public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Deprecate the low level AES functions

Browse source 
Use of the low level AES functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10580)
This commit is contained in:
Matt Caswell 2019-12-05 17:09:49 +00:00
parent 2852c672a8
commit c72fa2554f
36 changed files with 324 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

12
test/build.info
View file

@ -40,7 +40,7 @@ IF[{- !$disabled{tests} -}]
dhtest enginetest casttest \
bftest ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \
evp_pkey_provided_test evp_test evp_extra_test evp_fetch_prov_test \
igetest v3nametest v3ext \
v3nametest v3ext \
crltest danetest bad_dtls_test lhash_test sparse_array_test \
conf_include_test params_api_test params_conversion_test \
constant_time_test verify_extra_test clienthellotest \
@ -214,9 +214,13 @@ IF[{- !$disabled{tests} -}]
INCLUDE[evp_pkey_provided_test]=../include ../apps/include
DEPEND[evp_pkey_provided_test]=../libcrypto libtestutil.a
SOURCE[igetest]=igetest.c
INCLUDE[igetest]=../include ../apps/include
DEPEND[igetest]=../libcrypto libtestutil.a
IF[{- !$disabled{"deprecated"}
|| (defined $config{"api"} && $config{"api"} < 30000) -}]
PROGRAMS{noinst}=igetest
SOURCE[igetest]=igetest.c
INCLUDE[igetest]=../include ../apps/include
DEPEND[igetest]=../libcrypto libtestutil.a
ENDIF
SOURCE[v3nametest]=v3nametest.c
INCLUDE[v3nametest]=../include ../apps/include

6
test/modes_internal_test.c
View file

@ -9,6 +9,12 @@
/* Internal tests for the modes module */
/*
* This file uses the low level AES functions (which are deprecated for
* non-internal use) in order to test the modes code
*/
#include "internal/deprecated.h"
#include <stdio.h>
#include <string.h>

11
test/recipes/90-test_ige.t
View file

@ -7,6 +7,17 @@
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use OpenSSL::Test::Simple;
use OpenSSL::Test;
use OpenSSL::Test::Utils;
setup("test_ige");
plan skip_all => "AES_ige support is disabled in this build"
if disabled("deprecated")
&& (!defined config("api") || config("api") >= 30000);
simple_test("test_ige", "igetest");