Deprecate Mbed TLS cryptography API
The PSA Crypto API should be used instead. The Mbed TLS cryptography API
will still remain available under MBEDTLS_DEPRECATED_REMOVED, as Mbed
Crypto (which implements the PSA Crypto API) continues to rely on this
now internal API.
Functions in that are already considered internal and are not deprecated
by this commit. We already have the freedom to change or remove these
internal APIs.
Document the relationship between Mbed Crypto and Mbed TLS, describing
Mbed Crypto's dual purpose of providing both deprecated Mbed TLS
cryptography APIs and the PSA Crypto API.
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index f196ecc..a856ac7 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -124,6 +124,7 @@
*
* \param ctx The AES context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aes_init( mbedtls_aes_context *ctx );
/**
@@ -133,6 +134,7 @@
* If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aes_free( mbedtls_aes_context *ctx );
#if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -144,6 +146,7 @@
*
* \param ctx The AES XTS context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
/**
@@ -153,6 +156,7 @@
* If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
#endif /* MBEDTLS_CIPHER_MODE_XTS */
@@ -171,6 +175,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
@@ -189,6 +194,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
@@ -257,6 +263,7 @@
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
@@ -304,6 +311,7 @@
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
* on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -396,6 +404,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -440,6 +449,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
@@ -494,6 +504,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
@@ -580,6 +591,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
@@ -657,6 +669,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h
index 955b7c9..9b9005a 100644
--- a/include/mbedtls/aesni.h
+++ b/include/mbedtls/aesni.h
@@ -34,6 +34,7 @@
#endif
#include "mbedtls/aes.h"
+#include "mbedtls/platform_util.h"
#define MBEDTLS_AESNI_AES 0x02000000u
#define MBEDTLS_AESNI_CLMUL 0x00000002u
@@ -61,6 +62,7 @@
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
+MBEDTLS_DEPRECATED
int mbedtls_aesni_has_support( unsigned int what );
/**
@@ -76,6 +78,7 @@
*
* \return 0 on success (cannot fail)
*/
+MBEDTLS_DEPRECATED
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
@@ -94,6 +97,7 @@
* \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16] );
@@ -109,6 +113,7 @@
* \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one)
*/
+MBEDTLS_DEPRECATED
void mbedtls_aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey,
int nr );
@@ -125,6 +130,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
+MBEDTLS_DEPRECATED
int mbedtls_aesni_setkey_enc( unsigned char *rk,
const unsigned char *key,
size_t bits );
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
index acad623..4772315 100644
--- a/include/mbedtls/arc4.h
+++ b/include/mbedtls/arc4.h
@@ -34,6 +34,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
+
#include <stddef.h>
/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */
@@ -76,6 +78,7 @@
* instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
/**
@@ -88,6 +91,7 @@
* instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
/**
@@ -102,6 +106,7 @@
* instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
unsigned int keylen );
@@ -120,6 +125,7 @@
* instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
@@ -135,6 +141,7 @@
* instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_arc4_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index a72a8c2..0bc56f3 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -93,6 +93,7 @@
*
* \param ctx The ARIA context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aria_init( mbedtls_aria_context *ctx );
/**
@@ -102,6 +103,7 @@
* case this function returns immediately. If it is not \c NULL,
* it must point to an initialized ARIA context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_aria_free( mbedtls_aria_context *ctx );
/**
@@ -119,6 +121,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -138,6 +141,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -162,6 +166,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] );
@@ -208,6 +213,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
int mode,
size_t length,
@@ -258,6 +264,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
int mode,
size_t length,
@@ -345,6 +352,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
size_t length,
size_t *nc_off,
@@ -360,6 +368,7 @@
*
* \return \c 0 on success, or \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aria_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index ab947ab..80958d5 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#if defined(MBEDTLS_BIGNUM_C)
@@ -184,6 +185,7 @@
* end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is
* unparseable.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end,
size_t *len );
@@ -200,6 +202,7 @@
* \return 0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did
* not match requested tag, or another specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag );
@@ -214,6 +217,7 @@
*
* \return 0 if successful or a specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val );
@@ -228,6 +232,7 @@
*
* \return 0 if successful or a specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_int( unsigned char **p,
const unsigned char *end,
int *val );
@@ -242,6 +247,7 @@
*
* \return 0 if successful or a specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs);
@@ -256,6 +262,7 @@
*
* \return 0 if successful or a specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len );
@@ -270,6 +277,7 @@
*
* \return 0 if successful or a specific ASN.1 error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_sequence_of( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_sequence *cur,
@@ -286,6 +294,7 @@
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mbedtls_mpi *X );
@@ -303,6 +312,7 @@
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_alg( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
@@ -319,6 +329,7 @@
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_buf *alg );
@@ -333,6 +344,7 @@
*
* \return NULL if not found, or a pointer to the existing entry.
*/
+MBEDTLS_DEPRECATED
mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
const char *oid, size_t len );
@@ -341,6 +353,7 @@
*
* \param entry The named data entry to free
*/
+MBEDTLS_DEPRECATED
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
/**
@@ -349,6 +362,7 @@
*
* \param head Pointer to the head of the list of named data entries to free
*/
+MBEDTLS_DEPRECATED
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
#ifdef __cplusplus
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index 336f2da..9062e25 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -31,6 +31,7 @@
#endif
#include "mbedtls/asn1.h"
+#include "mbedtls/platform_util.h"
#define MBEDTLS_ASN1_CHK_ADD(g, f) \
do \
@@ -57,6 +58,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start,
size_t len );
/**
@@ -71,6 +73,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
unsigned char tag );
@@ -87,6 +90,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );
@@ -104,6 +108,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start,
const mbedtls_mpi *X );
#endif /* MBEDTLS_BIGNUM_C */
@@ -120,6 +125,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
/**
@@ -136,6 +142,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len );
@@ -154,6 +161,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
unsigned char *start,
const char *oid, size_t oid_len,
@@ -172,6 +180,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
int boolean );
@@ -188,6 +197,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
/**
@@ -207,6 +217,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
int tag, const char *text,
size_t text_len );
@@ -226,6 +237,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_printable_string( unsigned char **p,
unsigned char *start,
const char *text, size_t text_len );
@@ -245,6 +257,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len );
@@ -263,6 +276,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len );
@@ -280,6 +294,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits );
@@ -300,6 +315,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_named_bitstring( unsigned char **p,
unsigned char *start,
const unsigned char *buf,
@@ -319,6 +335,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );
@@ -339,6 +356,7 @@
* \return A pointer to the new / existing entry on success.
* \return \c NULL if if there was a memory allocation error.
*/
+MBEDTLS_DEPRECATED
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
const char *oid, size_t oid_len,
const unsigned char *val,
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index 07ae3bf..f7e51b2 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
@@ -58,6 +59,7 @@
* \note Call this function with dlen = 0 to obtain the
* required buffer size in *olen
*/
+MBEDTLS_DEPRECATED
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen );
@@ -78,6 +80,7 @@
* \note Call this function with *dst = NULL or dlen = 0 to obtain
* the required buffer size in *olen
*/
+MBEDTLS_DEPRECATED
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen );
@@ -87,6 +90,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_base64_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index fc0958e..e8541c8 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -200,6 +200,7 @@
*
* \param X The MPI context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_mpi_init( mbedtls_mpi *X );
/**
@@ -209,6 +210,7 @@
* in which case this function is a no-op. If it is
* not \c NULL, it must point to an initialized MPI.
*/
+MBEDTLS_DEPRECATED
void mbedtls_mpi_free( mbedtls_mpi *X );
/**
@@ -224,6 +226,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
/**
@@ -241,6 +244,7 @@
* (this can only happen when resizing up).
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
/**
@@ -256,6 +260,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
/**
@@ -264,6 +269,7 @@
* \param X The first MPI. It must be initialized.
* \param Y The second MPI. It must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
/**
@@ -290,6 +296,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
/**
@@ -315,6 +322,7 @@
* \return Another negative error code on other kinds of failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign );
/**
@@ -327,6 +335,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
/**
@@ -339,6 +348,7 @@
* of \c X is unset or set.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
/**
@@ -356,6 +366,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
/**
@@ -370,6 +381,7 @@
* \return The number of bits of value \c 0 before the least significant
* bit of value \c 1 in \p X.
*/
+MBEDTLS_DEPRECATED
size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
/**
@@ -384,6 +396,7 @@
* \return The number of bits up to and including the most
* significant bit of value \c 1.
*/
+MBEDTLS_DEPRECATED
size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
/**
@@ -399,6 +412,7 @@
* \return The least number of bytes capable of storing
* the absolute value of \p X.
*/
+MBEDTLS_DEPRECATED
size_t mbedtls_mpi_size( const mbedtls_mpi *X );
/**
@@ -411,6 +425,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
/**
@@ -435,6 +450,7 @@
* size of \p buf required for a successful call.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
char *buf, size_t buflen, size_t *olen );
@@ -460,6 +476,7 @@
* is too small.
* \return Another negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
/**
@@ -477,6 +494,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
int radix, FILE *fout );
#endif /* MBEDTLS_FS_IO */
@@ -493,6 +511,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
size_t buflen );
@@ -508,6 +527,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
const unsigned char *buf, size_t buflen );
@@ -526,6 +546,7 @@
* large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
size_t buflen );
@@ -544,6 +565,7 @@
* large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
unsigned char *buf, size_t buflen );
@@ -557,6 +579,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
/**
@@ -569,6 +592,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
/**
@@ -581,6 +605,7 @@
* \return \c -1 if `|X|` is lesser than `|Y|`.
* \return \c 0 if `|X|` is equal to `|Y|`.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
/**
@@ -593,6 +618,7 @@
* \return \c -1 if \p X is lesser than \p Y.
* \return \c 0 if \p X is equal to \p Y.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
/**
@@ -605,6 +631,7 @@
* \return \c -1 if \p X is lesser than \p z.
* \return \c 0 if \p X is equal to \p z.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
/**
@@ -618,6 +645,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -633,6 +661,7 @@
* \return Another negative error code on different kinds of failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -647,6 +676,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -661,6 +691,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -675,6 +706,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b );
@@ -690,6 +722,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b );
@@ -705,6 +738,7 @@
* \return Another negative error code on different kinds of failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -721,6 +755,7 @@
* \return Another negative error code on different kinds of failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_uint b );
@@ -742,6 +777,7 @@
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -763,6 +799,7 @@
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
mbedtls_mpi_sint b );
@@ -783,6 +820,7 @@
* \return Another negative error code on different kinds of failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -802,6 +840,7 @@
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
mbedtls_mpi_sint b );
@@ -831,6 +870,7 @@
* \return Another negative error code on different kinds of failures.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N,
mbedtls_mpi *_RR );
@@ -852,6 +892,7 @@
* as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -867,6 +908,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
const mbedtls_mpi *B );
@@ -886,6 +928,7 @@
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
* with respect to \p N.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *N );
@@ -941,6 +984,7 @@
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -974,6 +1018,7 @@
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
* \c 3 and #MBEDTLS_MPI_MAX_BITS.
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -985,6 +1030,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_mpi_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
index 1e5dba3..db6344b 100644
--- a/include/mbedtls/blowfish.h
+++ b/include/mbedtls/blowfish.h
@@ -81,6 +81,7 @@
* \param ctx The Blowfish context to be initialized.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
/**
@@ -91,6 +92,7 @@
* returns immediately. If it is not \c NULL, it must
* point to an initialized Blowfish context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
/**
@@ -105,6 +107,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
unsigned int keybits );
@@ -124,6 +127,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
int mode,
const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
@@ -158,6 +162,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
int mode,
size_t length,
@@ -198,6 +203,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
int mode,
size_t length,
@@ -271,6 +277,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
size_t length,
size_t *nc_off,
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index a832454..0c7b800 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -77,6 +77,7 @@
* \param ctx The CAMELLIA context to be initialized.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
/**
@@ -86,6 +87,7 @@
* in which case this function returns immediately. If it is not
* \c NULL, it must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
/**
@@ -100,6 +102,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -116,6 +119,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
const unsigned char *key,
unsigned int keybits );
@@ -135,6 +139,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
int mode,
const unsigned char input[16],
@@ -169,6 +174,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
int mode,
size_t length,
@@ -215,6 +221,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
int mode,
size_t length,
@@ -299,6 +306,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
size_t length,
size_t *nc_off,
@@ -315,6 +323,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_camellia_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index ceac36c..5f427ab 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -92,6 +92,7 @@
*
* \param ctx The CCM context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
/**
@@ -107,6 +108,7 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
@@ -119,6 +121,7 @@
* \param ctx The CCM context to clear. If this is \c NULL, the function
* has no effect. Otherwise, this must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
/**
@@ -157,6 +160,7 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
@@ -205,6 +209,7 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
@@ -242,6 +247,7 @@
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
@@ -287,6 +293,7 @@
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
@@ -300,6 +307,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ccm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
index 243ae63..dd3fe67 100644
--- a/include/mbedtls/chacha20.h
+++ b/include/mbedtls/chacha20.h
@@ -39,6 +39,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stdint.h>
#include <stddef.h>
@@ -85,6 +86,7 @@
* \param ctx The ChaCha20 context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
/**
@@ -96,6 +98,7 @@
* \c NULL, it must point to an initialized context.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
/**
@@ -114,6 +117,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
const unsigned char key[32] );
@@ -136,6 +140,7 @@
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
* NULL.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
const unsigned char nonce[12],
uint32_t counter );
@@ -169,6 +174,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
size_t size,
const unsigned char *input,
@@ -202,6 +208,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chacha20_crypt( const unsigned char key[32],
const unsigned char nonce[12],
uint32_t counter,
@@ -216,6 +223,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chacha20_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h
index 3d842ef..4712a08 100644
--- a/include/mbedtls/chachapoly.h
+++ b/include/mbedtls/chachapoly.h
@@ -39,6 +39,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
+
/* for shared error codes */
#include "mbedtls/poly1305.h"
@@ -117,6 +119,7 @@
*
* \param ctx The ChachaPoly context to initialize. Must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
/**
@@ -126,6 +129,7 @@
* \param ctx The ChachaPoly context to clear. This may be \c NULL, in which
* case this function is a no-op.
*/
+MBEDTLS_DEPRECATED
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
/**
@@ -139,6 +143,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
const unsigned char key[32] );
@@ -167,6 +172,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode );
@@ -210,6 +216,7 @@
* if the operations has not been started or has been
* finished, or if the AAD has been finished.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
const unsigned char *aad,
size_t aad_len );
@@ -245,6 +252,7 @@
* finished.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
size_t len,
const unsigned char *input,
@@ -266,6 +274,7 @@
* finished.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
unsigned char mac[16] );
@@ -298,6 +307,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
size_t length,
const unsigned char nonce[12],
@@ -332,6 +342,7 @@
* if the data was not authentic.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
size_t length,
const unsigned char nonce[12],
@@ -348,6 +359,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_chachapoly_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 96efd93..a719241 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -357,6 +357,7 @@
* \return A statically-allocated array of cipher identifiers
* of type cipher_type_t. The last entry is zero.
*/
+MBEDTLS_DEPRECATED
const int *mbedtls_cipher_list( void );
/**
@@ -370,6 +371,7 @@
* given \p cipher_name.
* \return \c NULL if the associated cipher information is not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
/**
@@ -382,6 +384,7 @@
* given \p cipher_type.
* \return \c NULL if the associated cipher information is not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
/**
@@ -398,6 +401,7 @@
* given \p cipher_id.
* \return \c NULL if the associated cipher information is not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
int key_bitlen,
const mbedtls_cipher_mode_t mode );
@@ -407,6 +411,7 @@
*
* \param ctx The context to be initialized. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
/**
@@ -418,6 +423,7 @@
* function has no effect, otherwise this must point to an
* initialized context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
@@ -438,6 +444,7 @@
* In future versions, the caller will be required to call
* mbedtls_cipher_init() on the structure first.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info );
@@ -463,6 +470,7 @@
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info,
size_t taglen );
@@ -476,6 +484,7 @@
* \return The block size of the underlying cipher.
* \return \c 0 if \p ctx has not been initialized.
*/
+MBEDTLS_DEPRECATED
static inline unsigned int mbedtls_cipher_get_block_size(
const mbedtls_cipher_context_t *ctx )
{
@@ -495,6 +504,7 @@
* \return The mode of operation.
* \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
*/
+MBEDTLS_DEPRECATED
static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
const mbedtls_cipher_context_t *ctx )
{
@@ -515,6 +525,7 @@
* \return \c 0 for ciphers not using an IV or a nonce.
* \return The actual size if an IV has been set.
*/
+MBEDTLS_DEPRECATED
static inline int mbedtls_cipher_get_iv_size(
const mbedtls_cipher_context_t *ctx )
{
@@ -536,6 +547,7 @@
* \return The type of the cipher.
* \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
*/
+MBEDTLS_DEPRECATED
static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
const mbedtls_cipher_context_t *ctx )
{
@@ -556,6 +568,7 @@
* \return The name of the cipher.
* \return NULL if \p ctx has not been not initialized.
*/
+MBEDTLS_DEPRECATED
static inline const char *mbedtls_cipher_get_name(
const mbedtls_cipher_context_t *ctx )
{
@@ -575,6 +588,7 @@
* \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
* initialized.
*/
+MBEDTLS_DEPRECATED
static inline int mbedtls_cipher_get_key_bitlen(
const mbedtls_cipher_context_t *ctx )
{
@@ -594,6 +608,7 @@
* \return The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
* \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
*/
+MBEDTLS_DEPRECATED
static inline mbedtls_operation_t mbedtls_cipher_get_operation(
const mbedtls_cipher_context_t *ctx )
{
@@ -621,6 +636,7 @@
* parameter-verification failure.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
const unsigned char *key,
int key_bitlen,
@@ -643,6 +659,7 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
mbedtls_cipher_padding_t mode );
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
@@ -665,6 +682,7 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
const unsigned char *iv,
size_t iv_len );
@@ -678,6 +696,7 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
@@ -695,6 +714,7 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len );
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
@@ -733,6 +753,7 @@
* unsupported mode for a cipher.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
const unsigned char *input,
size_t ilen, unsigned char *output,
@@ -760,6 +781,7 @@
* while decrypting.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen );
@@ -780,6 +802,7 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len );
@@ -796,6 +819,7 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len );
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
@@ -833,6 +857,7 @@
* while decrypting.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
@@ -869,6 +894,7 @@
* parameter-verification failure.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
@@ -911,6 +937,7 @@
* \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 792fbdc..c854b36 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -90,6 +90,7 @@
* \return \c 0 on success.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
const unsigned char *key, size_t keybits );
@@ -109,6 +110,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen );
@@ -127,6 +129,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output );
@@ -144,6 +147,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
/**
@@ -168,6 +172,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
@@ -191,6 +196,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
const unsigned char *input, size_t in_len,
unsigned char output[16] );
@@ -203,6 +209,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_cmac_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 8331a95..0b3348e 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -159,6 +159,7 @@
*
* \param ctx The CTR_DRBG context to initialize.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
/**
@@ -180,6 +181,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
@@ -191,6 +193,7 @@
*
* \param ctx The CTR_DRBG context to clear.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
/**
@@ -205,6 +208,7 @@
* \param ctx The CTR_DRBG context.
* \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
int resistance );
@@ -216,6 +220,7 @@
* \param ctx The CTR_DRBG context.
* \param len The amount of entropy to grab.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
size_t len );
@@ -226,6 +231,7 @@
* \param ctx The CTR_DRBG context.
* \param interval The reseed interval.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
int interval );
@@ -240,6 +246,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len );
@@ -257,6 +264,7 @@
* #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
* \return An error from the underlying AES cipher on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional,
size_t add_len );
@@ -278,6 +286,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len );
@@ -296,6 +305,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_random( void *p_rng,
unsigned char *output, size_t output_len );
@@ -334,6 +344,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
/**
@@ -348,6 +359,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */
@@ -359,11 +371,13 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
/* Internal functions (do not call directly) */
+MBEDTLS_DEPRECATED
int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *,
int (*)(void *, unsigned char *, size_t), void *,
const unsigned char *, size_t, size_t );
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index 1c80b53..5debba1 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -35,6 +35,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#include <stdint.h>
@@ -91,6 +92,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
void mbedtls_des_init( mbedtls_des_context *ctx );
/**
@@ -102,6 +104,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
void mbedtls_des_free( mbedtls_des_context *ctx );
/**
@@ -109,6 +112,7 @@
*
* \param ctx DES3 context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_des3_init( mbedtls_des3_context *ctx );
/**
@@ -116,6 +120,7 @@
*
* \param ctx DES3 context to be cleared
*/
+MBEDTLS_DEPRECATED
void mbedtls_des3_free( mbedtls_des3_context *ctx );
/**
@@ -130,6 +135,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -146,6 +152,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -159,6 +166,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -173,6 +181,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -187,6 +196,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/**
@@ -197,6 +207,7 @@
*
* \return 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -208,6 +219,7 @@
*
* \return 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
@@ -219,6 +231,7 @@
*
* \return 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -230,6 +243,7 @@
*
* \return 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
@@ -246,6 +260,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -273,6 +288,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode,
size_t length,
@@ -290,6 +306,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
@@ -315,6 +332,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/
+MBEDTLS_DEPRECATED
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode,
size_t length,
@@ -335,6 +353,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
+MBEDTLS_DEPRECATED
void mbedtls_des_setkey( uint32_t SK[32],
const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
@@ -345,6 +364,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_des_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index 831cfd7..7f67f11 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -71,6 +71,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
#include "mbedtls/bignum.h"
+#include "mbedtls/platform_util.h"
/*
* DHM Error codes
@@ -124,6 +125,7 @@
*
* \param ctx The DHM context to initialize.
*/
+MBEDTLS_DEPRECATED
void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
/**
@@ -148,6 +150,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p,
const unsigned char *end );
@@ -184,6 +187,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -204,6 +208,7 @@
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
const mbedtls_mpi *P,
const mbedtls_mpi *G );
@@ -224,6 +229,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen );
@@ -251,6 +257,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -282,6 +289,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
unsigned char *output, size_t output_size, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -295,6 +303,7 @@
* in which case this function is a no-op. If it is not \c NULL,
* it must point to an initialized DHM context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
#if defined(MBEDTLS_ASN1_PARSE_C)
@@ -312,6 +321,7 @@
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
* code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen );
@@ -328,6 +338,7 @@
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
* error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
@@ -340,6 +351,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_dhm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index d870a5b..54be9f5 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -41,6 +41,7 @@
#endif
#include "mbedtls/ecp.h"
+#include "mbedtls/platform_util.h"
#ifdef __cplusplus
extern "C" {
@@ -158,6 +159,7 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -196,6 +198,7 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -206,6 +209,7 @@
*
* \param ctx The ECDH context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
/**
@@ -224,6 +228,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
mbedtls_ecp_group_id grp_id );
@@ -234,6 +239,7 @@
* case this function does nothing. If it is not \c NULL,
* it must point to an initialized ECDH context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
/**
@@ -261,6 +267,7 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -290,6 +297,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
const unsigned char **buf,
const unsigned char *end );
@@ -313,6 +321,7 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side );
@@ -343,6 +352,7 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -367,6 +377,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen );
@@ -400,6 +411,7 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -418,6 +430,7 @@
*
* \param ctx The ECDH context to use. This must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx );
#endif /* MBEDTLS_ECP_RESTARTABLE */
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index 2df3eb7..f4c8c7d 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -162,6 +162,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX
* or \c MBEDTLS_MPI_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@@ -202,6 +203,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
mbedtls_mpi *s, const mbedtls_mpi *d,
const unsigned char *buf, size_t blen,
@@ -240,6 +242,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure for any other reason.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen,
const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
@@ -292,6 +295,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen,
@@ -338,6 +342,7 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen,
@@ -425,6 +430,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen );
@@ -460,6 +466,7 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen,
@@ -481,6 +488,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@@ -499,6 +507,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
const mbedtls_ecp_keypair *key );
@@ -508,6 +517,7 @@
* \param ctx The ECDSA context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
/**
@@ -517,6 +527,7 @@
* in which case this function does nothing. If it
* is not \c NULL, it must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -526,6 +537,7 @@
* \param ctx The restart context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
/**
@@ -535,6 +547,7 @@
* in which case this function does nothing. If it
* is not \c NULL, it must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx );
#endif /* MBEDTLS_ECP_RESTARTABLE */
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index 97387c3..702af07 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -48,6 +48,7 @@
#include "mbedtls/ecp.h"
#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
#ifdef __cplusplus
extern "C" {
@@ -102,6 +103,7 @@
* \param ctx The ECJPAKE context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
/**
@@ -125,6 +127,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
mbedtls_ecjpake_role role,
mbedtls_md_type_t hash,
@@ -141,6 +144,7 @@
* \return \c 0 if the context is ready for use.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
/**
@@ -162,6 +166,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -181,6 +186,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
const unsigned char *buf,
size_t len );
@@ -203,6 +209,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -221,6 +228,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
const unsigned char *buf,
size_t len );
@@ -243,6 +251,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -256,6 +265,7 @@
* in which case this function does nothing. If it is not
* \c NULL, it must point to an initialized ECJPAKE context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
#if defined(MBEDTLS_SELF_TEST)
@@ -265,6 +275,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecjpake_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 6aa677a..5dab64d 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -43,6 +43,7 @@
#endif
#include "mbedtls/bignum.h"
+#include "mbedtls/platform_util.h"
/*
* ECP error codes
@@ -313,6 +314,7 @@
* \return \c 0 if doing \p ops basic ops is still allowed,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
mbedtls_ecp_restart_ctx *rs_ctx,
unsigned ops );
@@ -416,6 +418,7 @@
*
* \note This setting is currently ignored by Curve25519.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_set_max_ops( unsigned max_ops );
/**
@@ -424,12 +427,14 @@
* \return \c 0 if \c max_ops == 0 (restart disabled)
* \return \c 1 otherwise (restart enabled)
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_restart_is_enabled( void );
#endif /* MBEDTLS_ECP_RESTARTABLE */
/*
* Get the type of a curve
*/
+MBEDTLS_DEPRECATED
mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
/**
@@ -439,6 +444,7 @@
*
* \return A statically allocated array. The last entry is 0.
*/
+MBEDTLS_DEPRECATED
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
/**
@@ -449,6 +455,7 @@
* \return A statically allocated array,
* terminated with MBEDTLS_ECP_DP_NONE.
*/
+MBEDTLS_DEPRECATED
const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
/**
@@ -460,6 +467,7 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
+MBEDTLS_DEPRECATED
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
/**
@@ -471,6 +479,7 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
+MBEDTLS_DEPRECATED
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
/**
@@ -482,6 +491,7 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
+MBEDTLS_DEPRECATED
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
/**
@@ -489,6 +499,7 @@
*
* \param pt The point to initialize.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
/**
@@ -500,6 +511,7 @@
* mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
* functions.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
/**
@@ -507,6 +519,7 @@
*
* \param key The key pair to initialize.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
/**
@@ -514,6 +527,7 @@
*
* \param pt The point to free.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
/**
@@ -523,6 +537,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP group.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
/**
@@ -532,6 +547,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP key pair.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -541,6 +557,7 @@
* \param ctx The restart context to initialize. This must
* not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
/**
@@ -550,6 +567,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized restart context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
#endif /* MBEDTLS_ECP_RESTARTABLE */
@@ -564,6 +582,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code for other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
/**
@@ -577,6 +596,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
const mbedtls_ecp_group *src );
@@ -589,6 +609,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
/**
@@ -600,6 +621,7 @@
* \return \c 0 if the point is non-zero.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
/**
@@ -614,6 +636,7 @@
* \return \c 0 if the points are equal.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q );
@@ -629,6 +652,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_MPI_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
const char *x, const char *y );
@@ -657,6 +681,7 @@
* or the export for the given group is not implemented.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *P,
int format, size_t *olen,
@@ -684,6 +709,7 @@
* \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
* given group is not implemented.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P,
const unsigned char *buf, size_t ilen );
@@ -706,6 +732,7 @@
* failure.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt,
const unsigned char **buf, size_t len );
@@ -732,6 +759,7 @@
* is too small to hold the exported point.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt,
int format, size_t *olen,
@@ -754,6 +782,7 @@
* correspond to a known group.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
/**
@@ -773,6 +802,7 @@
* recognized.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
const unsigned char **buf, size_t len );
@@ -794,6 +824,7 @@
* recognized.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
const unsigned char **buf,
size_t len );
@@ -815,6 +846,7 @@
* buffer is too small to hold the exported group.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
size_t *olen,
unsigned char *buf, size_t blen );
@@ -852,6 +884,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@@ -886,6 +919,7 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
@@ -920,6 +954,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
@@ -958,6 +993,7 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_muladd_restartable(
mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
@@ -991,6 +1027,7 @@
* a valid public key for the given curve.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt );
@@ -1013,6 +1050,7 @@
* private key for the given curve.
* \return Another negative error code on other kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
const mbedtls_mpi *d );
@@ -1031,6 +1069,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -1063,6 +1102,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
const mbedtls_ecp_point *G,
mbedtls_mpi *d, mbedtls_ecp_point *Q,
@@ -1092,6 +1132,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -1110,6 +1151,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -1132,6 +1174,7 @@
* the group is not implemented.
* \return Another negative error code on different kinds of failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
const unsigned char *buf, size_t buflen );
/**
@@ -1151,6 +1194,7 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX
* error code on calculation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
const mbedtls_ecp_keypair *prv );
@@ -1162,6 +1206,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_ecp_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 06aaffa..a733bde 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
@@ -147,6 +148,7 @@
*
* \param ctx Entropy context to initialize
*/
+MBEDTLS_DEPRECATED
void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
/**
@@ -154,6 +156,7 @@
*
* \param ctx Entropy context to free
*/
+MBEDTLS_DEPRECATED
void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
/**
@@ -173,6 +176,7 @@
*
* \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold, int strong );
@@ -185,6 +189,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
/**
@@ -198,6 +203,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
/**
@@ -210,6 +216,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len );
@@ -222,6 +229,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
#endif /* MBEDTLS_ENTROPY_NV_SEED */
@@ -236,6 +244,7 @@
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
/**
@@ -250,6 +259,7 @@
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */
@@ -262,6 +272,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_self_test( int verbose );
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
@@ -278,6 +289,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_entropy_source_self_test( int verbose );
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index a71a2af..4b1b8da 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -40,6 +40,7 @@
#endif
#include "mbedtls/cipher.h"
+#include "mbedtls/platform_util.h"
#include <stdint.h>
@@ -93,6 +94,7 @@
*
* \param ctx The GCM context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
/**
@@ -111,6 +113,7 @@
* \return \c 0 on success.
* \return A cipher-specific error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
@@ -167,6 +170,7 @@
* not valid or a cipher-specific error code if the encryption
* or decryption failed.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
int mode,
size_t length,
@@ -212,6 +216,7 @@
* not valid or a cipher-specific error code if the decryption
* failed.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
size_t length,
const unsigned char *iv,
@@ -240,6 +245,7 @@
*
* \return \c 0 on success.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
int mode,
const unsigned char *iv,
@@ -272,6 +278,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
size_t length,
const unsigned char *input,
@@ -293,6 +300,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag,
size_t tag_len );
@@ -304,6 +312,7 @@
* \param ctx The GCM context to clear. If this is \c NULL, the call has
* no effect. Otherwise, this must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
#if defined(MBEDTLS_SELF_TEST)
@@ -314,6 +323,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_gcm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h
index 5a2e35f..d691cd9 100644
--- a/include/mbedtls/havege.h
+++ b/include/mbedtls/havege.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
@@ -54,6 +55,7 @@
*
* \param hs HAVEGE state to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_havege_init( mbedtls_havege_state *hs );
/**
@@ -61,6 +63,7 @@
*
* \param hs HAVEGE state to be cleared
*/
+MBEDTLS_DEPRECATED
void mbedtls_havege_free( mbedtls_havege_state *hs );
/**
@@ -72,6 +75,7 @@
*
* \return 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
#ifdef __cplusplus
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 20f325d..0a6104d 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -34,6 +34,7 @@
#endif
#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
/**
* \name HKDF Error codes
@@ -70,6 +71,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
@@ -99,6 +101,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
@@ -130,6 +133,7 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len );
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index b47d443..b20eb85 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -112,6 +112,7 @@
*
* \param ctx HMAC_DRBG context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
/**
@@ -138,6 +139,7 @@
* MBEDTLS_ERR_MD_ALLOC_FAILED, or
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
@@ -158,6 +160,7 @@
* MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
* MBEDTLS_ERR_MD_ALLOC_FAILED.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len );
@@ -171,6 +174,7 @@
* \param ctx HMAC_DRBG context
* \param resistance MBEDTLS_HMAC_DRBG_PR_ON or MBEDTLS_HMAC_DRBG_PR_OFF
*/
+MBEDTLS_DEPRECATED
void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
int resistance );
@@ -182,6 +186,7 @@
* \param ctx HMAC_DRBG context
* \param len Amount of entropy to grab, in bytes
*/
+MBEDTLS_DEPRECATED
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
size_t len );
@@ -192,6 +197,7 @@
* \param ctx HMAC_DRBG context
* \param interval Reseed interval
*/
+MBEDTLS_DEPRECATED
void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
int interval );
@@ -208,6 +214,7 @@
* \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len );
@@ -221,6 +228,7 @@
* \return 0 if successful, or
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len );
@@ -240,6 +248,7 @@
* MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
* MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG.
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional,
@@ -258,6 +267,7 @@
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
/**
@@ -265,6 +275,7 @@
*
* \param ctx HMAC_DRBG context to free.
*/
+MBEDTLS_DEPRECATED
void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -296,6 +307,7 @@
* \return 0 if successful, 1 on file error, or
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
/**
@@ -309,6 +321,7 @@
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
* MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */
@@ -319,6 +332,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_hmac_drbg_self_test( int verbose );
#endif
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 0423e45..6306af9 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -111,6 +111,7 @@
* message-digest enumeration #mbedtls_md_type_t.
* The last entry is 0.
*/
+MBEDTLS_DEPRECATED
const int *mbedtls_md_list( void );
/**
@@ -122,6 +123,7 @@
* \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
/**
@@ -133,6 +135,7 @@
* \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
/**
@@ -143,6 +146,7 @@
* context for mbedtls_md_setup() for binding it to a
* message-digest algorithm.
*/
+MBEDTLS_DEPRECATED
void mbedtls_md_init( mbedtls_md_context_t *ctx );
/**
@@ -158,6 +162,7 @@
* You must not call this function if you have not called
* mbedtls_md_init().
*/
+MBEDTLS_DEPRECATED
void mbedtls_md_free( mbedtls_md_context_t *ctx );
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -201,6 +206,7 @@
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
/**
@@ -222,6 +228,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_clone( mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src );
@@ -234,6 +241,7 @@
*
* \return The size of the message-digest output in Bytes.
*/
+MBEDTLS_DEPRECATED
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
/**
@@ -245,6 +253,7 @@
*
* \return The type of the message digest.
*/
+MBEDTLS_DEPRECATED
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
/**
@@ -256,6 +265,7 @@
*
* \return The name of the message digest.
*/
+MBEDTLS_DEPRECATED
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
/**
@@ -271,6 +281,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_starts( mbedtls_md_context_t *ctx );
/**
@@ -289,6 +300,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
@@ -309,6 +321,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
/**
@@ -329,6 +342,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
@@ -350,6 +364,7 @@
* the file pointed by \p path.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
unsigned char *output );
#endif /* MBEDTLS_FS_IO */
@@ -372,6 +387,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
size_t keylen );
@@ -394,6 +410,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
size_t ilen );
@@ -415,6 +432,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
/**
@@ -432,6 +450,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
/**
@@ -456,11 +475,13 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/* Internal use */
+MBEDTLS_DEPRECATED
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
#ifdef __cplusplus
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
index 58c5396..5c2253c 100644
--- a/include/mbedtls/md2.h
+++ b/include/mbedtls/md2.h
@@ -81,6 +81,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md2_init( mbedtls_md2_context *ctx );
/**
@@ -93,6 +94,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md2_free( mbedtls_md2_context *ctx );
/**
@@ -106,6 +108,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md2_clone( mbedtls_md2_context *dst,
const mbedtls_md2_context *src );
@@ -121,6 +124,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
/**
@@ -137,6 +141,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -154,6 +159,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
unsigned char output[16] );
@@ -247,6 +253,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md2_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
@@ -283,6 +290,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md2_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
index e101014..5ea04ee 100644
--- a/include/mbedtls/md4.h
+++ b/include/mbedtls/md4.h
@@ -81,6 +81,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md4_init( mbedtls_md4_context *ctx );
/**
@@ -93,6 +94,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md4_free( mbedtls_md4_context *ctx );
/**
@@ -106,6 +108,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md4_clone( mbedtls_md4_context *dst,
const mbedtls_md4_context *src );
@@ -120,6 +123,7 @@
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
/**
@@ -136,6 +140,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -153,6 +158,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
unsigned char output[16] );
@@ -253,6 +259,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md4_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
@@ -290,6 +297,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md4_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index 6afe413..eb6bd96 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -80,6 +80,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md5_init( mbedtls_md5_context *ctx );
/**
@@ -92,6 +93,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md5_free( mbedtls_md5_context *ctx );
/**
@@ -105,6 +107,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_md5_clone( mbedtls_md5_context *dst,
const mbedtls_md5_context *src );
@@ -120,6 +123,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
/**
@@ -136,6 +140,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -153,6 +158,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
unsigned char output[16] );
@@ -252,6 +258,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md5_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
@@ -288,6 +295,7 @@
* stronger message digests instead.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_md5_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h
index 8e77f6f..7b2f86c 100644
--- a/include/mbedtls/memory_buffer_alloc.h
+++ b/include/mbedtls/memory_buffer_alloc.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
/**
@@ -70,11 +71,13 @@
* \param buf buffer to use as heap
* \param len size of the buffer
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
/**
* \brief Free the mutex for thread-safety and clear remaining memory
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_free( void );
/**
@@ -85,6 +88,7 @@
* \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
* MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_set_verify( int verify );
#if defined(MBEDTLS_MEMORY_DEBUG)
@@ -94,6 +98,7 @@
* Prints out a list of 'still allocated' blocks and their stack
* trace if MBEDTLS_MEMORY_BACKTRACE is defined.
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_status( void );
/**
@@ -104,11 +109,13 @@
* into smaller blocks but larger than the requested size.
* \param max_blocks Peak number of blocks in use, including free and used
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
/**
* \brief Reset peak statistics
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_max_reset( void );
/**
@@ -119,6 +126,7 @@
* into smaller blocks but larger than the requested size.
* \param cur_blocks Current number of blocks in use, including free and used
*/
+MBEDTLS_DEPRECATED
void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
#endif /* MBEDTLS_MEMORY_DEBUG */
@@ -133,6 +141,7 @@
*
* \return 0 if verified, 1 otherwise
*/
+MBEDTLS_DEPRECATED
int mbedtls_memory_buffer_alloc_verify( void );
#if defined(MBEDTLS_SELF_TEST)
@@ -141,6 +150,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_memory_buffer_alloc_self_test( int verbose );
#endif
diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h
index b39406f..d19e252 100644
--- a/include/mbedtls/nist_kw.h
+++ b/include/mbedtls/nist_kw.h
@@ -44,6 +44,7 @@
#endif
#include "mbedtls/cipher.h"
+#include "mbedtls/platform_util.h"
#ifdef __cplusplus
extern "C" {
@@ -82,6 +83,7 @@
* \param ctx The key wrapping context to initialize.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
/**
@@ -100,6 +102,7 @@
* which are not supported.
* \return cipher-specific error code on failure of the underlying cipher.
*/
+MBEDTLS_DEPRECATED
int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
@@ -112,6 +115,7 @@
*
* \param ctx The key wrapping context to clear.
*/
+MBEDTLS_DEPRECATED
void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
/**
@@ -135,6 +139,7 @@
* \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
* \return cipher-specific error code on failure of the underlying cipher.
*/
+MBEDTLS_DEPRECATED
int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size );
@@ -162,6 +167,7 @@
* \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
* \return cipher-specific error code on failure of the underlying cipher.
*/
+MBEDTLS_DEPRECATED
int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size);
@@ -174,6 +180,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_nist_kw_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 59ce020..b743533 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -32,6 +32,7 @@
#include "mbedtls/asn1.h"
#include "mbedtls/pk.h"
+#include "mbedtls/platform_util.h"
#include <stddef.h>
@@ -458,6 +459,7 @@
* \return Length of the string written (excluding final NULL) or
* MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
/**
@@ -468,6 +470,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
/**
@@ -479,6 +482,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
/**
@@ -489,6 +493,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
/**
@@ -500,6 +505,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
const char **oid, size_t *olen );
@@ -512,6 +518,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
/**
@@ -523,6 +530,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
const char **oid, size_t *olen );
#endif /* MBEDTLS_ECP_C */
@@ -537,6 +545,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
@@ -548,6 +557,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
/**
@@ -560,6 +570,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const char **oid, size_t *olen );
@@ -571,6 +582,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
/**
@@ -581,6 +593,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
#endif /* MBEDTLS_MD_C */
@@ -592,6 +605,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
/**
@@ -602,6 +616,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc );
/**
@@ -613,6 +628,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
#if defined(MBEDTLS_CIPHER_C)
@@ -624,6 +640,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
#endif /* MBEDTLS_CIPHER_C */
@@ -638,6 +655,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
+MBEDTLS_DEPRECATED
int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
mbedtls_cipher_type_t *cipher_alg );
#endif /* MBEDTLS_PKCS12_C */
diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h
index 513d72f..890df22 100644
--- a/include/mbedtls/padlock.h
+++ b/include/mbedtls/padlock.h
@@ -35,6 +35,7 @@
#endif
#include "mbedtls/aes.h"
+#include "mbedtls/platform_util.h"
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
@@ -75,6 +76,7 @@
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
+MBEDTLS_DEPRECATED
int mbedtls_padlock_has_support( int feature );
/**
@@ -90,6 +92,7 @@
*
* \return 0 if success, 1 if operation failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
@@ -110,6 +113,7 @@
*
* \return 0 if success, 1 if operation failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index 02a94af..5298fd1 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
/**
@@ -70,6 +71,7 @@
*
* \param ctx context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_pem_init( mbedtls_pem_context *ctx );
/**
@@ -94,6 +96,7 @@
*
* \return 0 on success, or a specific PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data,
const unsigned char *pwd,
@@ -104,6 +107,7 @@
*
* \param ctx context to be freed
*/
+MBEDTLS_DEPRECATED
void mbedtls_pem_free( mbedtls_pem_context *ctx );
#endif /* MBEDTLS_PEM_PARSE_C */
@@ -124,6 +128,7 @@
* MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
* size.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pem_write_buffer( const char *header, const char *footer,
const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen );
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index eedcfea..29be4ac 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -32,6 +32,7 @@
#endif
#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
@@ -159,6 +160,7 @@
* \warning You must make sure the PK context actually holds an RSA context
* before using this function!
*/
+MBEDTLS_DEPRECATED
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
{
return( (mbedtls_rsa_context *) (pk).pk_ctx );
@@ -172,6 +174,7 @@
* \warning You must make sure the PK context actually holds an EC context
* before using this function!
*/
+MBEDTLS_DEPRECATED
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
{
return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
@@ -199,6 +202,7 @@
*
* \return The PK info associated with the type or NULL if not found.
*/
+MBEDTLS_DEPRECATED
const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
/**
@@ -207,6 +211,7 @@
* \param ctx The context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_pk_init( mbedtls_pk_context *ctx );
/**
@@ -220,6 +225,7 @@
* key slot and you still need to call psa_destroy_key()
* independently if you want to destroy that key.
*/
+MBEDTLS_DEPRECATED
void mbedtls_pk_free( mbedtls_pk_context *ctx );
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -229,6 +235,7 @@
* \param ctx The context to initialize.
* This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
/**
@@ -237,6 +244,7 @@
* \param ctx The context to clear. It must have been initialized.
* If this is \c NULL, this function does nothing.
*/
+MBEDTLS_DEPRECATED
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
@@ -255,6 +263,7 @@
* \note For contexts holding an RSA-alt key, use
* \c mbedtls_pk_setup_rsa_alt() instead.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -286,6 +295,7 @@
* ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -305,6 +315,7 @@
*
* \note This function replaces \c mbedtls_pk_setup() for RSA-alt.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
mbedtls_pk_rsa_alt_sign_func sign_func,
@@ -318,6 +329,7 @@
*
* \return Key size in bits, or 0 on error
*/
+MBEDTLS_DEPRECATED
size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
/**
@@ -327,6 +339,7 @@
*
* \return Key length in bytes, or 0 on error
*/
+MBEDTLS_DEPRECATED
static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
{
return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
@@ -344,6 +357,7 @@
* been initialized but not set up, or that has been
* cleared with mbedtls_pk_free().
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
/**
@@ -370,6 +384,7 @@
*
* \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
@@ -394,6 +409,7 @@
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
@@ -429,6 +445,7 @@
* to a mbedtls_pk_rsassa_pss_options structure,
* otherwise it must be NULL.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
@@ -459,6 +476,7 @@
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
@@ -487,6 +505,7 @@
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
@@ -511,6 +530,7 @@
*
* \return 0 on success, or a specific error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
@@ -532,6 +552,7 @@
*
* \return 0 on success, or a specific error code.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
@@ -549,6 +570,7 @@
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
/**
@@ -559,6 +581,7 @@
*
* \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
/**
@@ -568,6 +591,7 @@
*
* \return Type name on success, or "invalid PK"
*/
+MBEDTLS_DEPRECATED
const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
/**
@@ -578,6 +602,7 @@
* \return Type on success.
* \return #MBEDTLS_PK_NONE for a context that has not been set up.
*/
+MBEDTLS_DEPRECATED
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
#if defined(MBEDTLS_PK_PARSE_C)
@@ -610,6 +635,7 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen );
@@ -636,6 +662,7 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen );
@@ -661,6 +688,7 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
const char *path, const char *password );
@@ -681,6 +709,7 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_PK_PARSE_C */
@@ -699,6 +728,7 @@
* \return length of data written if successful, or a specific
* error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
/**
@@ -714,6 +744,7 @@
* \return length of data written if successful, or a specific
* error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
#if defined(MBEDTLS_PEM_WRITE_C)
@@ -727,6 +758,7 @@
*
* \return 0 if successful, or a specific error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
/**
@@ -739,6 +771,7 @@
*
* \return 0 if successful, or a specific error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PK_WRITE_C */
@@ -759,6 +792,7 @@
*
* \return 0 if successful, or a specific PK error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
mbedtls_pk_context *pk );
#endif /* MBEDTLS_PK_PARSE_C */
@@ -774,6 +808,7 @@
*
* \return the length written or a negative error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
const mbedtls_pk_context *key );
#endif /* MBEDTLS_PK_WRITE_C */
@@ -783,6 +818,7 @@
* know you do.
*/
#if defined(MBEDTLS_FS_IO)
+MBEDTLS_DEPRECATED
int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
#endif
@@ -806,6 +842,7 @@
* \return \c 0 if successful.
* \return An Mbed TLS error code otherwise.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
psa_key_handle_t *slot,
psa_algorithm_t hash_alg );
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 9d42d7f..0934bee 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -31,6 +31,7 @@
#endif
#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
#include "mbedtls/cipher.h"
#include "mbedtls/asn1.h"
@@ -68,6 +69,7 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len,
@@ -89,6 +91,7 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
@@ -118,6 +121,7 @@
*
* \return 0 if successful, or a MD, BIGNUM type error.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen,
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index bbec7e7..ffe7060 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -65,6 +65,7 @@
*
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen,
@@ -86,6 +87,7 @@
*
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count,
@@ -98,6 +100,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_pkcs5_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
index 05866a2..0afd049 100644
--- a/include/mbedtls/poly1305.h
+++ b/include/mbedtls/poly1305.h
@@ -39,6 +39,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stdint.h>
#include <stddef.h>
@@ -87,6 +88,7 @@
* \param ctx The Poly1305 context to initialize. This must
* not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
/**
@@ -97,6 +99,7 @@
* case this function is a no-op. If it is not \c NULL, it must
* point to an initialized Poly1305 context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
/**
@@ -112,6 +115,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
const unsigned char key[32] );
@@ -133,6 +137,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -149,6 +154,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
unsigned char mac[16] );
@@ -170,6 +176,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_poly1305_mac( const unsigned char key[32],
const unsigned char *input,
size_t ilen,
@@ -182,6 +189,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_poly1305_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 4a83ec4..1a84ce8 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -67,6 +67,7 @@
*
* \param ctx RIPEMD-160 context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
/**
@@ -74,6 +75,7 @@
*
* \param ctx RIPEMD-160 context to be cleared
*/
+MBEDTLS_DEPRECATED
void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
/**
@@ -82,6 +84,7 @@
* \param dst The destination context
* \param src The context to be cloned
*/
+MBEDTLS_DEPRECATED
void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
const mbedtls_ripemd160_context *src );
@@ -92,6 +95,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
/**
@@ -103,6 +107,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -115,6 +120,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
unsigned char output[20] );
@@ -188,6 +194,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_ripemd160_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] );
@@ -214,6 +221,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_ripemd160_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 840540b..8e073cd 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -38,6 +38,7 @@
#include "mbedtls/bignum.h"
#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h"
@@ -165,6 +166,7 @@
* \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused
* otherwise.
*/
+MBEDTLS_DEPRECATED
void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
int padding,
int hash_id );
@@ -198,6 +200,7 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
const mbedtls_mpi *N,
const mbedtls_mpi *P, const mbedtls_mpi *Q,
@@ -237,6 +240,7 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
unsigned char const *N, size_t N_len,
unsigned char const *P, size_t P_len,
@@ -276,6 +280,7 @@
* failed.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
/**
@@ -318,6 +323,7 @@
* \return A non-zero return code on any other failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
mbedtls_mpi *D, mbedtls_mpi *E );
@@ -369,6 +375,7 @@
* functionality or because of security policies.
* \return A non-zero return code on any other failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
unsigned char *N, size_t N_len,
unsigned char *P, size_t P_len,
@@ -395,6 +402,7 @@
* \return A non-zero error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
@@ -407,6 +415,7 @@
* #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21.
* \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier.
*/
+MBEDTLS_DEPRECATED
void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
int hash_id );
@@ -418,6 +427,7 @@
* \return The length of the RSA modulus in Bytes.
*
*/
+MBEDTLS_DEPRECATED
size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
/**
@@ -438,6 +448,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -457,6 +468,7 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
/**
@@ -495,6 +507,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
/**
@@ -508,6 +521,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
const mbedtls_rsa_context *prv );
@@ -530,6 +544,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
const unsigned char *input,
unsigned char *output );
@@ -565,6 +580,7 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -610,6 +626,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -651,6 +668,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -696,6 +714,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -749,6 +768,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -799,6 +819,7 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -853,6 +874,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -912,6 +934,7 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -959,6 +982,7 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1020,6 +1044,7 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1073,6 +1098,7 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1119,6 +1145,7 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1176,6 +1203,7 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1224,6 +1252,7 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
@@ -1244,6 +1273,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
/**
@@ -1253,6 +1283,7 @@
* this function is a no-op. If it is not \c NULL, it must
* point to an initialized RSA context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
#if defined(MBEDTLS_SELF_TEST)
@@ -1263,6 +1294,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_rsa_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 3b2e8b9..ca279cf 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -85,6 +85,7 @@
* This must not be \c NULL.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
/**
@@ -100,6 +101,7 @@
* SHA-1 context.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
/**
@@ -113,6 +115,7 @@
* \param src The SHA-1 context to clone from. This must be initialized.
*
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src );
@@ -129,6 +132,7 @@
* \return A negative error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
/**
@@ -148,6 +152,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -168,6 +173,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] );
@@ -284,6 +290,7 @@
* \return A negative error code on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha1_ret( const unsigned char *input,
size_t ilen,
unsigned char output[20] );
@@ -329,6 +336,7 @@
* \return \c 1 on failure.
*
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha1_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 4a97e45..6305f8c 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -76,6 +76,7 @@
*
* \param ctx The SHA-256 context to initialize. This must not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
/**
@@ -85,6 +86,7 @@
* case this function returns immediately. If it is not \c NULL,
* it must point to an initialized SHA-256 context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
/**
@@ -93,6 +95,7 @@
* \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src );
@@ -107,6 +110,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
/**
@@ -122,6 +126,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -138,6 +143,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] );
@@ -233,6 +239,7 @@
* \param is224 Determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha256_ret( const unsigned char *input,
size_t ilen,
unsigned char output[32],
@@ -273,6 +280,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha256_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index e325d63..182dc25 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -76,6 +76,7 @@
* \param ctx The SHA-512 context to initialize. This must
* not be \c NULL.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
/**
@@ -86,6 +87,7 @@
* is not \c NULL, it must point to an initialized
* SHA-512 context.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
/**
@@ -94,6 +96,7 @@
* \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized.
*/
+MBEDTLS_DEPRECATED
void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
const mbedtls_sha512_context *src );
@@ -108,6 +111,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
/**
@@ -123,6 +127,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen );
@@ -154,6 +159,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -237,6 +243,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha512_ret( const unsigned char *input,
size_t ilen,
unsigned char output[64],
@@ -277,6 +284,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
+MBEDTLS_DEPRECATED
int mbedtls_sha512_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
index 2dc0afc..398bc11 100644
--- a/include/mbedtls/xtea.h
+++ b/include/mbedtls/xtea.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
#include <stdint.h>
@@ -67,6 +68,7 @@
*
* \param ctx XTEA context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
/**
@@ -74,6 +76,7 @@
*
* \param ctx XTEA context to be cleared
*/
+MBEDTLS_DEPRECATED
void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
/**
@@ -82,6 +85,7 @@
* \param ctx XTEA context to be initialized
* \param key the secret key
*/
+MBEDTLS_DEPRECATED
void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
/**
@@ -94,6 +98,7 @@
*
* \return 0 if successful
*/
+MBEDTLS_DEPRECATED
int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
int mode,
const unsigned char input[8],
@@ -113,6 +118,7 @@
* \return 0 if successful,
* MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
*/
+MBEDTLS_DEPRECATED
int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
int mode,
size_t length,
@@ -128,6 +134,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
+MBEDTLS_DEPRECATED
int mbedtls_xtea_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST */