From: Norbert Pocs Date: Thu, 22 May 2025 10:01:19 +0000 (+0200) Subject: Deprecate EVP_PKEY_ASN1_METHOD related function declarations and definitions X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52d212dd700f7600ea3454faff4e799caf7c736e;p=thirdparty%2Fopenssl.git Deprecate EVP_PKEY_ASN1_METHOD related function declarations and definitions Signed-off-by: Norbert Pocs Reviewed-by: Saša Nedvědický Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/27727) --- diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index 4abbd1e5716..5d0a71bbd85 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#ifndef OPENSSL_NO_DEPRECATED_3_6 /* We need to use some engine deprecated APIs */ #define OPENSSL_SUPPRESS_DEPRECATED @@ -432,3 +433,4 @@ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth, { ameth->get_pub_key = get_pub_key; } +#endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0321cfca6c0..d47732484ef 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -519,7 +519,7 @@ typedef int (EVP_PBE_KEYGEN_EX) (EVP_CIPHER_CTX *ctx, const char *pass, int en_de, OSSL_LIB_CTX *libctx, const char *propq); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ +# define EVP_PKEY_assign_RSA(pkey, rsa) EVP_PKEY_assign((pkey), EVP_PKEY_RSA, \ (rsa)) # endif @@ -529,13 +529,14 @@ typedef int (EVP_PBE_KEYGEN_EX) (EVP_CIPHER_CTX *ctx, const char *pass, # endif # if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0) -# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,(dh)) +# define EVP_PKEY_assign_DH(pkey, dh) EVP_PKEY_assign((pkey), EVP_PKEY_DH, (dh)) # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_EC -# define EVP_PKEY_assign_EC_KEY(pkey,eckey) \ - EVP_PKEY_assign((pkey), EVP_PKEY_EC, (eckey)) +# define EVP_PKEY_assign_EC_KEY(pkey, eckey) EVP_PKEY_assign((pkey), \ + EVP_PKEY_EC, \ + (eckey)) # endif # endif # ifndef OPENSSL_NO_SIPHASH @@ -543,9 +544,11 @@ typedef int (EVP_PBE_KEYGEN_EX) (EVP_CIPHER_CTX *ctx, const char *pass, EVP_PKEY_SIPHASH,(shkey)) # endif -# ifndef OPENSSL_NO_POLY1305 -# define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),\ - EVP_PKEY_POLY1305,(polykey)) +# ifndef OPENSSL_NO_POLY1305 +# define EVP_PKEY_assign_POLY1305(pkey, polykey) EVP_PKEY_assign((pkey), \ + EVP_PKEY_POLY1305, \ + (polykey)) +# endif # endif /* Add some extra combinations */ @@ -1618,25 +1621,30 @@ int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num); # define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa # define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xb -int EVP_PKEY_asn1_get_count(void); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); +# ifndef OPENSSL_NO_DEPRECATED_3_6 +OSSL_DEPRECATEDIN_3_6 int EVP_PKEY_asn1_get_count(void); +OSSL_DEPRECATEDIN_3_6 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); +OSSL_DEPRECATEDIN_3_6 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); +OSSL_DEPRECATEDIN_3_6 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len); -int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); -int EVP_PKEY_asn1_add_alias(int to, int from); +OSSL_DEPRECATEDIN_3_6 int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); +OSSL_DEPRECATEDIN_3_6 int EVP_PKEY_asn1_add_alias(int to, int from); +OSSL_DEPRECATEDIN_3_6 int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, const char **pinfo, const char **ppem_str, const EVP_PKEY_ASN1_METHOD *ameth); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey); -EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, - const char *pem_str, - const char *info); -void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, - const EVP_PKEY_ASN1_METHOD *src); -void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); +OSSL_DEPRECATEDIN_3_6 const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey); +OSSL_DEPRECATEDIN_3_6 EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, + const char *pem_str, + const char *info); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, + const EVP_PKEY_ASN1_METHOD *src); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pub_decode) (EVP_PKEY *pk, const X509_PUBKEY *pub), @@ -1649,6 +1657,7 @@ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int indent, ASN1_PCTX *pctx), int (*pkey_size) (const EVP_PKEY *pk), int (*pkey_bits) (const EVP_PKEY *pk)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO @@ -1659,6 +1668,7 @@ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, int (*param_decode) (EVP_PKEY *pkey, const unsigned char **pder, @@ -1675,11 +1685,14 @@ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, int indent, ASN1_PCTX *pctx)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, void (*pkey_free) (EVP_PKEY *pkey)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, @@ -1694,41 +1707,51 @@ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, X509_ALGOR *alg2, ASN1_BIT_STRING *sig)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth, int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg, const ASN1_STRING *sig)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_check) (const EVP_PKEY *pk)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_pub_check) (const EVP_PKEY *pk)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_param_check) (const EVP_PKEY *pk)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth, int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth, int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth, int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth, int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len)); +OSSL_DEPRECATEDIN_3_6 void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_security_bits) (const EVP_PKEY *pk)); +# endif /* OPENSSL_NO_DEPRECATED_3_6 */ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);