diff options
author | Matt Caswell <matt@openssl.org> | 2019-12-05 17:09:49 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-01-06 15:09:57 +0000 |
commit | c72fa2554f5adc03bcc3c6e4ebcd1929e70efed4 (patch) | |
tree | 181157c82b41fb40f46ada0f30d33468df50aefb /CHANGES | |
parent | 2852c672a8ecb02a74d0adeeb93c661b7d2d7511 (diff) | |
download | openssl-new-c72fa2554f5adc03bcc3c6e4ebcd1929e70efed4.tar.gz |
Deprecate the low level AES functions
Use of the low level AES functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10580)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -363,7 +363,17 @@ for scripting purposes. [Richard Levitte] - *) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been + *) All of the low level AES functions have been deprecated including: + AES_options, AES_set_encrypt_key, AES_set_decrypt_key, AES_encrypt, + AES_decrypt, AES_ecb_encrypt, AES_cbc_encrypt, AES_cfb128_encrypt, + AES_cfb1_encrypt, AES_cfb8_encrypt, AES_ofb128_encrypt, AES_wrap_key and + AES_unwrap_key + Use of these low level functions has been informally discouraged for a long + time. Instead applications should use the high level EVP APIs, e.g. + EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the + equivalently named decrypt functions. + + The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have also been deprecated. These undocumented functions were never integrated into the EVP layer and implement the AES Infinite Garble Extension (IGE) mode and AES Bi-directional IGE mode. These modes were never formally standardised and |