summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2020-10-14 18:12:38 +0200
committerMatt Caswell <matt@openssl.org>2020-11-27 12:04:54 +0100
commit4d8e8a2d3781b6ca7c453492ee8e06885c812e73 (patch)
treedd9caaffb3fa4882cc7ed41fdca57405e3251408
parentDeprecate EVP_PKEY_assign_DH and other similar macros (diff)
downloadopenssl-4d8e8a2d3781b6ca7c453492ee8e06885c812e73.tar.xz
openssl-4d8e8a2d3781b6ca7c453492ee8e06885c812e73.zip
Deprecate the DHparams and DHxparams PEM routines
The functions return a DH object and therefore need to be deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13138)
-rw-r--r--include/openssl/pem.h6
-rw-r--r--test/build.info10
-rw-r--r--test/endecoder_legacy_test.c2
-rw-r--r--test/recipes/04-test_encoder_decoder_legacy.t6
-rw-r--r--util/libcrypto.num12
5 files changed, 21 insertions, 15 deletions
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 3dcf97e36c..b3c2d2e1c1 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -391,8 +391,10 @@ DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
# endif
# ifndef OPENSSL_NO_DH
-DECLARE_PEM_rw(DHparams, DH)
-DECLARE_PEM_write(DHxparams, DH)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
+DECLARE_PEM_write_attr(OSSL_DEPRECATEDIN_3_0, DHxparams, DH)
+# endif
# endif
DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x,
diff --git a/test/build.info b/test/build.info
index bd87bf6a94..7f9e44b591 100644
--- a/test/build.info
+++ b/test/build.info
@@ -793,10 +793,12 @@ IF[{- !$disabled{tests} -}]
INCLUDE[endecode_test]=.. ../include ../apps/include
DEPEND[endecode_test]=../libcrypto.a libtestutil.a
- PROGRAMS{noinst}=endecoder_legacy_test
- SOURCE[endecoder_legacy_test]=endecoder_legacy_test.c
- INCLUDE[endecoder_legacy_test]=.. ../include ../apps/include
- DEPEND[endecoder_legacy_test]=../libcrypto.a libtestutil.a
+ IF[{- !$disabled{'deprecated-3.0'} -}]
+ PROGRAMS{noinst}=endecoder_legacy_test
+ SOURCE[endecoder_legacy_test]=endecoder_legacy_test.c
+ INCLUDE[endecoder_legacy_test]=.. ../include ../apps/include
+ DEPEND[endecoder_legacy_test]=../libcrypto.a libtestutil.a
+ ENDIF
PROGRAMS{noinst}=namemap_internal_test
SOURCE[namemap_internal_test]=namemap_internal_test.c
diff --git a/test/endecoder_legacy_test.c b/test/endecoder_legacy_test.c
index 6fd7b356cd..467c072b3e 100644
--- a/test/endecoder_legacy_test.c
+++ b/test/endecoder_legacy_test.c
@@ -166,7 +166,6 @@ static struct test_stanza_st {
NULL, /* No PEM_read_bio_ECParameters */
(PEM_read_bio_of_void *)PEM_read_bio_EC_PUBKEY, },
#endif
-#ifndef OPENSSL_NO_DEPRECATED_3_0
{ "RSA", { "RSA", "type-specific" }, EVP_PKEY_RSA,
(i2d_of_void *)i2d_RSAPrivateKey,
(i2d_of_void *)i2d_RSAPublicKey,
@@ -184,7 +183,6 @@ static struct test_stanza_st {
(PEM_read_bio_of_void *)PEM_read_bio_RSAPublicKey,
NULL, /* No PEM_read_bio_RSAparams */
(PEM_read_bio_of_void *)PEM_read_bio_RSA_PUBKEY }
-#endif
};
/*
diff --git a/test/recipes/04-test_encoder_decoder_legacy.t b/test/recipes/04-test_encoder_decoder_legacy.t
index 9881322628..ef252a3766 100644
--- a/test/recipes/04-test_encoder_decoder_legacy.t
+++ b/test/recipes/04-test_encoder_decoder_legacy.t
@@ -11,12 +11,16 @@ use warnings;
use OpenSSL::Test::Simple;
use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/;
+use OpenSSL::Test::Utils;
use Cwd qw(abs_path);
-setup("test_encode_legacy");
+setup("test_encoder_decoder_legacy");
+plan skip_all => "Not available in a no-deprecated build"
+ if disabled("deprecated");
plan tests => 1;
+
$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 8ef0f2a02b..d81534ad06 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -274,7 +274,7 @@ X509_get_ext_d2i 279 3_0_0 EXIST::FUNCTION:
d2i_PKCS7_ENC_CONTENT 280 3_0_0 EXIST::FUNCTION:
BUF_MEM_grow 281 3_0_0 EXIST::FUNCTION:
TS_REQ_free 282 3_0_0 EXIST::FUNCTION:TS
-PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DH,STDIO
+PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO
RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
X509V3_EXT_get_nid 285 3_0_0 EXIST::FUNCTION:
BIO_s_log 286 3_0_0 EXIST::FUNCTION:
@@ -447,7 +447,7 @@ ENGINE_get_digests 455 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3
TS_MSG_IMPRINT_get_algo 456 3_0_0 EXIST::FUNCTION:TS
DH_new_method 457 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
BF_ecb_encrypt 458 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0
-PEM_write_bio_DHparams 459 3_0_0 EXIST::FUNCTION:DH
+PEM_write_bio_DHparams 459 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
EVP_DigestFinal 460 3_0_0 EXIST::FUNCTION:
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE 461 3_0_0 EXIST::FUNCTION:CT
X509v3_asid_add_id_or_range 462 3_0_0 EXIST::FUNCTION:RFC3779
@@ -2017,7 +2017,7 @@ BN_GENCB_get_arg 2063 3_0_0 EXIST::FUNCTION:
EVP_MD_CTX_clear_flags 2064 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_verifyctx 2065 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CT_POLICY_EVAL_CTX_get0_cert 2066 3_0_0 EXIST::FUNCTION:CT
-PEM_write_DHparams 2067 3_0_0 EXIST::FUNCTION:DH,STDIO
+PEM_write_DHparams 2067 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO
DH_set_ex_data 2068 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
OCSP_SIGNATURE_free 2069 3_0_0 EXIST::FUNCTION:OCSP
CRYPTO_128_unwrap_pad 2070 3_0_0 EXIST::FUNCTION:
@@ -2405,7 +2405,7 @@ BIGNUM_it 2455 3_0_0 EXIST::FUNCTION:
BN_BLINDING_get_flags 2456 3_0_0 EXIST::FUNCTION:
X509_EXTENSION_get_critical 2457 3_0_0 EXIST::FUNCTION:
DSA_set_default_method 2458 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA
-PEM_write_bio_DHxparams 2459 3_0_0 EXIST::FUNCTION:DH
+PEM_write_bio_DHxparams 2459 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
DSA_set_ex_data 2460 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA
BIO_s_datagram_sctp 2461 3_0_0 EXIST::FUNCTION:DGRAM,SCTP
SXNET_add_id_asc 2462 3_0_0 EXIST::FUNCTION:
@@ -3190,7 +3190,7 @@ X509_set1_notBefore 3255 3_0_0 EXIST::FUNCTION:
MD4 3256 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD4
EVP_PKEY_CTX_dup 3257 3_0_0 EXIST::FUNCTION:
ENGINE_setup_bsd_cryptodev 3258 3_0_0 EXIST:__FreeBSD__:FUNCTION:DEPRECATEDIN_1_1_0,ENGINE
-PEM_read_bio_DHparams 3259 3_0_0 EXIST::FUNCTION:DH
+PEM_read_bio_DHparams 3259 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
CMS_SharedInfo_encode 3260 3_0_0 EXIST::FUNCTION:CMS
ASN1_OBJECT_create 3261 3_0_0 EXIST::FUNCTION:
i2d_ECParameters 3262 3_0_0 EXIST::FUNCTION:EC
@@ -3684,7 +3684,7 @@ ASN1_TIME_print 3763 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get0_peerkey 3764 3_0_0 EXIST::FUNCTION:
BN_mod_lshift1 3765 3_0_0 EXIST::FUNCTION:
BIO_ADDRINFO_family 3766 3_0_0 EXIST::FUNCTION:SOCK
-PEM_write_DHxparams 3767 3_0_0 EXIST::FUNCTION:DH,STDIO
+PEM_write_DHxparams 3767 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO
BN_mod_exp2_mont 3768 3_0_0 EXIST::FUNCTION:
ASN1_PRINTABLE_free 3769 3_0_0 EXIST::FUNCTION:
PKCS7_ATTR_SIGN_it 3771 3_0_0 EXIST::FUNCTION: