Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ingela/crypto/public key/deprecation revert/otp 19163 #8700

Merged
merged 4 commits into from
Aug 8, 2024
Merged

Ingela/crypto/public key/deprecation revert/otp 19163 #8700

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
89ba389
Revert "public_key, crypto: Deprecate legacy functions"
IngelaAndin Jul 8, 2024
6aa42c8
Revert otp_internal obsolete entries
IngelaAndin Aug 7, 2024
6ee0cbf
public_key, crypto: Change from deprecated to legacy that is not reco…
IngelaAndin Jul 8, 2024
5de483d
crypto: Remove documentation of legacy SSL protocol specific padding.
IngelaAndin Aug 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 15 additions & 22 deletions lib/crypto/src/crypto.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ end
{function,<<"Random API">>},
{function,<<"Utility Functions">>},
{function,<<"Engine API">>},
{function,<<"Deprecated API">>},
{function,<<"Legacy RSA Encryption API">>},
{type,<<"Ciphers">>},
{type,<<"Digests and hash">>},
{type,<<"Elliptic Curves">>},
Expand Down Expand Up @@ -193,11 +193,7 @@ end
%%%----------------------------------------------------------------
%% Deprecated functions
-deprecated([{private_encrypt, 4, "use public_key:sign/3 instead"},
{private_decrypt, 4, "do not use"},
{public_encrypt, 4, "do not use"},
{public_decrypt, 4, "use public_key:verify/4 instead"}
]).
%%%----------------------------------------------------------------
%% Removed functions.
%%
Expand Down Expand Up @@ -2572,7 +2568,6 @@ Options for public key encrypt/decrypt. Only RSA is supported.
-doc(#{title => <<"Public Key Ciphers">>}).
-type rsa_padding() :: rsa_pkcs1_padding
| rsa_pkcs1_oaep_padding
| rsa_sslv23_padding
| rsa_x931_padding
| rsa_no_padding.

Expand All @@ -2597,11 +2592,10 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons do not use.
> This is a legacy function, for security reasons do not use together with rsa_pkcs1_padding.
""".
-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Do not use",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R16B01">>}).
-spec public_encrypt(Algorithm, PlainText, PublicKey, Options) ->
CipherText when Algorithm :: pk_encrypt_decrypt_algs(),
Expand All @@ -2627,12 +2621,11 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons do not use.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
""".

-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Do not use",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R16B01">>}).
-spec private_decrypt(Algorithm, CipherText, PrivateKey, Options) ->
PlainText when Algorithm :: pk_encrypt_decrypt_algs(),
Expand All @@ -2659,13 +2652,13 @@ Public-key decryption using the private key. See also `crypto:private_decrypt/4`
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons use [`sign/4`](`sign/4`) together
> with [`verify/5`](`verify/5`) instead.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
> For digital signatures use of [`sign/4`](`sign/4`) together
> with [`verify/5`](`verify/5`) is the prefered solution.
""".
-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Use sign and verify instead",
since => <<"OTP R16B01">>}).
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R16B01">>}).
-spec private_encrypt(Algorithm, PlainText, PrivateKey, Options) ->
CipherText when Algorithm :: pk_encrypt_decrypt_algs(),
PlainText :: binary(),
Expand All @@ -2690,12 +2683,12 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons use [`verify/5`](`verify/5`) together
> with [`sign/4`](`sign/4`) instead.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
> For digital signatures use of [`verify/5`](`verify/5`) together
> with [`sign/4`](`sign/4`) is the prefered solution.
""".
-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Use verify and sign instead",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R16B01">>}).
-spec public_decrypt(Algorithm, CipherText, PublicKey, Options) ->
PlainText when Algorithm :: pk_encrypt_decrypt_algs(),
Expand Down
51 changes: 17 additions & 34 deletions lib/public_key/src/public_key.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ macros described here and in the User's Guide:
{function,<<"Certificate Revocation API">>},
{function,<<"ASN.1 Encoding API">>},
{function,<<"Test Data API">>},
{function,<<"Deprecated API">>}
{function,<<"Legacy RSA Encryption API">>}
]}).

-feature(maybe_expr,enable).
Expand Down Expand Up @@ -110,17 +110,6 @@ macros described here and in the User's Guide:

%%----------------
%% Moved to ssh

-deprecated([{encrypt_private, 2, "use public_key:sign/3 instead"},
{encrypt_private, 3, "use public_key:sign 4 instead"},
{decrypt_private, 2, "do not use"},
{decrypt_private, 3, "do not use"},
{encrypt_public, 2, "do not use"},
{encrypt_public, 3, "do not use"},
{decrypt_public, 2, "use public_key:verify/4 instead"},
{decrypt_public, 3, "use public_key:verify/5 instead"}
]).

-removed([{ssh_decode,2, "use ssh_file:decode/2 instead"},
{ssh_encode,2, "use ssh_file:encode/2 instead"},
{ssh_hostkey_fingerprint,1, "use ssh:hostkey_fingerprint/1 instead"},
Expand Down Expand Up @@ -825,8 +814,7 @@ pkix_encode(Asn1Type, Term0, otp) when is_atom(Asn1Type) ->

%%--------------------------------------------------------------------
-doc(#{equiv => decrypt_private(CipherText, Key, []),
deprecated => ~"Do not use",
title => <<"Deprecated API">>,
title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-spec decrypt_private(CipherText, Key) ->
PlainText when CipherText :: binary(),
Expand All @@ -835,15 +823,14 @@ pkix_encode(Asn1Type, Term0, otp) when is_atom(Asn1Type) ->
decrypt_private(CipherText, Key) ->
decrypt_private(CipherText, Key, []).

-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Do not use",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-doc """
Public-key decryption using the private key. See also `crypto:private_decrypt/4`
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons do not use.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
""".
-spec decrypt_private(CipherText, Key, Options) ->
PlainText when CipherText :: binary(),
Expand All @@ -861,8 +848,7 @@ decrypt_private(CipherText,
%% Description: Public key decryption using the public key.
%%--------------------------------------------------------------------
-doc(#{equiv => decrypt_public(CipherText, Key, []),
deprecated => ~"Use sign and verify instead",
title => <<"Deprecated API">>,
title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-spec decrypt_public(CipherText, Key) ->
PlainText
Expand All @@ -872,17 +858,16 @@ decrypt_private(CipherText,
decrypt_public(CipherText, Key) ->
decrypt_public(CipherText, Key, []).

-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Use sign and verify instead",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-doc """
Public-key decryption using the public key. See also `crypto:public_decrypt/4`
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons use [`verify/4`](`verify/4`) together
> with [`sign/3`](`sign/3`) instead.
.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
> For digital signatures the use of [`verify/4`](`verify/4`) together
> with [`sign/3`](`sign/3`) is a prefered solution.
""".
-spec decrypt_public(CipherText, Key, Options) ->
PlainText
Expand All @@ -898,8 +883,7 @@ decrypt_public(CipherText, #'RSAPublicKey'{modulus = N, publicExponent = E},
%% Description: Public key encryption using the public key.
%%--------------------------------------------------------------------
-doc(#{equiv => encrypt_public(PlainText, Key, []),
deprecated => ~"Do not use",
title => <<"Deprecated API">>,
title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-spec encrypt_public(PlainText, Key) ->
CipherText
Expand All @@ -909,15 +893,14 @@ decrypt_public(CipherText, #'RSAPublicKey'{modulus = N, publicExponent = E},
encrypt_public(PlainText, Key) ->
encrypt_public(PlainText, Key, []).

-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Do not use",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP 21.1">>}).
-doc """
Public-key encryption using the public key. See also `crypto:public_encrypt/4`.
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons do not use.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
""".
-spec encrypt_public(PlainText, Key, Options) ->
CipherText
Expand All @@ -931,8 +914,7 @@ encrypt_public(PlainText, #'RSAPublicKey'{modulus=N,publicExponent=E},

%%--------------------------------------------------------------------
-doc(#{equiv => encrypt_private(PlainText, Key, []),
deprecated => ~"Use sign and verify instead",
title => <<"Deprecated API">>,
title => <<"Legacy RSA Encryption API">>,
since => <<"OTP R14B">>}).
-spec encrypt_private(PlainText, Key) ->
CipherText
Expand All @@ -942,8 +924,7 @@ encrypt_public(PlainText, #'RSAPublicKey'{modulus=N,publicExponent=E},
encrypt_private(PlainText, Key) ->
encrypt_private(PlainText, Key, []).

-doc(#{title => <<"Deprecated API">>,
deprecated => ~"Use sign and verify instead",
-doc(#{title => <<"Legacy RSA Encryption API">>,
since => <<"OTP 21.1">>}).
-doc """
Public-key encryption using the private key.
Expand All @@ -956,7 +937,9 @@ or trusted platform modules (TPM).
> #### Warning {: .warning }
>
> This is a legacy function, for security reasons use [`sign/3`](`sign/3`) together with [`verify/4`](`verify/4`) instead.
> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
> For digital signatures use of [`sign/3`](`sign/3`) together with [`verify/4`](`verify/4`) is
> the prefered solution.
""".
-spec encrypt_private(PlainText, Key, Options) ->
CipherText
Expand Down
24 changes: 0 additions & 24 deletions lib/stdlib/src/otp_internal.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,6 @@ obsolete(calendar, local_time_to_universal_time, 1) ->
{deprecated, "use calendar:local_time_to_universal_time_dst/1 instead"};
obsolete(code, lib_dir, 2) ->
{deprecated, "this functionality will be removed in a future release"};
obsolete(crypto, private_decrypt, 4) ->
{deprecated, "do not use"};
obsolete(crypto, private_encrypt, 4) ->
{deprecated, "use public_key:sign/3 instead"};
obsolete(crypto, public_decrypt, 4) ->
{deprecated, "use public_key:verify/4 instead"};
obsolete(crypto, public_encrypt, 4) ->
{deprecated, "do not use"};
obsolete(crypto, rand_uniform, 2) ->
{deprecated, "use rand:uniform/1 instead"};
obsolete(dbg, stop_clear, 0) ->
Expand All @@ -70,22 +62,6 @@ obsolete(net, ping, 1) ->
{deprecated, "use net_adm:ping/1 instead"};
obsolete(net, sleep, 1) ->
{deprecated, "use 'receive after T -> ok end' instead"};
obsolete(public_key, decrypt_private, 2) ->
{deprecated, "do not use"};
obsolete(public_key, decrypt_private, 3) ->
{deprecated, "do not use"};
obsolete(public_key, decrypt_public, 2) ->
{deprecated, "use public_key:verify/4 instead"};
obsolete(public_key, decrypt_public, 3) ->
{deprecated, "use public_key:verify/5 instead"};
obsolete(public_key, encrypt_private, 2) ->
{deprecated, "use public_key:sign/3 instead"};
obsolete(public_key, encrypt_private, 3) ->
{deprecated, "use public_key:sign 4 instead"};
obsolete(public_key, encrypt_public, 2) ->
{deprecated, "do not use"};
obsolete(public_key, encrypt_public, 3) ->
{deprecated, "do not use"};
obsolete(queue, lait, 1) ->
{deprecated, "use queue:liat/1 instead"};
obsolete(ssl, prf, 5) ->
Expand Down
12 changes: 0 additions & 12 deletions system/doc/general_info/DEPRECATIONS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,18 +24,6 @@ mnesia_registry:create_table/_ since=27 remove=28
code:lib_dir/2 since=27
ssl:prf/5 since=27
ssl:prf_random/0 since=27 remove=28
public_key:decrypt_public/3 since=27
public_key:decrypt_public/2 since=27
public_key:encrypt_public/3 since=27
public_key:encrypt_public/2 since=27
public_key:decrypt_private/3 since=27
public_key:decrypt_private/2 since=27
public_key:encrypt_private/3 since=27
public_key:encrypt_private/2 since=27
crypto:public_decrypt/4 since=27
crypto:public_encrypt/4 since=27
crypto:private_decrypt/4 since=27
crypto:private_encrypt/4 since=27

#
# Added in OTP 26.
Expand Down