Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
+ *) X509 certificates signed using SHA1 are no longer allowed at security
+ level 1 and above.
+ In TLS/SSL the default security level is 1. It can be set either
+ using the cipher string with @SECLEVEL, or calling
+ SSL_CTX_set_security_level(). If the leaf certificate is signed with SHA-1,
+ a call to SSL_CTX_use_certificate() will fail if the security level is not
+ lowered first.
+ Outside TLS/SSL, the default security level is -1 (effectively 0). It can
+ be set using X509_VERIFY_PARAM_set_auth_level() or using the -auth_level
+ options of the apps.
+ [Kurt Roeckx]
+
+ *) Reworked the treatment of EC EVP_PKEYs with the SM2 curve to
+ automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC.
+ This means that applications don't have to look at the curve NID and
+ 'EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)' to get SM2 computations.
+ However, they still can, that EVP_PKEY_set_alias_type() call acts as
+ a no-op when the EVP_PKEY is already of the given type.
+
+ Parameter and key generation is also reworked to make it possible
+ to generate EVP_PKEY_SM2 parameters and keys without having to go
+ through EVP_PKEY_EC generation and then change the EVP_PKEY type.
+ However, code that does the latter will still work as before.
+ [Richard Levitte]
+
+ *) Deprecated low level ECDH and ECDSA functions. These include:
+
+ ECDH_compute_key, ECDSA_do_sign, ECDSA_do_sign_ex, ECDSA_do_verify,
+ ECDSA_sign_setup, ECDSA_sign, ECDSA_sign_ex, ECDSA_verify and
+ ECDSA_size.
+
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use the EVP_PKEY_derive(3),
+ EVP_DigestSign(3) and EVP_DigestVerify(3) functions.
+ [Paul Dale]
+
+ *) Deprecated the EC_KEY_METHOD functions. These include:
+
+ EC_KEY_METHOD_new, EC_KEY_METHOD_free, EC_KEY_METHOD_set_init,
+ EC_KEY_METHOD_set_keygen, EC_KEY_METHOD_set_compute_key,
+ EC_KEY_METHOD_set_sign, EC_KEY_METHOD_set_verify,
+ EC_KEY_METHOD_get_init, EC_KEY_METHOD_get_keygen,
+ EC_KEY_METHOD_get_compute_key, EC_KEY_METHOD_get_sign and
+ EC_KEY_METHOD_get_verify.
+
+ Instead applications and extension writers should use the OSSL_PROVIDER
+ APIs.
+ [Paul Dale]
+
+ *) Deprecated EVP_PKEY_decrypt_old(), please use EVP_PKEY_decrypt_init()
+ and EVP_PKEY_decrypt() instead.
+ Deprecated EVP_PKEY_encrypt_old(), please use EVP_PKEY_encrypt_init()
+ and EVP_PKEY_encrypt() instead.
+ [Richard Levitte]
+
+ *) Enhanced the documentation of EVP_PKEY_size(), EVP_PKEY_bits()
+ and EVP_PKEY_security_bits(). Especially EVP_PKEY_size() needed
+ a new formulation to include all the things it can be used for,
+ as well as words of caution.
+ [Richard Levitte]
+
+ *) The SSL_CTX_set_tlsext_ticket_key_cb(3) function has been deprecated.
+ Instead used the new SSL_CTX_set_tlsext_ticket_key_evp_cb(3) function.
+ [Paul Dale]
+
+ *) All of the low level HMAC functions have been deprecated including:
+ HMAC, HMAC_size, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free,
+ HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags
+ and HMAC_CTX_get_md.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
+ *) All of the low level CMAC functions have been deprecated including:
+ CMAC_CTX_new, CMAC_CTX_cleanup, CMAC_CTX_free, CMAC_CTX_get0_cipher_ctx,
+ CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final and CMAC_resume.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
*) All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224, SHA256,
SHA384, SHA512 and Whirlpool digest functions have been deprecated.
These include:
- MD2, MD2_options, MD2_Init, MD2_Update, MD2_Final, MD4, MD4_Init,
- MD4_Update, MD4_Final, MD4_Transform, MD5, MD5_Init, MD5_Update,
- MD5_Final, MD5_Transform, MDC2, MDC2_Init, MDC2_Update, MDC2_Final,
- RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final,
- RIPEMD160_Transform, SHA1_Init, SHA1_Update, SHA1_Final,
- SHA1_Transform, SHA224_Init, SHA224_Update, SHA224_Final,
- SHA224_Transform, SHA256_Init, SHA256_Update, SHA256_Final,
- SHA256_Transform, SHA384, SHA384_Init, SHA384_Update, SHA384_Final,
- SHA512, SHA512_Init, SHA512_Update, SHA512_Final, SHA512_Transform,
- WHIRLPOOL, WHIRLPOOL_Init, WHIRLPOOL_Update, WHIRLPOOL_BitUpdate
- and WHIRLPOOL_Final.
- Use of these low level functions has been informally discouraged for a long
- time. Instead applications should instead use the EVP_DigestInit_ex,
- EVP_DigestUpdate(3) and EVP_DigestFinal_ex(3) functions.
+
+ MD2, MD2_options, MD2_Init, MD2_Update, MD2_Final, MD4, MD4_Init,
+ MD4_Update, MD4_Final, MD4_Transform, MD5, MD5_Init, MD5_Update,
+ MD5_Final, MD5_Transform, MDC2, MDC2_Init, MDC2_Update, MDC2_Final,
+ RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final,
+ RIPEMD160_Transform, SHA1_Init, SHA1_Update, SHA1_Final, SHA1_Transform,
+ SHA224_Init, SHA224_Update, SHA224_Final, SHA224_Transform, SHA256_Init,
+ SHA256_Update, SHA256_Final, SHA256_Transform, SHA384, SHA384_Init,
+ SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update,
+ SHA512_Final, SHA512_Transform, WHIRLPOOL, WHIRLPOOL_Init,
+ WHIRLPOOL_Update, WHIRLPOOL_BitUpdate and WHIRLPOOL_Final.
+
+ Use of these low level functions has been informally discouraged
+ for a long time. Applications should use the EVP_DigestInit_ex(3),
+ EVP_DigestUpdate(3) and EVP_DigestFinal_ex(3) functions instead.
[Paul Dale]
*) Corrected the documentation of the return values from the EVP_DigestSign*
like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed.
[Richard Levitte]
- *) All of the low level Blowfish functions have been deprecated including:
- BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
- BF_cfb64_encrypt, BF_ofb64_encrypt, and BF_options.
- Use of these low level functions has been informally discouraged for a long
- time. Instead applications should use the high level EVP APIs, e.g.
- EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
- equivalently named decrypt functions.
- [Matt Caswell]
-
- *) All of the low level CAST functions have been deprecated including:
- CAST_set_key, CAST_ecb_encrypt, CAST_encrypt, CAST_decrypt,
- CAST_cbc_encrypt, CAST_cfb64_encrypt and CAST_ofb64_encrypt
- Use of these low level functions has been informally discouraged for a long
- time. Instead applications should use the high level EVP APIs, e.g.
- EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
- equivalently named decrypt functions.
- [Matt Caswell]
+ *) All of the low level cipher functions have been deprecated including:
- *) All of the low level Camelllia functions have been deprecated including:
- Camellia_set_key, Camellia_encrypt, Camellia_decrypt, Camellia_ecb_encrypt,
- Camellia_cbc_encrypt, Camellia_cfb128_encrypt, Camellia_cfb1_encrypt,
- Camellia_cfb8_encrypt, Camellia_ofb128_encrypt and Camellia_ctr128_encrypt.
- Use of these low level functions has been informally discouraged for a long
- time. Instead applications should use the high level EVP APIs, e.g.
+ AES_options, AES_set_encrypt_key, AES_set_decrypt_key, AES_encrypt,
+ AES_decrypt, AES_ecb_encrypt, AES_cbc_encrypt, AES_cfb128_encrypt,
+ AES_cfb1_encrypt, AES_cfb8_encrypt, AES_ofb128_encrypt,
+ AES_wrap_key, AES_unwrap_key, BF_set_key, BF_encrypt, BF_decrypt,
+ BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt,
+ BF_options, Camellia_set_key, Camellia_encrypt, Camellia_decrypt,
+ Camellia_ecb_encrypt, Camellia_cbc_encrypt, Camellia_cfb128_encrypt,
+ Camellia_cfb1_encrypt, Camellia_cfb8_encrypt, Camellia_ofb128_encrypt,
+ Camellia_ctr128_encrypt, CAST_set_key, CAST_encrypt, CAST_decrypt,
+ CAST_ecb_encrypt, CAST_cbc_encrypt, CAST_cfb64_encrypt,
+ CAST_ofb64_encrypt, DES_options, DES_encrypt1, DES_encrypt2,
+ DES_encrypt3, DES_decrypt3, DES_cbc_encrypt, DES_ncbc_encrypt,
+ DES_pcbc_encrypt, DES_xcbc_encrypt, DES_cfb_encrypt, DES_cfb64_encrypt,
+ DES_ecb_encrypt, DES_ofb_encrypt, DES_ofb64_encrypt, DES_random_key,
+ DES_set_odd_parity, DES_check_key_parity, DES_is_weak_key, DES_set_key,
+ DES_key_sched, DES_set_key_checked, DES_set_key_unchecked,
+ DES_string_to_key, DES_string_to_2keys, DES_fixup_key_parity,
+ DES_ecb2_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt,
+ DES_ede2_ofb64_encrypt, DES_ecb3_encrypt, DES_ede3_cbc_encrypt,
+ DES_ede3_cfb64_encrypt, DES_ede3_cfb_encrypt, DES_ede3_ofb64_encrypt,
+ DES_cbc_cksum, DES_quad_cksum, IDEA_encrypt, IDEA_options,
+ IDEA_ecb_encrypt, IDEA_set_encrypt_key, IDEA_set_decrypt_key,
+ IDEA_cbc_encrypt, IDEA_cfb64_encrypt, IDEA_ofb64_encrypt, RC2_set_key,
+ RC2_encrypt, RC2_decrypt, RC2_ecb_encrypt, RC2_cbc_encrypt,
+ RC2_cfb64_encrypt, RC2_ofb64_encrypt, RC4, RC4_options, RC4_set_key,
+ RC5_32_set_key, RC5_32_encrypt, RC5_32_decrypt, RC5_32_ecb_encrypt,
+ RC5_32_cbc_encrypt, RC5_32_cfb64_encrypt, RC5_32_ofb64_encrypt,
+ SEED_set_key, SEED_encrypt, SEED_decrypt, SEED_ecb_encrypt,
+ SEED_cbc_encrypt, SEED_cfb128_encrypt and SEED_ofb128_encrypt.
+
+ Use of these low level functions has been informally discouraged for
+ a long time. Applications should use the high level EVP APIs, e.g.
EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
- equivalently named decrypt functions.
- [Matt Caswell]
+ equivalently named decrypt functions instead.
+ [Matt Caswell and Paul Dale]
*) Removed include/openssl/opensslconf.h.in and replaced it with
include/openssl/configuration.h.in, which differs in not including
for scripting purposes.
[Richard Levitte]
- *) All of the low level AES functions have been deprecated including:
- AES_options, AES_set_encrypt_key, AES_set_decrypt_key, AES_encrypt,
- AES_decrypt, AES_ecb_encrypt, AES_cbc_encrypt, AES_cfb128_encrypt,
- AES_cfb1_encrypt, AES_cfb8_encrypt, AES_ofb128_encrypt, AES_wrap_key and
- AES_unwrap_key
- Use of these low level functions has been informally discouraged for a long
- time. Instead applications should use the high level EVP APIs, e.g.
- EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
- equivalently named decrypt functions.
-
- The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have also been
+ *) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been
deprecated. These undocumented functions were never integrated into the EVP
layer and implement the AES Infinite Garble Extension (IGE) mode and AES
Bi-directional IGE mode. These modes were never formally standardised and
projects / openssl.git / blobdiff