On 03/02/2015 23:02, Rich Salz wrote: > As we've already said, we are moving to making most OpenSSL data > structures opaque. We deliberately used a non-specific term. :) > As of Matt's commit of the other day, this is starting to happen > now. We know this will inconvenience people as some applications > no longer build. We want to work with maintainers to help them > migrate, as we head down this path. > > We have a wiki page to discuss this effort. It will eventually include > tips on migration, application and code updates, and anything else the > community finds useful. Please visit: > > http://wiki.openssl.org/index.php/1.1_API_Changes > > Thanks. > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users Not much on that page so far, not even a "kill list" of intended victims except anadmission that EAY's popular DES library can no longer be accessed via the copyin OpenSSL. I fear that this is an indication that you will be killing off all the othernon-EVP entrypoints in libcrypto, making it much harder to use thelibrary with experimental or non-standard algorithms and methods. Just consider how hard it would now be to use libcrypto to implement stuff like AES-GCM (if it was not already in the library) or any of the block modes that were proposed in the FIPS process, but not standardised by NIST (and thus not included in EVP). With the classic non-EVP API, it is trivial to wrap a custom mode around the basic DES/AES/IDEA/... block functions. And this is just one example of the flexibility provided by not going through the more rigid EVP API. Should everyone not doing just TLS1.2 move to a different librarynow, such as crypto++ ? Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150204/76b50ea3/attachment.html>
