Deprecations

Matt Caswell matt at openssl.org
Fri Feb 21 23:27:55 UTC 2020



On 21/02/2020 23:18, Kurt Roeckx wrote:
> On Fri, Feb 21, 2020 at 11:00:10PM +0000, Matt Caswell wrote:
>>
>> dhparam itself has been deprecated. For that reason we are not
>> attempting to rewrite it to use non-deprecated APIs. The informed
>> decision we have made about DH_check use in dhparam is to not build the
>> whole application in a no-deprecated build:
>>
>>   *) The command line utilities dhparam, dsa, gendsa and dsaparam have been
>>      deprecated.  Instead use the pkeyparam, pkey, genpkey and pkeyparam
>>      programs respectively.
>>      [Paul Dale]
> 
> For some reason I seem to have missed various things.
> 
> But I think deprecating tools like dhparam, dsaparam in favour of
> genpkey is something that we should reconsider.

What is your reasoning?

(I just realised that what the CHANGES entry says is that
dhparam/dsaparam are deprecated in favour of pkeyparam - but actually I
think the equivalent functionality is more split between genpkey and
pkeyparam)

Matt



More information about the openssl-project mailing list