Marked the crypto backend registration APIs as deprecated

This is to warn for a future conversion of these APIs to a no-op.

Resolves: #789

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/NEWS b/NEWS
index 77407a3017f5445e3caf9de9dccbb8c7971cf950..3a9693d2164a4ea2e8b910ee8da4d887c52201bb 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -10,8 +10,17 @@ See the end for copying conditions.
 ** libgnutls: gnutls_privkey_sign_hash2 now accepts the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA
    flag as documented. This makes it a complete replacement of gnutls_privkey_sign_hash().
 
+** Marked the crypto cipher registration APIs as deprecated. These APIs are rarely used,
+   are for a niche use case, but have significant side effects, such as preventing any
+   internal re-organization and extension of the internal cipher API. The APIs remain
+   functional though a compiler warning will be issued, and a future minor version update
+   may transform them to a no-op while keeping the ABI compatibility (#789)
+
 ** API and ABI modifications:
-No changes since last version.
+gnutls_crypto_register_cipher: Deprecated
+gnutls_crypto_register_aead_cipher: Deprecated
+gnutls_crypto_register_digest: Deprecated
+gnutls_crypto_register_mac: Deprecated
 
 
 * Version 3.6.8 (released 2019-05-28)

diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h
index 4f70b4a56873c85c3bbcb66272246e28a47843cd..93a157857ccd3a046787c4f684daba3b2fa5da67 100644 (file)
--- a/lib/includes/gnutls/crypto.h
+++ b/lib/includes/gnutls/crypto.h
@@ -186,7 +186,8 @@ gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
                              gnutls_cipher_setiv_func setiv,
                              gnutls_cipher_encrypt_func encrypt,
                              gnutls_cipher_decrypt_func decrypt,
-                             gnutls_cipher_deinit_func deinit);
+                             gnutls_cipher_deinit_func deinit)
+                             _GNUTLS_GCC_ATTR_DEPRECATED;
 
 int
 gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm,
@@ -195,7 +196,8 @@ gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm,
                              gnutls_cipher_setkey_func setkey,
                              gnutls_cipher_aead_encrypt_func aead_encrypt,
                              gnutls_cipher_aead_decrypt_func aead_decrypt,
-                             gnutls_cipher_deinit_func deinit);
+                             gnutls_cipher_deinit_func deinit)
+                             _GNUTLS_GCC_ATTR_DEPRECATED;
 
 typedef int (*gnutls_mac_init_func) (gnutls_mac_algorithm_t, void **ctx);
 typedef int (*gnutls_mac_setkey_func) (void *ctx, const void *key, size_t keysize);
@@ -216,7 +218,8 @@ gnutls_crypto_register_mac(gnutls_mac_algorithm_t mac,
                           gnutls_mac_hash_func hash,
                           gnutls_mac_output_func output,
                           gnutls_mac_deinit_func deinit,
-                          gnutls_mac_fast_func hash_fast);
+                          gnutls_mac_fast_func hash_fast)
+                          _GNUTLS_GCC_ATTR_DEPRECATED;
 
 typedef int (*gnutls_digest_init_func) (gnutls_digest_algorithm_t, void **ctx);
 typedef int (*gnutls_digest_hash_func) (void *ctx, const void *text, size_t textsize);
@@ -232,7 +235,8 @@ gnutls_crypto_register_digest(gnutls_digest_algorithm_t digest,
                           gnutls_digest_hash_func hash,
                           gnutls_digest_output_func output,
                           gnutls_digest_deinit_func deinit,
-                          gnutls_digest_fast_func hash_fast);
+                          gnutls_digest_fast_func hash_fast)
+                          _GNUTLS_GCC_ATTR_DEPRECATED;
 
 /* RSA-PKCS#1 1.5 helper functions */
 int