Re: Need Replacement for Deprecated function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/12/2021 12:26, Shivakumar Poojari wrote:

Hi All,

We are upgrading our code to openssl 3.0.

Need Replacement for below Deprecated function.

DSE:
DES_set_key();
DES_ecb_encrypt();

AES:
AES_set_encrypt_key();
AES_set_decrypt_key();
AES_wrap_key();
AES_unwrap_key();--- perivously i upgraded AES function with EVP related function but wrap/unwraper is something new.
All the DES and AES functions are just replaced by the EVP functions. From the migration guide:
"Low-level encryption functions such as AES_encrypt(3) and AES_decrypt(3) have been informally discouraged from use for a long time. Applications should instead use the high level EVP APIs EVP_EncryptInit_ex(3), EVP_EncryptUpdate(3), and EVP_EncryptFinal_ex(3) or EVP_DecryptInit_ex(3), EVP_DecryptUpdate(3) and EVP_DecryptFinal_ex(3)." 


The wrap/unwrap functionality is the same but you use the "wrap" ciphers:

https://www.openssl.org/docs/man3.0/man7/EVP_CIPHER-AES.html

The following "wrap" ciphers are supported:
"AES-128-WRAP", "AES-192-WRAP", "AES-256-WRAP", "AES-128-WRAP-PAD", "AES-192-WRAP-PAD", "AES-256-WRAP-PAD", "AES-128-WRAP-INV", "AES-192-WRAP-INV", "AES-256-WRAP-INV", "AES-128-WRAP-PAD-INV", "AES-192-WRAP-PAD-INV" and "AES-256-WRAP-PAD-INV" 



DH:
DH_new();
DH_set0_pqg();
DH_generate_key();
DH_get0_key();
DH_free();
DH_set0_key();
DH_size();
DH_compute_key();


All the DH functions are replaced by the EVP key exchange functionality.

In particular see this page:

https://www.openssl.org/docs/man3.0/man7/EVP_KEYEXCH-DH.html

and

https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_derive.html




HMAC:
HMAC_CTX_new();compiler suggestion EVP_MAC_CTX_new();
HMAC_Init_ex();
HMAC_CTX_free();compiler suggestion EVP_MAC_CTX_free();
HMAC_Update();compiler suggestion EVP_MAC_update();
HMAC_Final();compiler suggestion EVP_MAC_final();


Use the EVP_MAC functions. In particular see:

https://www.openssl.org/docs/man3.0/man3/EVP_MAC.html

and

https://www.openssl.org/docs/man3.0/man7/EVP_MAC-HMAC.html

Matt




I'm not able to find proper replacement, Please help me out

Thanks,
Shiva Kumar
Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux