Lines Matching +full:in +full:- +full:functions
18 .\" Set up some character translations and predefined strings. \*(-- will
22 .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23 .\" nothing in troff, for use with C<>.
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
45 .\" Escape single quotes in literal strings from groff's Unicode transform.
51 .\" entries marked with X<> in POD. Of course, you'll have to process the
52 .\" output yourself in some meaningful fashion.
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 . \" troff and (daisy-wheel) nroff accents
123 . ds d- d\h'-1'\(ga
124 . ds D- D\h'-1'\(hy
134 .TH MIGRATION_GUIDE 7ossl "2023-09-19" "3.0.11" "OpenSSL"
136 .\" way too many mistakes in technical documents.
140 migration_guide \- OpenSSL migration guide
149 For an overview of some of the key concepts introduced in OpenSSL 3.0 see
159 uses an older version of OpenSSL will at the very least need to be recompiled in
163 changes may be required in some cases. Changes may also be required if
164 applications need to take advantage of some of the new features available in
165 OpenSSL 3.0 such as the availability of the \s-1FIPS\s0 module.
171 licenses <https://www.openssl.org/source/license-openssl-ssleay.txt>
173 Apache License v2 <https://www.openssl.org/source/apache-license-2.0.txt>.
175 \fIProviders and \s-1FIPS\s0 support\fR
185 \&\*(L"high level\*(R" APIs (for example those functions prefixed with \f(CW\*(C`EVP\*(C'\fR). They…
188 One of the standard providers available is the \s-1FIPS\s0 provider. This makes
189 available \s-1FIPS\s0 validated cryptographic algorithms.
190 The \s-1FIPS\s0 provider is disabled by default and needs to be enabled explicitly
191 at configuration time using the \f(CW\*(C`enable\-fips\*(C'\fR option. If it is enabled,
192 the \s-1FIPS\s0 provider gets built and installed in addition to the other standard
195 special purpose of installing only the \s-1FIPS\s0 provider into an existing
199 If the application code uses any digest or cipher algorithm via the \s-1EVP\s0 interface,
201 \&\fBEVP_EncryptInit_ex\fR\|(3), and \fBEVP_DigestInit\fR\|(3) functions. In case when
202 the requested algorithm is not available, these functions will fail.
206 See also \*(L"Completing the installation of the \s-1FIPS\s0 Module\*(R" and
207 \&\*(L"Using the \s-1FIPS\s0 Module in applications\*(R".
216 For example, the \s-1EVP\s0 APIs provide the functions \fBEVP_EncryptInit_ex\fR\|(3),
218 encryption. Those functions can be used with the algorithms \s-1AES, CHACHA, 3DES\s0 etc.
219 On the other hand, to do \s-1AES\s0 encryption using the low level APIs you would have
220 to call \s-1AES\s0 specific functions such as \fBAES_set_encrypt_key\fR\|(3),
221 \&\fBAES_encrypt\fR\|(3), and so on. The functions for 3DES are different.
223 development team for a long time. However in OpenSSL 3.0 this is made more
224 formal. All such low level APIs have been deprecated. You may still use them in
230 This is described in more detail in \*(L"Deprecation of Low Level Functions\*(R"
235 Some cryptographic algorithms such as \fB\s-1MD2\s0\fR and \fB\s-1DES\s0\fR that were available via
236 the \s-1EVP\s0 APIs are now considered legacy and their use is strongly discouraged.
237 These legacy \s-1EVP\s0 algorithms are still available in OpenSSL 3.0 but not by
240 See \fBOSSL_PROVIDER\-legacy\fR\|(7) for a complete list of algorithms.
241 Applications using the \s-1EVP\s0 APIs to access these algorithms should instead use
247 \fIEngines and \*(L"\s-1METHOD\*(R"\s0 APIs\fR
251 support engines, including the \s-1ENGINE API\s0 and any function that creates or
252 modifies custom \*(L"\s-1METHODS\*(R"\s0 (for example \fBEVP_MD_meth_new\fR\|(3),
254 \&\fBEC_KEY_METHOD_new\fR\|(3), etc.). These functions are being deprecated in
258 \&\s-1FIPS\s0 module, as detailed below. Authors and maintainers of external engines are
260 using the new Provider \s-1API\s0 and avoiding deprecated methods.
265 If openssl is not built without engine support or deprecated \s-1API\s0 support, engines
270 Engine-backed keys can be loaded via custom \fB\s-1OSSL_STORE\s0\fR implementation.
271 In this case the \fB\s-1EVP_PKEY\s0\fR objects created via \fBENGINE_load_private_key\fR\|(3)
275 To prefer the provider-based hardware offload, you can specify the default
284 \&\s-1MAJOR.MINOR.PATCH\s0
288 instead the patch level is indicated by the final number in the version. A
289 change in the second (\s-1MINOR\s0) number indicates that new features may have been
290 added. OpenSSL versions with the same major number are \s-1API\s0 and \s-1ABI\s0 compatible.
291 If the major number changes then \s-1API\s0 and \s-1ABI\s0 compatibility is not guaranteed.
298 Certificate Management Protocol (\s-1CMP, RFC 4210\s0)
301 This also covers \s-1CRMF\s0 (\s-1RFC 4211\s0) and \s-1HTTP\s0 transfer (\s-1RFC 6712\s0)
302 See \fBopenssl\-cmp\fR\|(1) and \fBOSSL_CMP_exec_certreq\fR\|(3) as starting points.
304 \s-1HTTP\s0(S) client
307 A proper \s-1HTTP\s0(S) client that supports \s-1GET\s0 and \s-1POST,\s0 redirection, plain and
308 \&\s-1ASN\s0.1\-encoded contents, proxies, and timeouts.
310 Key Derivation Function \s-1API\s0 (\s-1EVP_KDF\s0)
313 This simplifies the process of adding new \s-1KDF\s0 and \s-1PRF\s0 implementations.
315 Previously \s-1KDF\s0 algorithms had been shoe-horned into using the \s-1EVP_PKEY\s0 object
317 Existing applications that use \s-1KDF\s0 algorithms using \s-1EVP_PKEY\s0
318 (scrypt, \s-1TLS1 PRF\s0 and \s-1HKDF\s0) may be slower as they use an \s-1EVP_KDF\s0 bridge
320 All new applications should use the new \s-1\fBEVP_KDF\s0\fR\|(3) interface.
321 See also \*(L"Key Derivation Function (\s-1KDF\s0)\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7) and
322 \&\*(L"Key Derivation Function (\s-1KDF\s0)\*(R" in \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
324 Message Authentication Code \s-1API\s0 (\s-1EVP_MAC\s0)
327 This simplifies the process of adding \s-1MAC\s0 implementations.
329 This includes a generic \s-1EVP_PKEY\s0 to \s-1EVP_MAC\s0 bridge, to facilitate the continued
330 use of MACs through raw private keys in functionality such as
333 All new applications should use the new \s-1\fBEVP_MAC\s0\fR\|(3) interface.
334 See also \*(L"Message Authentication Code (\s-1MAC\s0)\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7)
335 and \*(L"Message Authentication Code (\s-1MAC\s0)\*(R" in \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
340 Using calls to convenience functions such as \fBEVP_sha256()\fR and \fBEVP_aes_256_gcm()\fR may
345 …e \*(L"Performance\*(R" in \fBcrypto\fR\|(7), \*(L"Explicit fetching\*(R" in \fBcrypto\fR\|(7) and…
347 Support for Linux Kernel \s-1TLS\s0
350 In order to use \s-1KTLS,\s0 support for it must be compiled in using the
351 \&\f(CW\*(C`enable\-ktls\*(C'\fR configuration option. It must also be enabled at run time using
352 the \fB\s-1SSL_OP_ENABLE_KTLS\s0\fR option.
357 \&\s-1KDF\s0 algorithms \*(L"\s-1SINGLE STEP\*(R"\s0 and \*(L"\s-1SSH\*(R"\s0
359 See \s-1\fBEVP_KDF\-SS\s0\fR\|(7) and \s-1\fBEVP_KDF\-SSHKDF\s0\fR\|(7)
361 \&\s-1MAC\s0 Algorithms \*(L"\s-1GMAC\*(R"\s0 and \*(L"\s-1KMAC\*(R"\s0
363 See \s-1\fBEVP_MAC\-GMAC\s0\fR\|(7) and \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7).
365 \&\s-1KEM\s0 Algorithm \*(L"\s-1RSASVE\*(R"\s0
367 See \s-1\fBEVP_KEM\-RSA\s0\fR\|(7).
369 Cipher Algorithm \*(L"AES-SIV\*(R"
371 See \*(L"\s-1SIV\s0 Mode\*(R" in \fBEVP_EncryptInit\fR\|(3).
373 \&\s-1AES\s0 Key Wrap inverse ciphers supported by \s-1EVP\s0 layer.
375 The inverse ciphers use \s-1AES\s0 decryption for wrapping, and \s-1AES\s0 encryption for
376 unwrapping. The algorithms are: \*(L"\s-1AES\-128\-WRAP\-INV\*(R", \*(L"AES\-192\-WRAP\-INV\*(R",
377 \&\*(L"AES\-256\-WRAP\-INV\*(R", \*(L"AES\-128\-WRAP\-PAD\-INV\*(R", \*(L"AES\-192\-WRAP\-PAD\-INV\…
378 \&\*(L"\s-1AES\-256\-WRAP\-PAD\-INV\*(R".\s0
380 \&\s-1CTS\s0 ciphers added to \s-1EVP\s0 layer.
382 The algorithms are \*(L"\s-1AES\-128\-CBC\-CTS\*(R", \*(L"AES\-192\-CBC\-CTS\*(R", \*(L"AES\-256\-C…
383 \&\*(L"CAMELLIA\-128\-CBC\-CTS\*(R", \*(L"CAMELLIA\-192\-CBC\-CTS\*(R"\s0 and \*(L"\s-1CAMELLIA\-25…
384 CS1, CS2\s0 and \s-1CS3\s0 variants are supported.
386 \s-1CMS\s0 and PKCS#7 updates
389 Added CAdES-BES signature verification support.
391 Added CAdES-BES signature scheme and attributes support (\s-1RFC 5126\s0) to \s-1CMS API.\s0
393 Added AuthEnvelopedData content type structure (\s-1RFC 5083\s0) using \s-1AES_GCM\s0
395 This uses the AES-GCM parameter (\s-1RFC 5084\s0) for the Cryptographic Message Syntax.
397 is both authenticated and encrypted using \s-1AES GCM\s0 mode.
401 PKCS#12 \s-1API\s0 updates
405 were changed to more modern \s-1PBKDF2\s0 and \s-1AES\s0 based algorithms. The default
406 \&\s-1MAC\s0 iteration count was changed to \s-1PKCS12_DEFAULT_ITER\s0 to make it equal
407 with the password-based encryption iteration count. The default digest
408 algorithm for the \s-1MAC\s0 computation was changed to \s-1SHA\-256.\s0 The pkcs12
409 application now supports \-legacy option that restores the previous
412 Added enhanced PKCS#12 APIs which accept a library context \fB\s-1OSSL_LIB_CTX\s0\fR
431 PKCS#12 \s-1KDF\s0 versus \s-1FIPS\s0
434 Unlike in 1.x.y, the \s-1PKCS12KDF\s0 algorithm used when a PKCS#12 structure
435 is created with a \s-1MAC\s0 that does not work with the \s-1FIPS\s0 provider as the \s-1PKCS12KDF\…
436 is not a \s-1FIPS\s0 approvable mechanism.
438 See \s-1\fBEVP_KDF\-PKCS12KDF\s0\fR\|(7), \fBPKCS12_create\fR\|(3), \fBopenssl\-pkcs12\fR\|(1),
439 \&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7).
445 supported by the \s-1OS,\s0 otherwise CriticalSection continues to be used.
447 Trace \s-1API\s0
450 A new generic trace \s-1API\s0 has been added which provides support for enabling
453 configured with the \f(CW\*(C`enable\-trace\*(C'\fR option.
455 If the tracing \s-1API\s0 is enabled, the application can activate trace output by
463 more key types. This includes \s-1RSA, DSA, ED25519, X25519, ED448\s0 and X448.
464 Previously (in 1.1.1) they would return \-2. For key types that do not have
473 This code is now always set to zero. Related functions are deprecated.
475 \s-1STACK\s0 and \s-1HASH\s0 macros have been cleaned up
478 The type-safe wrappers are declared everywhere and implemented once.
479 See \s-1\fBDEFINE_STACK_OF\s0\fR\|(3) and \s-1\fBDECLARE_LHASH_OF\s0\fR\|(3).
481 The \s-1RAND_DRBG\s0 subsystem has been removed
484 The new \s-1\fBEVP_RAND\s0\fR\|(3) is a partial replacement: the \s-1DRBG\s0 callback framework is
485 absent. The \s-1RAND_DRBG API\s0 did not fit well into the new provider concept as
486 implemented by \s-1EVP_RAND\s0 and \s-1EVP_RAND_CTX.\s0
491 These functions are legacy APIs that are not applicable to the new provider
499 The Miller-Rabin test now uses 64 rounds, which is used for all prime generation,
500 including \s-1RSA\s0 key generation. This affects the time for larger keys sizes.
502 The default key generation method for the regular 2\-prime \s-1RSA\s0 keys was changed
503 to the \s-1FIPS186\-4 B.3.6\s0 method (Generation of Probable Primes with Conditions
507 Change \s-1PBKDF2\s0 to conform to \s-1SP800\-132\s0 instead of the older \s-1PKCS5 RFC2898\s0
508 .IX Subsection "Change PBKDF2 to conform to SP800-132 instead of the older PKCS5 RFC2898"
512 For backwards compatibility these checks are disabled by default in the
513 default provider, but are enabled by default in the \s-1FIPS\s0 provider.
515 To enable or disable the checks see \fB\s-1OSSL_KDF_PARAM_PKCS5\s0\fR in
516 \&\s-1\fBEVP_KDF\-PBKDF2\s0\fR\|(7). The parameter can be set using \fBEVP_KDF_derive\fR\|(3).
518 Enforce a minimum \s-1DH\s0 modulus size of 512 bits
521 Smaller sizes now result in an error.
523 \s-1SM2\s0 key changes
526 \&\s-1EC\s0 EVP_PKEYs with the \s-1SM2\s0 curve have been reworked to automatically become
527 \&\s-1EVP_PKEY_SM2\s0 rather than \s-1EVP_PKEY_EC.\s0
529 Unlike in previous OpenSSL versions, this means that applications cannot
530 call \f(CW\*(C`EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)\*(C'\fR to get \s-1SM2\s0 computations.
533 to generate \s-1EVP_PKEY_SM2\s0 parameters and keys. Applications must now generate
534 \&\s-1SM2\s0 keys directly and must not create an \s-1EVP_PKEY_EC\s0 key first. It is no longer
535 possible to import an \s-1SM2\s0 key with domain parameters other than the \s-1SM2\s0 elliptic
538 Validation of \s-1SM2\s0 keys has been separated from the validation of regular \s-1EC\s0
539 keys, allowing to improve the \s-1SM2\s0 validation process to reject loaded private
540 keys that are not conforming to the \s-1SM2 ISO\s0 standard.
541 In particular, a private scalar \fIk\fR outside the range \fI1 <= k < n\-1\fR is
547 This function made a \fB\s-1EVP_PKEY\s0\fR object mutable after it had been set up. In
551 Functions that return an internal key should be treated as read only
552 .IX Subsection "Functions that return an internal key should be treated as read only"
554 Functions such as \fBEVP_PKEY_get0_RSA\fR\|(3) behave slightly differently in
555 OpenSSL 3.0. Previously they returned a pointer to the low-level key used
556 internally by libcrypto. From OpenSSL 3.0 this key may now be held in a
557 provider. Calling these functions will only return a handle on the internal key
558 where the \s-1EVP_PKEY\s0 was constructed using this key in the first place, for
561 Where the \s-1EVP_PKEY\s0 holds a provider managed key, then these functions now return
563 after the first time the cached key is accessed will not be reflected back in
565 code will not be reflected back in the internal provider key.
567 For the above reasons the keys returned from these functions should typically be
568 treated as read-only. To emphasise this the value returned from
572 to refactor the code to avoid the use of these deprecated functions. Failing
575 and \fBEVP_PKEY_get1_DH\fR\|(3) functions continue to return a non-const pointer to
576 enable them to be \*(L"freed\*(R". However they should also be treated as read-only.
581 This may mean result in an error in \fBEVP_PKEY_derive_set_peer\fR\|(3) rather than
585 The print format has cosmetic changes for some functions
586 .IX Subsection "The print format has cosmetic changes for some functions"
588 The output from numerous \*(L"printing\*(R" functions such as \fBX509_signature_print\fR\|(3),
589 \&\fBX509_print_ex\fR\|(3), \fBX509_CRL_print_ex\fR\|(3), and other similar functions has been
591 observed in 1.1.1 and 3.0. This also applies to the \fB\-text\fR output from the
602 One significant change is that controls which used to return \-2 for
603 invalid inputs, now return \-1 indicating a generic error condition instead.
605 \s-1DH\s0 and \s-1DHX\s0 key types have different settable parameters
608 Previously (in 1.1.1) these conflicting parameters were allowed, but will now
609 result in errors. See \s-1\fBEVP_PKEY\-DH\s0\fR\|(7) for further details. This affects the
610 behaviour of \fBopenssl\-genpkey\fR\|(1) for \s-1DH\s0 parameter generation.
615 If using a cipher from a provider the \fB\s-1EVP_CIPH_FLAG_LENGTH_BITS\s0\fR flag can only
617 See \*(L"\s-1FLAGS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for more information.
629 but later keygen operations with the \s-1EVP_PKEY_CTX\s0 will fail.
635 reason the \s-1\fBERR_GET_FUNC\s0()\fR macro was removed. Applications must resolve
638 ChaCha20\-Poly1305 cipher does not allow a truncated \s-1IV\s0 length to be used
639 .IX Subsection "ChaCha20-Poly1305 cipher does not allow a truncated IV length to be used"
641 In OpenSSL 3.0 setting the \s-1IV\s0 length to any value other than 12 will result in an
644 using EVP_CIPHER_CTX_ctrl(ctx, \s-1EVP_CRTL_AEAD_SET_IVLEN,\s0 ivlen, \s-1NULL\s0). This resulted
645 in an \s-1IV\s0 that had leading zero padding.
648 Please refer to the \s-1INSTALL\s0.md file in the top of the distribution for
650 various platform specific \s-1NOTES\s0 files for your specific platform.
654 forward in most cases. The most likely area where you will encounter problems
655 is if you have used low level APIs in your code (as discussed above). In that
659 Ignore the warnings. They are just warnings. The deprecated functions are still present and you may…
663 Remove your usage of the low level APIs. In this case you will need to rewrite your code to use the…
672 Password-protected keys may deserve special attention. If only some errors
680 difficult. In addition to the issues discussed above in the section about
685 Check the file \s-1INSTALL\s0.md in the top of the installation for instructions on how
686 to build and install OpenSSL for your platform. Also read the various \s-1NOTES\s0
687 files in the same directory, as applicable for your platform.
689 Many structures have been made opaque in OpenSSL 3.0.
692 moved to internal header files. In practice this means that you can no longer
695 Additionally you must use \*(L"setter\*(R" or \*(L"getter\*(R" functions to access the fields
720 This has a number of implications for \s-1SSL/TLS\s0 applications. See the
721 \&\s-1TLS1.3\s0 page <https://wiki.openssl.org/index.php/TLS1.3> for further details.
727 \fIUpgrading from the OpenSSL 2.0 \s-1FIPS\s0 Object Module\fR
730 The OpenSSL 2.0 \s-1FIPS\s0 Object Module was a separate download that had to be built
732 In OpenSSL 3.0 the \s-1FIPS\s0 support is fully integrated into the mainline version of
734 \&\*(L"Completing the installation of the \s-1FIPS\s0 Module\*(R".
738 See \fBfips_module\fR\|(7) and \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7) for details.
739 .SS "Completing the installation of the \s-1FIPS\s0 Module"
741 The \s-1FIPS\s0 Module will be built and installed automatically if \s-1FIPS\s0 support has
742 been configured. The current documentation can be found in the
743 README-FIPS <https://github.com/openssl/openssl/blob/master/README-FIPS.md> file.
748 some of the new features that OpenSSL 3.0 makes available. In order to do that
749 you need to understand some new concepts introduced in OpenSSL 3.0.
750 Read \*(L"Library contexts\*(R" in \fBcrypto\fR\|(7) for further information.
758 See \*(L"Library contexts\*(R" in \fBcrypto\fR\|(7) for further info.
760 If the user creates an \fB\s-1OSSL_LIB_CTX\s0\fR via \fBOSSL_LIB_CTX_new\fR\|(3) then many
761 functions may need to be changed to pass additional parameters to handle the
764 Using a Library Context \- Old functions that should be changed
765 .IX Subsection "Using a Library Context - Old functions that should be changed"
767 If a library context is needed then all EVP_* digest functions that return a
768 \&\fBconst \s-1EVP_MD\s0 *\fR such as \fBEVP_sha256()\fR should be replaced with a call to
769 \&\fBEVP_MD_fetch\fR\|(3). See \*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
771 If a library context is needed then all EVP_* cipher functions that return a
772 \&\fBconst \s-1EVP_CIPHER\s0 *\fR such as \fBEVP_aes_128_cbc()\fR should be replaced vith a call to
773 \&\fBEVP_CIPHER_fetch\fR\|(3). See \*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
775 Some functions can be passed an object that has already been set up with a library
777 \&\fBd2i_X509_PUBKEY\fR\|(3). If \s-1NULL\s0 is passed instead then the created object will be
782 All functions listed below with a \fI\s-1NAME\s0\fR have a replacement function \fINAME_ex\fR
783 that takes \fB\s-1OSSL_LIB_CTX\s0\fR as an additional argument. Functions that have other
821 \&\s-1\fBEVP_PKCS82PKEY\s0\fR\|(3)
886 New functions that use a Library context
887 .IX Subsection "New functions that use a Library context"
889 The following functions can be passed a library context if required.
890 Passing \s-1NULL\s0 will use the default library context.
919 \&\s-1\fBEVP_RAND\s0\fR\|(3) and \fBEVP_RAND_do_all_provided\fR\|(3)
959 Providers are described in detail here \*(L"Providers\*(R" in \fBcrypto\fR\|(7).
960 See also \*(L"\s-1OPENSSL PROVIDERS\*(R"\s0 in \fBcrypto\fR\|(7).
965 Implicit and Explicit Fetching is described in detail here
966 \&\*(L"\s-1ALGORITHM FETCHING\*(R"\s0 in \fBcrypto\fR\|(7).
968 \fIMapping \s-1EVP\s0 controls and flags to provider \s-1\f(BIOSSL_PARAM\s0\fI\|(3) parameters\fR
971 The existing functions for controls (such as \fBEVP_CIPHER_CTX_ctrl\fR\|(3)) and
973 \&\fB\s-1OSSL_PARAMS\s0\fR to pass information to/from provider objects.
974 See \s-1\fBOSSL_PARAM\s0\fR\|(3) for additional information related to parameters.
976 For ciphers see \*(L"\s-1CONTROLS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3), \*(L"\s-1FLAGS\*(R"\s0 in …
977 \&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
979 For digests see \*(L"\s-1CONTROLS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3), \*(L"\s-1FLAGS\*(R"\s0 in \…
980 \&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3).
982 \fIDeprecation of Low Level Functions\fR
983 .IX Subsection "Deprecation of Low Level Functions"
985 A significant number of APIs have been deprecated in OpenSSL 3.0.
987 See \*(L"Deprecated function mappings\*(R" for the list of deprecated functions
990 Providers are a replacement for engines and low-level method overrides
991 .IX Subsection "Providers are a replacement for engines and low-level method overrides"
993 Any accessor that uses an \s-1ENGINE\s0 is deprecated (such as \fBEVP_PKEY_set1_engine()\fR).
1000 Deprecated i2d and d2i functions for low-level key types
1001 .IX Subsection "Deprecated i2d and d2i functions for low-level key types"
1003 Any i2d and d2i functions such as \fBd2i_DHparams()\fR that take a low-level key type
1004 have been deprecated. Applications should instead use the \s-1\fBOSSL_DECODER\s0\fR\|(3) and
1005 \&\s-1\fBOSSL_ENCODER\s0\fR\|(3) APIs to read and write files.
1006 See \*(L"Migration\*(R" in \fBd2i_RSAPrivateKey\fR\|(3) for further details.
1008 Deprecated low-level key object getters and setters
1009 .IX Subsection "Deprecated low-level key object getters and setters"
1011 Applications that set or get low-level key objects (such as \fBEVP_PKEY_set1_DH()\fR
1012 or \fBEVP_PKEY_get0()\fR) should instead use the \s-1OSSL_ENCODER\s0
1013 (See \fBOSSL_ENCODER_to_bio\fR\|(3)) or \s-1OSSL_DECODER\s0 (See \fBOSSL_DECODER_from_bio\fR\|(3))
1016 Deprecated low-level key parameter getters
1017 .IX Subsection "Deprecated low-level key parameter getters"
1019 Functions that access low-level objects directly such as \fBRSA_get0_n\fR\|(3) are now
1023 \&\fBEVP_PKEY_get_params\fR\|(3) to access fields from an \s-1EVP_PKEY.\s0
1024 Gettable parameters are listed in \*(L"Common \s-1RSA\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-RSA\s0…
1025 \&\*(L"\s-1DH\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7), \*(L"\s-1DSA\s0 parameters\*(R"…
1026 \&\*(L"\s-1FFC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7), \*(L"Common \s-1EC\s0 paramet…
1027 \&\*(L"Common X25519, X448, \s-1ED25519\s0 and \s-1ED448\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-X25…
1030 Deprecated low-level key parameter setters
1031 .IX Subsection "Deprecated low-level key parameter setters"
1033 Functions that access low-level objects directly such as \fBRSA_set0_crt_params\fR\|(3)
1038 See \*(L"Examples\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7) for more information.
1039 See \*(L"Deprecated low-level key generation functions\*(R" for information on
1042 Deprecated low-level object creation
1043 .IX Subsection "Deprecated low-level object creation"
1045 Low-level objects were created using methods such as \fBRSA_new\fR\|(3),
1047 high-level \s-1EVP_PKEY\s0 APIs, e.g. \fBEVP_PKEY_new\fR\|(3), \fBEVP_PKEY_up_ref\fR\|(3) and
1051 EVP_PKEYs may be created in a variety of ways:
1052 See also \*(L"Deprecated low-level key generation functions\*(R",
1053 \&\*(L"Deprecated low-level key reading and writing functions\*(R" and
1054 \&\*(L"Deprecated low-level key parameter setters\*(R".
1056 Deprecated low-level encryption functions
1057 .IX Subsection "Deprecated low-level encryption functions"
1059 Low-level encryption functions such as \fBAES_encrypt\fR\|(3) and \fBAES_decrypt\fR\|(3)
1061 instead use the high level \s-1EVP\s0 APIs \fBEVP_EncryptInit_ex\fR\|(3),
1065 Deprecated low-level digest functions
1066 .IX Subsection "Deprecated low-level digest functions"
1068 Use of low-level digest functions such as \fBSHA1_Init\fR\|(3) have been
1070 use the the high level \s-1EVP\s0 APIs \fBEVP_DigestInit_ex\fR\|(3), \fBEVP_DigestUpdate\fR\|(3)
1071 and \fBEVP_DigestFinal_ex\fR\|(3), or the quick one-shot \fBEVP_Q_digest\fR\|(3).
1073 Note that the functions \s-1\fBSHA1\s0\fR\|(3), \s-1\fBSHA224\s0\fR\|(3), \s-1\fBSHA256\s0\fR\|(3),…
1074 and \s-1\fBSHA512\s0\fR\|(3) have changed to macros that use \fBEVP_Q_digest\fR\|(3).
1076 Deprecated low-level signing functions
1077 .IX Subsection "Deprecated low-level signing functions"
1079 Use of low-level signing functions such as \fBDSA_sign\fR\|(3) have been
1082 See also \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7), \s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7),
1083 \&\s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7) and \s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7).
1085 Deprecated low-level \s-1MAC\s0 functions
1086 .IX Subsection "Deprecated low-level MAC functions"
1088 Low-level mac functions such as \fBCMAC_Init\fR\|(3) are deprecated.
1089 Applications should instead use the new \s-1\fBEVP_MAC\s0\fR\|(3) interface, using
1091 \&\fBEVP_MAC_update\fR\|(3) and \fBEVP_MAC_final\fR\|(3) or the single-shot \s-1MAC\s0 function
1093 See \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBEVP_MAC\-HMAC\s0\fR\|(7), \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7), \s…
1094 \&\s-1\fBEVP_MAC\-KMAC\s0\fR\|(7), \s-1\fBEVP_MAC\-BLAKE2\s0\fR\|(7), \fBEVP_MAC\-Poly1305\fR\|(7) …
1095 \&\fBEVP_MAC\-Siphash\fR\|(7) for additional information.
1097 Note that the one-shot method \s-1\fBHMAC\s0()\fR is still available for compatibility purposes,
1098 but this can also be replaced by using \s-1EVP_Q_MAC\s0 if a library context is required.
1100 Deprecated low-level validation functions
1101 .IX Subsection "Deprecated low-level validation functions"
1103 Low-level validation functions such as \fBDH_check\fR\|(3) have been informally
1104 discouraged from use for a long time. Applications should instead use the high-level
1105 \&\s-1EVP_PKEY\s0 APIs such as \fBEVP_PKEY_check\fR\|(3), \fBEVP_PKEY_param_check\fR\|(3),
1110 Deprecated low-level key exchange functions
1111 .IX Subsection "Deprecated low-level key exchange functions"
1113 Many low-level functions have been informally discouraged from use for a long
1115 See \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7), \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7) and \s-1\fBEVP_KEYEXCH\-…
1117 Deprecated low-level key generation functions
1118 .IX Subsection "Deprecated low-level key generation functions"
1120 Many low-level functions have been informally discouraged from use for a long
1122 \&\fBEVP_PKEY_generate\fR\|(3) as described in \s-1\fBEVP_PKEY\-DSA\s0\fR\|(7), \s-1\fBEVP_PKEY\-DH…
1123 \&\s-1\fBEVP_PKEY\-RSA\s0\fR\|(7), \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) and \s-1\fBEVP_PKEY\-X25519\s0\fR…
1124 The 'quick' one-shot function \fBEVP_PKEY_Q_keygen\fR\|(3) and macros for the most
1127 Deprecated low-level key reading and writing functions
1128 .IX Subsection "Deprecated low-level key reading and writing functions"
1130 Use of low-level objects (such as \s-1DSA\s0) has been informally discouraged from use
1131 for a long time. Functions to read and write these low-level objects (such as
1135 Deprecated low-level key printing functions
1136 .IX Subsection "Deprecated low-level key printing functions"
1138 Use of low-level objects (such as \s-1DSA\s0) has been informally discouraged from use
1139 for a long time. Functions to print these low-level objects such as
1140 \&\fBDSA_print()\fR should be replaced with the equivalent \s-1EVP_PKEY\s0 functions.
1150 The following functions have been deprecated in 3.0.
1154 There is no replacement for the \s-1IGE\s0 functions. New code should not use these modes.
1155 These undocumented functions were never integrated into the \s-1EVP\s0 layer.
1156 They implemented the \s-1AES\s0 Infinite Garble Extension (\s-1IGE\s0) mode and \s-1AES\s0
1157 Bi-directional \s-1IGE\s0 mode. These modes were never formally standardised and
1158 usage of these functions is believed to be very small. In particular
1159 \&\fBAES_bi_ige_encrypt()\fR has a known bug. It accepts 2 \s-1AES\s0 keys, but only one
1169 See \*(L"Deprecated low-level encryption functions\*(R"
1173 There is no replacement. It returned a string indicating if the \s-1AES\s0 code was unrolled.
1177 There are no replacements. These old functions are not used, and could be
1178 disabled with the macro \s-1NO_ASN1_OLD\s0 since OpenSSL 0.9.7.
1184 previously passed in pointer.
1189 See \*(L"Deprecated low-level encryption functions\*(R".
1198 Use the respective non-deprecated \fB_ex()\fR functions.
1203 64 rounds of the Miller-Rabin primality test.
1211 There are no replacements for these low-level functions. They were used internally
1220 See \*(L"Deprecated low-level encryption functions\*(R".
1225 See \*(L"Deprecated low-level encryption functions\*(R".
1226 The \s-1CAST\s0 algorithm has been moved to the Legacy Provider.
1231 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1235 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1242 Memory-leak checking has been deprecated in favor of more modern development
1250 Use the higher level functions \fBEVP_CipherInit_ex2()\fR, \fBEVP_CipherUpdate()\fR and
1252 See the \*(L"cts_mode\*(R" parameter in
1253 \&\*(L"Gettable and Settable \s-1EVP_CIPHER_CTX\s0 parameters\*(R" in \fBEVP_EncryptInit\fR\|(3).
1254 See \*(L"\s-1EXAMPLES\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for a \s-1AES\-256\-CBC\-CTS\s0 example.
1266 See \*(L"Deprecated i2d and d2i functions for low-level key types\*(R"
1278 See \*(L"Deprecated low-level encryption functions\*(R".
1279 Algorithms for \*(L"DESX-CBC\*(R", \*(L"DES-ECB\*(R", \*(L"DES-CBC\*(R", \*(L"DES-OFB\*(R", \*(L"DE…
1280 \&\*(L"\s-1DES\-CFB1\*(R"\s0 and \*(L"\s-1DES\-CFB8\*(R"\s0 have been moved to the Legacy Provider.
1290 See \*(L"Deprecated low-level validation functions\*(R"
1294 The \fB\s-1DH_FLAG_CACHE_MONT_P\s0\fR flag has been deprecated without replacement.
1295 The \fB\s-1DH_FLAG_TYPE_DH\s0\fR and \fB\s-1DH_FLAG_TYPE_DHX\s0\fR have been deprecated.
1301 See \*(L"Deprecated low-level key exchange functions\*(R".
1305 See \*(L"Deprecated low-level object creation\*(R"
1309 See \*(L"Deprecated low-level key generation functions\*(R".
1314 See \*(L"Deprecated low-level key parameter getters\*(R"
1318 Applications should instead set the \fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR as specified in
1319 \&\*(L"\s-1DH\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7)) to one of \*(L"dh_1024_160\*(R"…
1320 \&\*(L"dh_2048_256\*(R" when generating a \s-1DH\s0 key.
1322 \&\s-1\fBDH_KDF_X9_42\s0()\fR
1330 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R"
1334 See \*(L"Deprecated low-level key printing functions\*(R"
1338 See \*(L"Deprecated low-level key parameter setters\*(R"
1352 See \*(L"Deprecated low-level key generation functions\*(R".
1358 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1363 See \*(L"Deprecated low-level key parameter getters\*(R".
1367 See \*(L"Deprecated low-level object creation\*(R"
1376 See \*(L"Deprecated low-level key printing functions\*(R"
1380 See \*(L"Deprecated low-level key parameter setters\*(R"
1384 The \fB\s-1DSA_FLAG_CACHE_MONT_P\s0\fR flag has been deprecated without replacement.
1388 See \*(L"Deprecated low-level signing functions\*(R".
1392 See \*(L"Deprecated low-level key exchange functions\*(R".
1394 \&\s-1\fBECDH_KDF_X9_62\s0()\fR
1397 \&\fBEVP_PKEY_CTX_set_ecdh_kdf_type\fR\|(3) or by setting an \s-1\fBOSSL_PARAM\s0\fR\|(3) using the
1398 \&\*(L"kdf-type\*(R" as shown in \*(L"\s-1EXAMPLES\*(R"\s0 in \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)
1403 See \*(L"Deprecated low-level signing functions\*(R".
1413 There are no replacements for these functions. Applications should rely on the
1414 library automatically assigning a suitable method internally when an \s-1EC_GROUP\s0
1429 These functions are not widely used. Applications should instead switch to
1434 \&\s-1EC_METHOD\s0 is now an internal-only concept and a suitable \s-1EC_METHOD\s0 is assigned
1444 See \*(L"Deprecated low-level validation functions\*(R"
1448 See \*(L"Common \s-1EC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) which handles flags as …
1449 parameters for \fB\s-1OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT\s0\fR,
1450 \&\fB\s-1OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE\s0\fR, \fB\s-1OSSL_PKEY_PARAM_EC_ENCODING\s0\fR,
1451 \&\fB\s-1OSSL_PKEY_PARAM_USE_COFACTOR_ECDH\s0\fR and
1452 \&\fB\s-1OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC\s0\fR.
1453 See also \*(L"\s-1EXAMPLES\*(R"\s0 in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7)
1466 See \*(L"Deprecated low-level key generation functions\*(R".
1471 See \*(L"Deprecated low-level key parameter getters\*(R".
1478 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R"
1483 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R"
1492 See \*(L"Deprecated low-level object creation\*(R"
1496 See \*(L"Deprecated low-level key printing functions\*(R"
1500 See \*(L"Deprecated low-level key parameter setters\*(R".
1505 See \*(L"Deprecated low-level key parameter setters\*(R".
1510 See \*(L"Deprecated low-level key printing functions\*(R"
1514 These functions were not particularly useful, since \s-1EC\s0 point serialization
1515 formats are not individual big-endian integers.
1525 These functions are not widely used. Applications should instead use the
1527 functions.
1531 There is no replacement. These functions were not widely used, and OpenSSL
1545 All engine functions are deprecated. An engine should be rewritten as a provider.
1546 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1551 OpenSSL now loads error strings automatically so these functions are not needed.
1555 The new functions are \fBERR_peek_error_func\fR\|(3), \fBERR_peek_last_error_func\fR\|(3),
1559 with ERR_peek functions and finish off with getting the error code by using
1572 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1574 \&\s-1\fBEVP_PKEY_CTRL_PKCS7_ENCRYPT\s0()\fR, \s-1\fBEVP_PKEY_CTRL_PKCS7_DECRYPT\s0()\fR,
1575 \&\s-1\fBEVP_PKEY_CTRL_PKCS7_SIGN\s0()\fR, \s-1\fBEVP_PKEY_CTRL_CMS_ENCRYPT\s0()\fR,
1576 \&\s-1\fBEVP_PKEY_CTRL_CMS_DECRYPT\s0()\fR, and \s-1\fBEVP_PKEY_CTRL_CMS_SIGN\s0()\fR
1584 See the \*(L"kdf-ukm\*(R" item in \*(L"\s-1DH\s0 key exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH…
1585 \&\*(L"\s-1ECDH\s0 Key Exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7).
1586 These functions are obsolete and should not be required.
1604 This function returns \s-1NULL\s0 if the key comes from a provider.
1610 See \*(L"Functions that return an internal key should be treated as read only\*(R".
1614 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1618 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1623 See \*(L"Deprecated low-level key object getters and setters\*(R"
1627 These functions were previously used by libssl to set or get an encoded public
1628 key into/from an \s-1EVP_PKEY\s0 object. With OpenSSL 3.0 these are replaced by the more
1629 generic functions \fBEVP_PKEY_set1_encoded_public_key\fR\|(3) and
1632 new functions.
1636 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1645 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1650 See \*(L"Deprecated low-level \s-1MAC\s0 functions\*(R".
1654 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1655 and \*(L"Migration\*(R" in \fBd2i_RSAPrivateKey\fR\|(3)
1661 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1662 and \*(L"Migration\*(R" in \fBd2i_RSAPrivateKey\fR\|(3)
1668 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1669 and \*(L"Migration\*(R" in \fBd2i_RSAPrivateKey\fR\|(3)
1675 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1676 and \*(L"Migration\*(R" in \fBd2i_RSAPrivateKey\fR\|(3)
1682 See \*(L"Deprecated low-level encryption functions\*(R".
1683 \&\s-1IDEA\s0 has been moved to the Legacy Provider.
1689 \&\s-1\fBMD2\s0()\fR, \fBMD2_Init()\fR, \fBMD2_Update()\fR, \fBMD2_Final()\fR
1691 See \*(L"Deprecated low-level encryption functions\*(R".
1692 \&\s-1MD2\s0 has been moved to the Legacy Provider.
1698 \&\s-1\fBMD4\s0()\fR, \fBMD4_Init()\fR, \fBMD4_Update()\fR, \fBMD4_Final()\fR, \fBMD4_Transform()\fR
1700 See \*(L"Deprecated low-level encryption functions\*(R".
1701 \&\s-1MD4\s0 has been moved to the Legacy Provider.
1703 \&\s-1\fBMDC2\s0()\fR, \fBMDC2_Init()\fR, \fBMDC2_Update()\fR, \fBMDC2_Final()\fR
1705 See \*(L"Deprecated low-level encryption functions\*(R".
1706 \&\s-1MDC2\s0 has been moved to the Legacy Provider.
1708 \&\s-1\fBMD5\s0()\fR, \fBMD5_Init()\fR, \fBMD5_Update()\fR, \fBMD5_Final()\fR, \fBMD5_Transform()\fR
1710 See \*(L"Deprecated low-level encryption functions\*(R".
1712 \&\s-1\fBNCONF_WIN32\s0()\fR
1715 See \*(L"\s-1HISTORY\*(R"\s0 in \fBconfig\fR\|(5) for more details.
1721 \&\fB\s-1OCSP_REQ_CTX\s0\fR type and \fBOCSP_REQ_CTX_*()\fR functions
1723 These methods were used to collect all necessary data to form a \s-1HTTP\s0 request,
1724 and to perform the \s-1HTTP\s0 transfer with that request. With OpenSSL 3.0, the
1725 type is \fB\s-1OSSL_HTTP_REQ_CTX\s0\fR, and the deprecated functions are replaced
1726 with \fBOSSL_HTTP_REQ_CTX_*()\fR. See \s-1\fBOSSL_HTTP_REQ_CTX\s0\fR\|(3) for additional
1731 There is no replacement for these functions. These pthread fork support methods
1744 These functions helped applications and engines create loaders for
1745 schemes they supported. These are all deprecated and discouraged in favour of
1746 provider implementations, see \fBprovider\-storemgmt\fR\|(7).
1765 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1767 \&\s-1\fBPKCS1_MGF1\s0()\fR
1769 See \*(L"Deprecated low-level encryption functions\*(R".
1775 \&\s-1\fBEVP_RAND\s0\fR\|(3) and \s-1\fBEVP_RAND\s0\fR\|(7).
1780 \&\s-1\fBRC4\s0()\fR, \fBRC4_set_key()\fR, \fBRC4_options()\fR,
1784 See \*(L"Deprecated low-level encryption functions\*(R".
1785 The Algorithms \*(L"\s-1RC2\*(R", \*(L"RC4\*(R"\s0 and \*(L"\s-1RC5\*(R"\s0 have been moved to the …
1787 \&\s-1\fBRIPEMD160\s0()\fR, \fBRIPEMD160_Init()\fR, \fBRIPEMD160_Update()\fR, \fBRIPEMD160_Final()\…
1790 See \*(L"Deprecated low-level digest functions\*(R".
1791 The \s-1RIPE\s0 algorithm has been moved to the Legacy Provider.
1800 See \*(L"Deprecated low-level validation functions\*(R"
1805 All of these \s-1RSA\s0 flags have been deprecated without replacement:
1807 \&\fB\s-1RSA_FLAG_BLINDING\s0\fR, \fB\s-1RSA_FLAG_CACHE_PRIVATE\s0\fR, \fB\s-1RSA_FLAG_CACHE_PUBLIC…
1808 \&\fB\s-1RSA_FLAG_EXT_PKEY\s0\fR, \fB\s-1RSA_FLAG_NO_BLINDING\s0\fR, \fB\s-1RSA_FLAG_THREAD_SAFE\s0…
1809 \&\fB\s-1RSA_METHOD_FLAG_NO_CHECK\s0\fR
1813 See \*(L"Deprecated low-level key generation functions\*(R".
1817 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R"
1825 See \*(L"Deprecated low-level key parameter getters\*(R"
1829 See \*(L"Deprecated low-level object creation\*(R".
1833 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1841 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R".
1845 See \*(L"Deprecated low-level signing functions\*(R" and
1846 \&\*(L"Deprecated low-level encryption functions\*(R".
1850 See \*(L"Deprecated low-level key printing functions\*(R"
1854 See \*(L"Deprecated low-level encryption functions\*(R"
1859 mode of none). See \*(L"Deprecated low-level signing functions\*(R".
1867 See \*(L"Deprecated low-level key reading and writing functions\*(R"
1872 See \*(L"Deprecated low-level key parameter setters\*(R".
1876 See \*(L"Providers are a replacement for engines and low-level method overrides\*(R"
1882 See \*(L"Deprecated low-level signing functions\*(R".
1886 There are no replacements for these functions.
1887 X931 padding can be set using \*(L"Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7…
1888 See \fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR.
1893 See \*(L"Deprecated low-level encryption functions\*(R".
1894 The \s-1SEED\s0 algorithm has been moved to the Legacy Provider.
1902 See \*(L"Deprecated low-level digest functions\*(R".
1911 There are no replacements for the \s-1SRP\s0 functions.
1916 These are used to set the Diffie-Hellman (\s-1DH\s0) parameters that are to be used by
1917 servers requiring ephemeral \s-1DH\s0 keys. Instead applications should consider using
1918 the built-in \s-1DH\s0 parameters that are available by calling \fBSSL_CTX_set_dh_auto\fR\|(3)
1920 use the alternative functions \fBSSL_CTX_set0_tmp_dh_pkey\fR\|(3) and
1922 functions. The callback was originally useful in order to have different
1923 parameters for export and non-export ciphersuites. Export ciphersuites are no
1924 longer supported by OpenSSL. Use of the callback functions should be replaced
1931 \&\s-1\fBWHIRLPOOL\s0()\fR, \fBWHIRLPOOL_Init()\fR, \fBWHIRLPOOL_Update()\fR, \fBWHIRLPOOL_Final()\…
1934 See \*(L"Deprecated low-level digest functions\*(R".
1946 \fI\s-1NID\s0 handling for provided keys and algorithms\fR
1949 The following functions for \s-1NID\s0 (numeric id) handling have changed semantics.
1953 This function was previously used to reliably return the \s-1NID\s0 of
1954 an \s-1EVP_PKEY\s0 object, e.g., to look up the name of the algorithm of
1955 such \s-1EVP_PKEY\s0 by calling \fBOBJ_nid2sn\fR\|(3). With the introduction
1957 \&\fBEVP_PKEY_get_id\fR\|(3) might now also return the value \-1
1958 (\fB\s-1EVP_PKEY_KEYMGMT\s0\fR) indicating the use of a provider to
1959 implement the \s-1EVP_PKEY\s0 object. Therefore, the use of
1961 the name of the \s-1EVP_PKEY\s0 algorithm.
1962 .SS "Using the \s-1FIPS\s0 Module in applications"
1963 .IX Subsection "Using the FIPS Module in applications"
1964 See \fBfips_module\fR\|(7) and \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7) for details.
1970 \&\fBopenssl kdf\fR uses the new \s-1\fBEVP_KDF\s0\fR\|(3) \s-1API.\s0
1971 \&\fBopenssl kdf\fR uses the new \s-1\fBEVP_MAC\s0\fR\|(3) \s-1API.\s0
1976 \&\fB\-provider_path\fR and \fB\-provider\fR are available to all apps and can be used
1979 specified if required. The \fB\-provider_path\fR must be specified before the
1980 \&\fB\-provider\fR option.
1982 The \fBlist\fR app has many new options. See \fBopenssl\-list\fR\|(1) for more
1985 \&\fB\-crl_lastupdate\fR and \fB\-crl_nextupdate\fR used by \fBopenssl ca\fR allows
1986 explicit setting of fields in the generated \s-1CRL.\s0
1993 The \fB\-crypt\fR option used by \fBopenssl passwd\fR.
1994 The \fB\-c\fR option used by \fBopenssl x509\fR, \fBopenssl dhparam\fR,
2001 These are primarily changes in capitalisation and white space. However, in some
2003 For example, the \s-1DH\s0 parameters output from \fBopenssl dhparam\fR now lists 'P',
2008 automatically detect the \s-1PEM\s0 or \s-1DER\s0 format of the input files so it is not
2012 \&\fBopenssl speed\fR no longer uses low-level \s-1API\s0 calls.
2018 \&\fBopenssl genrsa\fR and \fBopenssl rsa\fR have been modified to use \s-1PKEY\s0 APIs.
2019 \&\fBopenssl genrsa\fR and \fBopenssl rsa\fR now write \s-1PKCS\s0 #8 keys by default.
2024 \&\*(L"\s-1SHA256\*(R"\s0 is now the default digest for \s-1TS\s0 query used by \fBopenssl ts\fR.
2032 now in maintenance mode and no new features will be added to them.
2033 .SS "\s-1TLS\s0 Changes"
2036 \&\s-1TLS 1.3 FFDHE\s0 key exchange support added
2038 This uses \s-1DH\s0 safe prime named groups.
2046 \&\s-1SSL\s0 and \s-1SSL_CTX\s0 options are now 64 bit instead of 32 bit.
2048 The signatures of the functions to get and set options on \s-1SSL\s0 and
2049 \&\s-1SSL_CTX\s0 objects changed from \*(L"unsigned long\*(R" to \*(L"uint64_t\*(R" type.
2052 to use the \fB\s-1SSL_OP_\s0\fR macro values in preprocessor \f(CW\*(C`#if\*(C'\fR conditions.
2060 These functions now take \s-1IP\s0 literal addresses as well as actual hostnames.
2062 Added \s-1SSL\s0 option \s-1SSL_OP_CLEANSE_PLAINTEXT\s0
2069 Client-initiated renegotiation is disabled by default.
2071 To allow it, use the \fB\-client_renegotiation\fR option,
2072 the \fB\s-1SSL_OP_ALLOW_CLIENT_RENEGOTIATION\s0\fR flag, or the \f(CW\*(C`ClientRenegotiation\*(C'\…
2075 Secure renegotiation is now required by default for \s-1TLS\s0 connections
2077 Support for \s-1RFC 5746\s0 secure renegotiation is now required by default for
2078 \&\s-1SSL\s0 or \s-1TLS\s0 connections to succeed. Applications that require the ability
2080 \&\s-1SSL_OP_LEGACY_SERVER_CONNECT.\s0 Accordingly, \s-1SSL_OP_LEGACY_SERVER_CONNECT\s0
2081 is no longer set as part of \s-1SSL_OP_ALL.\s0
2083 Combining the Configure options no-ec and no-dh no longer disables TLSv1.3
2085 Typically if OpenSSL has no \s-1EC\s0 or \s-1DH\s0 algorithms then it cannot support
2088 implementations even where there are no built-in ones. Attempting to create
2089 \&\s-1TLS\s0 connections in such a build without also disabling TLSv1.3 at run time or
2090 using third party provider groups may result in handshake failures. TLSv1.3
2091 can be disabled at compile time using the \*(L"no\-tls1_3\*(R" Configure option.
2100 the security operation \s-1SSL_SECOP_TMP_DH.\s0 This is defined to take an \s-1EVP_PKEY\s0
2101 in the \*(L"other\*(R" parameter. In most places this is what is passed. All these
2103 security operation and it passed a \s-1DH\s0 object instead. This is incorrect
2104 according to the definition of \s-1SSL_SECOP_TMP_DH,\s0 and is inconsistent with all
2106 pass an \s-1EVP_PKEY\s0 instead.
2108 New \s-1SSL\s0 option \s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0
2110 The \s-1SSL\s0 option \s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0 is introduced. If that option
2111 is set, an unexpected \s-1EOF\s0 is ignored, it pretends a close notify was received
2112 instead and so the returned error becomes \s-1SSL_ERROR_ZERO_RETURN.\s0
2114 The security strength of \s-1SHA1\s0 and \s-1MD5\s0 based signatures in \s-1TLS\s0 has been reduced.
2116 This results in \s-1SSL 3, TLS 1.0, TLS 1.1\s0 and \s-1DTLS 1.0\s0 no longer
2121 then the handshake will fail in \s-1TLS 1.2\s0 at security level 1. This is because,
2124 set requires the availability of \s-1SHA1.\s0
2126 X509 certificates signed using \s-1SHA1\s0 are no longer allowed at security level 1 and above.
2128 In \s-1TLS/SSL\s0 the default security level is 1. It can be set either using the cipher
2130 leaf certificate is signed with \s-1SHA\-1,\s0 a call to \fBSSL_CTX_use_certificate\fR\|(3)
2132 Outside \s-1TLS/SSL,\s0 the default security level is \-1 (effectively 0). It can
2133 be set using \fBX509_VERIFY_PARAM_set_auth_level\fR\|(3) or using the \fB\-auth_level\fR
2143 Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
2146 this file except in compliance with the License. You can obtain a copy
2147 in the file \s-1LICENSE\s0 in the source distribution or at