diff options
author | Matt Caswell <matt@openssl.org> | 2021-04-08 16:22:51 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-04-12 11:47:24 +0100 |
commit | 28fd8953059fe7d9acd57ef6620457cb41a80509 (patch) | |
tree | d49f6c4d9d7ee3f8d3203f296caafe5e5c0b0bdd /doc | |
parent | 6878f4300213cfd7d4f01e26a8b97f70344da100 (diff) | |
download | openssl-28fd8953059fe7d9acd57ef6620457cb41a80509.tar.gz |
Remove the function EVP_PKEY_set_alias_type
OTC recently voted that EVP_PKEY types will be immutable in 3.0. This
means that EVP_PKEY_set_alias_type can no longer work and should be
removed entirely (applications will need to be rewritten not to use it).
It was primarily used for SM2 which no longer needs this call.
Applications should generate SM2 keys directly (without going via an EC
key first), or otherwise when loading keys they should automatically be
detected as SM2 keys.
Fixes #14379
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14803)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/EVP_PKEY_set1_RSA.pod | 34 |
1 files changed, 6 insertions, 28 deletions
diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod index d437f5bc13..e905024199 100644 --- a/doc/man3/EVP_PKEY_set1_RSA.pod +++ b/doc/man3/EVP_PKEY_set1_RSA.pod @@ -9,7 +9,7 @@ EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_get0, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, -EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - +EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions =head1 SYNOPSIS @@ -24,8 +24,6 @@ Deprecated since OpenSSL 3.0, can be hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, see L<openssl_user_macros(7)>: - int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type); - int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key); int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key); int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key); @@ -130,19 +128,12 @@ If I<engine> does not include an B<EVP_PKEY_METHOD> for I<pkey> an error occurs. This function is deprecated. Applications should use providers instead of engines (see L<provider(7)> for details). -EVP_PKEY_set_alias_type() allows modifying an EVP_PKEY to use a -different set of algorithms than the default. This function is deprecated and -was previously needed as a workaround to recognise SM2 keys. From OpenSSL 3.0, -this key type is internally recognised so the workaround is no longer needed. -Functionality is still retained as it is, but will only work with EVP_PKEYs -with a legacy internal key. - =head1 WARNINGS The following functions are only reliable with B<EVP_PKEY>s that have been assigned an internal key with EVP_PKEY_assign_*(): -EVP_PKEY_id(), EVP_PKEY_base_id(), EVP_PKEY_type(), EVP_PKEY_set_alias_type() +EVP_PKEY_id(), EVP_PKEY_base_id(), EVP_PKEY_type() For EVP_PKEY key type checking purposes, L<EVP_PKEY_is_a(3)> is more generic. @@ -171,12 +162,6 @@ EVP_PKEY_assign_EC_KEY() looks at the curve name id to determine if the passed B<EC_KEY> is an L<SM2(7)> key, and will set the B<EVP_PKEY> type to B<EVP_PKEY_SM2> in that case, instead of B<EVP_PKEY_EC>. -It's possible to switch back and forth between the types B<EVP_PKEY_EC> -and B<EVP_PKEY_SM2> with a call to EVP_PKEY_set_alias_type() on keys -assigned with this macro if it's desirable to do a normal EC -computations with the SM2 curve instead of the special SM2 -computations, and vice versa. - Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases. @@ -206,15 +191,6 @@ type or B<NID_undef> (equivalently B<EVP_PKEY_NONE>) on error. EVP_PKEY_set1_engine() returns 1 for success and 0 for failure. -EVP_PKEY_set_alias_type() returns 1 for success and 0 for error. - -=head1 EXAMPLES - -After loading an ECC key, it is possible to convert it to using SM2 -algorithms with EVP_PKEY_set_alias_type: - - EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); - =head1 SEE ALSO L<EVP_PKEY_new(3)>, L<SM2(7)> @@ -227,12 +203,14 @@ EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, -EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine and EVP_PKEY_get0_engine were -deprecated in OpenSSL 3.0. +EVP_PKEY_set1_engine and EVP_PKEY_get0_engine were deprecated in OpenSSL 3.0. The return value from EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY were made const in OpenSSL 3.0. +The function EVP_PKEY_set_alias_type() was previously documented on this page. +It was removed in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. |