yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
mbedtls/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md
TRodziewicz d9d035a5b5 Corrections of the migration guide from the code review. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-06 11:53:06 +02:00

3 KiB
Raw Blame History

Deprecated functions were removed from AES

The functions mbedtls_aes_encrypt() and mbedtls_aes_decrypt() were removed.

If you're simply using the AES module, you should be calling the higher-level functions mbedtls_aes_crypt_xxx().

If you're providing an alternative implementation using MBEDTLS_AES_ENCRYPT_ALT or MBEDTLS_AES_DECRYPT_ALT, you should be replacing the removed functions with mbedtls_internal_aes_encrypt() and mbedtls_internal_aes_decrypt() respectively.

Deprecated functions were removed from bignum

The function mbedtls_mpi_is_prime() was removed. Please use mbedtls_mpi_is_prime_ext() instead which additionally allows specifying the number of Miller-Rabin rounds.

Deprecated functions were removed from cipher

The functions mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_decrypt() were removed. They were superseded by mbedtls_cipher_auth_encrypt_ext() and mbedtls_cipher_auth_decrypt_ext() respectively which additionally support key wrapping algorithms such as NIST_KW.

Deprecated functions were removed from DRBGs

The functions mbedtls_ctr_drbg_update() and mbedtls_hmac_drbg_update() were removed. They were superseded by mbedtls_ctr_drbg_update_ret() and mbedtls_hmac_drbg_update_ret() respectively.

Deprecated functions were removed from ECDSA

The functions mbedtls_ecdsa_write_signature_det() and mbedtls_ecdsa_sign_det() were removed. They were superseded by mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_sign_det_ext() respectively.

Deprecated functions were removed from SSL

The function mbedtls_ssl_conf_dh_param() was removed. Please use mbedtls_ssl_conf_dh_param_bin() or mbedtls_ssl_conf_dh_param_ctx() instead.

The function mbedtls_ssl_get_max_frag_len() was removed. Please use mbedtls_ssl_get_output_max_frag_len() instead.

Deprecated hex-encoded primes were removed from DHM

The macros MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G, MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G, MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G, MBEDTLS_DHM_RFC3526_MODP_4096_P and MBEDTLS_DHM_RFC3526_MODP_4096_G were removed. The primes from RFC 5114 are deprecated because their derivation is not documented and therefore their usage constitutes a security risk; they are fully removed from the library. Please use parameters from RFC3526 (still in the library, only in binary form) or RFC 7919 (also available in the library) or other trusted sources instead.

Deprecated net.h file was removed

The file include/mbedtls/net.h was removed because its only function was to include mbedtls/net_sockets.h which now should be included directly.