Deprecate Low Level Blowfish APIs

Applications should instead use the higher level EVP APIs, e.g. EVP_Encrypt*() and EVP_Decrypt*(). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10740)
author: Matt Caswell <matt@openssl.org> 2020-01-02 14:25:27 +0000
committer: Matt Caswell <matt@openssl.org> 2020-01-08 11:25:25 +0000
commit: 03047e7b7f64b054fa85d101e7097af5daf7a865 (patch)
tree: 38c18f72c1a38605c1dcf885d8b25df45e161ef8 /CHANGES
parent: 339638b586e77c189e8294f931b99b03d1f08dbd (diff)
download: openssl-new-03047e7b7f64b054fa85d101e7097af5daf7a865.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 31c211fe4f..08687f7972 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,15 @@
 
  Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
 
+  *) All of the low level Blowfish functions have been deprecated including:
+     BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
+     BF_cfb64_encrypt, BF_ofb64_encrypt, and BF_options.
+     Use of these low level functions has been informally discouraged for a long
+     time. Instead applications should use the high level EVP APIs, e.g.
+     EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
+     equivalently named decrypt functions.
+     [Matt Caswell]
+
   *) Removed include/openssl/opensslconf.h.in and replaced it with
      include/openssl/configuration.h.in, which differs in not including
      <openssl/macros.h>.  A short header include/openssl/opensslconf.h
author	Matt Caswell <matt@openssl.org>	2020-01-02 14:25:27 +0000
committer	Matt Caswell <matt@openssl.org>	2020-01-08 11:25:25 +0000
commit	03047e7b7f64b054fa85d101e7097af5daf7a865 (patch)
tree	38c18f72c1a38605c1dcf885d8b25df45e161ef8 /CHANGES
parent	339638b586e77c189e8294f931b99b03d1f08dbd (diff)
download	openssl-new-03047e7b7f64b054fa85d101e7097af5daf7a865.tar.gz