From d129af2fa70a839e97c54959047af7100cb56156 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 1 Oct 2023 22:12:31 -0400
Subject: [PATCH] Deprecate sign() and verify() (#1256)

---
 CHANGELOG.rst         |  1 +
 src/OpenSSL/crypto.py | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index db6323f6..88a4037e 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -24,6 +24,7 @@ Deprecations:
 - Deprecated ``OpenSSL.crypto.CRL``
 - Deprecated ``OpenSSL.crypto.Revoked``
 - Deprecated ``OpenSSL.crypto.load_crl`` and ``OpenSSL.crypto.dump_crl``
+- Deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``
 
 Changes:
 ^^^^^^^^
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index f8126d2e..8038ff1f 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -3149,6 +3149,15 @@ def sign(pkey: PKey, data: Union[str, bytes], digest: str) -> bytes:
     return _ffi.buffer(signature_buffer, signature_length[0])[:]
 
 
+utils.deprecated(
+    sign,
+    __name__,
+    "sign() is deprecated. Use the equivilant APIs in cryptography.",
+    DeprecationWarning,
+    name="sign",
+)
+
+
 def verify(
     cert: X509, signature: bytes, data: Union[str, bytes], digest: str
 ) -> None:
@@ -3187,6 +3196,15 @@ def verify(
         _raise_current_error()
 
 
+utils.deprecated(
+    verify,
+    __name__,
+    "verify() is deprecated. Use the equivilant APIs in cryptography.",
+    DeprecationWarning,
+    name="verify",
+)
+
+
 def dump_crl(type: int, crl: CRL) -> bytes:
     """
     Dump a certificate revocation list to a buffer.