aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorShane Lontis <shane.lontis@oracle.com>2020-10-15 13:41:59 +1000
committerTomas Mraz <tomas@openssl.org>2021-01-26 15:22:14 +0100
commit5b5eea4b60b682009d2b15587c9ceeae5e9c73f8 (patch)
tree4a3261cb27a582770270a07b40ecf05ecb71c89a /include
parent98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (diff)
downloadopenssl-5b5eea4b60b682009d2b15587c9ceeae5e9c73f8.tar.gz
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
Diffstat (limited to 'include')
-rw-r--r--include/crypto/ec.h9
-rw-r--r--include/crypto/sm2.h1
-rw-r--r--include/crypto/types.h3
-rw-r--r--include/openssl/core_names.h13
-rw-r--r--include/openssl/ec.h617
-rw-r--r--include/openssl/evp.h15
-rw-r--r--include/openssl/pem.h12
-rw-r--r--include/openssl/ssl.h.in6
-rw-r--r--include/openssl/types.h2
-rw-r--r--include/openssl/x509.h.in36
10 files changed, 394 insertions, 320 deletions
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index 087457fa50..4127b6e9a0 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -23,6 +23,7 @@ int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc);
# ifndef OPENSSL_NO_EC
# include <openssl/core.h>
# include <openssl/ec.h>
+# include "crypto/types.h"
/*-
* Computes the multiplicative inverse of x in the range
@@ -69,10 +70,18 @@ int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl,
const char *propq,
BN_CTX *bnctx, unsigned char **genbuf);
int ec_group_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
+int ec_group_set_params(EC_GROUP *group, const OSSL_PARAM params[]);
int ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[], int include_private);
int ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
int ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode);
int ec_encoding_name2id(const char *name);
+int ec_encoding_param2id(const OSSL_PARAM *p, int *id);
+int ec_pt_format_name2id(const char *name);
+int ec_pt_format_param2id(const OSSL_PARAM *p, int *id);
+char *ec_pt_format_id2name(int id);
+
+char *ec_check_group_type_id2name(int flags);
+int ec_set_check_group_type_from_name(EC_KEY *ec, const char *name);
# endif /* OPENSSL_NO_EC */
#endif
diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h
index e442e7aec7..a38d940a70 100644
--- a/include/crypto/sm2.h
+++ b/include/crypto/sm2.h
@@ -16,6 +16,7 @@
# ifndef OPENSSL_NO_SM2
# include <openssl/ec.h>
+# include "crypto/types.h"
int sm2_key_private_check(const EC_KEY *eckey);
diff --git a/include/crypto/types.h b/include/crypto/types.h
index ccb75e3cbf..e6e90d6177 100644
--- a/include/crypto/types.h
+++ b/include/crypto/types.h
@@ -12,5 +12,6 @@
#ifdef OPENSSL_NO_DEPRECATED_3_0
typedef struct rsa_st RSA;
typedef struct rsa_meth_st RSA_METHOD;
+typedef struct ec_key_st EC_KEY;
+typedef struct ec_key_method_st EC_KEY_METHOD;
#endif
-
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 17b0573ac3..7b9af62962 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -400,12 +400,23 @@ extern "C" {
#define OSSL_PKEY_PARAM_FFC_DIGEST OSSL_PKEY_PARAM_DIGEST
#define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
-#define OSSL_PKEY_PARAM_EC_ENCODING "encoding" /* utf8_string */
+#define OSSL_PKEY_PARAM_EC_ENCODING "encoding" /* utf8_string */
+#define OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT "point-format"
+#define OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE "group-check"
+#define OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC "include-public"
/* OSSL_PKEY_PARAM_EC_ENCODING values */
#define OSSL_PKEY_EC_ENCODING_EXPLICIT "explicit"
#define OSSL_PKEY_EC_ENCODING_GROUP "named_curve"
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_UNCOMPRESSED "uncompressed"
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED "compressed"
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_HYBRID "hybrid"
+
+#define OSSL_PKEY_EC_GROUP_CHECK_DEFAULT "default"
+#define OSSL_PKEY_EC_GROUP_CHECK_NAMED "named"
+#define OSSL_PKEY_EC_GROUP_CHECK_NAMED_NIST "named-nist"
+
/* Key Exchange parameters */
#define OSSL_EXCHANGE_PARAM_PAD "pad" /* uint */
#define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode" /* int */
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 1f01c09fb2..2d9b7714e3 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -106,40 +106,41 @@ typedef struct ec_parameters_st ECPARAMETERS;
/* EC_METHODs for curves over GF(p) */
/********************************************************************/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Returns the basic GFp ec methods which provides the basis for the
* optimized methods.
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_simple_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_simple_method(void);
/** Returns GFp methods using montgomery multiplication.
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_mont_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_mont_method(void);
/** Returns GFp methods using optimized methods for NIST recommended curves
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nist_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nist_method(void);
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
/** Returns 64-bit optimized methods for nistp224
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp224_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp224_method(void);
/** Returns 64-bit optimized methods for nistp256
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp256_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp256_method(void);
/** Returns 64-bit optimized methods for nistp521
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void))
-# endif
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif /* OPENSSL_NO_EC_NISTP_64_GCC_128 */
-# ifndef OPENSSL_NO_EC2M
+# ifndef OPENSSL_NO_EC2M
/********************************************************************/
/* EC_METHOD for curves over GF(2^m) */
/********************************************************************/
@@ -147,9 +148,9 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void))
/** Returns the basic GF2m ec method
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GF2m_simple_method(void);
-# endif
+# endif
/********************************************************************/
/* EC_GROUP functions */
@@ -160,18 +161,31 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void))
* \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
-DEPRECATEDIN_3_0(EC_GROUP *EC_GROUP_new(const EC_METHOD *meth))
+OSSL_DEPRECATEDIN_3_0 EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+OSSL_DEPRECATEDIN_3_0 void EC_GROUP_clear_free(EC_GROUP *group);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+OSSL_DEPRECATEDIN_3_0 int EC_METHOD_get_field_type(const EC_METHOD *meth);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Frees a EC_GROUP object
* \param group EC_GROUP object to be freed.
*/
void EC_GROUP_free(EC_GROUP *group);
-/** Clears and frees a EC_GROUP object
- * \param group EC_GROUP object to be cleared and freed.
- */
-DEPRECATEDIN_3_0(void EC_GROUP_clear_free(EC_GROUP *group))
-
/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
* \param dst destination EC_GROUP object
* \param src source EC_GROUP object
@@ -186,18 +200,6 @@ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
*/
EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-/** Returns the EC_METHOD of the EC_GROUP object.
- * \param group EC_GROUP object
- * \return EC_METHOD used in this EC_GROUP object.
- */
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group))
-
-/** Returns the field type of the EC_METHOD.
- * \param meth EC_METHOD object
- * \return NID of the underlying field type OID.
- */
-DEPRECATEDIN_3_0(int EC_METHOD_get_field_type(const EC_METHOD *meth))
-
/** Sets the generator and its order/cofactor of a EC_GROUP object.
* \param group EC_GROUP object
* \param generator EC_POINT object with the generator.
@@ -317,6 +319,7 @@ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the parameters of an ec curve. Synonym for EC_GROUP_set_curve
* \param group EC_GROUP object
* \param p BIGNUM with the prime number (GFp) or the polynomial
@@ -326,9 +329,11 @@ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
- const BIGNUM *a, const BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_set_curve_GFp(EC_GROUP *group,
+ const BIGNUM *p,
+ const BIGNUM *a,
+ const BIGNUM *b,
+ BN_CTX *ctx);
/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
* \param group EC_GROUP object
@@ -339,11 +344,12 @@ DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
- BIGNUM *a, BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_get_curve_GFp(const EC_GROUP *group,
+ BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
+# ifndef OPENSSL_NO_EC2M
/** Sets the parameter of an ec curve. Synonym for EC_GROUP_set_curve
* \param group EC_GROUP object
* \param p BIGNUM with the prime number (GFp) or the polynomial
@@ -353,9 +359,11 @@ DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
- const BIGNUM *a, const BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_set_curve_GF2m(EC_GROUP *group,
+ const BIGNUM *p,
+ const BIGNUM *a,
+ const BIGNUM *b,
+ BN_CTX *ctx);
/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
* \param group EC_GROUP object
@@ -366,10 +374,13 @@ DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
- BIGNUM *a, BIGNUM *b,
- BN_CTX *ctx))
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_get_curve_GF2m(const EC_GROUP *group,
+ BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
+# endif /* OPENSSL_NO_EC2M */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
/** Returns the number of bits needed to represent a field element
* \param group EC_GROUP object
* \return number of bits needed to represent a field element
@@ -550,12 +561,6 @@ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
*/
EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
-/** Returns the EC_METHOD used in EC_POINT object
- * \param point EC_POINT object
- * \return the EC_METHOD used
- */
-DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point))
-
/** Sets a point to infinity (neutral element)
* \param group underlying EC_GROUP object
* \param point EC_POINT to set to infinity
@@ -563,6 +568,13 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point))
*/
int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
/** Sets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -572,10 +584,10 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p, const BIGNUM *x,
- const BIGNUM *y, const BIGNUM *z,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_Jprojective_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx);
/** Gets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -586,10 +598,10 @@ DEPRECATEDIN_3_0(int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *gr
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x,
- BIGNUM *y, BIGNUM *z,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_Jprojective_coordinates_GFp
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Sets the affine coordinates of an EC_POINT
* \param group underlying EC_GROUP object
@@ -614,6 +626,7 @@ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_set_affine_coordinates
* \param group underlying EC_GROUP object
@@ -623,11 +636,9 @@ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- const BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_affine_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_get_affine_coordinates
@@ -638,11 +649,10 @@ DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p,
- BIGNUM *x,
- BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_affine_coordinates_GFp
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Sets the x9.62 compressed coordinates of a EC_POINT
* \param group underlying EC_GROUP object
@@ -656,6 +666,7 @@ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit,
BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
* EC_POINT_set_compressed_coordinates
* \param group underlying EC_GROUP object
@@ -665,12 +676,10 @@ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- int y_bit,
- BN_CTX *ctx))
-# ifndef OPENSSL_NO_EC2M
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_compressed_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
/** Sets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_set_affine_coordinates
* \param group underlying EC_GROUP object
@@ -680,11 +689,9 @@ DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *gro
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- const BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_affine_coordinates_GF2m
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_get_affine_coordinates
@@ -695,11 +702,9 @@ DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
- const EC_POINT *p,
- BIGNUM *x,
- BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_affine_coordinates_GF2m
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
* EC_POINT_set_compressed_coordinates
@@ -710,12 +715,12 @@ DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- int y_bit,
- BN_CTX *ctx))
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_compressed_coordinates_GF2m
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
/** Encodes a EC_POINT object to a octet string
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -828,10 +833,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
BN_CTX *ctx);
-DEPRECATEDIN_3_0(int EC_POINT_make_affine(const EC_GROUP *group,
- EC_POINT *point, BN_CTX *ctx))
-DEPRECATEDIN_3_0(int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
- EC_POINT *points[], BN_CTX *ctx))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_make_affine(const EC_GROUP *group,
+ EC_POINT *point, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n + sum_{i=0}^{num-1} p[i] * m[i]
* \param group underlying EC_GROUP object
@@ -843,10 +849,11 @@ DEPRECATEDIN_3_0(int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
- const BIGNUM *n, size_t num,
- const EC_POINT *p[], const BIGNUM *m[],
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *n, size_t num,
+ const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Computes r = generator * n + q * m
* \param group underlying EC_GROUP object
@@ -860,18 +867,20 @@ DEPRECATEDIN_3_0(int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
/** Reports whether a precomputation has been done
* \param group EC_GROUP object
* \return 1 if a pre-computation has been done and 0 otherwise
*/
-DEPRECATEDIN_3_0(int EC_GROUP_have_precompute_mult(const EC_GROUP *group))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/********************************************************************/
/* ASN1 stuff */
@@ -906,10 +915,14 @@ int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
# define i2d_ECPKParameters_fp(fp,x) \
ASN1_i2d_fp(i2d_ECPKParameters,(fp), (unsigned char *)(x))
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-# ifndef OPENSSL_NO_STDIO
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ECPKParameters_print(BIO *bp, const EC_GROUP *x,
+ int off);
+# ifndef OPENSSL_NO_STDIO
+OSSL_DEPRECATEDIN_3_0 int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x,
+ int off);
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/********************************************************************/
/* EC_KEY functions */
@@ -920,33 +933,40 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
# define EC_PKEY_NO_PUBKEY 0x002
/* some values for the flags field */
-# define EC_FLAG_NON_FIPS_ALLOW 0x1
-# define EC_FLAG_FIPS_CHECKED 0x2
-# define EC_FLAG_COFACTOR_ECDH 0x1000
-# define EC_FLAG_SM2_RANGE 0x4
+# define EC_FLAG_SM2_RANGE 0x0004
+# define EC_FLAG_COFACTOR_ECDH 0x1000
+# define EC_FLAG_CHECK_NAMED_GROUP 0x2000
+# define EC_FLAG_CHECK_NAMED_GROUP_NIST 0x4000
+# define EC_FLAG_CHECK_NAMED_GROUP_MASK \
+ (EC_FLAG_CHECK_NAMED_GROUP | EC_FLAG_CHECK_NAMED_GROUP_NIST)
+
+/* Deprecated flags - it was using 0x01..0x02 */
+# define EC_FLAG_NON_FIPS_ALLOW 0x0000
+# define EC_FLAG_FIPS_CHECKED 0x0000
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/**
* Creates a new EC_KEY object.
* \param ctx The library context for to use for this EC_KEY. May be NULL in
* which case the default library context is used.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq);
/**
* Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a
* NULL library context
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new(void);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new(void);
-int EC_KEY_get_flags(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_get_flags(const EC_KEY *key);
-void EC_KEY_set_flags(EC_KEY *key, int flags);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_flags(EC_KEY *key, int flags);
-void EC_KEY_clear_flags(EC_KEY *key, int flags);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_clear_flags(EC_KEY *key, int flags);
-int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);
/**
* Creates a new EC_KEY object using a named curve as underlying
@@ -957,8 +977,9 @@ int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx, const char *propq,
- int nid);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx,
+ const char *propq,
+ int nid);
/**
* Creates a new EC_KEY object using a named curve as underlying
@@ -967,44 +988,43 @@ EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx, const char *propq,
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_by_curve_name(int nid);
-
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
/** Frees a EC_KEY object.
* \param key EC_KEY object to be freed.
*/
-void EC_KEY_free(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_free(EC_KEY *key);
/** Copies a EC_KEY object.
* \param dst destination EC_KEY object
* \param src src EC_KEY object
* \return dst or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
/** Creates a new EC_KEY object and copies the content from src to it.
* \param src the source EC_KEY object
* \return newly created EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_dup(const EC_KEY *src);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_dup(const EC_KEY *src);
/** Increases the internal reference count of a EC_KEY object.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_up_ref(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_up_ref(EC_KEY *key);
/** Returns the ENGINE object of a EC_KEY object
* \param eckey EC_KEY object
* \return the ENGINE object (possibly NULL).
*/
-ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
/** Returns the EC_GROUP object of a EC_KEY object
* \param key EC_KEY object
* \return the EC_GROUP object (possibly NULL).
*/
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
/** Sets the EC_GROUP of a EC_KEY object.
* \param key EC_KEY object
@@ -1012,13 +1032,13 @@ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
* object will use an own copy of the EC_GROUP).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
/** Returns the private key of a EC_KEY object.
* \param key EC_KEY object
* \return a BIGNUM with the private key (possibly NULL).
*/
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
/** Sets the private key of a EC_KEY object.
* \param key EC_KEY object
@@ -1026,13 +1046,13 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
* will use an own copy of the BIGNUM).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
/** Returns the public key of a EC_KEY object.
* \param key the EC_KEY object
* \return a EC_POINT object with the public key (possibly NULL)
*/
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
/** Sets the public key of a EC_KEY object.
* \param key EC_KEY object
@@ -1040,20 +1060,24 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
* will use an own copy of the EC_POINT object).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
-unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
-void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+OSSL_DEPRECATEDIN_3_0 unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+OSSL_DEPRECATEDIN_3_0 point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_conv_form(EC_KEY *eckey,
+ point_conversion_form_t cform);
+# endif /*OPENSSL_NO_DEPRECATED_3_0 */
# define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
-int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
-void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.
@@ -1061,25 +1085,25 @@ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred.
*/
-DEPRECATEDIN_3_0(int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
/** Creates a new ec private (and optional a new public) key.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_generate_key(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_generate_key(EC_KEY *key);
/** Verifies that a private and/or public key is valid.
* \param key the EC_KEY object
* \return 1 on success and 0 otherwise.
*/
-int EC_KEY_check_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_check_key(const EC_KEY *key);
/** Indicates if an EC_KEY can be used for signing.
* \param eckey the EC_KEY object
* \return 1 if can can sign and 0 otherwise.
*/
-int EC_KEY_can_sign(const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_can_sign(const EC_KEY *eckey);
/** Sets a public key from affine coordinates performing
* necessary NIST PKV tests.
@@ -1088,8 +1112,9 @@ int EC_KEY_can_sign(const EC_KEY *eckey);
* \param y public key y coordinate
* \return 1 on success and 0 otherwise.
*/
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
- BIGNUM *y);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key,
+ BIGNUM *x,
+ BIGNUM *y);
/** Encodes an EC_KEY public key to an allocated octet string
* \param key key to encode
@@ -1098,8 +1123,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
* \param ctx BN_CTX object (optional)
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
- unsigned char **pbuf, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_key2buf(const EC_KEY *key,
+ point_conversion_form_t form,
+ unsigned char **pbuf, BN_CTX *ctx);
/** Decodes a EC_KEY public key from a octet string
* \param key key to decode
@@ -1109,8 +1135,8 @@ size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
- BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf,
+ size_t len, BN_CTX *ctx);
/** Decodes an EC_KEY private key from an octet string
* \param key key to decode
@@ -1119,7 +1145,8 @@ int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf, size_t len);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf,
+ size_t len);
/** Encodes a EC_KEY private key to an octet string
* \param key key to encode
@@ -1129,14 +1156,16 @@ int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf, size_t len);
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_priv2oct(const EC_KEY *key, unsigned char *buf, size_t len);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_priv2oct(const EC_KEY *key,
+ unsigned char *buf, size_t len);
/** Encodes an EC_KEY private key to an allocated octet string
* \param eckey key to encode
* \param pbuf returns pointer to allocated buffer
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_priv2buf(const EC_KEY *eckey,
+ unsigned char **pbuf);
/********************************************************************/
/* de- and encoding functions for SEC1 ECPrivateKey */
@@ -1148,7 +1177,9 @@ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);
* \param len length of the DER encoded private key
* \return the decoded private key or NULL if an error occurred.
*/
-EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey(EC_KEY **key,
+ const unsigned char **in,
+ long len);
/** Encodes a private key object and stores the result in a buffer.
* \param key the EC_KEY object to encode
@@ -1156,7 +1187,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
-int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey(const EC_KEY *key,
+ unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC parameters */
@@ -1169,7 +1201,9 @@ int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out);
* \return a EC_KEY object with the decoded parameters or NULL if an error
* occurred.
*/
-EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECParameters(EC_KEY **key,
+ const unsigned char **in,
+ long len);
/** Encodes ec parameter and stores the result in a buffer.
* \param key the EC_KEY object with ec parameters to encode
@@ -1177,7 +1211,8 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
-int i2d_ECParameters(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECParameters(const EC_KEY *key,
+ unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC public key */
@@ -1191,7 +1226,8 @@ int i2d_ECParameters(const EC_KEY *key, unsigned char **out);
* \return EC_KEY object with decoded public key or NULL if an error
* occurred.
*/
-EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *o2i_ECPublicKey(EC_KEY **key,
+ const unsigned char **in, long len);
/** Encodes a ec public key in an octet string.
* \param key the EC_KEY object with the public key
@@ -1199,14 +1235,14 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
* of bytes needed).
* \return 1 on success and 0 if an error occurred
*/
-int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out);
/** Prints out the ec parameters on human readable form.
* \param bp BIO object to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
-int ECParameters_print(BIO *bp, const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int ECParameters_print(BIO *bp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param bp BIO object to which the information is printed
@@ -1214,15 +1250,15 @@ int ECParameters_print(BIO *bp, const EC_KEY *key);
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
-# ifndef OPENSSL_NO_STDIO
+# ifndef OPENSSL_NO_STDIO
/** Prints out the ec parameters on human readable form.
* \param fp file descriptor to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
-int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param fp file descriptor to which the information is printed
@@ -1230,32 +1266,33 @@ int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
-
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+# endif /* OPENSSL_NO_STDIO */
-const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
-const EC_KEY_METHOD *EC_KEY_get_default_method(void);
-void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
-const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
-int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
-EC_KEY *EC_KEY_new_method(ENGINE *engine);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_get_default_method(void);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_method(ENGINE *engine);
/** The old name for ecdh_KDF_X9_63
* The ECDH KDF specification has been mistakingly attributed to ANSI X9.62,
* it is actually specified in ANSI X9.63.
* This identifier is retained for backwards compatibility
*/
-DEPRECATEDIN_3_0(int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- const unsigned char *sinfo, size_t sinfolen,
- const EVP_MD *md))
-
-DEPRECATEDIN_3_0(int ECDH_compute_key(void *out, size_t outlen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh,
- void *(*KDF)(const void *in, size_t inlen,
- void *out, size_t *outlen)))
+OSSL_DEPRECATEDIN_3_0 int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ const unsigned char *sinfo,
+ size_t sinfolen, const EVP_MD *md);
+
+OSSL_DEPRECATEDIN_3_0 int ECDH_compute_key(void *out, size_t outlen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh,
+ void *(*KDF)(const void *in,
+ size_t inlen, void *out,
+ size_t *outlen));
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
typedef struct ECDSA_SIG_st ECDSA_SIG;
@@ -1310,6 +1347,7 @@ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
*/
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
@@ -1317,8 +1355,8 @@ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
- int dgst_len, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
+ int dgst_len, EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1330,9 +1368,9 @@ DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
- int dgstlen, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
+ int dgstlen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
/** Verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
@@ -1343,8 +1381,8 @@ DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
-DEPRECATEDIN_3_0(int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
/** Precompute parts of the signing operation
* \param eckey EC_KEY object containing a private EC key
@@ -1353,8 +1391,8 @@ DEPRECATEDIN_3_0(int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
* \param rp BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
- BIGNUM **kinv, BIGNUM **rp))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
+ BIGNUM **kinv, BIGNUM **rp);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1366,9 +1404,9 @@ DEPRECATEDIN_3_0(int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign(int type, const unsigned char *dgst,
- int dgstlen, unsigned char *sig,
- unsigned int *siglen, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1383,10 +1421,10 @@ DEPRECATEDIN_3_0(int ECDSA_sign(int type, const unsigned char *dgst,
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign_ex(int type, const unsigned char *dgst,
- int dgstlen, unsigned char *sig,
- unsigned int *siglen, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign_ex(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
/** Verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
@@ -1399,119 +1437,112 @@ DEPRECATEDIN_3_0(int ECDSA_sign_ex(int type, const unsigned char *dgst,
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
-DEPRECATEDIN_3_0(int ECDSA_verify(int type, const unsigned char *dgst,
- int dgstlen, const unsigned char *sig,
- int siglen, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_verify(int type, const unsigned char *dgst,
+ int dgstlen, const unsigned char *sig,
+ int siglen, EC_KEY *eckey);
/** Returns the maximum length of the DER encoded signature
* \param eckey EC_KEY object
* \return numbers of bytes required for the DER encoded signature
*/
-DEPRECATEDIN_3_0(int ECDSA_size(const EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_size(const EC_KEY *eckey);
/********************************************************************/
/* EC_KEY_METHOD constructors, destructors, writers and accessors */
/********************************************************************/
-DEPRECATEDIN_3_0(EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth))
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_free(EC_KEY_METHOD *meth))
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_init
- (EC_KEY_METHOD *meth,
- int (*init)(EC_KEY *key),
- void (*finish)(EC_KEY *key),
- int (*copy)(EC_KEY *dest, const EC_KEY *src),
- int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
- int (*set_private)(EC_KEY *key,
- const BIGNUM *priv_key),
- int (*set_public)(EC_KEY *key,
- const EC_POINT *pub_key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
- int (*keygen)(EC_KEY *key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_compute_key
- (EC_KEY_METHOD *meth,
- int (*ckey)(unsigned char **psec,
- size_t *pseclen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_sign
- (EC_KEY_METHOD *meth,
- int (*sign)(int type, const unsigned char *dgst,
- int dlen, unsigned char *sig,
- unsigned int *siglen,
- const BIGNUM *kinv, const BIGNUM *r,
- EC_KEY *eckey),
- int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
- BIGNUM **kinvp, BIGNUM **rp),
- ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
- int dgst_len,
- const BIGNUM *in_kinv,
- const BIGNUM *in_r,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_verify
- (EC_KEY_METHOD *meth,
- int (*verify)(int type, const unsigned
- char *dgst, int dgst_len,
- const unsigned char *sigbuf,
- int sig_len, EC_KEY *eckey),
- int (*verify_sig)(const unsigned char *dgst,
- int dgst_len,
- const ECDSA_SIG *sig,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_init
- (const EC_KEY_METHOD *meth,
- int (**pinit)(EC_KEY *key),
- void (**pfinish)(EC_KEY *key),
- int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
- int (**pset_group)(EC_KEY *key,
- const EC_GROUP *grp),
- int (**pset_private)(EC_KEY *key,
- const BIGNUM *priv_key),
- int (**pset_public)(EC_KEY *key,
- const EC_POINT *pub_key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
- int (**pkeygen)(EC_KEY *key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_compute_key
- (const EC_KEY_METHOD *meth,
- int (**pck)(unsigned char **psec,
- size_t *pseclen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_sign
- (const EC_KEY_METHOD *meth,
- int (**psign)(int type, const unsigned char *dgst,
- int dlen, unsigned char *sig,
- unsigned int *siglen,
- const BIGNUM *kinv, const BIGNUM *r,
- EC_KEY *eckey),
- int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
- BIGNUM **kinvp, BIGNUM **rp),
- ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
+OSSL_DEPRECATEDIN_3_0 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_init
+ (EC_KEY_METHOD *meth,
+ int (*init)(EC_KEY *key),
+ void (*finish)(EC_KEY *key),
+ int (*copy)(EC_KEY *dest, const EC_KEY *src),
+ int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
+ int (*set_private)(EC_KEY *key, const BIGNUM *priv_key),
+ int (*set_public)(EC_KEY *key, const EC_POINT *pub_key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
+ int (*keygen)(EC_KEY *key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_compute_key
+ (EC_KEY_METHOD *meth,
+ int (*ckey)(unsigned char **psec, size_t *pseclen,
+ const EC_POINT *pub_key, const EC_KEY *ecdh));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_sign
+ (EC_KEY_METHOD *meth,
+ int (*sign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_verify
+ (EC_KEY_METHOD *meth,
+ int (*verify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (*verify_sig)(const unsigned char *dgst,
+ int dgst_len, const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_init
+ (const EC_KEY_METHOD *meth,
+ int (**pinit)(EC_KEY *key),
+ void (**pfinish)(EC_KEY *key),
+ int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
+ int (**pset_group)(EC_KEY *key, const EC_GROUP *grp),
+ int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key),
+ int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_keygen
+ (const EC_KEY_METHOD *meth, int (**pkeygen)(EC_KEY *key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_compute_key
+ (const EC_KEY_METHOD *meth,
+ int (**pck)(unsigned char **psec,
+ size_t *pseclen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_sign
+ (const EC_KEY_METHOD *meth,
+ int (**psign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_verify
+ (const EC_KEY_METHOD *meth,
+ int (**pverify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (**pverify_sig)(const unsigned char *dgst,
int dgst_len,
- const BIGNUM *in_kinv,
- const BIGNUM *in_r,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify
- (const EC_KEY_METHOD *meth,
- int (**pverify)(int type, const unsigned
- char *dgst, int dgst_len,
- const unsigned char *sigbuf,
- int sig_len, EC_KEY *eckey),
- int (**pverify_sig)(const unsigned char *dgst,
- int dgst_len,
- const ECDSA_SIG *sig,
- EC_KEY *eckey)))
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
# define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
- d2i_ECParameters, x)
+ d2i_ECParameters, x)
# ifndef __cplusplus
# if defined(__SUNPRO_C)
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 6893b49ce4..bfab06d5df 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -494,9 +494,11 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,(dh))
# endif
-# ifndef OPENSSL_NO_EC
-# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
- (eckey))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+# define EVP_PKEY_assign_EC_KEY(pkey,eckey) \
+ EVP_PKEY_assign((pkey), EVP_PKEY_EC, (eckey))
+# endif
# endif
# ifndef OPENSSL_NO_SIPHASH
# define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),\
@@ -1261,11 +1263,16 @@ OSSL_DEPRECATEDIN_3_0 struct dh_st *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
OSSL_DEPRECATEDIN_3_0 struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
# endif
# endif
-# ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
struct ec_key_st;
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
+OSSL_DEPRECATEDIN_3_0
struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+# endif
# endif
EVP_PKEY *EVP_PKEY_new(void);
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 97d52e729b..22d42be8e4 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -455,11 +455,15 @@ DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DSA_PUBKEY, DSA)
DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DSAparams, DSA)
# endif
# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, EC_PUBKEY, EC_KEY)
+# endif
# endif
+
# ifndef OPENSSL_NO_DH
# ifndef OPENSSL_NO_DEPRECATED_3_0
DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
index 0025a2a8cd..8c01334f49 100644
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -1227,13 +1227,13 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
+
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define SSL_CTRL_SET_TMP_DH 3
-# endif
-# define SSL_CTRL_SET_TMP_ECDH 4
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTRL_SET_TMP_ECDH 4
# define SSL_CTRL_SET_TMP_DH_CB 6
# endif
+
# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
diff --git a/include/openssl/types.h b/include/openssl/types.h
index cf11b8549d..56437f96f9 100644
--- a/include/openssl/types.h
+++ b/include/openssl/types.h
@@ -144,8 +144,10 @@ typedef struct rsa_meth_st RSA_METHOD;
# endif
typedef struct rsa_pss_params_st RSA_PSS_PARAMS;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef struct ec_key_st EC_KEY;
typedef struct ec_key_method_st EC_KEY_METHOD;
+# endif
typedef struct rand_meth_st RAND_METHOD;
typedef struct rand_drbg_st RAND_DRBG;
diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in
index bf525f427f..cb4f126edf 100644
--- a/include/openssl/x509.h.in
+++ b/include/openssl/x509.h.in
@@ -430,12 +430,14 @@ OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa);
# endif
# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey);
-# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey);
+# endif /* OPENSSL_NO_EC */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8);
X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk);
@@ -474,12 +476,16 @@ OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa);
# endif
# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey);
-# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey);
+# endif /* OPENSSL_NO_EC */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8);
X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk);
@@ -555,8 +561,10 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,RSA, RSA_PUBKEY)
DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,DSA, DSA_PUBKEY)
# endif
# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(EC_KEY, EC_PUBKEY)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, EC_KEY, EC_PUBKEY)
+# endif
# endif
DECLARE_ASN1_FUNCTIONS(X509_SIG)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-16 08:09:59 +0000