Need Replacement for Deprecated function

Matt Caswell matt at
Mon Dec 6 13:49:48 UTC 2021

On 06/12/2021 12:26, Shivakumar Poojari wrote:
> Hi All,
> We are upgrading our code to openssl 3.0.
> Need Replacement for below Deprecated function.
> DSE:
> DES_set_key();
> DES_ecb_encrypt();
> AES:
> AES_set_encrypt_key();
> AES_set_decrypt_key();
> AES_wrap_key();
> AES_unwrap_key();--- perivously i upgraded AES function with EVP related 
> function but wrap/unwraper is something new.

All the DES and AES functions are just replaced by the EVP functions. 
 From the migration guide:

"Low-level encryption functions such as AES_encrypt(3) and 
AES_decrypt(3) have been informally discouraged from use for a long 
time. Applications should instead use the high level EVP APIs 
EVP_EncryptInit_ex(3), EVP_EncryptUpdate(3), and EVP_EncryptFinal_ex(3) 
or EVP_DecryptInit_ex(3), EVP_DecryptUpdate(3) and EVP_DecryptFinal_ex(3)."

The wrap/unwrap functionality is the same but you use the "wrap" ciphers:

The following "wrap" ciphers are supported:

"AES-128-WRAP", "AES-192-WRAP", "AES-256-WRAP", "AES-128-WRAP-PAD", 
"AES-192-WRAP-PAD", "AES-256-WRAP-PAD", "AES-128-WRAP-INV", 

> DH:
> DH_new();
> DH_set0_pqg();
> DH_generate_key();
> DH_get0_key();
> DH_free();
> DH_set0_key();
> DH_size();
> DH_compute_key();

All the DH functions are replaced by the EVP key exchange functionality.

In particular see this page:


> HMAC_CTX_new();compiler suggestion EVP_MAC_CTX_new();
> HMAC_Init_ex();
> HMAC_CTX_free();compiler suggestion EVP_MAC_CTX_free();
> HMAC_Update();compiler suggestion EVP_MAC_update();
> HMAC_Final();compiler suggestion EVP_MAC_final();

Use the EVP_MAC functions. In particular see:



> I'm not able to find proper replacement, Please help me out
> Thanks,
> Shiva Kumar
> Notice: This e-mail together with any attachments may contain 
> information of Ribbon Communications Inc. and its Affiliates that is 
> confidential and/or proprietary for the sole use of the intended 
> recipient. Any review, disclosure, reliance or distribution by others or 
> forwarding without express permission is strictly prohibited. If you are 
> not the intended recipient, please notify the sender immediately and 
> then delete all copies, including any attachments.

More information about the openssl-users mailing list