[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed Sep 9 08:00:30 UTC 2020
The branch master has been updated
via e942111267f292070cbc8397e0cc5fddaf8371a0 (commit)
via 5c97eeb726dac6194e7a3aecf8231a512e0243ea (commit)
via b924d1b6e1b66def84979dbbf3c79059cff1d554 (commit)
via 81661a14bcf9fb92eadedb15de75c3eb5b4e97a8 (commit)
via b250fc7be771d912460b60285ad7124e0b38ef94 (commit)
from b434b2c08d2025936fb8b7ece3a5908613333f6b (commit)
- Log -----------------------------------------------------------------
commit e942111267f292070cbc8397e0cc5fddaf8371a0
Author: Pauli <paul.dale at oracle.com>
Date: Sun Sep 6 20:39:12 2020 +1000
In a non-shared build, don't include the md5 object files in legacy provider
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
commit 5c97eeb726dac6194e7a3aecf8231a512e0243ea
Author: Pauli <paul.dale at oracle.com>
Date: Sun Sep 6 17:14:38 2020 +1000
TLS fixes for CBC mode and no-deprecated
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
commit b924d1b6e1b66def84979dbbf3c79059cff1d554
Author: Pauli <paul.dale at oracle.com>
Date: Sun Sep 6 13:44:08 2020 +1000
TLS: remove legacy code path supporting special CBC mode
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
commit 81661a14bcf9fb92eadedb15de75c3eb5b4e97a8
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 26 20:20:09 2020 +1000
legacy: include MD5 code in legacy provider
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
commit b250fc7be771d912460b60285ad7124e0b38ef94
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 26 19:38:23 2020 +1000
Deprecate SHA and MD5 again.
This reverts commit a978dc3bffb63e6bfc40fe6955e8798bdffb4e7e.
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
-----------------------------------------------------------------------
Summary of changes:
crypto/md5/build.info | 11 ++++++
include/openssl/md5.h | 35 ++++++++++--------
include/openssl/sha.h | 96 +++++++++++++++++++++++++++---------------------
ssl/build.info | 5 ++-
ssl/record/ssl3_record.c | 23 ++++++++++++
ssl/s3_cbc.c | 19 ----------
util/libcrypto.num | 56 ++++++++++++++--------------
7 files changed, 141 insertions(+), 104 deletions(-)
diff --git a/crypto/md5/build.info b/crypto/md5/build.info
index afcf7c4426..bbb70fde3c 100644
--- a/crypto/md5/build.info
+++ b/crypto/md5/build.info
@@ -18,10 +18,21 @@ $COMMON=md5_dgst.c md5_one.c md5_sha1.c $MD5ASM
SOURCE[../../libcrypto]=$COMMON
SOURCE[../../providers/libimplementations.a]=$COMMON
+# A no-deprecated no-shared build ends up with double function definitions
+# without conditioning this on dso. The issue is MD5 which is needed in the
+# legacy provider for one of the spliced algorithms, however it resides in the
+# default provider. A no-deprecated build removes the external definition from
+# libcrypto and this means that the code needs to be in liblegacy. However,
+# when building without 'dso', liblegacy is included in libcrypto.
+IF[{- !$disabled{dso} -}]
+ SOURCE[../../providers/liblegacy.a]=$COMMON
+ENDIF
+
# Implementations are now spread across several libraries, so the defines
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$MD5DEF
DEFINE[../../providers/libimplementations.a]=$MD5DEF
+DEFINE[../../providers/liblegacy.a]=$MD5DEF
GENERATE[md5-586.s]=asm/md5-586.pl
diff --git a/include/openssl/md5.h b/include/openssl/md5.h
index 0a75b084a2..c61b3d94c8 100644
--- a/include/openssl/md5.h
+++ b/include/openssl/md5.h
@@ -19,22 +19,24 @@
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_MD5
-# include <openssl/e_os2.h>
-# include <stddef.h>
-# ifdef __cplusplus
+# include <openssl/e_os2.h>
+# include <stddef.h>
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
+
+# define MD5_DIGEST_LENGTH 16
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
/*
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! MD5_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# define MD5_LONG unsigned int
+# define MD5_LONG unsigned int
-# define MD5_CBLOCK 64
-# define MD5_LBLOCK (MD5_CBLOCK/4)
-# define MD5_DIGEST_LENGTH 16
+# define MD5_CBLOCK 64
+# define MD5_LBLOCK (MD5_CBLOCK/4)
typedef struct MD5state_st {
MD5_LONG A, B, C, D;
@@ -42,15 +44,18 @@ typedef struct MD5state_st {
MD5_LONG data[MD5_LBLOCK];
unsigned int num;
} MD5_CTX;
+# endif
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len);
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-# ifdef __cplusplus
+DEPRECATEDIN_3_0(int MD5_Init(MD5_CTX *c))
+DEPRECATEDIN_3_0(int MD5_Update(MD5_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int MD5_Final(unsigned char *md, MD5_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *MD5(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void MD5_Transform(MD5_CTX *c, const unsigned char *b))
+
+# ifdef __cplusplus
}
-# endif
+# endif
# endif
#endif
diff --git a/include/openssl/sha.h b/include/openssl/sha.h
index 18e584a161..eac7cdbba3 100644
--- a/include/openssl/sha.h
+++ b/include/openssl/sha.h
@@ -23,19 +23,21 @@
extern "C" {
# endif
+# define SHA_DIGEST_LENGTH 20
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# define SHA_LONG unsigned int
+# define SHA_LONG unsigned int
-# define SHA_LBLOCK 16
-# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
- * contiguous array of 32 bit wide
- * big-endian values. */
-# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
-# define SHA_DIGEST_LENGTH 20
+# define SHA_LBLOCK 16
+# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
typedef struct SHAstate_st {
SHA_LONG h0, h1, h2, h3, h4;
@@ -43,14 +45,17 @@ typedef struct SHAstate_st {
SHA_LONG data[SHA_LBLOCK];
unsigned int num;
} SHA_CTX;
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+DEPRECATEDIN_3_0(int SHA1_Init(SHA_CTX *c))
+DEPRECATEDIN_3_0(int SHA1_Update(SHA_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA1_Final(unsigned char *md, SHA_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA1(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA1_Transform(SHA_CTX *c, const unsigned char *data))
-# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
* contiguous array of 32 bit wide
* big-endian values. */
@@ -60,22 +65,27 @@ typedef struct SHA256state_st {
SHA_LONG data[SHA_LBLOCK];
unsigned int num, md_len;
} SHA256_CTX;
-
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
+
+DEPRECATEDIN_3_0(int SHA224_Init(SHA256_CTX *c))
+DEPRECATEDIN_3_0(int SHA224_Update(SHA256_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA224_Final(unsigned char *md, SHA256_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA224(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(int SHA256_Init(SHA256_CTX *c))
+DEPRECATEDIN_3_0(int SHA256_Update(SHA256_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA256_Final(unsigned char *md, SHA256_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA256(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA256_Transform(SHA256_CTX *c,
+ const unsigned char *data))
# define SHA224_DIGEST_LENGTH 28
# define SHA256_DIGEST_LENGTH 32
# define SHA384_DIGEST_LENGTH 48
# define SHA512_DIGEST_LENGTH 64
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
* being exactly 64-bit wide. See Implementation Notes in sha512.c
@@ -86,14 +96,14 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
* contiguous array of 64 bit
* wide big-endian values.
*/
-# define SHA512_CBLOCK (SHA_LBLOCK*8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SHA_LONG64 unsigned __int64
-# elif defined(__arch64__)
-# define SHA_LONG64 unsigned long
-# else
-# define SHA_LONG64 unsigned long long
-# endif
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# else
+# define SHA_LONG64 unsigned long long
+# endif
typedef struct SHA512state_st {
SHA_LONG64 h[8];
@@ -104,16 +114,20 @@ typedef struct SHA512state_st {
} u;
unsigned int num, md_len;
} SHA512_CTX;
-
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
+# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */
+
+DEPRECATEDIN_3_0(int SHA384_Init(SHA512_CTX *c))
+DEPRECATEDIN_3_0(int SHA384_Update(SHA512_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA384_Final(unsigned char *md, SHA512_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA384(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(int SHA512_Init(SHA512_CTX *c))
+DEPRECATEDIN_3_0(int SHA512_Update(SHA512_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int SHA512_Final(unsigned char *md, SHA512_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *SHA512(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void SHA512_Transform(SHA512_CTX *c,
+ const unsigned char *data))
# ifdef __cplusplus
}
diff --git a/ssl/build.info b/ssl/build.info
index e5b7befbaa..fd9a16784e 100644
--- a/ssl/build.info
+++ b/ssl/build.info
@@ -23,7 +23,7 @@ SOURCE[../libssl]=\
pqueue.c ../crypto/packet.c \
statem/statem_srvr.c statem/statem_clnt.c s3_lib.c s3_enc.c record/rec_layer_s3.c \
statem/statem_lib.c statem/extensions.c statem/extensions_srvr.c \
- statem/extensions_clnt.c statem/extensions_cust.c s3_cbc.c s3_msg.c \
+ statem/extensions_clnt.c statem/extensions_cust.c s3_msg.c \
methods.c t1_lib.c t1_enc.c tls13_enc.c \
d1_lib.c record/rec_layer_d1.c d1_msg.c \
statem/statem_dtls.c d1_srtp.c \
@@ -34,6 +34,9 @@ SOURCE[../libssl]=\
record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \
statem/statem.c record/ssl3_record_tls13.c record/tls_pad.c \
$KTLSSRC
+IF[{- !$disabled{'deprecated-3.0'} -}]
+ SOURCE[../libssl]=s3_cbc.c
+ENDIF
DEFINE[../libssl]=$AESDEF
SOURCE[../providers/libcommon.a]=record/tls_pad.c
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index baa4f239bf..046d6f2054 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1307,6 +1307,25 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending,
return 1;
}
+/*
+ * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
+ * which ssl3_cbc_digest_record supports.
+ */
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
+{
+ switch (EVP_MD_CTX_type(ctx)) {
+ case NID_md5:
+ case NID_sha1:
+ case NID_sha224:
+ case NID_sha256:
+ case NID_sha384:
+ case NID_sha512:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
{
unsigned char *mac_sec, *seq;
@@ -1335,6 +1354,9 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
if (!sending &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
ssl3_cbc_record_digest_supported(hash)) {
+#ifdef OPENSSL_NO_DEPRECATED_3_0
+ return 0;
+#else
/*
* This is a CBC-encrypted record. We must avoid leaking any
* timing-side channel information about how many blocks of data we
@@ -1368,6 +1390,7 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
rec->length, rec->orig_len,
mac_sec, md_size, 1) <= 0)
return 0;
+#endif
} else {
unsigned int md_size_u;
/* Chop the digest off the end :-) */
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index 4895f43568..26f12654e4 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -132,25 +132,6 @@ static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out)
#undef LARGEST_DIGEST_CTX
#define LARGEST_DIGEST_CTX SHA512_CTX
-/*
- * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
- * which ssl3_cbc_digest_record supports.
- */
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
-{
- switch (EVP_MD_CTX_type(ctx)) {
- case NID_md5:
- case NID_sha1:
- case NID_sha224:
- case NID_sha256:
- case NID_sha384:
- case NID_sha512:
- return 1;
- default:
- return 0;
- }
-}
-
/*-
* ssl3_cbc_digest_record computes the MAC of a decrypted, padded SSLv3/TLS
* record.
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 777d8ce8a8..e3ca2fe625 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1001,7 +1001,7 @@ i2d_PKCS8PrivateKey_nid_bio 1026 3_0_0 EXIST::FUNCTION:
ERR_put_error 1027 3_0_0 NOEXIST::FUNCTION:
ERR_add_error_data 1028 3_0_0 EXIST::FUNCTION:
X509_ALGORS_it 1029 3_0_0 EXIST::FUNCTION:
-MD5_Update 1030 3_0_0 EXIST::FUNCTION:MD5
+MD5_Update 1030 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5
X509_policy_check 1031 3_0_0 EXIST::FUNCTION:
X509_CRL_METHOD_new 1032 3_0_0 EXIST::FUNCTION:
ASN1_ANY_it 1033 3_0_0 EXIST::FUNCTION:
@@ -1145,7 +1145,7 @@ BN_security_bits 1171 3_0_0 EXIST::FUNCTION:
X509_PURPOSE_get0_name 1172 3_0_0 EXIST::FUNCTION:
TS_TST_INFO_get_serial 1173 3_0_0 EXIST::FUNCTION:TS
ASN1_PCTX_get_str_flags 1174 3_0_0 EXIST::FUNCTION:
-SHA256 1175 3_0_0 EXIST::FUNCTION:
+SHA256 1175 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_LOOKUP_hash_dir 1176 3_0_0 EXIST::FUNCTION:
ASN1_BIT_STRING_check 1177 3_0_0 EXIST::FUNCTION:
ENGINE_set_default_RAND 1178 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
@@ -1252,7 +1252,7 @@ ASN1_INTEGER_set_int64 1280 3_0_0 EXIST::FUNCTION:
ASN1_TIME_free 1281 3_0_0 EXIST::FUNCTION:
i2o_SCT_LIST 1282 3_0_0 EXIST::FUNCTION:CT
AES_encrypt 1283 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-MD5_Init 1284 3_0_0 EXIST::FUNCTION:MD5
+MD5_Init 1284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5
UI_add_error_string 1285 3_0_0 EXIST::FUNCTION:
X509_TRUST_cleanup 1286 3_0_0 EXIST::FUNCTION:
PEM_read_X509 1287 3_0_0 EXIST::FUNCTION:STDIO
@@ -1376,7 +1376,7 @@ EVP_MD_meth_get_cleanup 1408 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_
SRP_Calc_server_key 1409 3_0_0 EXIST::FUNCTION:SRP
BN_mod_exp_simple 1410 3_0_0 EXIST::FUNCTION:
BIO_set_ex_data 1411 3_0_0 EXIST::FUNCTION:
-SHA512 1412 3_0_0 EXIST::FUNCTION:
+SHA512 1412 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_STORE_CTX_get_explicit_policy 1413 3_0_0 EXIST::FUNCTION:
EVP_DecodeBlock 1414 3_0_0 EXIST::FUNCTION:
OCSP_REQ_CTX_http 1415 3_0_0 EXIST::FUNCTION:
@@ -1441,7 +1441,7 @@ X509V3_section_free 1474 3_0_0 EXIST::FUNCTION:
CRYPTO_mem_debug_free 1475 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
d2i_OCSP_REQUEST 1476 3_0_0 EXIST::FUNCTION:OCSP
ENGINE_get_cipher_engine 1477 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
-SHA384_Final 1478 3_0_0 EXIST::FUNCTION:
+SHA384_Final 1478 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
TS_RESP_CTX_set_certs 1479 3_0_0 EXIST::FUNCTION:TS
BN_MONT_CTX_free 1480 3_0_0 EXIST::FUNCTION:
BN_GF2m_mod_solve_quad_arr 1481 3_0_0 EXIST::FUNCTION:EC2M
@@ -1467,7 +1467,7 @@ ASYNC_get_wait_ctx 1500 3_0_0 EXIST::FUNCTION:
ENGINE_set_load_privkey_function 1501 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
CRYPTO_ccm128_setiv 1502 3_0_0 EXIST::FUNCTION:
PKCS7_dataFinal 1503 3_0_0 EXIST::FUNCTION:
-SHA1_Final 1504 3_0_0 EXIST::FUNCTION:
+SHA1_Final 1504 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
i2a_ASN1_STRING 1505 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_CTX_rand_key 1506 3_0_0 EXIST::FUNCTION:
AES_set_encrypt_key 1507 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
@@ -1835,7 +1835,7 @@ RSA_verify_ASN1_OCTET_STRING 1877 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_
SCT_set_log_entry_type 1878 3_0_0 EXIST::FUNCTION:CT
BN_new 1879 3_0_0 EXIST::FUNCTION:
X509_OBJECT_retrieve_by_subject 1880 3_0_0 EXIST::FUNCTION:
-MD5_Final 1881 3_0_0 EXIST::FUNCTION:MD5
+MD5_Final 1881 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5
X509_STORE_set_verify_cb 1882 3_0_0 EXIST::FUNCTION:
OCSP_REQUEST_print 1883 3_0_0 EXIST::FUNCTION:OCSP
CMS_add1_crl 1884 3_0_0 EXIST::FUNCTION:CMS
@@ -1876,7 +1876,7 @@ CMS_SignedData_init 1920 3_0_0 EXIST::FUNCTION:CMS
X509_REQ_free 1921 3_0_0 EXIST::FUNCTION:
ASN1_INTEGER_set 1922 3_0_0 EXIST::FUNCTION:
EVP_DecodeFinal 1923 3_0_0 EXIST::FUNCTION:
-MD5_Transform 1925 3_0_0 EXIST::FUNCTION:MD5
+MD5_Transform 1925 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5
SRP_create_verifier_BN 1926 3_0_0 EXIST::FUNCTION:SRP
ENGINE_register_all_EC 1927 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
EVP_camellia_128_ofb 1928 3_0_0 EXIST::FUNCTION:CAMELLIA
@@ -1893,7 +1893,7 @@ PKCS5_PBE_keyivgen 1938 3_0_0 EXIST::FUNCTION:
i2d_OCSP_SERVICELOC 1939 3_0_0 EXIST::FUNCTION:OCSP
EC_POINT_copy 1940 3_0_0 EXIST::FUNCTION:EC
X509V3_EXT_CRL_add_nconf 1941 3_0_0 EXIST::FUNCTION:
-SHA256_Init 1942 3_0_0 EXIST::FUNCTION:
+SHA256_Init 1942 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_NAME_ENTRY_get_object 1943 3_0_0 EXIST::FUNCTION:
ASN1_ENUMERATED_free 1944 3_0_0 EXIST::FUNCTION:
X509_CRL_set_meth_data 1945 3_0_0 EXIST::FUNCTION:
@@ -1914,7 +1914,7 @@ EVP_PKEY_add1_attr 1959 3_0_0 EXIST::FUNCTION:
X509_STORE_CTX_purpose_inherit 1960 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_keygen 1961 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ENGINE_get_pkey_asn1_meth 1962 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
-SHA256_Update 1963 3_0_0 EXIST::FUNCTION:
+SHA256_Update 1963 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
d2i_PKCS7_ISSUER_AND_SERIAL 1964 3_0_0 EXIST::FUNCTION:
PKCS12_unpack_authsafes 1965 3_0_0 EXIST::FUNCTION:
X509_CRL_it 1966 3_0_0 EXIST::FUNCTION:
@@ -2073,7 +2073,7 @@ BIO_s_file 2118 3_0_0 EXIST::FUNCTION:
RSA_X931_derive_ex 2119 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
EVP_PKEY_decrypt_init 2120 3_0_0 EXIST::FUNCTION:
ENGINE_get_destroy_function 2121 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
-SHA224_Init 2122 3_0_0 EXIST::FUNCTION:
+SHA224_Init 2122 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509V3_EXT_add_conf 2123 3_0_0 EXIST::FUNCTION:
ASN1_object_size 2124 3_0_0 EXIST::FUNCTION:
X509_REVOKED_free 2125 3_0_0 EXIST::FUNCTION:
@@ -2191,7 +2191,7 @@ PEM_write_bio_PKCS8_PRIV_KEY_INFO 2238 3_0_0 EXIST::FUNCTION:
EC_GROUP_set_curve_GF2m 2239 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC,EC2M
ENGINE_load_builtin_engines 2240 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
SRP_VBASE_init 2241 3_0_0 EXIST::FUNCTION:SRP
-SHA224_Final 2242 3_0_0 EXIST::FUNCTION:
+SHA224_Final 2242 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
OCSP_CERTSTATUS_free 2243 3_0_0 EXIST::FUNCTION:OCSP
d2i_TS_TST_INFO 2244 3_0_0 EXIST::FUNCTION:TS
IPAddressOrRange_it 2245 3_0_0 EXIST::FUNCTION:RFC3779
@@ -2201,7 +2201,7 @@ TS_OBJ_print_bio 2248 3_0_0 EXIST::FUNCTION:TS
X509_time_adj_ex 2249 3_0_0 EXIST::FUNCTION:
OCSP_request_add1_cert 2250 3_0_0 EXIST::FUNCTION:OCSP
ERR_load_X509_strings 2251 3_0_0 EXIST::FUNCTION:
-SHA1_Transform 2252 3_0_0 EXIST::FUNCTION:
+SHA1_Transform 2252 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CMS_signed_get_attr_by_NID 2253 3_0_0 EXIST::FUNCTION:CMS
X509_STORE_CTX_get_by_subject 2254 3_0_0 EXIST::FUNCTION:
ASN1_OCTET_STRING_it 2255 3_0_0 EXIST::FUNCTION:
@@ -2461,7 +2461,7 @@ BN_generate_dsa_nonce 2512 3_0_0 EXIST::FUNCTION:
X509_verify_cert 2513 3_0_0 EXIST::FUNCTION:
X509_policy_level_get0_node 2514 3_0_0 EXIST::FUNCTION:
X509_REQ_get_attr 2515 3_0_0 EXIST::FUNCTION:
-SHA1 2516 3_0_0 EXIST::FUNCTION:
+SHA1 2516 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_print 2517 3_0_0 EXIST::FUNCTION:
d2i_AutoPrivateKey 2518 3_0_0 EXIST::FUNCTION:
X509_REQ_new 2519 3_0_0 EXIST::FUNCTION:
@@ -2497,7 +2497,7 @@ d2i_NETSCAPE_CERT_SEQUENCE 2550 3_0_0 EXIST::FUNCTION:
X509_CRL_set_version 2551 3_0_0 EXIST::FUNCTION:
ASN1_PCTX_set_cert_flags 2552 3_0_0 EXIST::FUNCTION:
PKCS8_PRIV_KEY_INFO_free 2553 3_0_0 EXIST::FUNCTION:
-SHA224_Update 2554 3_0_0 EXIST::FUNCTION:
+SHA224_Update 2554 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EC_GROUP_new_by_curve_name 2555 3_0_0 EXIST::FUNCTION:EC
X509_STORE_set_purpose 2556 3_0_0 EXIST::FUNCTION:
X509_CRL_get0_signature 2557 3_0_0 EXIST::FUNCTION:
@@ -2728,7 +2728,7 @@ CMS_RecipientInfo_encrypt 2786 3_0_0 EXIST::FUNCTION:CMS
X509_get_pubkey_parameters 2787 3_0_0 EXIST::FUNCTION:
PKCS12_setup_mac 2788 3_0_0 EXIST::FUNCTION:
PEM_read_bio_PKCS7 2789 3_0_0 EXIST::FUNCTION:
-SHA512_Final 2790 3_0_0 EXIST::FUNCTION:
+SHA512_Final 2790 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_VERIFY_PARAM_set1_host 2791 3_0_0 EXIST::FUNCTION:
OCSP_resp_find_status 2792 3_0_0 EXIST::FUNCTION:OCSP
d2i_ASN1_T61STRING 2793 3_0_0 EXIST::FUNCTION:
@@ -2902,14 +2902,14 @@ EC_curve_nid2nist 2964 3_0_0 EXIST::FUNCTION:EC
ENGINE_get_finish_function 2965 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
EC_POINT_add 2966 3_0_0 EXIST::FUNCTION:EC
EC_KEY_oct2key 2967 3_0_0 EXIST::FUNCTION:EC
-SHA384_Init 2968 3_0_0 EXIST::FUNCTION:
+SHA384_Init 2968 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ASN1_UNIVERSALSTRING_new 2969 3_0_0 EXIST::FUNCTION:
EVP_PKEY_print_private 2970 3_0_0 EXIST::FUNCTION:
ASN1_INTEGER_new 2971 3_0_0 EXIST::FUNCTION:
NAME_CONSTRAINTS_it 2972 3_0_0 EXIST::FUNCTION:
TS_REQ_get_cert_req 2973 3_0_0 EXIST::FUNCTION:TS
BIO_pop 2974 3_0_0 EXIST::FUNCTION:
-SHA256_Final 2975 3_0_0 EXIST::FUNCTION:
+SHA256_Final 2975 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_PKEY_set1_DH 2976 3_0_0 EXIST::FUNCTION:DH
DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
CRYPTO_secure_malloc 2978 3_0_0 EXIST::FUNCTION:
@@ -2929,7 +2929,7 @@ EC_GROUP_set_asn1_flag 2991 3_0_0 EXIST::FUNCTION:EC
EVP_PKEY_new 2992 3_0_0 EXIST::FUNCTION:
i2d_POLICYINFO 2993 3_0_0 EXIST::FUNCTION:
BN_get_flags 2994 3_0_0 EXIST::FUNCTION:
-SHA384 2995 3_0_0 EXIST::FUNCTION:
+SHA384 2995 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
NCONF_get_string 2996 3_0_0 EXIST::FUNCTION:
d2i_PROXY_CERT_INFO_EXTENSION 2997 3_0_0 EXIST::FUNCTION:
EC_POINT_point2buf 2998 3_0_0 EXIST::FUNCTION:EC
@@ -2981,7 +2981,7 @@ i2d_X509_PUBKEY 3045 3_0_0 EXIST::FUNCTION:
EVP_DecryptUpdate 3046 3_0_0 EXIST::FUNCTION:
CAST_cbc_encrypt 3047 3_0_0 EXIST::FUNCTION:CAST,DEPRECATEDIN_3_0
BN_BLINDING_invert 3048 3_0_0 EXIST::FUNCTION:
-SHA512_Update 3049 3_0_0 EXIST::FUNCTION:
+SHA512_Update 3049 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ESS_ISSUER_SERIAL_new 3050 3_0_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get0_pkcs8 3051 3_0_0 EXIST::FUNCTION:
X509_get_ext_by_NID 3052 3_0_0 EXIST::FUNCTION:
@@ -3003,7 +3003,7 @@ EVP_des_ede_cfb64 3067 3_0_0 EXIST::FUNCTION:DES
d2i_RSAPrivateKey 3068 3_0_0 EXIST::FUNCTION:RSA
ERR_load_BN_strings 3069 3_0_0 EXIST::FUNCTION:
BF_encrypt 3070 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0
-MD5 3071 3_0_0 EXIST::FUNCTION:MD5
+MD5 3071 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5
BN_GF2m_arr2poly 3072 3_0_0 EXIST::FUNCTION:EC2M
EVP_PKEY_meth_get_ctrl 3073 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
i2d_X509_REQ_bio 3074 3_0_0 EXIST::FUNCTION:
@@ -3326,7 +3326,7 @@ d2i_PKCS8_PRIV_KEY_INFO_fp 3395 3_0_0 EXIST::FUNCTION:STDIO
X509_OBJECT_retrieve_match 3396 3_0_0 EXIST::FUNCTION:
EVP_aes_128_ctr 3397 3_0_0 EXIST::FUNCTION:
EVP_PBE_find 3398 3_0_0 EXIST::FUNCTION:
-SHA512_Transform 3399 3_0_0 EXIST::FUNCTION:
+SHA512_Transform 3399 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ERR_add_error_vdata 3400 3_0_0 EXIST::FUNCTION:
OCSP_REQUEST_get_ext 3401 3_0_0 EXIST::FUNCTION:OCSP
NETSCAPE_SPKAC_new 3402 3_0_0 EXIST::FUNCTION:
@@ -3363,7 +3363,7 @@ EVP_OpenFinal 3432 3_0_0 EXIST::FUNCTION:RSA
RAND_egd_bytes 3433 3_0_0 EXIST::FUNCTION:EGD
UI_method_get_writer 3434 3_0_0 EXIST::FUNCTION:
BN_secure_new 3435 3_0_0 EXIST::FUNCTION:
-SHA1_Update 3437 3_0_0 EXIST::FUNCTION:
+SHA1_Update 3437 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BIO_s_connect 3438 3_0_0 EXIST::FUNCTION:SOCK
EVP_MD_meth_get_init 3439 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ASN1_BIT_STRING_free 3440 3_0_0 EXIST::FUNCTION:
@@ -3513,7 +3513,7 @@ EVP_MD_meth_dup 3588 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_
ENGINE_unregister_ciphers 3589 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
X509_issuer_and_serial_cmp 3590 3_0_0 EXIST::FUNCTION:
OCSP_response_create 3591 3_0_0 EXIST::FUNCTION:OCSP
-SHA224 3592 3_0_0 EXIST::FUNCTION:
+SHA224 3592 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
MD2_options 3593 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD2
X509_REQ_it 3595 3_0_0 EXIST::FUNCTION:
RAND_bytes 3596 3_0_0 EXIST::FUNCTION:
@@ -3554,7 +3554,7 @@ PKCS5_pbe_set 3631 3_0_0 EXIST::FUNCTION:
TS_RESP_CTX_free 3632 3_0_0 EXIST::FUNCTION:TS
d2i_PUBKEY 3633 3_0_0 EXIST::FUNCTION:
ASYNC_cleanup_thread 3634 3_0_0 EXIST::FUNCTION:
-SHA384_Update 3635 3_0_0 EXIST::FUNCTION:
+SHA384_Update 3635 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_cfb128_1_encrypt 3636 3_0_0 EXIST::FUNCTION:
BIO_set_cipher 3637 3_0_0 EXIST::FUNCTION:
PEM_read_PUBKEY 3638 3_0_0 EXIST::FUNCTION:STDIO
@@ -3576,7 +3576,7 @@ Camellia_ecb_encrypt 3654 3_0_0 EXIST::FUNCTION:CAMELLIA,DEPR
ENGINE_set_default_RSA 3655 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
EVP_EncodeBlock 3656 3_0_0 EXIST::FUNCTION:
SXNETID_free 3657 3_0_0 EXIST::FUNCTION:
-SHA1_Init 3658 3_0_0 EXIST::FUNCTION:
+SHA1_Init 3658 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_atomic_add 3659 3_0_0 EXIST::FUNCTION:
TS_CONF_load_certs 3660 3_0_0 EXIST::FUNCTION:TS
PEM_write_bio_DSAPrivateKey 3661 3_0_0 EXIST::FUNCTION:DSA
@@ -3599,7 +3599,7 @@ CRYPTO_mem_ctrl 3678 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
ASN1_verify 3679 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
DSA_generate_parameters_ex 3680 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA
X509_sign 3681 3_0_0 EXIST::FUNCTION:
-SHA256_Transform 3682 3_0_0 EXIST::FUNCTION:
+SHA256_Transform 3682 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BIO_ADDR_free 3683 3_0_0 EXIST::FUNCTION:SOCK
ASN1_STRING_free 3684 3_0_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_inherit 3685 3_0_0 EXIST::FUNCTION:
@@ -3816,7 +3816,7 @@ CRL_DIST_POINTS_free 3899 3_0_0 EXIST::FUNCTION:
d2i_OCSP_SINGLERESP 3900 3_0_0 EXIST::FUNCTION:OCSP
EVP_CIPHER_CTX_num 3901 3_0_0 EXIST::FUNCTION:
EVP_PKEY_verify_recover_init 3902 3_0_0 EXIST::FUNCTION:
-SHA512_Init 3903 3_0_0 EXIST::FUNCTION:
+SHA512_Init 3903 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
TS_MSG_IMPRINT_set_msg 3904 3_0_0 EXIST::FUNCTION:TS
CMS_unsigned_add1_attr 3905 3_0_0 EXIST::FUNCTION:CMS
OPENSSL_LH_doall 3906 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list