Deprecate the low level AES functions #10580
Conversation
mattcaswell
added
branch: master
|
|
Unfortunately much more than that is needed. This PR just doesn't work at all with "no-deprecated". I'm working on it. |
mattcaswell
changed the title
|
Temporarily I moved this into WIP because its currently broken. I've pushed a bunch of fixes for "no-deprecated" but there's still more to fix. |
|
The last commit added OPENSSL_SUPRESS_DEPRECATION a little all over the place. Wouldn't the following be much simpler and easier to follow? diff --git a/include/openssl/macros.h b/include/openssl/macros.h
index a38387f131..484d76c1e1 100644
--- a/include/openssl/macros.h
+++ b/include/openssl/macros.h
@@ -25,6 +25,9 @@
/*
* Generic deprecation macro
+ *
+ * If OPENSSL_SUPPRESS_DEPRECATED is defined, then DECLARE_DEPRECATED
+ * becomes a no-op
*/
# ifndef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f;
@@ -43,6 +46,13 @@
# endif
# endif
+/*
+ * If OPENSSL_SUPPRESS_DEPRECATED is defined, then turn off 'no-deprecated'
+ */
+#ifdef OPENSSL_SUPPRESS_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
/*
* Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
* declarations of functions deprecated in or before <version>. If this is |
|
You mean instead of the other changes in macros.h? Yes that could work. |
And elsewhere. Basically, you shouldn't need to check OPENSSL_SUPPRESS_DEPRECATE all over the place |
mattcaswell
force-pushed
the
deprecate-aes
branch
from
cca395f
to
ccba07c
Compare
|
I wouldn't mind if #10608 got reviewed. 😉 |
mattcaswell
force-pushed
the
deprecate-aes
branch
from
ccba07c
to
6c2ad4d
Compare
mattcaswell
changed the title
|
travis isnt looking very healthly, |
| goto err; | ||
| } | ||
|
|
||
| wkey = OPENSSL_malloc(ec->keylen + 8); | ||
|
|
There was a problem hiding this comment.
The + 8 on the line above in the existing code looks a bit dangerous to me :)
Hopefully it equals wkeylen below.
A check might have been nice.
There was a problem hiding this comment.
I added a comment about this, and later ossl_assert check
|
Yes, and a couple of other spots. Now fixed. Please take a look. |
|
Travis red cross is not relevant. Ping? |
include/crypto/ciphermode_platform.h
Outdated
| @@ -12,7 +12,8 @@ | |||
|
|
|||
| # include "openssl/aes.h" | |||
|
|
|||
| # ifdef VPAES_ASM | |||
| # ifndef OPENSSL_NO_DEPRECATED | |||
There was a problem hiding this comment.
Not quite sure I understand why the NO_DEPRECATED is required in this internal file?
(This file is used also inside provider implementations).
There was a problem hiding this comment.
This file is included by e_camellia.c which does not include the "internal/deprecated.h" file, because it doesn't use any externally deprecated APIs. However this header file contains references to AES things that may not be defined in a no-deprecated build - and so the compiler complains loudly. Adding this guard means e_camellia.c compiles correctly. Another fix would be to instead include "internal/deprecated.h" in e_camellia.c - but I'd rather not do that.
There was a problem hiding this comment.
cipher_platform.h should really be divided into algo specific headers.
There was a problem hiding this comment.
Maybe. But I'd see that as outside of the scope of this PR.
There was a problem hiding this comment.
Now that #10662 has gone in, this file no longer exists and these changes aren't necessary.
We should not be using the low level AES APIs in CMS. Instead we should be using EVP. There was a small amount of use of the low level key wrap APIs - so we convert that to EVP.
Use of the low level AES functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions.
mattcaswell
force-pushed
the
deprecate-aes
branch
from
40b0f90
to
24e3db3
Compare
|
I've rebased this to pick up the changes from #10662. Please take another look. |
|
Ping? |
include/internal/deprecated.h
Outdated
| * This header *must* be the first OpenSSL header included by a source file. | ||
| */ | ||
|
|
||
| #ifndef OSSL_INTERNAL_DEPRECTATED_H |
|
Fixup commit pushed addressing latest feedback comment. |
t8m
added
approval: done
levitte
added
approval: ready to merge
|
Pushed. Thanks. |
We should not be using the low level AES APIs in CMS. Instead we should be using EVP. There was a small amount of use of the low level key wrap APIs - so we convert that to EVP. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #10580)
Use of the low level AES functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #10580)
| * This file uses the low level AES functions (which are deprecated for | ||
| * non-internal use) in order to implement the padlock engine AES ciphers. | ||
| */ | ||
| #define OPENSSL_SUPPRESS_DEPRECATED |
There was a problem hiding this comment.
@mattcaswell does this work for an engine?
Won't the low level calls be hidden and non-resolvable?
There was a problem hiding this comment.
There are two scenarios:
-
Compilation when "no-deprecated" has been defined
-
Compilation when "no-deprecated" has not been defined
In the first case this PR changed Configure so that padlock never gets compiled. In the second case the low level calls are resolvable and we are only concerned about the deprecation warnings that the compiler will emit. This line is to suppress those.
There was a problem hiding this comment.
Thanks for the explanation, I missed the Configure change somehow.
Is this how we want to deal with engines that use deprecated APIs? e.g. the e_dasync engine uses SHA-1 and I modified it to not over in #10791.
There was a problem hiding this comment.
In general no. I think where possible we should convert usage to use EVP instead. I took the decision not to do that with padlock because the usage was so extensive.
decrypt functions Some functions including low level AES functions would be deprecated in next OpenSSL version(3.0). OpenSSL team says that application should use the high level EVP APIs, so I added these functions. See also: openssl/openssl#10580 openssl/openssl#10740
Use of the low level AES functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.