
|
||||
L<EVP_PKEY_security_bits(3)> and L<EVP_PKEY_size(3)>.
|
||||
DSA_bits() returns the number of bits in key B<dsa>: this is the number
|
||||
of bits in the B<p> parameter.
|
||||
|
||||
The remaining functions described on this page are deprecated.
|
||||
Applications should instead use L<EVP_PKEY_security_bits(3)> and
|
||||
L<EVP_PKEY_size(3)>.
|
||||
|
||||
DSA_size() returns the maximum size of an ASN.1 encoded DSA signature
|
||||
for key B<dsa> in bytes. It can be used to determine how much memory must
|
||||
|
|
@ -28,18 +33,15 @@ be allocated for a DSA signature.
|
|||
|
||||
B<dsa-E<gt>q> must not be B<NULL>.
|
||||
|
||||
DSA_bits() returns the number of bits in key B<dsa>: this is the number
|
||||
of bits in the B<p> parameter.
|
||||
|
||||
DSA_security_bits() returns the number of security bits of the given B<dsa>
|
||||
key. See L<BN_security_bits(3)>.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
DSA_size() returns the signature size in bytes.
|
||||
|
||||
DSA_bits() returns the number of bits in the key.
|
||||
|
||||
DSA_size() returns the signature size in bytes.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<EVP_PKEY_bits(3)>,
|
||||
|
|
@ -49,7 +51,7 @@ L<DSA_new(3)>, L<DSA_sign(3)>
|
|||
|
||||
=head1 HISTORY
|
||||
|
||||
All of these functions were deprecated in OpenSSL 3.0.
|
||||
The DSA_size() and DSA_security_bits() functions were deprecated in OpenSSL 3.0.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
|
|
|
|||
|
|
@ -8,19 +8,23 @@ RSA_size, RSA_bits, RSA_security_bits - get RSA modulus size or security bits
|
|||
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
int RSA_bits(const RSA *rsa);
|
||||
|
||||
Deprecated since OpenSSL 3.0, can be hidden entirely by defining
|
||||
B<OPENSSL_API_COMPAT> with a suitable version value, see
|
||||
L<openssl_user_macros(7)>:
|
||||
|
||||
int RSA_size(const RSA *rsa);
|
||||
|
||||
int RSA_bits(const RSA *rsa);
|
||||
|
||||
int RSA_security_bits(const RSA *rsa)
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
All of the functions described on this page are deprecated.
|
||||
RSA_bits() returns the number of significant bits.
|
||||
|
||||
B<rsa> and B<rsa-E<gt>n> must not be B<NULL>.
|
||||
|
||||
The remaining functions described on this page are deprecated.
|
||||
Applications should instead use L<EVP_PKEY_size(3)>, L<EVP_PKEY_bits(3)>
|
||||
and L<EVP_PKEY_security_bits(3)>.
|
||||
|
||||
|
|
@ -28,18 +32,14 @@ RSA_size() returns the RSA modulus size in bytes. It can be used to
|
|||
determine how much memory must be allocated for an RSA encrypted
|
||||
value.
|
||||
|
||||
RSA_bits() returns the number of significant bits.
|
||||
|
||||
B<rsa> and B<rsa-E<gt>n> must not be B<NULL>.
|
||||
|
||||
RSA_security_bits() returns the number of security bits of the given B<rsa>
|
||||
key. See L<BN_security_bits(3)>.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
RSA_size() returns the size of modulus in bytes.
|
||||
RSA_bits() returns the number of bits in the key.
|
||||
|
||||
DSA_bits() returns the number of bits in the key.
|
||||
RSA_size() returns the size of modulus in bytes.
|
||||
|
||||
RSA_security_bits() returns the number of security bits.
|
||||
|
||||
|
|
@ -49,7 +49,7 @@ L<BN_num_bits(3)>
|
|||
|
||||
=head1 HISTORY
|
||||
|
||||
All of these functions were deprecated in OpenSSL 3.0.
|
||||
The RSA_size() and RSA_security_bits() functions were deprecated in OpenSSL 3.0.
|
||||
|
||||
The RSA_bits() function was added in OpenSSL 1.1.0.
|
||||
|
||||
|
|
|
|||
|
|
@ -146,7 +146,7 @@ DEPRECATEDIN_3_0(DH *DH_new_method(ENGINE *engine))
|
|||
DH *DH_new(void);
|
||||
void DH_free(DH *dh);
|
||||
int DH_up_ref(DH *dh);
|
||||
DEPRECATEDIN_3_0(int DH_bits(const DH *dh))
|
||||
int DH_bits(const DH *dh);
|
||||
DEPRECATEDIN_3_0(int DH_size(const DH *dh))
|
||||
DEPRECATEDIN_3_0(int DH_security_bits(const DH *dh))
|
||||
# ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@ void DSA_free(DSA *r);
|
|||
/* "up" the DSA object's reference count */
|
||||
int DSA_up_ref(DSA *r);
|
||||
DEPRECATEDIN_3_0(int DSA_size(const DSA *))
|
||||
DEPRECATEDIN_3_0(int DSA_bits(const DSA *d))
|
||||
int DSA_bits(const DSA *d);
|
||||
DEPRECATEDIN_3_0(int DSA_security_bits(const DSA *d))
|
||||
/* next 4 return -1 on error */
|
||||
DEPRECATEDIN_3_0(int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||
|
|
|
|||
|
|
@ -192,7 +192,7 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
|
|||
|
||||
RSA *RSA_new(void);
|
||||
DEPRECATEDIN_3_0(RSA *RSA_new_method(ENGINE *engine))
|
||||
DEPRECATEDIN_3_0(int RSA_bits(const RSA *rsa))
|
||||
int RSA_bits(const RSA *rsa);
|
||||
DEPRECATEDIN_3_0(int RSA_size(const RSA *rsa))
|
||||
DEPRECATEDIN_3_0(int RSA_security_bits(const RSA *rsa))
|
||||
|
||||
|
|
|
|||
|
|
@ -2586,7 +2586,7 @@ d2i_PBKDF2PARAM 2640 3_0_0 EXIST::FUNCTION:
|
|||
ERR_load_COMP_strings 2641 3_0_0 EXIST::FUNCTION:COMP
|
||||
EVP_PKEY_meth_add0 2642 3_0_0 EXIST::FUNCTION:
|
||||
EVP_rc4_40 2643 3_0_0 EXIST::FUNCTION:RC4
|
||||
RSA_bits 2645 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
|
||||
RSA_bits 2645 3_0_0 EXIST::FUNCTION:RSA
|
||||
ASN1_item_dup 2646 3_0_0 EXIST::FUNCTION:
|
||||
GENERAL_NAMES_it 2647 3_0_0 EXIST::FUNCTION:
|
||||
X509_issuer_name_hash 2648 3_0_0 EXIST::FUNCTION:
|
||||
|
|
@ -3163,7 +3163,7 @@ ACCESS_DESCRIPTION_free 3228 3_0_0 EXIST::FUNCTION:
|
|||
BN_nist_mod_384 3229 3_0_0 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY_fp 3230 3_0_0 EXIST::FUNCTION:EC,STDIO
|
||||
ENGINE_set_default_pkey_meths 3231 3_0_0 EXIST::FUNCTION:ENGINE
|
||||
DH_bits 3232 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
|
||||
DH_bits 3232 3_0_0 EXIST::FUNCTION:DH
|
||||
i2d_X509_ALGORS 3233 3_0_0 EXIST::FUNCTION:
|
||||
EVP_camellia_192_cfb1 3234 3_0_0 EXIST::FUNCTION:CAMELLIA
|
||||
TS_RESP_CTX_add_failure_info 3235 3_0_0 EXIST::FUNCTION:TS
|
||||
|
|
@ -4045,7 +4045,7 @@ X509_STORE_unlock 4133 3_0_0 EXIST::FUNCTION:
|
|||
X509_STORE_lock 4134 3_0_0 EXIST::FUNCTION:
|
||||
X509_set_proxy_pathlen 4135 3_0_0 EXIST::FUNCTION:
|
||||
X509_get_proxy_pathlen 4136 3_0_0 EXIST::FUNCTION:
|
||||
DSA_bits 4137 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA
|
||||
DSA_bits 4137 3_0_0 EXIST::FUNCTION:DSA
|
||||
EVP_PKEY_set1_tls_encodedpoint 4138 3_0_0 EXIST::FUNCTION:
|
||||
EVP_PKEY_get1_tls_encodedpoint 4139 3_0_0 EXIST::FUNCTION:
|
||||
ASN1_STRING_get0_data 4140 3_0_0 EXIST::FUNCTION:
|
||||
|
|
|
|||
Loading…
Reference in New Issue