mirror of https://github.com/openssl/openssl
Deprecate the low level IDEA functions.
Use of the low level IDEA functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10819)
This commit is contained in:
parent
621f74b3e3
commit
da2d32f6db
10
apps/speed.c
10
apps/speed.c
|
@ -378,7 +378,7 @@ static const OPT_PAIR doit_choices[] = {
|
|||
{"rc5-cbc", D_CBC_RC5},
|
||||
{"rc5", D_CBC_RC5},
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
#if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
{"idea-cbc", D_CBC_IDEA},
|
||||
{"idea", D_CBC_IDEA},
|
||||
#endif
|
||||
|
@ -1459,7 +1459,7 @@ int speed_main(int argc, char **argv)
|
|||
#if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
RC2_KEY rc2_ks;
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
#if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
IDEA_KEY_SCHEDULE idea_ks;
|
||||
#endif
|
||||
#if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
|
@ -1969,7 +1969,7 @@ int speed_main(int argc, char **argv)
|
|||
Camellia_set_key(key32, 256, &camellia_ks[2]);
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
#if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
if (doit[D_CBC_IDEA])
|
||||
IDEA_set_encrypt_key(key16, &idea_ks);
|
||||
#endif
|
||||
|
@ -2571,7 +2571,7 @@ int speed_main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
#if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
if (doit[D_CBC_IDEA]) {
|
||||
if (async_jobs > 0) {
|
||||
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
||||
|
@ -3507,7 +3507,7 @@ int speed_main(int argc, char **argv)
|
|||
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
printf("%s ", AES_options());
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
#if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
printf("%s ", IDEA_options());
|
||||
#endif
|
||||
#if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
|
||||
|
|
|
@ -15,18 +15,9 @@
|
|||
#include <openssl/evp.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/bn.h>
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
# include <openssl/md2.h>
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DES
|
||||
# include <openssl/des.h>
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
# include <openssl/idea.h>
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_BF
|
||||
# include <openssl/blowfish.h>
|
||||
#endif
|
||||
|
||||
typedef enum OPTION_choice {
|
||||
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
|
||||
|
@ -128,9 +119,6 @@ opthelp:
|
|||
printf(" %s", BN_options());
|
||||
#ifndef OPENSSL_NO_DES
|
||||
printf(" %s", DES_options());
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
printf(" %s", IDEA_options());
|
||||
#endif
|
||||
printf("\n");
|
||||
}
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/cryptlib.h"
|
||||
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <openssl/idea.h>
|
||||
#include "idea_local.h"
|
||||
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <openssl/idea.h>
|
||||
#include "idea_local.h"
|
||||
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <openssl/idea.h>
|
||||
#include "idea_local.h"
|
||||
#include <openssl/opensslv.h>
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <openssl/idea.h>
|
||||
#include "idea_local.h"
|
||||
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <openssl/idea.h>
|
||||
#include "idea_local.h"
|
||||
|
||||
|
|
|
@ -23,33 +23,42 @@
|
|||
extern "C" {
|
||||
# endif
|
||||
|
||||
typedef unsigned int IDEA_INT;
|
||||
|
||||
# define IDEA_ENCRYPT 1
|
||||
# define IDEA_DECRYPT 0
|
||||
|
||||
# define IDEA_BLOCK 8
|
||||
# define IDEA_KEY_LENGTH 16
|
||||
|
||||
# ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
|
||||
typedef unsigned int IDEA_INT;
|
||||
|
||||
# define IDEA_ENCRYPT 1
|
||||
# define IDEA_DECRYPT 0
|
||||
|
||||
typedef struct idea_key_st {
|
||||
IDEA_INT data[9][6];
|
||||
} IDEA_KEY_SCHEDULE;
|
||||
#endif
|
||||
|
||||
const char *IDEA_options(void);
|
||||
void IDEA_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
IDEA_KEY_SCHEDULE *ks);
|
||||
void IDEA_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
||||
void IDEA_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int enc);
|
||||
void IDEA_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int *num, int enc);
|
||||
void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int *num);
|
||||
void IDEA_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
|
||||
DEPRECATEDIN_3_0(const char *IDEA_options(void))
|
||||
DEPRECATEDIN_3_0(void IDEA_ecb_encrypt(const unsigned char *in,
|
||||
unsigned char *out,
|
||||
IDEA_KEY_SCHEDULE *ks))
|
||||
DEPRECATEDIN_3_0(void IDEA_set_encrypt_key(const unsigned char *key,
|
||||
IDEA_KEY_SCHEDULE *ks))
|
||||
DEPRECATEDIN_3_0(void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek,
|
||||
IDEA_KEY_SCHEDULE *dk))
|
||||
DEPRECATEDIN_3_0(void IDEA_cbc_encrypt(const unsigned char *in,
|
||||
unsigned char *out, long length,
|
||||
IDEA_KEY_SCHEDULE *ks,
|
||||
unsigned char *iv, int enc))
|
||||
DEPRECATEDIN_3_0(void IDEA_cfb64_encrypt(const unsigned char *in,
|
||||
unsigned char *out, long length,
|
||||
IDEA_KEY_SCHEDULE *ks,
|
||||
unsigned char *iv, int *num, int enc))
|
||||
DEPRECATEDIN_3_0(void IDEA_ofb64_encrypt(const unsigned char *in,
|
||||
unsigned char *out, long length,
|
||||
IDEA_KEY_SCHEDULE *ks,
|
||||
unsigned char *iv, int *num))
|
||||
DEPRECATEDIN_3_0(void IDEA_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks))
|
||||
|
||||
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
|
||||
# define idea_options IDEA_options
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
/* Dispatch functions for Idea cipher modes ecb, cbc, ofb, cfb */
|
||||
|
||||
#include "cipher_idea.h"
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include "cipher_idea.h"
|
||||
|
||||
static int cipher_hw_idea_initkey(PROV_CIPHER_CTX *ctx,
|
||||
|
|
|
@ -32,7 +32,7 @@ IF[{- !$disabled{tests} -}]
|
|||
versions \
|
||||
aborttest test_test \
|
||||
sanitytest rsa_complex exdatatest bntest \
|
||||
ectest ecstresstest ecdsatest gmdifftest pbelutest ideatest \
|
||||
ectest ecstresstest ecdsatest gmdifftest pbelutest \
|
||||
hmactest \
|
||||
destest mdc2test \
|
||||
dhtest enginetest \
|
||||
|
@ -110,10 +110,6 @@ IF[{- !$disabled{tests} -}]
|
|||
INCLUDE[pbelutest]=../include ../apps/include
|
||||
DEPEND[pbelutest]=../libcrypto libtestutil.a
|
||||
|
||||
SOURCE[ideatest]=ideatest.c
|
||||
INCLUDE[ideatest]=../include ../apps/include
|
||||
DEPEND[ideatest]=../libcrypto libtestutil.a
|
||||
|
||||
SOURCE[hmactest]=hmactest.c
|
||||
INCLUDE[hmactest]=../include ../apps/include
|
||||
DEPEND[hmactest]=../libcrypto libtestutil.a
|
||||
|
@ -505,7 +501,7 @@ IF[{- !$disabled{tests} -}]
|
|||
IF[1]
|
||||
PROGRAMS{noinst}=asn1_internal_test modes_internal_test x509_internal_test \
|
||||
tls13encryptiontest wpackettest ctype_internal_test \
|
||||
rdrand_sanitytest property_test \
|
||||
rdrand_sanitytest property_test ideatest \
|
||||
rsa_sp800_56b_test bn_internal_test \
|
||||
rc2test rc4test rc5test \
|
||||
asn1_dsa_internal_test
|
||||
|
@ -553,6 +549,10 @@ IF[{- !$disabled{tests} -}]
|
|||
INCLUDE[tls13encryptiontest]=.. ../include ../apps/include
|
||||
DEPEND[tls13encryptiontest]=../libcrypto ../libssl.a libtestutil.a
|
||||
|
||||
SOURCE[ideatest]=ideatest.c
|
||||
INCLUDE[ideatest]=../include ../apps/include
|
||||
DEPEND[ideatest]=../libcrypto.a libtestutil.a
|
||||
|
||||
SOURCE[wpackettest]=wpackettest.c
|
||||
INCLUDE[wpackettest]=../include ../apps/include
|
||||
DEPEND[wpackettest]=../libcrypto ../libssl.a libtestutil.a
|
||||
|
|
|
@ -7,6 +7,13 @@
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* IDEA low level APIs are deprecated for public use, but still ok for internal
|
||||
* use where we're using them to implement the higher level EVP interface, as is
|
||||
* the case here.
|
||||
*/
|
||||
#include "internal/deprecated.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "internal/nelem.h"
|
||||
|
|
|
@ -140,7 +140,7 @@ PKCS12_BAGS_new 142 3_0_0 EXIST::FUNCTION:
|
|||
CMAC_CTX_new 143 3_0_0 EXIST::FUNCTION:CMAC
|
||||
ASIdentifierChoice_new 144 3_0_0 EXIST::FUNCTION:RFC3779
|
||||
EVP_PKEY_asn1_set_public 145 3_0_0 EXIST::FUNCTION:
|
||||
IDEA_set_decrypt_key 146 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_set_decrypt_key 146 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
X509_STORE_CTX_set_flags 147 3_0_0 EXIST::FUNCTION:
|
||||
BIO_ADDR_rawmake 148 3_0_0 EXIST::FUNCTION:SOCK
|
||||
EVP_PKEY_asn1_set_ctrl 149 3_0_0 EXIST::FUNCTION:
|
||||
|
@ -642,7 +642,7 @@ PEM_SignInit 658 3_0_0 EXIST::FUNCTION:
|
|||
EVP_CIPHER_CTX_set_key_length 659 3_0_0 EXIST::FUNCTION:
|
||||
X509_delete_ext 660 3_0_0 EXIST::FUNCTION:
|
||||
OCSP_resp_get0_produced_at 661 3_0_0 EXIST::FUNCTION:OCSP
|
||||
IDEA_encrypt 662 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_encrypt 662 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
CRYPTO_nistcts128_encrypt_block 663 3_0_0 EXIST::FUNCTION:
|
||||
EVP_MD_do_all 664 3_0_0 EXIST::FUNCTION:
|
||||
EC_KEY_oct2priv 665 3_0_0 EXIST::FUNCTION:EC
|
||||
|
@ -954,7 +954,7 @@ BN_is_bit_set 978 3_0_0 EXIST::FUNCTION:
|
|||
AES_ofb128_encrypt 979 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
|
||||
X509_STORE_add_lookup 980 3_0_0 EXIST::FUNCTION:
|
||||
ASN1_GENERALSTRING_new 981 3_0_0 EXIST::FUNCTION:
|
||||
IDEA_options 982 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_options 982 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
d2i_X509_REQ 983 3_0_0 EXIST::FUNCTION:
|
||||
i2d_TS_STATUS_INFO 984 3_0_0 EXIST::FUNCTION:TS
|
||||
X509_PURPOSE_get_by_id 985 3_0_0 EXIST::FUNCTION:
|
||||
|
@ -1844,7 +1844,7 @@ X509_STORE_CTX_set0_trusted_stack 1886 3_0_0 EXIST::FUNCTION:
|
|||
BIO_ADDR_service_string 1887 3_0_0 EXIST::FUNCTION:SOCK
|
||||
ASN1_BOOLEAN_it 1888 3_0_0 EXIST::FUNCTION:
|
||||
TS_RESP_CTX_set_time_cb 1889 3_0_0 EXIST::FUNCTION:TS
|
||||
IDEA_cbc_encrypt 1890 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_cbc_encrypt 1890 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
BN_CTX_secure_new 1891 3_0_0 EXIST::FUNCTION:
|
||||
OCSP_ONEREQ_add_ext 1892 3_0_0 EXIST::FUNCTION:OCSP
|
||||
CMS_uncompress 1893 3_0_0 EXIST::FUNCTION:CMS
|
||||
|
@ -2448,7 +2448,7 @@ BIO_f_zlib 2498 3_0_0 EXIST::FUNCTION:COMP,ZLIB
|
|||
AES_cfb128_encrypt 2499 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
|
||||
ENGINE_set_EC 2500 3_0_0 EXIST::FUNCTION:ENGINE
|
||||
d2i_ECPKParameters 2501 3_0_0 EXIST::FUNCTION:EC
|
||||
IDEA_ofb64_encrypt 2502 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_ofb64_encrypt 2502 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
CAST_decrypt 2503 3_0_0 EXIST::FUNCTION:CAST,DEPRECATEDIN_3_0
|
||||
TS_STATUS_INFO_get0_failure_info 2504 3_0_0 EXIST::FUNCTION:TS
|
||||
ENGINE_unregister_pkey_meths 2506 3_0_0 EXIST::FUNCTION:ENGINE
|
||||
|
@ -2531,7 +2531,7 @@ ENGINE_load_ssl_client_cert 2584 3_0_0 EXIST::FUNCTION:ENGINE
|
|||
X509_STORE_CTX_set_verify_cb 2585 3_0_0 EXIST::FUNCTION:
|
||||
CRYPTO_clear_realloc 2586 3_0_0 EXIST::FUNCTION:
|
||||
OPENSSL_strnlen 2587 3_0_0 EXIST::FUNCTION:
|
||||
IDEA_ecb_encrypt 2588 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_ecb_encrypt 2588 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
ASN1_STRING_set_default_mask 2589 3_0_0 EXIST::FUNCTION:
|
||||
TS_VERIFY_CTX_add_flags 2590 3_0_0 EXIST::FUNCTION:TS
|
||||
FIPS_mode 2591 3_0_0 EXIST::FUNCTION:
|
||||
|
@ -3102,7 +3102,7 @@ a2i_ASN1_INTEGER 3166 3_0_0 EXIST::FUNCTION:
|
|||
OCSP_sendreq_bio 3167 3_0_0 EXIST::FUNCTION:OCSP
|
||||
PKCS12_SAFEBAG_create_crl 3168 3_0_0 EXIST::FUNCTION:
|
||||
d2i_X509_NAME 3169 3_0_0 EXIST::FUNCTION:
|
||||
IDEA_cfb64_encrypt 3170 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_cfb64_encrypt 3170 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
BN_mod_sub 3171 3_0_0 EXIST::FUNCTION:
|
||||
ASN1_NULL_new 3172 3_0_0 EXIST::FUNCTION:
|
||||
HMAC_Init 3173 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
|
||||
|
@ -3129,7 +3129,7 @@ OCSP_request_verify 3194 3_0_0 EXIST::FUNCTION:OCSP
|
|||
CRYPTO_THREAD_run_once 3195 3_0_0 EXIST::FUNCTION:
|
||||
TS_REQ_print_bio 3196 3_0_0 EXIST::FUNCTION:TS
|
||||
SCT_get_version 3197 3_0_0 EXIST::FUNCTION:CT
|
||||
IDEA_set_encrypt_key 3198 3_0_0 EXIST::FUNCTION:IDEA
|
||||
IDEA_set_encrypt_key 3198 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
|
||||
ENGINE_get_DH 3199 3_0_0 EXIST::FUNCTION:ENGINE
|
||||
i2d_ASIdentifierChoice 3200 3_0_0 EXIST::FUNCTION:RFC3779
|
||||
SRP_Calc_A 3201 3_0_0 EXIST::FUNCTION:SRP
|
||||
|
|
Loading…
Reference in New Issue