{"md5", D_MD5},
{"hmac", D_HMAC},
#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
{"sha1", D_SHA1},
{"sha256", D_SHA256},
{"sha512", D_SHA512},
+#endif
#if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
{"whirlpool", D_WHIRLPOOL},
#endif
}
#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static int SHA1_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **) args;
SHA512(buf, lengths[testnum], sha512);
return count;
}
+#endif
#if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
static int WHIRLPOOL_loop(void *args)
HMAC_CTX_free(loopargs[i].hctx);
}
#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
if (doit[D_SHA1]) {
for (testnum = 0; testnum < size_num; testnum++) {
print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
print_result(D_SHA512, testnum, count, d);
}
}
+#endif
#if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
if (doit[D_WHIRLPOOL]) {
for (testnum = 0; testnum < size_num; testnum++) {
int ret = 0;
unsigned char *pkey_der = NULL;
int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der);
+ unsigned int len;
if (pkey_der_len <= 0) {
CTerr(CT_F_CT_V1_LOG_ID_FROM_PKEY, CT_R_LOG_KEY_INVALID);
goto err;
}
- SHA256(pkey_der, pkey_der_len, log_id);
- ret = 1;
+ ret = EVP_Digest(pkey_der, pkey_der_len, log_id, &len, EVP_sha256(), NULL);
err:
OPENSSL_free(pkey_der);
return ret;
#include <string.h>
#include "ec_local.h"
+#include <openssl/evp.h>
#include <openssl/sha.h>
#if defined(X25519_ASM) && (defined(__x86_64) || defined(__x86_64__) || \
uint8_t nonce[SHA512_DIGEST_LENGTH];
ge_p3 R;
uint8_t hram[SHA512_DIGEST_LENGTH];
- SHA512_CTX hash_ctx;
+ EVP_MD *sha512 = EVP_MD_fetch(NULL, SN_sha512, NULL);
+ EVP_MD_CTX *hash_ctx = EVP_MD_CTX_new();
+ unsigned int sz;
+ int res = 0;
- SHA512_Init(&hash_ctx);
- SHA512_Update(&hash_ctx, private_key, 32);
- SHA512_Final(az, &hash_ctx);
+ if (sha512 == NULL || hash_ctx == NULL)
+ goto err;
+
+ if (!EVP_DigestInit_ex(hash_ctx, sha512, NULL)
+ || !EVP_DigestUpdate(hash_ctx, private_key, 32)
+ || !EVP_DigestFinal_ex(hash_ctx, az, &sz))
+ goto err;
az[0] &= 248;
az[31] &= 63;
az[31] |= 64;
- SHA512_Init(&hash_ctx);
- SHA512_Update(&hash_ctx, az + 32, 32);
- SHA512_Update(&hash_ctx, message, message_len);
- SHA512_Final(nonce, &hash_ctx);
+ if (!EVP_DigestInit_ex(hash_ctx, sha512, NULL)
+ || !EVP_DigestUpdate(hash_ctx, az + 32, 32)
+ || !EVP_DigestUpdate(hash_ctx, message, message_len)
+ || !EVP_DigestFinal_ex(hash_ctx, nonce, &sz))
+ goto err;
x25519_sc_reduce(nonce);
ge_scalarmult_base(&R, nonce);
ge_p3_tobytes(out_sig, &R);
- SHA512_Init(&hash_ctx);
- SHA512_Update(&hash_ctx, out_sig, 32);
- SHA512_Update(&hash_ctx, public_key, 32);
- SHA512_Update(&hash_ctx, message, message_len);
- SHA512_Final(hram, &hash_ctx);
+ if (!EVP_DigestInit_ex(hash_ctx, sha512, NULL)
+ || !EVP_DigestUpdate(hash_ctx, out_sig, 32)
+ || !EVP_DigestUpdate(hash_ctx, public_key, 32)
+ || !EVP_DigestUpdate(hash_ctx, message, message_len)
+ || !EVP_DigestFinal_ex(hash_ctx, hram, &sz))
+ goto err;
x25519_sc_reduce(hram);
sc_muladd(out_sig + 32, hram, az, nonce);
- OPENSSL_cleanse(&hash_ctx, sizeof(hash_ctx));
+ res = 1;
+err:
OPENSSL_cleanse(nonce, sizeof(nonce));
OPENSSL_cleanse(az, sizeof(az));
-
- return 1;
+ EVP_MD_free(sha512);
+ EVP_MD_CTX_free(hash_ctx);
+ return res;
}
static const char allzeroes[15];
int i;
ge_p3 A;
const uint8_t *r, *s;
- SHA512_CTX hash_ctx;
+ EVP_MD *sha512;
+ EVP_MD_CTX *hash_ctx = NULL;
+ unsigned int sz;
+ int res = 0;
ge_p2 R;
uint8_t rcheck[32];
uint8_t h[SHA512_DIGEST_LENGTH];
fe_neg(A.X, A.X);
fe_neg(A.T, A.T);
- SHA512_Init(&hash_ctx);
- SHA512_Update(&hash_ctx, r, 32);
- SHA512_Update(&hash_ctx, public_key, 32);
- SHA512_Update(&hash_ctx, message, message_len);
- SHA512_Final(h, &hash_ctx);
+ sha512 = EVP_MD_fetch(NULL, SN_sha512, NULL);
+ if (sha512 == NULL)
+ return 0;
+ hash_ctx = EVP_MD_CTX_new();
+ if (hash_ctx == NULL)
+ goto err;
+
+ if (!EVP_DigestInit_ex(hash_ctx, sha512, NULL)
+ || !EVP_DigestUpdate(hash_ctx, r, 32)
+ || !EVP_DigestUpdate(hash_ctx, public_key, 32)
+ || !EVP_DigestUpdate(hash_ctx, message, message_len)
+ || !EVP_DigestFinal_ex(hash_ctx, h, &sz))
+ goto err;
x25519_sc_reduce(h);
ge_tobytes(rcheck, &R);
- return CRYPTO_memcmp(rcheck, r, sizeof(rcheck)) == 0;
+ res = CRYPTO_memcmp(rcheck, r, sizeof(rcheck)) == 0;
+err:
+ EVP_MD_free(sha512);
+ EVP_MD_CTX_free(hash_ctx);
+ return res;
}
void ED25519_public_from_private(uint8_t out_public_key[32],
unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH];
ECX_KEY *key;
unsigned char *privkey = NULL, *pubkey;
+ unsigned int sz;
key = OPENSSL_zalloc(sizeof(*key));
if (key == NULL) {
if (RAND_priv_bytes(privkey, ED25519_KEYLEN) <= 0)
goto err;
- SHA512(privkey, 32, buff);
+ if (!EVP_Digest(privkey, 32, buff, &sz, EVP_sha512(), NULL))
+ goto err;
+
buff[0] &= 248;
buff[31] &= 63;
buff[31] |= 64;
*/
/*
- * RC4 low level APIs are deprecated for public use, but still ok for internal
- * use.
+ * RC4 and SHA-1 low level APIs are deprecated for public use, but still ok
+ * for internal use.
*/
#include "internal/deprecated.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use. The prov/md5_sha1.h include requires this, but this must
+ * be the first include loaded.
+ */
+#include "internal/deprecated.h"
+
#include "crypto/evp.h"
#include "prov/md5_sha1.h" /* diverse MD5_SHA1 macros */
#include "legacy_meth.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * All SHA low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/sha.h> /* diverse SHA macros */
#include "internal/sha3.h" /* KECCAK1600_WIDTH */
#include "crypto/evp.h"
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <string.h>
#include "prov/md5_sha1.h"
#include <openssl/evp.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA256 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/opensslconf.h>
#include <stdlib.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA512 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
+#include <stdio.h>
#include <openssl/opensslconf.h>
/*-
* IMPLEMENTATION NOTES.
#include <openssl/sha.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
int SHA1_Init(SHA_CTX *c);
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
int SHA1_Final(unsigned char *md, SHA_CTX *c);
=head1 DESCRIPTION
-Applications should use the higher level functions
-L<EVP_DigestInit(3)> etc. instead of calling the hash
-functions directly.
+All of the functions described on this page are deprecated.
+Applications should instead use L<EVP_DigestInit_ex(3)>, L<EVP_DigestUpdate(3)>
+and L<EVP_DigestFinal_ex(3)>.
SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
160 bit output.
L<EVP_DigestInit(3)>
+=head1 HISTORY
+
+All of these functions were deprecated in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use. Note, that due to symbols not being exported, only the
+ * #defines and strucures can be accessed, in this case SHA_CBLOCK and
+ * sizeof(SHA_CTX).
+ */
+#include "internal/deprecated.h"
+
#if defined(_WIN32)
# include <windows.h>
#endif
* SHA1 implementation. At the moment we just defer to the standard
* implementation
*/
-#undef data
-#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int dasync_sha1_init(EVP_MD_CTX *ctx)
{
dummy_pause_job();
- return SHA1_Init(data(ctx));
+ return EVP_MD_meth_get_init(EVP_sha1())(ctx);
}
static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data,
{
dummy_pause_job();
- return SHA1_Update(data(ctx), data, (size_t)count);
+ return EVP_MD_meth_get_update(EVP_sha1())(ctx, data, count);
}
static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
{
dummy_pause_job();
- return SHA1_Final(md, data(ctx));
+ return EVP_MD_meth_get_final(EVP_sha1())(ctx, md);
}
/*
* used for any purpose except testing
*/
+/*
+ * SHA low level APIs are deprecated for public use, but still ok for
+ * internal use. Note, that due to symbols not being exported, only the
+ * #defines and type definitions can be accessed, function calls are not
+ * available. The digest lengths, block sizes and sizeof(CTX) are used herein
+ * for several different digests.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <string.h>
/* SHA384/SHA512 */
static int digest_sha384_init(EVP_MD_CTX *ctx);
+static int digest_sha384_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md);
+
static int digest_sha512_init(EVP_MD_CTX *ctx);
static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data,
size_t count);
-static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md);
static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md);
static EVP_MD *_hidden_sha384_md = NULL;
sizeof(EVP_MD *) + sizeof(SHA512_CTX))
|| !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT)
|| !EVP_MD_meth_set_init(md, digest_sha384_init)
- || !EVP_MD_meth_set_update(md, digest_sha512_update)
+ || !EVP_MD_meth_set_update(md, digest_sha384_update)
|| !EVP_MD_meth_set_final(md, digest_sha384_final)) {
EVP_MD_meth_free(md);
md = NULL;
* value, so that all "MD5" digests using the test engine always end up with
* the same value.
*/
-#undef data
-#define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_md5_init(EVP_MD_CTX *ctx)
{
- return MD5_Init(data(ctx));
+ return EVP_MD_meth_get_init(EVP_md5())(ctx);
}
static int digest_md5_update(EVP_MD_CTX *ctx, const void *data,
size_t count)
{
- return MD5_Update(data(ctx), data, (size_t)count);
+ return EVP_MD_meth_get_update(EVP_md5())(ctx, data, count);
}
static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- int ret;
- ret = MD5_Final(md, data(ctx));
+ int ret = EVP_MD_meth_get_final(EVP_md5())(ctx, md);
if (ret > 0) {
fill_known_data(md, MD5_DIGEST_LENGTH);
/*
* SHA1 implementation.
*/
-#undef data
-#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha1_init(EVP_MD_CTX *ctx)
{
- return SHA1_Init(data(ctx));
+ return EVP_MD_meth_get_init(EVP_sha1())(ctx);
}
static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data,
size_t count)
{
- return SHA1_Update(data(ctx), data, (size_t)count);
+ return EVP_MD_meth_get_update(EVP_sha1())(ctx, data, count);
}
static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- int ret;
- ret = SHA1_Final(md, data(ctx));
+ int ret = EVP_MD_meth_get_final(EVP_sha1())(ctx, md);
if (ret > 0) {
fill_known_data(md, SHA_DIGEST_LENGTH);
/*
* SHA256 implementation.
*/
-#undef data
-#define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha256_init(EVP_MD_CTX *ctx)
{
- return SHA256_Init(data(ctx));
+ return EVP_MD_meth_get_init(EVP_sha256())(ctx);
}
static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data,
size_t count)
{
- return SHA256_Update(data(ctx), data, (size_t)count);
+ return EVP_MD_meth_get_update(EVP_sha256())(ctx, data, count);
}
static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- int ret;
- ret = SHA256_Final(md, data(ctx));
+ int ret = EVP_MD_meth_get_final(EVP_sha256())(ctx, md);
if (ret > 0) {
fill_known_data(md, SHA256_DIGEST_LENGTH);
}
/*
- * SHA384/512 implementation.
+ * SHA384 implementation.
*/
-#undef data
-#define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha384_init(EVP_MD_CTX *ctx)
{
- return SHA384_Init(data(ctx));
-}
-
-static int digest_sha512_init(EVP_MD_CTX *ctx)
-{
- return SHA512_Init(data(ctx));
+ return EVP_MD_meth_get_init(EVP_sha384())(ctx);
}
-static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data,
+static int digest_sha384_update(EVP_MD_CTX *ctx, const void *data,
size_t count)
{
- return SHA512_Update(data(ctx), data, (size_t)count);
+ return EVP_MD_meth_get_update(EVP_sha384())(ctx, data, count);
}
static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- int ret;
- /* Actually uses SHA512_Final! */
- ret = SHA512_Final(md, data(ctx));
+ int ret = EVP_MD_meth_get_final(EVP_sha384())(ctx, md);
if (ret > 0) {
fill_known_data(md, SHA384_DIGEST_LENGTH);
return ret;
}
+/*
+ * SHA512 implementation.
+ */
+static int digest_sha512_init(EVP_MD_CTX *ctx)
+{
+ return EVP_MD_meth_get_init(EVP_sha512())(ctx);
+}
+
+static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ return EVP_MD_meth_get_update(EVP_sha512())(ctx, data, count);
+}
+
static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- int ret;
- ret = SHA512_Final(md, data(ctx));
+ int ret = EVP_MD_meth_get_final(EVP_sha512())(ctx, md);
if (ret > 0) {
fill_known_data(md, SHA512_DIGEST_LENGTH);
extern "C" {
# endif
+# define SHA_DIGEST_LENGTH 20
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# define SHA_LONG unsigned int
+# define SHA_LONG unsigned int
-# define SHA_LBLOCK 16
-# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
- * contiguous array of 32 bit wide
- * big-endian values. */
-# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
-# define SHA_DIGEST_LENGTH 20
+# define SHA_LBLOCK 16
+# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
typedef struct SHAstate_st {
SHA_LONG h0, h1, h2, h3, h4;
SHA_LONG data[SHA_LBLOCK];
unsigned int num;
} SHA_CTX;
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+DEPRECATEDIN_3_0(int SHA1_Init(SHA_CTX *c))
+DEPRECATEDIN_3_0(int SHA1_Update(SHA_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA1_Final(unsigned char *md, SHA_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA1(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA1_Transform(SHA_CTX *c, const unsigned char *data))
-# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
* contiguous array of 32 bit wide
* big-endian values. */
SHA_LONG data[SHA_LBLOCK];
unsigned int num, md_len;
} SHA256_CTX;
-
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
+
+DEPRECATEDIN_3_0(int SHA224_Init(SHA256_CTX *c))
+DEPRECATEDIN_3_0(int SHA224_Update(SHA256_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA224_Final(unsigned char *md, SHA256_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA224(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(int SHA256_Init(SHA256_CTX *c))
+DEPRECATEDIN_3_0(int SHA256_Update(SHA256_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA256_Final(unsigned char *md, SHA256_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA256(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA256_Transform(SHA256_CTX *c,
+ const unsigned char *data))
# define SHA224_DIGEST_LENGTH 28
# define SHA256_DIGEST_LENGTH 32
# define SHA384_DIGEST_LENGTH 48
# define SHA512_DIGEST_LENGTH 64
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
* being exactly 64-bit wide. See Implementation Notes in sha512.c
* contiguous array of 64 bit
* wide big-endian values.
*/
-# define SHA512_CBLOCK (SHA_LBLOCK*8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SHA_LONG64 unsigned __int64
-# elif defined(__arch64__)
-# define SHA_LONG64 unsigned long
-# else
-# define SHA_LONG64 unsigned long long
-# endif
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# else
+# define SHA_LONG64 unsigned long long
+# endif
typedef struct SHA512state_st {
SHA_LONG64 h[8];
} u;
unsigned int num, md_len;
} SHA512_CTX;
-
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
+
+DEPRECATEDIN_3_0(int SHA384_Init(SHA512_CTX *c))
+DEPRECATEDIN_3_0(int SHA384_Update(SHA512_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA384_Final(unsigned char *md, SHA512_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA384(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(int SHA512_Init(SHA512_CTX *c))
+DEPRECATEDIN_3_0(int SHA512_Update(SHA512_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA512_Final(unsigned char *md, SHA512_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA512(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA512_Transform(SHA512_CTX *c,
+ const unsigned char *data))
# ifdef __cplusplus
}
*/
/*
- * AES low level APIs are deprecated for public use, but still ok for internal
+ * All low level APIs are deprecated for public use, but still ok for internal
* use where we're using them to implement the higher level EVP interface, as is
* the case here.
*/
*/
/*
- * AES low level APIs are deprecated for public use, but still ok for internal
+ * All low level APIs are deprecated for public use, but still ok for internal
* use where we're using them to implement the higher level EVP interface, as is
* the case here.
*/
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/sha.h>
#include "cipher_tdes_default.h"
#include "crypto/evp.h"
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
#include <openssl/evp.h>
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include "internal/constant_time.h"
#include "ssl_local.h"
#include "internal/cryptlib.h"
sanitytest rsa_complex exdatatest bntest \
ectest ecstresstest ecdsatest gmdifftest pbelutest ideatest \
hmactest \
- rc2test rc4test rc5test \
destest mdc2test \
dhtest enginetest \
ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \
tls13encryptiontest wpackettest ctype_internal_test \
rdrand_sanitytest property_test \
rsa_sp800_56b_test bn_internal_test \
+ rc2test rc4test rc5test \
asn1_dsa_internal_test
IF[{- !$disabled{poly1305} -}]
INCLUDE[curve448_internal_test]=.. ../include ../apps/include ../crypto/ec/curve448
DEPEND[curve448_internal_test]=../libcrypto.a libtestutil.a
+ SOURCE[rc4test]=rc4test.c
+ INCLUDE[rc4test]=../include ../apps/include
+ DEPEND[rc4test]=../libcrypto.a libtestutil.a
+
SOURCE[rdrand_sanitytest]=rdrand_sanitytest.c
INCLUDE[rdrand_sanitytest]=../include ../apps/include
DEPEND[rdrand_sanitytest]=../libcrypto.a libtestutil.a
* https://www.openssl.org/source/license.html
*/
+/*
+ * SHA256 low level APIs are deprecated for public use, but still ok for
+ * internal use. Note, that due to symbols not being exported, only the
+ * #defines can be accessed. In this case SHA256_CBLOCK.
+ */
+#include "internal/deprecated.h"
+
#include <string.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
*/
/*
- * RC4 low level APIs are deprecated for public use, but still ok for internal
- * use.
+ * RC4 and SHA-1 low level APIs are deprecated for public use, but still ok for
+ * internal use.
*/
#include "internal/deprecated.h"
X509_PURPOSE_get0_name 1172 3_0_0 EXIST::FUNCTION:
TS_TST_INFO_get_serial 1173 3_0_0 EXIST::FUNCTION:TS
ASN1_PCTX_get_str_flags 1174 3_0_0 EXIST::FUNCTION:
-SHA256 1175 3_0_0 EXIST::FUNCTION:
+SHA256 1175 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_LOOKUP_hash_dir 1176 3_0_0 EXIST::FUNCTION:
ASN1_BIT_STRING_check 1177 3_0_0 EXIST::FUNCTION:
ENGINE_set_default_RAND 1178 3_0_0 EXIST::FUNCTION:ENGINE
SRP_Calc_server_key 1409 3_0_0 EXIST::FUNCTION:SRP
BN_mod_exp_simple 1410 3_0_0 EXIST::FUNCTION:
BIO_set_ex_data 1411 3_0_0 EXIST::FUNCTION:
-SHA512 1412 3_0_0 EXIST::FUNCTION:
+SHA512 1412 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_STORE_CTX_get_explicit_policy 1413 3_0_0 EXIST::FUNCTION:
EVP_DecodeBlock 1414 3_0_0 EXIST::FUNCTION:
OCSP_REQ_CTX_http 1415 3_0_0 EXIST::FUNCTION:OCSP
CRYPTO_mem_debug_free 1475 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
d2i_OCSP_REQUEST 1476 3_0_0 EXIST::FUNCTION:OCSP
ENGINE_get_cipher_engine 1477 3_0_0 EXIST::FUNCTION:ENGINE
-SHA384_Final 1478 3_0_0 EXIST::FUNCTION:
+SHA384_Final 1478 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
TS_RESP_CTX_set_certs 1479 3_0_0 EXIST::FUNCTION:TS
BN_MONT_CTX_free 1480 3_0_0 EXIST::FUNCTION:
BN_GF2m_mod_solve_quad_arr 1481 3_0_0 EXIST::FUNCTION:EC2M
ENGINE_set_load_privkey_function 1501 3_0_0 EXIST::FUNCTION:ENGINE
CRYPTO_ccm128_setiv 1502 3_0_0 EXIST::FUNCTION:
PKCS7_dataFinal 1503 3_0_0 EXIST::FUNCTION:
-SHA1_Final 1504 3_0_0 EXIST::FUNCTION:
+SHA1_Final 1504 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
i2a_ASN1_STRING 1505 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_CTX_rand_key 1506 3_0_0 EXIST::FUNCTION:
AES_set_encrypt_key 1507 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
i2d_OCSP_SERVICELOC 1939 3_0_0 EXIST::FUNCTION:OCSP
EC_POINT_copy 1940 3_0_0 EXIST::FUNCTION:EC
X509V3_EXT_CRL_add_nconf 1941 3_0_0 EXIST::FUNCTION:
-SHA256_Init 1942 3_0_0 EXIST::FUNCTION:
+SHA256_Init 1942 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_NAME_ENTRY_get_object 1943 3_0_0 EXIST::FUNCTION:
ASN1_ENUMERATED_free 1944 3_0_0 EXIST::FUNCTION:
X509_CRL_set_meth_data 1945 3_0_0 EXIST::FUNCTION:
X509_STORE_CTX_purpose_inherit 1960 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_keygen 1961 3_0_0 EXIST::FUNCTION:
ENGINE_get_pkey_asn1_meth 1962 3_0_0 EXIST::FUNCTION:ENGINE
-SHA256_Update 1963 3_0_0 EXIST::FUNCTION:
+SHA256_Update 1963 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
d2i_PKCS7_ISSUER_AND_SERIAL 1964 3_0_0 EXIST::FUNCTION:
PKCS12_unpack_authsafes 1965 3_0_0 EXIST::FUNCTION:
X509_CRL_it 1966 3_0_0 EXIST::FUNCTION:
RSA_X931_derive_ex 2119 3_0_0 EXIST::FUNCTION:RSA
EVP_PKEY_decrypt_init 2120 3_0_0 EXIST::FUNCTION:
ENGINE_get_destroy_function 2121 3_0_0 EXIST::FUNCTION:ENGINE
-SHA224_Init 2122 3_0_0 EXIST::FUNCTION:
+SHA224_Init 2122 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509V3_EXT_add_conf 2123 3_0_0 EXIST::FUNCTION:
ASN1_object_size 2124 3_0_0 EXIST::FUNCTION:
X509_REVOKED_free 2125 3_0_0 EXIST::FUNCTION:
EC_GROUP_set_curve_GF2m 2239 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC,EC2M
ENGINE_load_builtin_engines 2240 3_0_0 EXIST::FUNCTION:ENGINE
SRP_VBASE_init 2241 3_0_0 EXIST::FUNCTION:SRP
-SHA224_Final 2242 3_0_0 EXIST::FUNCTION:
+SHA224_Final 2242 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
OCSP_CERTSTATUS_free 2243 3_0_0 EXIST::FUNCTION:OCSP
d2i_TS_TST_INFO 2244 3_0_0 EXIST::FUNCTION:TS
IPAddressOrRange_it 2245 3_0_0 EXIST::FUNCTION:RFC3779
X509_time_adj_ex 2249 3_0_0 EXIST::FUNCTION:
OCSP_request_add1_cert 2250 3_0_0 EXIST::FUNCTION:OCSP
ERR_load_X509_strings 2251 3_0_0 EXIST::FUNCTION:
-SHA1_Transform 2252 3_0_0 EXIST::FUNCTION:
+SHA1_Transform 2252 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CMS_signed_get_attr_by_NID 2253 3_0_0 EXIST::FUNCTION:CMS
X509_STORE_CTX_get_by_subject 2254 3_0_0 EXIST::FUNCTION:
ASN1_OCTET_STRING_it 2255 3_0_0 EXIST::FUNCTION:
X509_verify_cert 2513 3_0_0 EXIST::FUNCTION:
X509_policy_level_get0_node 2514 3_0_0 EXIST::FUNCTION:
X509_REQ_get_attr 2515 3_0_0 EXIST::FUNCTION:
-SHA1 2516 3_0_0 EXIST::FUNCTION:
+SHA1 2516 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_print 2517 3_0_0 EXIST::FUNCTION:
d2i_AutoPrivateKey 2518 3_0_0 EXIST::FUNCTION:
X509_REQ_new 2519 3_0_0 EXIST::FUNCTION:
X509_CRL_set_version 2551 3_0_0 EXIST::FUNCTION:
ASN1_PCTX_set_cert_flags 2552 3_0_0 EXIST::FUNCTION:
PKCS8_PRIV_KEY_INFO_free 2553 3_0_0 EXIST::FUNCTION:
-SHA224_Update 2554 3_0_0 EXIST::FUNCTION:
+SHA224_Update 2554 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EC_GROUP_new_by_curve_name 2555 3_0_0 EXIST::FUNCTION:EC
X509_STORE_set_purpose 2556 3_0_0 EXIST::FUNCTION:
X509_CRL_get0_signature 2557 3_0_0 EXIST::FUNCTION:
X509_get_pubkey_parameters 2787 3_0_0 EXIST::FUNCTION:
PKCS12_setup_mac 2788 3_0_0 EXIST::FUNCTION:
PEM_read_bio_PKCS7 2789 3_0_0 EXIST::FUNCTION:
-SHA512_Final 2790 3_0_0 EXIST::FUNCTION:
+SHA512_Final 2790 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_VERIFY_PARAM_set1_host 2791 3_0_0 EXIST::FUNCTION:
OCSP_resp_find_status 2792 3_0_0 EXIST::FUNCTION:OCSP
d2i_ASN1_T61STRING 2793 3_0_0 EXIST::FUNCTION:
ENGINE_get_finish_function 2965 3_0_0 EXIST::FUNCTION:ENGINE
EC_POINT_add 2966 3_0_0 EXIST::FUNCTION:EC
EC_KEY_oct2key 2967 3_0_0 EXIST::FUNCTION:EC
-SHA384_Init 2968 3_0_0 EXIST::FUNCTION:
+SHA384_Init 2968 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ASN1_UNIVERSALSTRING_new 2969 3_0_0 EXIST::FUNCTION:
EVP_PKEY_print_private 2970 3_0_0 EXIST::FUNCTION:
ASN1_INTEGER_new 2971 3_0_0 EXIST::FUNCTION:
NAME_CONSTRAINTS_it 2972 3_0_0 EXIST::FUNCTION:
TS_REQ_get_cert_req 2973 3_0_0 EXIST::FUNCTION:TS
BIO_pop 2974 3_0_0 EXIST::FUNCTION:
-SHA256_Final 2975 3_0_0 EXIST::FUNCTION:
+SHA256_Final 2975 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_PKEY_set1_DH 2976 3_0_0 EXIST::FUNCTION:DH
DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DH
CRYPTO_secure_malloc 2978 3_0_0 EXIST::FUNCTION:
EVP_PKEY_new 2992 3_0_0 EXIST::FUNCTION:
i2d_POLICYINFO 2993 3_0_0 EXIST::FUNCTION:
BN_get_flags 2994 3_0_0 EXIST::FUNCTION:
-SHA384 2995 3_0_0 EXIST::FUNCTION:
+SHA384 2995 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
NCONF_get_string 2996 3_0_0 EXIST::FUNCTION:
d2i_PROXY_CERT_INFO_EXTENSION 2997 3_0_0 EXIST::FUNCTION:
EC_POINT_point2buf 2998 3_0_0 EXIST::FUNCTION:EC
EVP_DecryptUpdate 3046 3_0_0 EXIST::FUNCTION:
CAST_cbc_encrypt 3047 3_0_0 EXIST::FUNCTION:CAST,DEPRECATEDIN_3_0
BN_BLINDING_invert 3048 3_0_0 EXIST::FUNCTION:
-SHA512_Update 3049 3_0_0 EXIST::FUNCTION:
+SHA512_Update 3049 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ESS_ISSUER_SERIAL_new 3050 3_0_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get0_pkcs8 3051 3_0_0 EXIST::FUNCTION:
X509_get_ext_by_NID 3052 3_0_0 EXIST::FUNCTION:
X509_OBJECT_retrieve_match 3396 3_0_0 EXIST::FUNCTION:
EVP_aes_128_ctr 3397 3_0_0 EXIST::FUNCTION:
EVP_PBE_find 3398 3_0_0 EXIST::FUNCTION:
-SHA512_Transform 3399 3_0_0 EXIST::FUNCTION:
+SHA512_Transform 3399 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ERR_add_error_vdata 3400 3_0_0 EXIST::FUNCTION:
OCSP_REQUEST_get_ext 3401 3_0_0 EXIST::FUNCTION:OCSP
NETSCAPE_SPKAC_new 3402 3_0_0 EXIST::FUNCTION:
RAND_egd_bytes 3433 3_0_0 EXIST::FUNCTION:EGD
UI_method_get_writer 3434 3_0_0 EXIST::FUNCTION:
BN_secure_new 3435 3_0_0 EXIST::FUNCTION:
-SHA1_Update 3437 3_0_0 EXIST::FUNCTION:
+SHA1_Update 3437 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BIO_s_connect 3438 3_0_0 EXIST::FUNCTION:SOCK
EVP_MD_meth_get_init 3439 3_0_0 EXIST::FUNCTION:
ASN1_BIT_STRING_free 3440 3_0_0 EXIST::FUNCTION:
ENGINE_unregister_ciphers 3589 3_0_0 EXIST::FUNCTION:ENGINE
X509_issuer_and_serial_cmp 3590 3_0_0 EXIST::FUNCTION:
OCSP_response_create 3591 3_0_0 EXIST::FUNCTION:OCSP
-SHA224 3592 3_0_0 EXIST::FUNCTION:
+SHA224 3592 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
MD2_options 3593 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD2
X509_REQ_it 3595 3_0_0 EXIST::FUNCTION:
RAND_bytes 3596 3_0_0 EXIST::FUNCTION:
TS_RESP_CTX_free 3632 3_0_0 EXIST::FUNCTION:TS
d2i_PUBKEY 3633 3_0_0 EXIST::FUNCTION:
ASYNC_cleanup_thread 3634 3_0_0 EXIST::FUNCTION:
-SHA384_Update 3635 3_0_0 EXIST::FUNCTION:
+SHA384_Update 3635 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_cfb128_1_encrypt 3636 3_0_0 EXIST::FUNCTION:
BIO_set_cipher 3637 3_0_0 EXIST::FUNCTION:
PEM_read_PUBKEY 3638 3_0_0 EXIST::FUNCTION:STDIO
ENGINE_set_default_RSA 3655 3_0_0 EXIST::FUNCTION:ENGINE
EVP_EncodeBlock 3656 3_0_0 EXIST::FUNCTION:
SXNETID_free 3657 3_0_0 EXIST::FUNCTION:
-SHA1_Init 3658 3_0_0 EXIST::FUNCTION:
+SHA1_Init 3658 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_atomic_add 3659 3_0_0 EXIST::FUNCTION:
TS_CONF_load_certs 3660 3_0_0 EXIST::FUNCTION:TS
PEM_write_bio_DSAPrivateKey 3661 3_0_0 EXIST::FUNCTION:DSA
ASN1_verify 3679 3_0_0 EXIST::FUNCTION:
DSA_generate_parameters_ex 3680 3_0_0 EXIST::FUNCTION:DSA
X509_sign 3681 3_0_0 EXIST::FUNCTION:
-SHA256_Transform 3682 3_0_0 EXIST::FUNCTION:
+SHA256_Transform 3682 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BIO_ADDR_free 3683 3_0_0 EXIST::FUNCTION:SOCK
ASN1_STRING_free 3684 3_0_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_inherit 3685 3_0_0 EXIST::FUNCTION:
d2i_OCSP_SINGLERESP 3900 3_0_0 EXIST::FUNCTION:OCSP
EVP_CIPHER_CTX_num 3901 3_0_0 EXIST::FUNCTION:
EVP_PKEY_verify_recover_init 3902 3_0_0 EXIST::FUNCTION:
-SHA512_Init 3903 3_0_0 EXIST::FUNCTION:
+SHA512_Init 3903 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
TS_MSG_IMPRINT_set_msg 3904 3_0_0 EXIST::FUNCTION:TS
CMS_unsigned_add1_attr 3905 3_0_0 EXIST::FUNCTION:CMS
OPENSSL_LH_doall 3906 3_0_0 EXIST::FUNCTION: