The branch master has been updated via e942111267f292070cbc8397e0cc5fddaf8371a0 (commit) via 5c97eeb726dac6194e7a3aecf8231a512e0243ea (commit) via b924d1b6e1b66def84979dbbf3c79059cff1d554 (commit) via 81661a14bcf9fb92eadedb15de75c3eb5b4e97a8 (commit) via b250fc7be771d912460b60285ad7124e0b38ef94 (commit) from b434b2c08d2025936fb8b7ece3a5908613333f6b (commit)
- Log ----------------------------------------------------------------- commit e942111267f292070cbc8397e0cc5fddaf8371a0 Author: Pauli <paul.d...@oracle.com> Date: Sun Sep 6 20:39:12 2020 +1000 In a non-shared build, don't include the md5 object files in legacy provider Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961) commit 5c97eeb726dac6194e7a3aecf8231a512e0243ea Author: Pauli <paul.d...@oracle.com> Date: Sun Sep 6 17:14:38 2020 +1000 TLS fixes for CBC mode and no-deprecated Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961) commit b924d1b6e1b66def84979dbbf3c79059cff1d554 Author: Pauli <paul.d...@oracle.com> Date: Sun Sep 6 13:44:08 2020 +1000 TLS: remove legacy code path supporting special CBC mode Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961) commit 81661a14bcf9fb92eadedb15de75c3eb5b4e97a8 Author: Pauli <paul.d...@oracle.com> Date: Tue May 26 20:20:09 2020 +1000 legacy: include MD5 code in legacy provider Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961) commit b250fc7be771d912460b60285ad7124e0b38ef94 Author: Pauli <paul.d...@oracle.com> Date: Tue May 26 19:38:23 2020 +1000 Deprecate SHA and MD5 again. This reverts commit a978dc3bffb63e6bfc40fe6955e8798bdffb4e7e. Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11961) ----------------------------------------------------------------------- Summary of changes: crypto/md5/build.info | 11 ++++++ include/openssl/md5.h | 35 ++++++++++-------- include/openssl/sha.h | 96 +++++++++++++++++++++++++++--------------------- ssl/build.info | 5 ++- ssl/record/ssl3_record.c | 23 ++++++++++++ ssl/s3_cbc.c | 19 ---------- util/libcrypto.num | 56 ++++++++++++++-------------- 7 files changed, 141 insertions(+), 104 deletions(-) diff --git a/crypto/md5/build.info b/crypto/md5/build.info index afcf7c4426..bbb70fde3c 100644 --- a/crypto/md5/build.info +++ b/crypto/md5/build.info @@ -18,10 +18,21 @@ $COMMON=md5_dgst.c md5_one.c md5_sha1.c $MD5ASM SOURCE[../../libcrypto]=$COMMON SOURCE[../../providers/libimplementations.a]=$COMMON +# A no-deprecated no-shared build ends up with double function definitions +# without conditioning this on dso. The issue is MD5 which is needed in the +# legacy provider for one of the spliced algorithms, however it resides in the +# default provider. A no-deprecated build removes the external definition from +# libcrypto and this means that the code needs to be in liblegacy. However, +# when building without 'dso', liblegacy is included in libcrypto. +IF[{- !$disabled{dso} -}] + SOURCE[../../providers/liblegacy.a]=$COMMON +ENDIF + # Implementations are now spread across several libraries, so the defines # need to be applied to all affected libraries and modules. DEFINE[../../libcrypto]=$MD5DEF DEFINE[../../providers/libimplementations.a]=$MD5DEF +DEFINE[../../providers/liblegacy.a]=$MD5DEF GENERATE[md5-586.s]=asm/md5-586.pl diff --git a/include/openssl/md5.h b/include/openssl/md5.h index 0a75b084a2..c61b3d94c8 100644 --- a/include/openssl/md5.h +++ b/include/openssl/md5.h @@ -19,22 +19,24 @@ # include <openssl/opensslconf.h> # ifndef OPENSSL_NO_MD5 -# include <openssl/e_os2.h> -# include <stddef.h> -# ifdef __cplusplus +# include <openssl/e_os2.h> +# include <stddef.h> +# ifdef __cplusplus extern "C" { -# endif +# endif + +# define MD5_DIGEST_LENGTH 16 +# if !defined(OPENSSL_NO_DEPRECATED_3_0) /* * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! MD5_LONG has to be at least 32 bits wide. ! * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -# define MD5_LONG unsigned int +# define MD5_LONG unsigned int -# define MD5_CBLOCK 64 -# define MD5_LBLOCK (MD5_CBLOCK/4) -# define MD5_DIGEST_LENGTH 16 +# define MD5_CBLOCK 64 +# define MD5_LBLOCK (MD5_CBLOCK/4) typedef struct MD5state_st { MD5_LONG A, B, C, D; @@ -42,15 +44,18 @@ typedef struct MD5state_st { MD5_LONG data[MD5_LBLOCK]; unsigned int num; } MD5_CTX; +# endif -int MD5_Init(MD5_CTX *c); -int MD5_Update(MD5_CTX *c, const void *data, size_t len); -int MD5_Final(unsigned char *md, MD5_CTX *c); -unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md); -void MD5_Transform(MD5_CTX *c, const unsigned char *b); -# ifdef __cplusplus +DEPRECATEDIN_3_0(int MD5_Init(MD5_CTX *c)) +DEPRECATEDIN_3_0(int MD5_Update(MD5_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int MD5_Final(unsigned char *md, MD5_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *MD5(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(void MD5_Transform(MD5_CTX *c, const unsigned char *b)) + +# ifdef __cplusplus } -# endif +# endif # endif #endif diff --git a/include/openssl/sha.h b/include/openssl/sha.h index 18e584a161..eac7cdbba3 100644 --- a/include/openssl/sha.h +++ b/include/openssl/sha.h @@ -23,19 +23,21 @@ extern "C" { # endif +# define SHA_DIGEST_LENGTH 20 + +# ifndef OPENSSL_NO_DEPRECATED_3_0 /*- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! SHA_LONG has to be at least 32 bits wide. ! * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ -# define SHA_LONG unsigned int +# define SHA_LONG unsigned int -# define SHA_LBLOCK 16 -# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a - * contiguous array of 32 bit wide - * big-endian values. */ -# define SHA_LAST_BLOCK (SHA_CBLOCK-8) -# define SHA_DIGEST_LENGTH 20 +# define SHA_LBLOCK 16 +# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a + * contiguous array of 32 bit wide + * big-endian values. */ +# define SHA_LAST_BLOCK (SHA_CBLOCK-8) typedef struct SHAstate_st { SHA_LONG h0, h1, h2, h3, h4; @@ -43,14 +45,17 @@ typedef struct SHAstate_st { SHA_LONG data[SHA_LBLOCK]; unsigned int num; } SHA_CTX; +# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */ -int SHA1_Init(SHA_CTX *c); -int SHA1_Update(SHA_CTX *c, const void *data, size_t len); -int SHA1_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md); -void SHA1_Transform(SHA_CTX *c, const unsigned char *data); +DEPRECATEDIN_3_0(int SHA1_Init(SHA_CTX *c)) +DEPRECATEDIN_3_0(int SHA1_Update(SHA_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int SHA1_Final(unsigned char *md, SHA_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *SHA1(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(void SHA1_Transform(SHA_CTX *c, const unsigned char *data)) -# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a * contiguous array of 32 bit wide * big-endian values. */ @@ -60,22 +65,27 @@ typedef struct SHA256state_st { SHA_LONG data[SHA_LBLOCK]; unsigned int num, md_len; } SHA256_CTX; - -int SHA224_Init(SHA256_CTX *c); -int SHA224_Update(SHA256_CTX *c, const void *data, size_t len); -int SHA224_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md); -int SHA256_Init(SHA256_CTX *c); -int SHA256_Update(SHA256_CTX *c, const void *data, size_t len); -int SHA256_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md); -void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); +# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */ + +DEPRECATEDIN_3_0(int SHA224_Init(SHA256_CTX *c)) +DEPRECATEDIN_3_0(int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int SHA224_Final(unsigned char *md, SHA256_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *SHA224(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(int SHA256_Init(SHA256_CTX *c)) +DEPRECATEDIN_3_0(int SHA256_Update(SHA256_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int SHA256_Final(unsigned char *md, SHA256_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *SHA256(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(void SHA256_Transform(SHA256_CTX *c, + const unsigned char *data)) # define SHA224_DIGEST_LENGTH 28 # define SHA256_DIGEST_LENGTH 32 # define SHA384_DIGEST_LENGTH 48 # define SHA512_DIGEST_LENGTH 64 +# ifndef OPENSSL_NO_DEPRECATED_3_0 /* * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 * being exactly 64-bit wide. See Implementation Notes in sha512.c @@ -86,14 +96,14 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); * contiguous array of 64 bit * wide big-endian values. */ -# define SHA512_CBLOCK (SHA_LBLOCK*8) -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -# define SHA_LONG64 unsigned __int64 -# elif defined(__arch64__) -# define SHA_LONG64 unsigned long -# else -# define SHA_LONG64 unsigned long long -# endif +# define SHA512_CBLOCK (SHA_LBLOCK*8) +# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +# define SHA_LONG64 unsigned __int64 +# elif defined(__arch64__) +# define SHA_LONG64 unsigned long +# else +# define SHA_LONG64 unsigned long long +# endif typedef struct SHA512state_st { SHA_LONG64 h[8]; @@ -104,16 +114,20 @@ typedef struct SHA512state_st { } u; unsigned int num, md_len; } SHA512_CTX; - -int SHA384_Init(SHA512_CTX *c); -int SHA384_Update(SHA512_CTX *c, const void *data, size_t len); -int SHA384_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md); -int SHA512_Init(SHA512_CTX *c); -int SHA512_Update(SHA512_CTX *c, const void *data, size_t len); -int SHA512_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md); -void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); +# endif /* !defined(OPENSSL_NO_DEPRECATED_3_0) */ + +DEPRECATEDIN_3_0(int SHA384_Init(SHA512_CTX *c)) +DEPRECATEDIN_3_0(int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int SHA384_Final(unsigned char *md, SHA512_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *SHA384(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(int SHA512_Init(SHA512_CTX *c)) +DEPRECATEDIN_3_0(int SHA512_Update(SHA512_CTX *c, const void *data, size_t len)) +DEPRECATEDIN_3_0(int SHA512_Final(unsigned char *md, SHA512_CTX *c)) +DEPRECATEDIN_3_0(unsigned char *SHA512(const unsigned char *d, size_t n, + unsigned char *md)) +DEPRECATEDIN_3_0(void SHA512_Transform(SHA512_CTX *c, + const unsigned char *data)) # ifdef __cplusplus } diff --git a/ssl/build.info b/ssl/build.info index e5b7befbaa..fd9a16784e 100644 --- a/ssl/build.info +++ b/ssl/build.info @@ -23,7 +23,7 @@ SOURCE[../libssl]=\ pqueue.c ../crypto/packet.c \ statem/statem_srvr.c statem/statem_clnt.c s3_lib.c s3_enc.c record/rec_layer_s3.c \ statem/statem_lib.c statem/extensions.c statem/extensions_srvr.c \ - statem/extensions_clnt.c statem/extensions_cust.c s3_cbc.c s3_msg.c \ + statem/extensions_clnt.c statem/extensions_cust.c s3_msg.c \ methods.c t1_lib.c t1_enc.c tls13_enc.c \ d1_lib.c record/rec_layer_d1.c d1_msg.c \ statem/statem_dtls.c d1_srtp.c \ @@ -34,6 +34,9 @@ SOURCE[../libssl]=\ record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \ statem/statem.c record/ssl3_record_tls13.c record/tls_pad.c \ $KTLSSRC +IF[{- !$disabled{'deprecated-3.0'} -}] + SOURCE[../libssl]=s3_cbc.c +ENDIF DEFINE[../libssl]=$AESDEF SOURCE[../providers/libcommon.a]=record/tls_pad.c diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index baa4f239bf..046d6f2054 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1307,6 +1307,25 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, return 1; } +/* + * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function + * which ssl3_cbc_digest_record supports. + */ +char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx) +{ + switch (EVP_MD_CTX_type(ctx)) { + case NID_md5: + case NID_sha1: + case NID_sha224: + case NID_sha256: + case NID_sha384: + case NID_sha512: + return 1; + default: + return 0; + } +} + int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) { unsigned char *mac_sec, *seq; @@ -1335,6 +1354,9 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) if (!sending && EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE && ssl3_cbc_record_digest_supported(hash)) { +#ifdef OPENSSL_NO_DEPRECATED_3_0 + return 0; +#else /* * This is a CBC-encrypted record. We must avoid leaking any * timing-side channel information about how many blocks of data we @@ -1368,6 +1390,7 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) rec->length, rec->orig_len, mac_sec, md_size, 1) <= 0) return 0; +#endif } else { unsigned int md_size_u; /* Chop the digest off the end :-) */ diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 4895f43568..26f12654e4 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -132,25 +132,6 @@ static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out) #undef LARGEST_DIGEST_CTX #define LARGEST_DIGEST_CTX SHA512_CTX -/* - * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function - * which ssl3_cbc_digest_record supports. - */ -char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx) -{ - switch (EVP_MD_CTX_type(ctx)) { - case NID_md5: - case NID_sha1: - case NID_sha224: - case NID_sha256: - case NID_sha384: - case NID_sha512: - return 1; - default: - return 0; - } -} - /*- * ssl3_cbc_digest_record computes the MAC of a decrypted, padded SSLv3/TLS * record. diff --git a/util/libcrypto.num b/util/libcrypto.num index 777d8ce8a8..e3ca2fe625 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1001,7 +1001,7 @@ i2d_PKCS8PrivateKey_nid_bio 1026 3_0_0 EXIST::FUNCTION: ERR_put_error 1027 3_0_0 NOEXIST::FUNCTION: ERR_add_error_data 1028 3_0_0 EXIST::FUNCTION: X509_ALGORS_it 1029 3_0_0 EXIST::FUNCTION: -MD5_Update 1030 3_0_0 EXIST::FUNCTION:MD5 +MD5_Update 1030 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5 X509_policy_check 1031 3_0_0 EXIST::FUNCTION: X509_CRL_METHOD_new 1032 3_0_0 EXIST::FUNCTION: ASN1_ANY_it 1033 3_0_0 EXIST::FUNCTION: @@ -1145,7 +1145,7 @@ BN_security_bits 1171 3_0_0 EXIST::FUNCTION: X509_PURPOSE_get0_name 1172 3_0_0 EXIST::FUNCTION: TS_TST_INFO_get_serial 1173 3_0_0 EXIST::FUNCTION:TS ASN1_PCTX_get_str_flags 1174 3_0_0 EXIST::FUNCTION: -SHA256 1175 3_0_0 EXIST::FUNCTION: +SHA256 1175 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_LOOKUP_hash_dir 1176 3_0_0 EXIST::FUNCTION: ASN1_BIT_STRING_check 1177 3_0_0 EXIST::FUNCTION: ENGINE_set_default_RAND 1178 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE @@ -1252,7 +1252,7 @@ ASN1_INTEGER_set_int64 1280 3_0_0 EXIST::FUNCTION: ASN1_TIME_free 1281 3_0_0 EXIST::FUNCTION: i2o_SCT_LIST 1282 3_0_0 EXIST::FUNCTION:CT AES_encrypt 1283 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -MD5_Init 1284 3_0_0 EXIST::FUNCTION:MD5 +MD5_Init 1284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5 UI_add_error_string 1285 3_0_0 EXIST::FUNCTION: X509_TRUST_cleanup 1286 3_0_0 EXIST::FUNCTION: PEM_read_X509 1287 3_0_0 EXIST::FUNCTION:STDIO @@ -1376,7 +1376,7 @@ EVP_MD_meth_get_cleanup 1408 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ SRP_Calc_server_key 1409 3_0_0 EXIST::FUNCTION:SRP BN_mod_exp_simple 1410 3_0_0 EXIST::FUNCTION: BIO_set_ex_data 1411 3_0_0 EXIST::FUNCTION: -SHA512 1412 3_0_0 EXIST::FUNCTION: +SHA512 1412 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_STORE_CTX_get_explicit_policy 1413 3_0_0 EXIST::FUNCTION: EVP_DecodeBlock 1414 3_0_0 EXIST::FUNCTION: OCSP_REQ_CTX_http 1415 3_0_0 EXIST::FUNCTION: @@ -1441,7 +1441,7 @@ X509V3_section_free 1474 3_0_0 EXIST::FUNCTION: CRYPTO_mem_debug_free 1475 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0 d2i_OCSP_REQUEST 1476 3_0_0 EXIST::FUNCTION:OCSP ENGINE_get_cipher_engine 1477 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE -SHA384_Final 1478 3_0_0 EXIST::FUNCTION: +SHA384_Final 1478 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 TS_RESP_CTX_set_certs 1479 3_0_0 EXIST::FUNCTION:TS BN_MONT_CTX_free 1480 3_0_0 EXIST::FUNCTION: BN_GF2m_mod_solve_quad_arr 1481 3_0_0 EXIST::FUNCTION:EC2M @@ -1467,7 +1467,7 @@ ASYNC_get_wait_ctx 1500 3_0_0 EXIST::FUNCTION: ENGINE_set_load_privkey_function 1501 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE CRYPTO_ccm128_setiv 1502 3_0_0 EXIST::FUNCTION: PKCS7_dataFinal 1503 3_0_0 EXIST::FUNCTION: -SHA1_Final 1504 3_0_0 EXIST::FUNCTION: +SHA1_Final 1504 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 i2a_ASN1_STRING 1505 3_0_0 EXIST::FUNCTION: EVP_CIPHER_CTX_rand_key 1506 3_0_0 EXIST::FUNCTION: AES_set_encrypt_key 1507 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 @@ -1835,7 +1835,7 @@ RSA_verify_ASN1_OCTET_STRING 1877 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ SCT_set_log_entry_type 1878 3_0_0 EXIST::FUNCTION:CT BN_new 1879 3_0_0 EXIST::FUNCTION: X509_OBJECT_retrieve_by_subject 1880 3_0_0 EXIST::FUNCTION: -MD5_Final 1881 3_0_0 EXIST::FUNCTION:MD5 +MD5_Final 1881 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5 X509_STORE_set_verify_cb 1882 3_0_0 EXIST::FUNCTION: OCSP_REQUEST_print 1883 3_0_0 EXIST::FUNCTION:OCSP CMS_add1_crl 1884 3_0_0 EXIST::FUNCTION:CMS @@ -1876,7 +1876,7 @@ CMS_SignedData_init 1920 3_0_0 EXIST::FUNCTION:CMS X509_REQ_free 1921 3_0_0 EXIST::FUNCTION: ASN1_INTEGER_set 1922 3_0_0 EXIST::FUNCTION: EVP_DecodeFinal 1923 3_0_0 EXIST::FUNCTION: -MD5_Transform 1925 3_0_0 EXIST::FUNCTION:MD5 +MD5_Transform 1925 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5 SRP_create_verifier_BN 1926 3_0_0 EXIST::FUNCTION:SRP ENGINE_register_all_EC 1927 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE EVP_camellia_128_ofb 1928 3_0_0 EXIST::FUNCTION:CAMELLIA @@ -1893,7 +1893,7 @@ PKCS5_PBE_keyivgen 1938 3_0_0 EXIST::FUNCTION: i2d_OCSP_SERVICELOC 1939 3_0_0 EXIST::FUNCTION:OCSP EC_POINT_copy 1940 3_0_0 EXIST::FUNCTION:EC X509V3_EXT_CRL_add_nconf 1941 3_0_0 EXIST::FUNCTION: -SHA256_Init 1942 3_0_0 EXIST::FUNCTION: +SHA256_Init 1942 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_NAME_ENTRY_get_object 1943 3_0_0 EXIST::FUNCTION: ASN1_ENUMERATED_free 1944 3_0_0 EXIST::FUNCTION: X509_CRL_set_meth_data 1945 3_0_0 EXIST::FUNCTION: @@ -1914,7 +1914,7 @@ EVP_PKEY_add1_attr 1959 3_0_0 EXIST::FUNCTION: X509_STORE_CTX_purpose_inherit 1960 3_0_0 EXIST::FUNCTION: EVP_PKEY_meth_get_keygen 1961 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ENGINE_get_pkey_asn1_meth 1962 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE -SHA256_Update 1963 3_0_0 EXIST::FUNCTION: +SHA256_Update 1963 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 d2i_PKCS7_ISSUER_AND_SERIAL 1964 3_0_0 EXIST::FUNCTION: PKCS12_unpack_authsafes 1965 3_0_0 EXIST::FUNCTION: X509_CRL_it 1966 3_0_0 EXIST::FUNCTION: @@ -2073,7 +2073,7 @@ BIO_s_file 2118 3_0_0 EXIST::FUNCTION: RSA_X931_derive_ex 2119 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA EVP_PKEY_decrypt_init 2120 3_0_0 EXIST::FUNCTION: ENGINE_get_destroy_function 2121 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE -SHA224_Init 2122 3_0_0 EXIST::FUNCTION: +SHA224_Init 2122 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509V3_EXT_add_conf 2123 3_0_0 EXIST::FUNCTION: ASN1_object_size 2124 3_0_0 EXIST::FUNCTION: X509_REVOKED_free 2125 3_0_0 EXIST::FUNCTION: @@ -2191,7 +2191,7 @@ PEM_write_bio_PKCS8_PRIV_KEY_INFO 2238 3_0_0 EXIST::FUNCTION: EC_GROUP_set_curve_GF2m 2239 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC,EC2M ENGINE_load_builtin_engines 2240 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE SRP_VBASE_init 2241 3_0_0 EXIST::FUNCTION:SRP -SHA224_Final 2242 3_0_0 EXIST::FUNCTION: +SHA224_Final 2242 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 OCSP_CERTSTATUS_free 2243 3_0_0 EXIST::FUNCTION:OCSP d2i_TS_TST_INFO 2244 3_0_0 EXIST::FUNCTION:TS IPAddressOrRange_it 2245 3_0_0 EXIST::FUNCTION:RFC3779 @@ -2201,7 +2201,7 @@ TS_OBJ_print_bio 2248 3_0_0 EXIST::FUNCTION:TS X509_time_adj_ex 2249 3_0_0 EXIST::FUNCTION: OCSP_request_add1_cert 2250 3_0_0 EXIST::FUNCTION:OCSP ERR_load_X509_strings 2251 3_0_0 EXIST::FUNCTION: -SHA1_Transform 2252 3_0_0 EXIST::FUNCTION: +SHA1_Transform 2252 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 CMS_signed_get_attr_by_NID 2253 3_0_0 EXIST::FUNCTION:CMS X509_STORE_CTX_get_by_subject 2254 3_0_0 EXIST::FUNCTION: ASN1_OCTET_STRING_it 2255 3_0_0 EXIST::FUNCTION: @@ -2461,7 +2461,7 @@ BN_generate_dsa_nonce 2512 3_0_0 EXIST::FUNCTION: X509_verify_cert 2513 3_0_0 EXIST::FUNCTION: X509_policy_level_get0_node 2514 3_0_0 EXIST::FUNCTION: X509_REQ_get_attr 2515 3_0_0 EXIST::FUNCTION: -SHA1 2516 3_0_0 EXIST::FUNCTION: +SHA1 2516 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_print 2517 3_0_0 EXIST::FUNCTION: d2i_AutoPrivateKey 2518 3_0_0 EXIST::FUNCTION: X509_REQ_new 2519 3_0_0 EXIST::FUNCTION: @@ -2497,7 +2497,7 @@ d2i_NETSCAPE_CERT_SEQUENCE 2550 3_0_0 EXIST::FUNCTION: X509_CRL_set_version 2551 3_0_0 EXIST::FUNCTION: ASN1_PCTX_set_cert_flags 2552 3_0_0 EXIST::FUNCTION: PKCS8_PRIV_KEY_INFO_free 2553 3_0_0 EXIST::FUNCTION: -SHA224_Update 2554 3_0_0 EXIST::FUNCTION: +SHA224_Update 2554 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EC_GROUP_new_by_curve_name 2555 3_0_0 EXIST::FUNCTION:EC X509_STORE_set_purpose 2556 3_0_0 EXIST::FUNCTION: X509_CRL_get0_signature 2557 3_0_0 EXIST::FUNCTION: @@ -2728,7 +2728,7 @@ CMS_RecipientInfo_encrypt 2786 3_0_0 EXIST::FUNCTION:CMS X509_get_pubkey_parameters 2787 3_0_0 EXIST::FUNCTION: PKCS12_setup_mac 2788 3_0_0 EXIST::FUNCTION: PEM_read_bio_PKCS7 2789 3_0_0 EXIST::FUNCTION: -SHA512_Final 2790 3_0_0 EXIST::FUNCTION: +SHA512_Final 2790 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 X509_VERIFY_PARAM_set1_host 2791 3_0_0 EXIST::FUNCTION: OCSP_resp_find_status 2792 3_0_0 EXIST::FUNCTION:OCSP d2i_ASN1_T61STRING 2793 3_0_0 EXIST::FUNCTION: @@ -2902,14 +2902,14 @@ EC_curve_nid2nist 2964 3_0_0 EXIST::FUNCTION:EC ENGINE_get_finish_function 2965 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE EC_POINT_add 2966 3_0_0 EXIST::FUNCTION:EC EC_KEY_oct2key 2967 3_0_0 EXIST::FUNCTION:EC -SHA384_Init 2968 3_0_0 EXIST::FUNCTION: +SHA384_Init 2968 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ASN1_UNIVERSALSTRING_new 2969 3_0_0 EXIST::FUNCTION: EVP_PKEY_print_private 2970 3_0_0 EXIST::FUNCTION: ASN1_INTEGER_new 2971 3_0_0 EXIST::FUNCTION: NAME_CONSTRAINTS_it 2972 3_0_0 EXIST::FUNCTION: TS_REQ_get_cert_req 2973 3_0_0 EXIST::FUNCTION:TS BIO_pop 2974 3_0_0 EXIST::FUNCTION: -SHA256_Final 2975 3_0_0 EXIST::FUNCTION: +SHA256_Final 2975 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_PKEY_set1_DH 2976 3_0_0 EXIST::FUNCTION:DH DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH CRYPTO_secure_malloc 2978 3_0_0 EXIST::FUNCTION: @@ -2929,7 +2929,7 @@ EC_GROUP_set_asn1_flag 2991 3_0_0 EXIST::FUNCTION:EC EVP_PKEY_new 2992 3_0_0 EXIST::FUNCTION: i2d_POLICYINFO 2993 3_0_0 EXIST::FUNCTION: BN_get_flags 2994 3_0_0 EXIST::FUNCTION: -SHA384 2995 3_0_0 EXIST::FUNCTION: +SHA384 2995 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 NCONF_get_string 2996 3_0_0 EXIST::FUNCTION: d2i_PROXY_CERT_INFO_EXTENSION 2997 3_0_0 EXIST::FUNCTION: EC_POINT_point2buf 2998 3_0_0 EXIST::FUNCTION:EC @@ -2981,7 +2981,7 @@ i2d_X509_PUBKEY 3045 3_0_0 EXIST::FUNCTION: EVP_DecryptUpdate 3046 3_0_0 EXIST::FUNCTION: CAST_cbc_encrypt 3047 3_0_0 EXIST::FUNCTION:CAST,DEPRECATEDIN_3_0 BN_BLINDING_invert 3048 3_0_0 EXIST::FUNCTION: -SHA512_Update 3049 3_0_0 EXIST::FUNCTION: +SHA512_Update 3049 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ESS_ISSUER_SERIAL_new 3050 3_0_0 EXIST::FUNCTION: PKCS12_SAFEBAG_get0_pkcs8 3051 3_0_0 EXIST::FUNCTION: X509_get_ext_by_NID 3052 3_0_0 EXIST::FUNCTION: @@ -3003,7 +3003,7 @@ EVP_des_ede_cfb64 3067 3_0_0 EXIST::FUNCTION:DES d2i_RSAPrivateKey 3068 3_0_0 EXIST::FUNCTION:RSA ERR_load_BN_strings 3069 3_0_0 EXIST::FUNCTION: BF_encrypt 3070 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0 -MD5 3071 3_0_0 EXIST::FUNCTION:MD5 +MD5 3071 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD5 BN_GF2m_arr2poly 3072 3_0_0 EXIST::FUNCTION:EC2M EVP_PKEY_meth_get_ctrl 3073 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 i2d_X509_REQ_bio 3074 3_0_0 EXIST::FUNCTION: @@ -3326,7 +3326,7 @@ d2i_PKCS8_PRIV_KEY_INFO_fp 3395 3_0_0 EXIST::FUNCTION:STDIO X509_OBJECT_retrieve_match 3396 3_0_0 EXIST::FUNCTION: EVP_aes_128_ctr 3397 3_0_0 EXIST::FUNCTION: EVP_PBE_find 3398 3_0_0 EXIST::FUNCTION: -SHA512_Transform 3399 3_0_0 EXIST::FUNCTION: +SHA512_Transform 3399 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ERR_add_error_vdata 3400 3_0_0 EXIST::FUNCTION: OCSP_REQUEST_get_ext 3401 3_0_0 EXIST::FUNCTION:OCSP NETSCAPE_SPKAC_new 3402 3_0_0 EXIST::FUNCTION: @@ -3363,7 +3363,7 @@ EVP_OpenFinal 3432 3_0_0 EXIST::FUNCTION:RSA RAND_egd_bytes 3433 3_0_0 EXIST::FUNCTION:EGD UI_method_get_writer 3434 3_0_0 EXIST::FUNCTION: BN_secure_new 3435 3_0_0 EXIST::FUNCTION: -SHA1_Update 3437 3_0_0 EXIST::FUNCTION: +SHA1_Update 3437 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 BIO_s_connect 3438 3_0_0 EXIST::FUNCTION:SOCK EVP_MD_meth_get_init 3439 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ASN1_BIT_STRING_free 3440 3_0_0 EXIST::FUNCTION: @@ -3513,7 +3513,7 @@ EVP_MD_meth_dup 3588 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_ ENGINE_unregister_ciphers 3589 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE X509_issuer_and_serial_cmp 3590 3_0_0 EXIST::FUNCTION: OCSP_response_create 3591 3_0_0 EXIST::FUNCTION:OCSP -SHA224 3592 3_0_0 EXIST::FUNCTION: +SHA224 3592 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 MD2_options 3593 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,MD2 X509_REQ_it 3595 3_0_0 EXIST::FUNCTION: RAND_bytes 3596 3_0_0 EXIST::FUNCTION: @@ -3554,7 +3554,7 @@ PKCS5_pbe_set 3631 3_0_0 EXIST::FUNCTION: TS_RESP_CTX_free 3632 3_0_0 EXIST::FUNCTION:TS d2i_PUBKEY 3633 3_0_0 EXIST::FUNCTION: ASYNC_cleanup_thread 3634 3_0_0 EXIST::FUNCTION: -SHA384_Update 3635 3_0_0 EXIST::FUNCTION: +SHA384_Update 3635 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 CRYPTO_cfb128_1_encrypt 3636 3_0_0 EXIST::FUNCTION: BIO_set_cipher 3637 3_0_0 EXIST::FUNCTION: PEM_read_PUBKEY 3638 3_0_0 EXIST::FUNCTION:STDIO @@ -3576,7 +3576,7 @@ Camellia_ecb_encrypt 3654 3_0_0 EXIST::FUNCTION:CAMELLIA,DEPR ENGINE_set_default_RSA 3655 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE EVP_EncodeBlock 3656 3_0_0 EXIST::FUNCTION: SXNETID_free 3657 3_0_0 EXIST::FUNCTION: -SHA1_Init 3658 3_0_0 EXIST::FUNCTION: +SHA1_Init 3658 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 CRYPTO_atomic_add 3659 3_0_0 EXIST::FUNCTION: TS_CONF_load_certs 3660 3_0_0 EXIST::FUNCTION:TS PEM_write_bio_DSAPrivateKey 3661 3_0_0 EXIST::FUNCTION:DSA @@ -3599,7 +3599,7 @@ CRYPTO_mem_ctrl 3678 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG ASN1_verify 3679 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 DSA_generate_parameters_ex 3680 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA X509_sign 3681 3_0_0 EXIST::FUNCTION: -SHA256_Transform 3682 3_0_0 EXIST::FUNCTION: +SHA256_Transform 3682 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 BIO_ADDR_free 3683 3_0_0 EXIST::FUNCTION:SOCK ASN1_STRING_free 3684 3_0_0 EXIST::FUNCTION: X509_VERIFY_PARAM_inherit 3685 3_0_0 EXIST::FUNCTION: @@ -3816,7 +3816,7 @@ CRL_DIST_POINTS_free 3899 3_0_0 EXIST::FUNCTION: d2i_OCSP_SINGLERESP 3900 3_0_0 EXIST::FUNCTION:OCSP EVP_CIPHER_CTX_num 3901 3_0_0 EXIST::FUNCTION: EVP_PKEY_verify_recover_init 3902 3_0_0 EXIST::FUNCTION: -SHA512_Init 3903 3_0_0 EXIST::FUNCTION: +SHA512_Init 3903 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 TS_MSG_IMPRINT_set_msg 3904 3_0_0 EXIST::FUNCTION:TS CMS_unsigned_add1_attr 3905 3_0_0 EXIST::FUNCTION:CMS OPENSSL_LH_doall 3906 3_0_0 EXIST::FUNCTION: