Commit Graph

390 Commits

Author SHA1 Message Date
Pauli
c5f8713443 Deprecate the low level RSA functions.
Use of the low level RSA functions has been informally discouraged for a
long time. We now formally deprecate them.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11063)
2020-02-20 18:58:40 +10:00
Pauli
1ddf2594e1 dsa: deprecate applications that depend on the low level DSA functions.
speed is updated to not support DSA instead of being removed.

The dhparam, dsaparam, dsa and gendsa commands are deprecated but still
exist without NO_DEPRECATED defined.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10977)
2020-02-12 08:52:42 +10:00
Pauli
579422c85c Deprecate the ECDSA and EV_KEY_METHOD functions.
Use of the low level ECDSA and EC_KEY_METHOD functions has been informally discouraged for a
long time. We now formally deprecate them.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10960)
2020-02-04 20:02:55 +10:00
Richard Levitte
bac1030ae4 Adapt some 'openssl' commands for SM2 changes.
There's no longer any need to make an EVP_PKEY type change for SM2
keys, so we trim away that code.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10942)
2020-02-02 12:06:39 +01:00
Pauli
dbde472688 Deprecate the low level HMAC functions
Use of the low level HMAC functions has been informally discouraged for a
long time.  We now formally deprecate them.

Applications should instead use EVP_MAC_CTX_new(3), EVP_MAC_CTX_free(3),
EVP_MAC_init(3), EVP_MAC_update(3) and EVP_MAC_final(3).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
2020-01-29 19:49:23 +10:00
Pauli
a6d572e601 Deprecate the low level CMAC functions
Use of the low level CMAC functions has been informally discouraged for a
long time.  We now formally deprecate them.

Applications should instead use EVP_MAC_CTX_new(3), EVP_MAC_CTX_free(3),
EVP_MAC_init(3), EVP_MAC_update(3) and EVP_MAC_final(3).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
2020-01-29 19:49:22 +10:00
Pauli
c6fec81b88 Deprecate the low level DES functions.
Use of the low level DES functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10858)
2020-01-25 09:30:59 +10:00
Pauli
08bff785fc apps: Fix deprecation conditional in speed.c
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10819)
2020-01-19 10:38:49 +10:00
Pauli
da2d32f6db Deprecate the low level IDEA functions.
Use of the low level IDEA functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10819)
2020-01-19 10:38:49 +10:00
Pauli
781aa7ab63 Deprecate the low level MD5 functions.
Use of the low level MD5 functions has been informally discouraged for a long
time.  We now formally deprecate them.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10791)
2020-01-19 10:14:39 +10:00
Pauli
85d843c8ec Deprecate the low level SHA functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10791)
2020-01-19 10:14:39 +10:00
Pauli
62c3fed0cd Deprecate the low level RC5 functions
Use of the low level RC5 functions has been informally discouraged for a long
time.  We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10834)
2020-01-16 07:07:27 +10:00
Pauli
a8fca7284a Deprecate the low level RC4 functions
Use of the low level RC4 functions has been informally discouraged for a long
time.  We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10834)
2020-01-16 07:07:27 +10:00
Pauli
ee2993abd0 Deprecate the low level RC2 functions
Use of the low level RC2 functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10834)
2020-01-16 07:07:27 +10:00
Pauli
28c690cb7d Deprecate the low level SEED functions
Use of the low level SEED functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10833)
2020-01-16 07:06:14 +10:00
Matt Caswell
0ae5d4d6f8 Deprecate the Low Level CAST APIs
Applications should instead use the higher level EVP APIs, e.g.
EVP_Encrypt*() and EVP_Decrypt*().

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10742)
2020-01-13 13:44:27 +00:00
Matt Caswell
291850b473 Deprecate Low Level Camellia APIs
Applications should instead use the higher level EVP APIs, e.g.
EVP_Encrypt*() and EVP_Decrypt*().

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10741)
2020-01-13 13:38:20 +00:00
Pauli
7c3aa39fe3 Deprecate the low level Whirlpool functions.
Use of the low level Whirlpool functions has been informally discouraged for a
long time.  We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_Digest,
EVP_DigestInit_ex, EVP_DigestUpdate and EVP_DigestFinal_ex.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10779)
2020-01-12 12:05:04 +10:00
Pauli
33ee9ae059 Deprecate the low level MDC2 functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10790)
2020-01-12 12:02:17 +10:00
Pauli
8ffb20ce05 Deprecate the low level MD4 functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10790)
2020-01-12 12:02:17 +10:00
Pauli
58e1f3d6d4 Deprecate the low level MD2 functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10790)
2020-01-12 12:02:17 +10:00
Pauli
601fca1778 Deprecate the low level RIPEMD160 functions.
Use of the low level RIPEMD160 functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_Digest,
EVP_DigestInit_ex, EVP_DigestUpdate and EVP_DigestFinal_ex.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10789)
2020-01-12 12:00:31 +10:00
Matt Caswell
03047e7b7f Deprecate Low Level Blowfish APIs
Applications should instead use the higher level EVP APIs, e.g.
EVP_Encrypt*() and EVP_Decrypt*().

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10740)
2020-01-08 11:25:25 +00:00
Matt Caswell
c72fa2554f Deprecate the low level AES functions
Use of the low level AES functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10580)
2020-01-06 15:09:57 +00:00
fangming.fang
6e49b51406 Fix disabled ecdsa in apps/speed
This came from f3fdfbf78c. run = 1 should be done in pkey_print_message
as well, otherwise other tests printed with pkey_print_message won't run.

Change-Id: I0ba0b05256ad6509ada4735b26d10f8a73fd89ec

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/10710)
2020-01-05 10:35:46 +02:00
Bernd Edlinger
f3fdfbf78c Fix a race condition in the speed command
The timer alarm sets run = 0, while the benchmark
does run = 1 in the initialization code.  That is
a race condition, if the timer goes off too early
the benchmark runs forever.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10680)
2019-12-26 10:34:19 +01:00
Saritha
1ac7e15375 apps/speed.c: Fix eddsa sign and verify output with -multi option
Fixes #10261
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10285)
2019-12-17 19:14:23 +01:00
FdaSilvaYY
1352e0ff49 apps/speed: replace list of #define by enums declarations.
it simplifies some pieces of code.
Improve internal assertions
Tag a few #endif with OPENSSL_NO_EC to mark its ending.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
d63d89ea0f apps/speed: factorize ec test curves declarations
remove 'test' prefix from variable names.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
001d5e2c64 apps/speed: improve sm2 failure code.
attach the new objects sooner, so error handling is simplified.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
f607f6eadd apps/speed: simplify 'doit' action flag management code.
Optimize algorithm selection code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
0609658f9b apps/speed: initialize key material only when its algo is selected.
Remove some duplicate key data declarations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
d02b7e0931 apps/speed: remove a shared global variable
replace |save_count| by the right c[D_EVP(_xxx)] variable.
this may shared a value between various algorithm.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
2cc076530f apps/speed: discard useless protoypes as these methods are defines before being used.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
FdaSilvaYY
af0857f0e7 apps/speed: allow to continue tests after any init failure handling.
previouly the exit(1) call was aborting the whole execution.
Improve error message.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10078)
2019-12-09 09:52:02 +01:00
Matt Caswell
7573fe1af5 Deprecate the AES_ige_*() functions
These functions were already partially deprecated. Now we do it fully.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10558)
2019-12-04 17:46:38 +00:00
Rich Salz
92de469fbd Document command parameters.
Add documentation for all commands that have parameters.
Fix a couple of minor doc and programming bugs, too.

Fixes #10313

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10371)
2019-11-20 09:49:52 +01:00
Rich Salz
5388f9862d Add "sections" to -help output
Remove "Valid options" label, since all commands have sections (and
[almost] always the first one is "General options").
Have "list --options" ignore section headers
Reformat ts's additional help

Add output section

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9953)
2019-11-08 06:08:30 +10:00
Richard Levitte
936c2b9e93 Update source files for deprecation at 3.0
Previous macros suggested that from 3.0, we're only allowed to
deprecate things at a major version.  However, there's no policy
stating this, but there is for removal, saying that to remove
something, it must have been deprecated for 5 years, and that removal
can only happen at a major version.

Meanwhile, the semantic versioning rule is that deprecation should
trigger a MINOR version update, which is reflected in the macro names
as of this change.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)
2019-11-07 11:37:25 +01:00
Paul Yang
dcea51afe9 Fix no-sm2 issue
Some code is not covered by the macros.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10319)
2019-11-04 11:49:35 +08:00
Paul Yang
a56f68adb7 Support SM2 in apps/speed
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10053)
2019-10-07 06:32:18 +08:00
Paul Yang
7e3ae24832 Fix a bundle of mischecks of return values
Several EVP_PKEY_xxxx functions return 0 and a negative value for
indicating errors. Some places call these functions with a zero return
value check only, which misses the check for the negative scenarios.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10055)
2019-09-30 17:18:17 +08:00
Paul Yang
94bd168a9e Fix a return value bug in apps/speed.c
Those functions returns less than and equal to 0 to indicate an error
occured.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10054)
2019-09-30 13:39:06 +08:00
Bernd Edlinger
363e941ed4 Add CPU info to the speed command summary
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9669)
2019-09-02 20:46:34 +02:00
Rich Salz
aac96e2797 Remove function name from errors
Deprecate all xxx_F_ defines.
Removed some places that tested for a specific function.
Use empty field for the function names in output.
Update documentation.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9058)
2019-07-16 05:26:28 +02:00
Pauli
b481fbe68b Coverity #1451595: use correct free function.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9362)
2019-07-12 05:41:47 +10:00
Antoine Cœur
c2969ff6e7 Fix Typos
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9288)
2019-07-02 14:22:29 +02:00
Rich Salz
6b10d29c1a Remove NextStep support
Because of that we can remove OPENSSL_UNISTD and some other
macros from e_os2.h and opensslconf.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9204)
2019-07-01 13:32:46 -04:00
Matt Caswell
9a131ad747 Change RC5_32_set_key to return an int type
If the key is too long we now return an error.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8834)
2019-07-01 10:18:37 +01:00
Bernd Edlinger
5d238a1032 Fix a crash in the speed command with wrap ciphers
e.g. openssl speed -evp id-aes256-wrap-pad
was crashing because the return code from EVP_CipherInit_ex
was ignored.
Not going to allow that cipher mode because wrap ciphers
produces more bytes output than the input length
and EVP_Update_loop is not really prepared for that.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8739)
2019-05-23 16:12:27 +02:00