diff options
author | Matt Caswell <matt@openssl.org> | 2020-10-14 18:12:38 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-11-27 12:04:54 +0100 |
commit | 4d8e8a2d3781b6ca7c453492ee8e06885c812e73 (patch) | |
tree | dd9caaffb3fa4882cc7ed41fdca57405e3251408 | |
parent | Deprecate EVP_PKEY_assign_DH and other similar macros (diff) | |
download | openssl-4d8e8a2d3781b6ca7c453492ee8e06885c812e73.tar.xz openssl-4d8e8a2d3781b6ca7c453492ee8e06885c812e73.zip |
Deprecate the DHparams and DHxparams PEM routines
The functions return a DH object and therefore need to be deprecated.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)
-rw-r--r-- | include/openssl/pem.h | 6 | ||||
-rw-r--r-- | test/build.info | 10 | ||||
-rw-r--r-- | test/endecoder_legacy_test.c | 2 | ||||
-rw-r--r-- | test/recipes/04-test_encoder_decoder_legacy.t | 6 | ||||
-rw-r--r-- | util/libcrypto.num | 12 |
5 files changed, 21 insertions, 15 deletions
diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 3dcf97e36c..b3c2d2e1c1 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -391,8 +391,10 @@ DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) # endif # ifndef OPENSSL_NO_DH -DECLARE_PEM_rw(DHparams, DH) -DECLARE_PEM_write(DHxparams, DH) +# ifndef OPENSSL_NO_DEPRECATED_3_0 +DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH) +DECLARE_PEM_write_attr(OSSL_DEPRECATEDIN_3_0, DHxparams, DH) +# endif # endif DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, diff --git a/test/build.info b/test/build.info index bd87bf6a94..7f9e44b591 100644 --- a/test/build.info +++ b/test/build.info @@ -793,10 +793,12 @@ IF[{- !$disabled{tests} -}] INCLUDE[endecode_test]=.. ../include ../apps/include DEPEND[endecode_test]=../libcrypto.a libtestutil.a - PROGRAMS{noinst}=endecoder_legacy_test - SOURCE[endecoder_legacy_test]=endecoder_legacy_test.c - INCLUDE[endecoder_legacy_test]=.. ../include ../apps/include - DEPEND[endecoder_legacy_test]=../libcrypto.a libtestutil.a + IF[{- !$disabled{'deprecated-3.0'} -}] + PROGRAMS{noinst}=endecoder_legacy_test + SOURCE[endecoder_legacy_test]=endecoder_legacy_test.c + INCLUDE[endecoder_legacy_test]=.. ../include ../apps/include + DEPEND[endecoder_legacy_test]=../libcrypto.a libtestutil.a + ENDIF PROGRAMS{noinst}=namemap_internal_test SOURCE[namemap_internal_test]=namemap_internal_test.c diff --git a/test/endecoder_legacy_test.c b/test/endecoder_legacy_test.c index 6fd7b356cd..467c072b3e 100644 --- a/test/endecoder_legacy_test.c +++ b/test/endecoder_legacy_test.c @@ -166,7 +166,6 @@ static struct test_stanza_st { NULL, /* No PEM_read_bio_ECParameters */ (PEM_read_bio_of_void *)PEM_read_bio_EC_PUBKEY, }, #endif -#ifndef OPENSSL_NO_DEPRECATED_3_0 { "RSA", { "RSA", "type-specific" }, EVP_PKEY_RSA, (i2d_of_void *)i2d_RSAPrivateKey, (i2d_of_void *)i2d_RSAPublicKey, @@ -184,7 +183,6 @@ static struct test_stanza_st { (PEM_read_bio_of_void *)PEM_read_bio_RSAPublicKey, NULL, /* No PEM_read_bio_RSAparams */ (PEM_read_bio_of_void *)PEM_read_bio_RSA_PUBKEY } -#endif }; /* diff --git a/test/recipes/04-test_encoder_decoder_legacy.t b/test/recipes/04-test_encoder_decoder_legacy.t index 9881322628..ef252a3766 100644 --- a/test/recipes/04-test_encoder_decoder_legacy.t +++ b/test/recipes/04-test_encoder_decoder_legacy.t @@ -11,12 +11,16 @@ use warnings; use OpenSSL::Test::Simple; use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; use Cwd qw(abs_path); -setup("test_encode_legacy"); +setup("test_encoder_decoder_legacy"); +plan skip_all => "Not available in a no-deprecated build" + if disabled("deprecated"); plan tests => 1; + $ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers")); $ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf")); diff --git a/util/libcrypto.num b/util/libcrypto.num index 8ef0f2a02b..d81534ad06 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -274,7 +274,7 @@ X509_get_ext_d2i 279 3_0_0 EXIST::FUNCTION: d2i_PKCS7_ENC_CONTENT 280 3_0_0 EXIST::FUNCTION: BUF_MEM_grow 281 3_0_0 EXIST::FUNCTION: TS_REQ_free 282 3_0_0 EXIST::FUNCTION:TS -PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DH,STDIO +PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA X509V3_EXT_get_nid 285 3_0_0 EXIST::FUNCTION: BIO_s_log 286 3_0_0 EXIST::FUNCTION: @@ -447,7 +447,7 @@ ENGINE_get_digests 455 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3 TS_MSG_IMPRINT_get_algo 456 3_0_0 EXIST::FUNCTION:TS DH_new_method 457 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH BF_ecb_encrypt 458 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0 -PEM_write_bio_DHparams 459 3_0_0 EXIST::FUNCTION:DH +PEM_write_bio_DHparams 459 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH EVP_DigestFinal 460 3_0_0 EXIST::FUNCTION: CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE 461 3_0_0 EXIST::FUNCTION:CT X509v3_asid_add_id_or_range 462 3_0_0 EXIST::FUNCTION:RFC3779 @@ -2017,7 +2017,7 @@ BN_GENCB_get_arg 2063 3_0_0 EXIST::FUNCTION: EVP_MD_CTX_clear_flags 2064 3_0_0 EXIST::FUNCTION: EVP_PKEY_meth_get_verifyctx 2065 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 CT_POLICY_EVAL_CTX_get0_cert 2066 3_0_0 EXIST::FUNCTION:CT -PEM_write_DHparams 2067 3_0_0 EXIST::FUNCTION:DH,STDIO +PEM_write_DHparams 2067 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO DH_set_ex_data 2068 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH OCSP_SIGNATURE_free 2069 3_0_0 EXIST::FUNCTION:OCSP CRYPTO_128_unwrap_pad 2070 3_0_0 EXIST::FUNCTION: @@ -2405,7 +2405,7 @@ BIGNUM_it 2455 3_0_0 EXIST::FUNCTION: BN_BLINDING_get_flags 2456 3_0_0 EXIST::FUNCTION: X509_EXTENSION_get_critical 2457 3_0_0 EXIST::FUNCTION: DSA_set_default_method 2458 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA -PEM_write_bio_DHxparams 2459 3_0_0 EXIST::FUNCTION:DH +PEM_write_bio_DHxparams 2459 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH DSA_set_ex_data 2460 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA BIO_s_datagram_sctp 2461 3_0_0 EXIST::FUNCTION:DGRAM,SCTP SXNET_add_id_asc 2462 3_0_0 EXIST::FUNCTION: @@ -3190,7 +3190,7 @@ X509_set1_notBefore 3255 3_0_0 EXIST::FUNCTION: MD4 3256 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD4 EVP_PKEY_CTX_dup 3257 3_0_0 EXIST::FUNCTION: ENGINE_setup_bsd_cryptodev 3258 3_0_0 EXIST:__FreeBSD__:FUNCTION:DEPRECATEDIN_1_1_0,ENGINE -PEM_read_bio_DHparams 3259 3_0_0 EXIST::FUNCTION:DH +PEM_read_bio_DHparams 3259 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH CMS_SharedInfo_encode 3260 3_0_0 EXIST::FUNCTION:CMS ASN1_OBJECT_create 3261 3_0_0 EXIST::FUNCTION: i2d_ECParameters 3262 3_0_0 EXIST::FUNCTION:EC @@ -3684,7 +3684,7 @@ ASN1_TIME_print 3763 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get0_peerkey 3764 3_0_0 EXIST::FUNCTION: BN_mod_lshift1 3765 3_0_0 EXIST::FUNCTION: BIO_ADDRINFO_family 3766 3_0_0 EXIST::FUNCTION:SOCK -PEM_write_DHxparams 3767 3_0_0 EXIST::FUNCTION:DH,STDIO +PEM_write_DHxparams 3767 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH,STDIO BN_mod_exp2_mont 3768 3_0_0 EXIST::FUNCTION: ASN1_PRINTABLE_free 3769 3_0_0 EXIST::FUNCTION: PKCS7_ATTR_SIGN_it 3771 3_0_0 EXIST::FUNCTION: |