Deprecate the low level DSA functions.

Use of the low level DSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10977)
author: Pauli <paul.dale@oracle.com> 2020-01-30 07:23:39 +1000
committer: Pauli <paul.dale@oracle.com> 2020-02-12 08:52:41 +1000
commit: f41ac0eeab9d2889d44e3acf6ff1e8274d03d73e (patch)
tree: ba3620a537ece73983886b7449eab118e5869223 /CHANGES
parent: 7f6deaf68e42e979a2084989db2c32193825d1b3 (diff)
download: openssl-new-f41ac0eeab9d2889d44e3acf6ff1e8274d03d73e.tar.gz
1 files changed, 26 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 72201c3f69..535269d0a8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -21,6 +21,32 @@
      options of the apps.
      [Kurt Roeckx]
 
+  *) The command line utilities dhparam, dsa, gendsa and dsaparam have been
+     deprecated.  Instead use the pkeyparam, pkey, genpkey and pkeyparam
+     programs respectively.
+     [Paul Dale]
+
+  *) All of the low level DSA functions have been deprecated including:
+
+     DSA_do_sign, DSA_do_verify, DSA_OpenSSL, DSA_set_default_method,
+     DSA_get_default_method, DSA_set_method, DSA_get_method, DSA_new_method,
+     DSA_sign_setup, DSA_sign, DSA_verify, DSA_get_ex_new_index,
+     DSA_set_ex_data, DSA_get_ex_data, DSA_generate_parameters_ex,
+     DSA_generate_key, DSA_meth_new, DSA_get0_engine, DSA_meth_free,
+     DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags,
+     DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data,
+     DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup,
+     DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify,
+     DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp,
+     DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init,
+     DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen,
+     DSA_meth_set_paramgen, DSA_meth_get_keygen and DSA_meth_set_keygen.
+
+     Use of these low level functions has been informally discouraged for a long
+     time.  Instead applications should use L<EVP_DigestSignInit_ex(3)>,
+     L<EVP_DigestSignUpdate(3)> and L<EVP_DigestSignFinal(3)>.
+     [Paul Dale]
+
   *) Reworked the treatment of EC EVP_PKEYs with the SM2 curve to
      automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC.
      This means that applications don't have to look at the curve NID and
author	Pauli <paul.dale@oracle.com>	2020-01-30 07:23:39 +1000
committer	Pauli <paul.dale@oracle.com>	2020-02-12 08:52:41 +1000
commit	f41ac0eeab9d2889d44e3acf6ff1e8274d03d73e (patch)
tree	ba3620a537ece73983886b7449eab118e5869223 /CHANGES
parent	7f6deaf68e42e979a2084989db2c32193825d1b3 (diff)
download	openssl-new-f41ac0eeab9d2889d44e3acf6ff1e8274d03d73e.tar.gz