Lines Matching +full:ts +full:- +full:inv
1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "OSSL-GUIDE-MIGRATION 7ossl"
58 .TH OSSL-GUIDE-MIGRATION 7ossl 2025-09-30 3.5.4 OpenSSL
64 ossl\-guide\-migration, migration_guide
65 \&\- OpenSSL Guide: Migrating from older OpenSSL versions
80 The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
113 licenses <https://www.openssl.org/source/license-openssl-ssleay.txt>
115 Apache License v2 <https://www.openssl.org/source/apache-license-2.0.txt>.
133 at configuration time using the \f(CW\*(C`enable\-fips\*(C'\fR option. If it is enabled,
182 See \fBOSSL_PROVIDER\-legacy\fR\|(7) for a complete list of algorithms.
212 Engine-backed keys can be loaded via custom \fBOSSL_STORE\fR implementation.
217 To prefer the provider-based hardware offload, you can specify the default
220 Setting engine-based or application-based default low-level crypto method such
222 default provider will use the engine-based implementation for the crypto
224 \&\fBPEM_\fR or \fBd2i_\fR APIs will be provider-based. To create a fully legacy
252 See \fBopenssl\-cmp\fR\|(1) and \fBOSSL_CMP_exec_certreq\fR\|(3) as starting points.
258 ASN.1\-encoded contents, proxies, and timeouts.
265 Previously KDF algorithms had been shoe-horned into using the EVP_PKEY object
271 See also "Key Derivation Function (KDF)" in \fBOSSL_PROVIDER\-default\fR\|(7) and
272 "Key Derivation Function (KDF)" in \fBOSSL_PROVIDER\-FIPS\fR\|(7).
284 See also "Message Authentication Code (MAC)" in \fBOSSL_PROVIDER\-default\fR\|(7)
285 and "Message Authentication Code (MAC)" in \fBOSSL_PROVIDER\-FIPS\fR\|(7).
301 \&\f(CW\*(C`enable\-ktls\*(C'\fR configuration option. It must also be enabled at run time using
309 See \fBEVP_KDF\-SS\fR\|(7) and \fBEVP_KDF\-SSHKDF\fR\|(7)
313 See \fBEVP_MAC\-GMAC\fR\|(7) and \fBEVP_MAC\-KMAC\fR\|(7).
317 See \fBEVP_KEM\-RSA\fR\|(7).
319 Cipher Algorithm "AES-SIV"
326 unwrapping. The algorithms are: "AES\-128\-WRAP\-INV", "AES\-192\-WRAP\-INV",
327 "AES\-256\-WRAP\-INV", "AES\-128\-WRAP\-PAD\-INV", "AES\-192\-WRAP\-PAD\-INV" and
328 "AES\-256\-WRAP\-PAD\-INV".
332 The algorithms are "AES\-128\-CBC\-CTS", "AES\-192\-CBC\-CTS", "AES\-256\-CBC\-CTS",
333 "CAMELLIA\-128\-CBC\-CTS", "CAMELLIA\-192\-CBC\-CTS" and "CAMELLIA\-256\-CBC\-CTS".
339 Added CAdES-BES signature verification support.
341 Added CAdES-BES signature scheme and attributes support (RFC 5126) to CMS API.
345 This uses the AES-GCM parameter (RFC 5084) for the Cryptographic Message Syntax.
357 with the password-based encryption iteration count. The default digest
358 algorithm for the MAC computation was changed to SHA\-256. The pkcs12
359 application now supports \-legacy option that restores the previous
388 See \fBEVP_KDF\-PKCS12KDF\fR\|(7), \fBPKCS12_create\fR\|(3), \fBopenssl\-pkcs12\fR\|(1),
389 \&\fBOSSL_PROVIDER\-FIPS\fR\|(7).
403 configured with the \f(CW\*(C`enable\-trace\*(C'\fR option.
414 Previously (in 1.1.1) they would return \-2. For key types that do not have
428 The type-safe wrappers are declared everywhere and implemented once.
449 The Miller-Rabin test now uses 64 rounds, which is used for all prime generation,
452 The default key generation method for the regular 2\-prime RSA keys was changed
453 to the FIPS186\-4 B.3.6 method (Generation of Probable Primes with Conditions
457 Change PBKDF2 to conform to SP800\-132 instead of the older PKCS5 RFC2898
458 .IX Subsection "Change PBKDF2 to conform to SP800-132 instead of the older PKCS5 RFC2898"
466 \&\fBEVP_KDF\-PBKDF2\fR\|(7). The parameter can be set using \fBEVP_KDF_derive\fR\|(3).
491 In particular, a private scalar \fIk\fR outside the range \fI1 <= k < n\-1\fR is
505 OpenSSL 3.0. Previously they returned a pointer to the low-level key used
518 treated as read-only. To emphasise this the value returned from
525 and \fBEVP_PKEY_get1_DH\fR\|(3) functions continue to return a non-const pointer to
526 enable them to be "freed". However they should also be treated as read-only.
541 observed in 1.1.1 and 3.0. This also applies to the \fB\-text\fR output from the
552 One significant change is that controls which used to return \-2 for
553 invalid inputs, now return \-1 indicating a generic error condition instead.
559 result in errors. See \fBEVP_PKEY\-DH\fR\|(7) for further details. This affects the
560 behaviour of \fBopenssl\-genpkey\fR\|(1) for DH parameter generation.
588 ChaCha20\-Poly1305 cipher does not allow a truncated IV length to be used
589 .IX Subsection "ChaCha20-Poly1305 cipher does not allow a truncated IV length to be used"
622 Password-protected keys may deserve special attention. If only some errors
688 See \fBfips_module\fR\|(7) and \fBOSSL_PROVIDER\-FIPS\fR\|(7) for details.
693 README-FIPS <https://github.com/openssl/openssl/blob/master/README-FIPS.md> file.
714 Using a Library Context \- Old functions that should be changed
715 .IX Subsection "Using a Library Context - Old functions that should be changed"
940 Providers are a replacement for engines and low-level method overrides
941 .IX Subsection "Providers are a replacement for engines and low-level method overrides"
950 Deprecated i2d and d2i functions for low-level key types
951 .IX Subsection "Deprecated i2d and d2i functions for low-level key types"
953 Any i2d and d2i functions such as \fBd2i_DHparams()\fR that take a low-level key type
958 Deprecated low-level key object getters and setters
959 .IX Subsection "Deprecated low-level key object getters and setters"
961 Applications that set or get low-level key objects (such as \fBEVP_PKEY_set1_DH()\fR
966 Deprecated low-level key parameter getters
967 .IX Subsection "Deprecated low-level key parameter getters"
969 Functions that access low-level objects directly such as \fBRSA_get0_n\fR\|(3) are now
979 "Common RSA parameters" in \fBEVP_PKEY\-RSA\fR\|(7),
980 "Common EC parameters" in \fBEVP_PKEY\-EC\fR\|(7),
981 "DSA parameters" in \fBEVP_PKEY\-DSA\fR\|(7),
982 "DH parameters" in \fBEVP_PKEY\-DH\fR\|(7),
983 "FFC parameters" in \fBEVP_PKEY\-FFC\fR\|(7),
984 "Common X25519, X448, ED25519 and ED448 parameters" in \fBEVP_PKEY\-X25519\fR\|(7),
985 "Common parameters" in \fBEVP_PKEY\-ML\-DSA\fR\|(7),
987 "Common parameters" in \fBEVP_PKEY\-ML\-KEM\fR\|(7).
990 Deprecated low-level key parameter setters
991 .IX Subsection "Deprecated low-level key parameter setters"
993 Functions that access low-level objects directly such as \fBRSA_set0_crt_params\fR\|(3)
998 See "Examples" in \fBEVP_PKEY\-DH\fR\|(7) for more information.
999 See "Deprecated low-level key generation functions" for information on
1002 Deprecated low-level object creation
1003 .IX Subsection "Deprecated low-level object creation"
1005 Low-level objects were created using methods such as \fBRSA_new\fR\|(3),
1007 high-level EVP_PKEY APIs, e.g. \fBEVP_PKEY_new\fR\|(3), \fBEVP_PKEY_up_ref\fR\|(3) and
1012 See also "Deprecated low-level key generation functions",
1013 "Deprecated low-level key reading and writing functions" and
1014 "Deprecated low-level key parameter setters".
1016 Deprecated low-level encryption functions
1017 .IX Subsection "Deprecated low-level encryption functions"
1019 Low-level encryption functions such as \fBAES_encrypt\fR\|(3) and \fBAES_decrypt\fR\|(3)
1025 Deprecated low-level digest functions
1026 .IX Subsection "Deprecated low-level digest functions"
1028 Use of low-level digest functions such as \fBSHA1_Init\fR\|(3) have been
1031 and \fBEVP_DigestFinal_ex\fR\|(3), or the quick one-shot \fBEVP_Q_digest\fR\|(3).
1036 Deprecated low-level signing functions
1037 .IX Subsection "Deprecated low-level signing functions"
1039 Use of low-level signing functions such as \fBDSA_sign\fR\|(3) have been
1042 See also \fBEVP_SIGNATURE\-RSA\fR\|(7), \fBEVP_SIGNATURE\-DSA\fR\|(7),
1043 \&\fBEVP_SIGNATURE\-ECDSA\fR\|(7) and \fBEVP_SIGNATURE\-ED25519\fR\|(7).
1045 Deprecated low-level MAC functions
1046 .IX Subsection "Deprecated low-level MAC functions"
1048 Low-level mac functions such as \fBCMAC_Init\fR\|(3) are deprecated.
1051 \&\fBEVP_MAC_update\fR\|(3) and \fBEVP_MAC_final\fR\|(3) or the single-shot MAC function
1053 See \fBEVP_MAC\fR\|(3), \fBEVP_MAC\-HMAC\fR\|(7), \fBEVP_MAC\-CMAC\fR\|(7), \fBEVP_MAC\-GMAC\fR\|(7…
1054 \&\fBEVP_MAC\-KMAC\fR\|(7), \fBEVP_MAC\-BLAKE2\fR\|(7), \fBEVP_MAC\-Poly1305\fR\|(7) and
1055 \&\fBEVP_MAC\-Siphash\fR\|(7) for additional information.
1057 Note that the one-shot method \fBHMAC()\fR is still available for compatibility purposes,
1060 Deprecated low-level validation functions
1061 .IX Subsection "Deprecated low-level validation functions"
1063 Low-level validation functions such as \fBDH_check\fR\|(3) have been informally
1064 discouraged from use for a long time. Applications should instead use the high-level
1070 Deprecated low-level key exchange functions
1071 .IX Subsection "Deprecated low-level key exchange functions"
1073 Many low-level functions have been informally discouraged from use for a long
1075 See \fBEVP_KEYEXCH\-DH\fR\|(7), \fBEVP_KEYEXCH\-ECDH\fR\|(7) and \fBEVP_KEYEXCH\-X25519\fR\|(7).
1077 Deprecated low-level key generation functions
1078 .IX Subsection "Deprecated low-level key generation functions"
1080 Many low-level functions have been informally discouraged from use for a long
1082 \&\fBEVP_PKEY_generate\fR\|(3) as described in \fBEVP_PKEY\-DSA\fR\|(7), \fBEVP_PKEY\-DH\fR\|(7),
1083 \&\fBEVP_PKEY\-RSA\fR\|(7), \fBEVP_PKEY\-EC\fR\|(7) and \fBEVP_PKEY\-X25519\fR\|(7).
1084 The 'quick' one-shot function \fBEVP_PKEY_Q_keygen\fR\|(3) and macros for the most
1087 Deprecated low-level key reading and writing functions
1088 .IX Subsection "Deprecated low-level key reading and writing functions"
1090 Use of low-level objects (such as DSA) has been informally discouraged from use
1091 for a long time. Functions to read and write these low-level objects (such as
1095 Deprecated low-level key printing functions
1096 .IX Subsection "Deprecated low-level key printing functions"
1098 Use of low-level objects (such as DSA) has been informally discouraged from use
1099 for a long time. Functions to print these low-level objects such as
1117 Bi-directional IGE mode. These modes were never formally standardised and
1129 See "Deprecated low-level encryption functions"
1149 See "Deprecated low-level encryption functions".
1158 Use the respective non-deprecated \fB_ex()\fR functions.
1163 64 rounds of the Miller-Rabin primality test.
1171 There are no replacements for these low-level functions. They were used internally
1180 See "Deprecated low-level encryption functions".
1185 See "Deprecated low-level encryption functions".
1191 See "Deprecated low-level MAC functions".
1195 See "Deprecated low-level MAC functions".
1202 Memory-leak checking has been deprecated in favor of more modern development
1214 See "EXAMPLES" in \fBEVP_EncryptInit\fR\|(3) for a AES\-256\-CBC\-CTS example.
1226 See "Deprecated i2d and d2i functions for low-level key types"
1231 See "Deprecated low-level key parameter setters"
1243 See "Deprecated low-level encryption functions".
1244 Algorithms for "DESX-CBC", "DES-ECB", "DES-CBC", "DES-OFB", "DES-CFB",
1245 "DES\-CFB1" and "DES\-CFB8" have been moved to the Legacy Provider.
1255 See "Deprecated low-level validation functions"
1266 See "Deprecated low-level key exchange functions".
1270 See "Deprecated low-level object creation"
1274 See "Deprecated low-level key generation functions".
1279 See "Deprecated low-level key parameter getters"
1284 "DH parameters" in \fBEVP_PKEY\-DH\fR\|(7)) to one of "dh_1024_160", "dh_2048_224" or
1295 See "Providers are a replacement for engines and low-level method overrides"
1299 See "Deprecated low-level key printing functions"
1303 See "Deprecated low-level key parameter setters"
1317 See "Deprecated low-level key generation functions".
1323 See "Providers are a replacement for engines and low-level method overrides".
1328 See "Deprecated low-level key parameter getters".
1332 See "Deprecated low-level object creation"
1341 See "Deprecated low-level key printing functions"
1345 See "Deprecated low-level key parameter setters"
1353 See "Deprecated low-level signing functions".
1357 See "Deprecated low-level key exchange functions".
1363 "kdf-type" as shown in "EXAMPLES" in \fBEVP_KEYEXCH\-ECDH\fR\|(7)
1368 See "Deprecated low-level signing functions".
1399 EC_METHOD is now an internal-only concept and a suitable EC_METHOD is assigned
1409 See "Deprecated low-level validation functions"
1413 See "Common EC parameters" in \fBEVP_PKEY\-EC\fR\|(7) which handles flags as separate
1418 See also "EXAMPLES" in \fBEVP_PKEY\-EC\fR\|(7)
1431 See "Deprecated low-level key generation functions".
1436 See "Deprecated low-level key parameter getters".
1443 See "Providers are a replacement for engines and low-level method overrides"
1448 See "Providers are a replacement for engines and low-level method overrides"
1457 See "Deprecated low-level object creation"
1461 See "Deprecated low-level key printing functions"
1465 See "Deprecated low-level key parameter setters".
1470 See "Deprecated low-level key parameter setters".
1475 See "Deprecated low-level key printing functions"
1480 formats are not individual big-endian integers.
1511 See "Providers are a replacement for engines and low-level method overrides".
1537 See "Providers are a replacement for engines and low-level method overrides".
1549 See the "kdf-ukm" item in "DH key exchange parameters" in \fBEVP_KEYEXCH\-DH\fR\|(7) and
1550 "ECDH Key Exchange parameters" in \fBEVP_KEYEXCH\-ECDH\fR\|(7).
1579 See "Providers are a replacement for engines and low-level method overrides".
1583 See "Deprecated low-level MAC functions".
1588 See "Deprecated low-level key object getters and setters"
1601 See "Providers are a replacement for engines and low-level method overrides".
1610 See "Deprecated low-level MAC functions".
1615 See "Deprecated low-level MAC functions".
1619 See "Deprecated low-level key reading and writing functions"
1626 See "Deprecated low-level key reading and writing functions"
1633 See "Deprecated low-level key reading and writing functions"
1639 See "Deprecated low-level key parameter getters"
1645 See "Deprecated low-level key reading and writing functions"
1652 See "Deprecated low-level encryption functions".
1661 See "Deprecated low-level encryption functions".
1670 See "Deprecated low-level encryption functions".
1675 See "Deprecated low-level encryption functions".
1680 See "Deprecated low-level encryption functions".
1716 provider implementations, see \fBprovider\-storemgmt\fR\|(7).
1735 See "Deprecated low-level key reading and writing functions"
1739 See "Deprecated low-level encryption functions".
1754 See "Deprecated low-level encryption functions".
1760 See "Deprecated low-level digest functions".
1770 See "Deprecated low-level validation functions"
1783 See "Deprecated low-level key generation functions".
1787 See "Providers are a replacement for engines and low-level method overrides"
1795 See "Deprecated low-level key parameter getters"
1799 See "Deprecated low-level object creation".
1803 See "Providers are a replacement for engines and low-level method overrides".
1811 See "Providers are a replacement for engines and low-level method overrides".
1815 See "Deprecated low-level signing functions" and
1816 "Deprecated low-level encryption functions".
1820 See "Deprecated low-level key printing functions"
1824 See "Deprecated low-level encryption functions"
1829 mode of none). See "Deprecated low-level signing functions".
1837 See "Deprecated low-level key reading and writing functions"
1842 See "Deprecated low-level key parameter setters".
1846 See "Providers are a replacement for engines and low-level method overrides"
1852 See "Deprecated low-level signing functions".
1857 X931 padding can be set using "Signature Parameters" in \fBEVP_SIGNATURE\-RSA\fR\|(7).
1863 See "Deprecated low-level encryption functions".
1872 See "Deprecated low-level digest functions".
1886 These are used to set the Diffie-Hellman (DH) parameters that are to be used by
1888 the built-in DH parameters that are available by calling \fBSSL_CTX_set_dh_auto\fR\|(3)
1893 parameters for export and non-export ciphersuites. Export ciphersuites are no
1904 See "Deprecated low-level digest functions".
1927 \&\fBEVP_PKEY_get_id\fR\|(3) might now also return the value \-1
1934 See \fBfips_module\fR\|(7) and \fBOSSL_PROVIDER\-FIPS\fR\|(7) for details.
1946 \&\fB\-provider_path\fR and \fB\-provider\fR are available to all apps and can be used
1949 specified if required. The \fB\-provider_path\fR must be specified before the
1950 \&\fB\-provider\fR option.
1952 The \fBlist\fR app has many new options. See \fBopenssl\-list\fR\|(1) for more
1955 \&\fB\-crl_lastupdate\fR and \fB\-crl_nextupdate\fR used by \fBopenssl ca\fR allows
1963 The \fB\-crypt\fR option used by \fBopenssl passwd\fR.
1964 The \fB\-c\fR option used by \fBopenssl x509\fR, \fBopenssl dhparam\fR,
1982 \&\fBopenssl speed\fR no longer uses low-level API calls.
1994 "SHA256" is now the default digest for TS query used by \fBopenssl ts\fR.
2039 Client-initiated renegotiation is disabled by default.
2041 To allow it, use the \fB\-client_renegotiation\fR option,
2053 Combining the Configure options no-ec and no-dh no longer disables TLSv1.3
2058 implementations even where there are no built-in ones. Attempting to create
2061 can be disabled at compile time using the "no\-tls1_3" Configure option.
2100 leaf certificate is signed with SHA\-1, a call to \fBSSL_CTX_use_certificate\fR\|(3)
2102 Outside TLS/SSL, the default security level is \-1 (effectively 0). It can
2103 be set using \fBX509_VERIFY_PARAM_set_auth_level\fR\|(3) or using the \fB\-auth_level\fR
2113 Copyright 2021\-2025 The OpenSSL Project Authors. All Rights Reserved.