Deprecate Low Level Blowfish APIs

Applications should instead use the higher level EVP APIs, e.g. EVP_Encrypt*() and EVP_Decrypt*(). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10740)
2020-01-02 14:25:27 +00:00 · 2020-01-02 14:25:27 +00:00 · 03047e7b7f
commit 03047e7b7f
parent 339638b586
17 changed files with 131 additions and 43 deletions
--- a/9
+++ b/9
@ -9,6 +9,15 @@

 Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]

+  *) All of the low level Blowfish functions have been deprecated including:
+     BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
+     BF_cfb64_encrypt, BF_ofb64_encrypt, and BF_options.
+     Use of these low level functions has been informally discouraged for a long
+     time. Instead applications should use the high level EVP APIs, e.g.
+     EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
+     equivalently named decrypt functions.
+     [Matt Caswell]
+
  *) Removed include/openssl/opensslconf.h.in and replaced it with
     include/openssl/configuration.h.in, which differs in not including
     <openssl/macros.h>.  A short header include/openssl/opensslconf.h