Deprecate old AES interface.

Use new macro _NETTLE_ATTTRIBUTE_DEPRECATED.

8 files changed, 50 insertions, 15 deletions

diff --git a/ChangeLog b/ChangeLog
index 16895dff..8fa99a47 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,12 +1,18 @@
 2018-08-09  Niels Möller  <nisse@lysator.liu.se>
 
-	* nettle-types.h (_NETTLE_ATTRIBUTE_PURE): Define
-	_NETTLE_ATTRIBUTE_PURE for gcc and lookalikes.
+	* nettle-types.h (_NETTLE_ATTRIBUTE_PURE)
+	(_NETTLE_ATTRIBUTE_DEPRECATED): New macros, for gcc and
+	lookalikes.
 	* ecc-curve.h: Include nettle-types.h, and use
 	_NETTLE_ATTRIBUTE_PURE instead of local definition.
 	* nettle-meta.h: Use _NETTLE_ATTRIBUTE_PURE, instead of explicit
 	#ifdefs.
 
+	* aes.h: Mark functions using struct aes_ctx interface as
+	deprecated. Add #undef _NETTLE_ATTRIBUTE_DEPRECATED in files where
+	the functions are implemented or tested.
+	* gcm.h: Similarly mark functions using gcm_aes_ctx as deprecated.
+
 	* nettle-internal.c (des_set_key_wrapper, des3_set_key_wrapper)
 	(blowfish128_set_key_wrapper): Wrapper functions, to avoid cast
 	between incompatible function types (which gcc-8 warns about).
diff --git a/aes-set-decrypt-key.c b/aes-set-decrypt-key.c
index ffbb1898..20214eab 100644
--- a/aes-set-decrypt-key.c
+++ b/aes-set-decrypt-key.c
@@ -36,6 +36,9 @@
 # include "config.h"
 #endif
 
+/* This file implements and uses deprecated functions */
+#define _NETTLE_ATTRIBUTE_DEPRECATED
+
 #include "aes-internal.h"
 
 void
diff --git a/aes.h b/aes.h
index 5a0545c8..333ec52f 100644
--- a/aes.h
+++ b/aes.h
@@ -76,7 +76,8 @@ extern "C" {
 #define AES_MIN_KEY_SIZE AES128_KEY_SIZE
 #define AES_MAX_KEY_SIZE AES256_KEY_SIZE
 
-/* Older nettle-2.7 interface */
+/* The older nettle-2.7 AES interface is deprecated, please migrate to
+   the newer interface where each algorithm has a fixed key size. */
 
 #define AES_KEY_SIZE 32
 
@@ -88,24 +89,27 @@ struct aes_ctx
 
 void
 aes_set_encrypt_key(struct aes_ctx *ctx,
-		    size_t length, const uint8_t *key);
+		    size_t length, const uint8_t *key)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 aes_set_decrypt_key(struct aes_ctx *ctx,
-		   size_t length, const uint8_t *key);
+		   size_t length, const uint8_t *key)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 aes_invert_key(struct aes_ctx *dst,
-	       const struct aes_ctx *src);
+	       const struct aes_ctx *src)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 aes_encrypt(const struct aes_ctx *ctx,
 	    size_t length, uint8_t *dst,
-	    const uint8_t *src);
+	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
 void
 aes_decrypt(const struct aes_ctx *ctx,
 	    size_t length, uint8_t *dst,
-	    const uint8_t *src);
+	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
 
 struct aes128_ctx
 {
diff --git a/gcm-aes.c b/gcm-aes.c
index 9c67355a..477eeb6e 100644
--- a/gcm-aes.c
+++ b/gcm-aes.c
@@ -35,6 +35,9 @@
 # include "config.h"
 #endif
 
+/* This file implements and uses deprecated functions */
+#define _NETTLE_ATTRIBUTE_DEPRECATED
+
 #include "gcm.h"
 
 void
diff --git a/gcm.h b/gcm.h
index 766019ae..96578530 100644
--- a/gcm.h
+++ b/gcm.h
@@ -261,31 +261,34 @@ void
 gcm_aes256_digest(struct gcm_aes256_ctx *ctx,
 		  size_t length, uint8_t *digest);
 
-/* Old aes interface, for backwards compatibility */
+/* Old deprecated aes interface, for backwards compatibility */
 struct gcm_aes_ctx GCM_CTX(struct aes_ctx);
 
 void
 gcm_aes_set_key(struct gcm_aes_ctx *ctx,
-		size_t length, const uint8_t *key);
+		size_t length, const uint8_t *key) _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 gcm_aes_set_iv(struct gcm_aes_ctx *ctx,
-	       size_t length, const uint8_t *iv);
+	       size_t length, const uint8_t *iv) _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 gcm_aes_update(struct gcm_aes_ctx *ctx,
-	       size_t length, const uint8_t *data);
+	       size_t length, const uint8_t *data) _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 gcm_aes_encrypt(struct gcm_aes_ctx *ctx,
-		size_t length, uint8_t *dst, const uint8_t *src);
+		size_t length, uint8_t *dst, const uint8_t *src)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
 gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
-		size_t length, uint8_t *dst, const uint8_t *src);
+		size_t length, uint8_t *dst, const uint8_t *src)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 void
-gcm_aes_digest(struct gcm_aes_ctx *ctx, size_t length, uint8_t *digest);
+gcm_aes_digest(struct gcm_aes_ctx *ctx, size_t length, uint8_t *digest)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
 
 
 struct gcm_camellia128_ctx GCM_CTX(struct camellia128_ctx);
diff --git a/nettle-types.h b/nettle-types.h
index 63eae421..4576b7c7 100644
--- a/nettle-types.h
+++ b/nettle-types.h
@@ -42,10 +42,20 @@
 /* Attributes we want to use in installed header files, and hence
    can't rely on config.h. */
 #ifdef __GNUC__
+
 #define _NETTLE_ATTRIBUTE_PURE __attribute__((pure))
+#ifndef _NETTLE_ATTRIBUTE_DEPRECATED
+/* Variant without message is supported since gcc-3.1 or so. */
+#define _NETTLE_ATTRIBUTE_DEPRECATED __attribute__((deprecated))
+#endif
+
 #else /* !__GNUC__ */
+
 #define _NETTLE_ATTRIBUTE_PURE
+#define _NETTLE_ATTRIBUTE_DEPRECATED
+
 #endif /* !__GNUC__ */
+
 #ifdef __cplusplus
 extern "C" {
 #endif
diff --git a/testsuite/aes-test.c b/testsuite/aes-test.c
index 57e1eff4..078bd678 100644
--- a/testsuite/aes-test.c
+++ b/testsuite/aes-test.c
@@ -1,3 +1,6 @@
+/* This file tests deprecated functions */
+#define _NETTLE_ATTRIBUTE_DEPRECATED
+
 #include "testutils.h"
 #include "aes.h"
 #include "nettle-internal.h"
diff --git a/testsuite/gcm-test.c b/testsuite/gcm-test.c
index 9595766a..c8174019 100644
--- a/testsuite/gcm-test.c
+++ b/testsuite/gcm-test.c
@@ -1,3 +1,6 @@
+/* This file tests deprecated functions */
+#define _NETTLE_ATTRIBUTE_DEPRECATED
+
 #include "testutils.h"
 #include "nettle-internal.h"
 #include "gcm.h"