Merge branch 'maint'

erlang · Aug 8, 2024 · a9c6285 · a9c6285
2 parents d34de32 + 0ec8bd9
commit a9c6285
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 92 deletions.
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
@@ -156,7 +156,7 @@ end
                   {function,<<"Random API">>},
                   {function,<<"Utility Functions">>},
                   {function,<<"Engine API">>},
-                  {function,<<"Deprecated API">>},
+                  {function,<<"Legacy RSA Encryption API">>},
                   {type,<<"Ciphers">>},
                   {type,<<"Digests and hash">>},
                   {type,<<"Elliptic Curves">>},
@@ -193,14 +193,11 @@ end
 
 %%%----------------------------------------------------------------
 %% Deprecated functions
--deprecated([{private_encrypt, 4, "use public_key:sign/3 instead"},
-             {private_decrypt, 4, "do not use"},
-             {public_encrypt,  4,  "do not use"},
-             {public_decrypt,  4,  "use public_key:verify/4 instead"},
-             {start, 0, "use application:start(crypto) instead"},
+-deprecated([{start, 0, "use application:start(crypto) instead"},
              {stop,  0, "use application:stop(crypto) instead"},
              {enable_fips_mode, 1, "use config parameter fips_mode"}
             ]).
+
 %%%----------------------------------------------------------------
 %% Removed functions.
 %%
@@ -2576,7 +2573,6 @@ Options for public key encrypt/decrypt. Only RSA is supported.
 -doc(#{title => <<"Public Key Ciphers">>}).
 -type rsa_padding() :: rsa_pkcs1_padding
                      | rsa_pkcs1_oaep_padding
-                     | rsa_sslv23_padding
                      | rsa_x931_padding
                      | rsa_no_padding.
 
@@ -2601,11 +2597,10 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons do not use.
+> This is a legacy function, for security reasons do not use together with rsa_pkcs1_padding.
 
 """.
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Do not use",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R16B01">>}).
 -spec public_encrypt(Algorithm, PlainText, PublicKey, Options) ->
                             CipherText when Algorithm :: pk_encrypt_decrypt_algs(),
@@ -2631,12 +2626,11 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons do not use.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
 
 """.
 
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Do not use",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R16B01">>}).
 -spec private_decrypt(Algorithm, CipherText, PrivateKey, Options) ->
                              PlainText when Algorithm :: pk_encrypt_decrypt_algs(),
@@ -2663,13 +2657,13 @@ Public-key decryption using the private key. See also `crypto:private_decrypt/4`
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons use [`sign/4`](`sign/4`) together
-> with [`verify/5`](`verify/5`) instead.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
+> For digital signatures use of [`sign/4`](`sign/4`) together
+> with [`verify/5`](`verify/5`) is the prefered solution.
 
 """.
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Use sign and verify instead",
-       since => <<"OTP R16B01">>}).
+-doc(#{title => <<"Legacy RSA Encryption API">>,
+        since => <<"OTP R16B01">>}).
 -spec private_encrypt(Algorithm, PlainText, PrivateKey, Options) ->
                             CipherText when Algorithm :: pk_encrypt_decrypt_algs(),
                                             PlainText :: binary(),
@@ -2694,12 +2688,12 @@ Uses the [3-tuple style](`m:crypto#error_3tup`) for error handling.
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons use [`verify/5`](`verify/5`) together
-> with [`sign/4`](`sign/4`) instead.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
+> For digital signatures use of [`verify/5`](`verify/5`) together
+> with [`sign/4`](`sign/4`) is the prefered solution.
 
 """.
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Use verify and sign instead",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R16B01">>}).
 -spec public_decrypt(Algorithm, CipherText, PublicKey, Options) ->
                              PlainText when Algorithm :: pk_encrypt_decrypt_algs(),

diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
@@ -55,7 +55,7 @@ macros described here and in the User's Guide:
                   {function,<<"Certificate Revocation API">>},
                   {function,<<"ASN.1 Encoding API">>},
                   {function,<<"Test Data API">>},
-                  {function,<<"Deprecated API">>}
+                  {function,<<"Legacy RSA Encryption API">>}
                  ]}).
 
 -feature(maybe_expr,enable).
@@ -110,17 +110,6 @@ macros described here and in the User's Guide:
 
 %%----------------
 %% Moved to ssh
-
--deprecated([{encrypt_private, 2, "use public_key:sign/3 instead"},
-             {encrypt_private, 3, "use public_key:sign 4 instead"},
-             {decrypt_private, 2, "do not use"},
-             {decrypt_private, 3, "do not use"},
-             {encrypt_public, 2,  "do not use"},
-             {encrypt_public, 3,  "do not use"},
-             {decrypt_public, 2,  "use public_key:verify/4 instead"},
-             {decrypt_public, 3,  "use public_key:verify/5 instead"}
-            ]).
-
 -removed([{ssh_decode,2, "use ssh_file:decode/2 instead"},
           {ssh_encode,2, "use ssh_file:encode/2 instead"},
           {ssh_hostkey_fingerprint,1, "use ssh:hostkey_fingerprint/1 instead"},
@@ -825,8 +814,7 @@ pkix_encode(Asn1Type, Term0, otp) when is_atom(Asn1Type) ->
 
 %%--------------------------------------------------------------------
 -doc(#{equiv => decrypt_private(CipherText, Key, []),
-       deprecated => ~"Do not use",
-       title => <<"Deprecated API">>,
+       title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -spec decrypt_private(CipherText, Key) ->
                              PlainText when CipherText :: binary(),
@@ -835,15 +823,14 @@ pkix_encode(Asn1Type, Term0, otp) when is_atom(Asn1Type) ->
 decrypt_private(CipherText, Key) ->
     decrypt_private(CipherText, Key, []).
 
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Do not use",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -doc """
 Public-key decryption using the private key. See also `crypto:private_decrypt/4`
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons do not use.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
 """.
 -spec decrypt_private(CipherText, Key, Options) ->
                              PlainText when CipherText :: binary(),
@@ -861,8 +848,7 @@ decrypt_private(CipherText,
 %% Description: Public key decryption using the public key.
 %%--------------------------------------------------------------------
 -doc(#{equiv => decrypt_public(CipherText, Key, []),
-       deprecated => ~"Use sign and verify instead",
-       title => <<"Deprecated API">>,
+       title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -spec decrypt_public(CipherText, Key) ->
 			    PlainText
@@ -872,17 +858,16 @@ decrypt_private(CipherText,
 decrypt_public(CipherText, Key) ->
     decrypt_public(CipherText, Key, []).
 
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Use sign and verify instead",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -doc """
 Public-key decryption using the public key. See also `crypto:public_decrypt/4`
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons use [`verify/4`](`verify/4`) together
-> with [`sign/3`](`sign/3`) instead.
-.
+> This is a legacy function, for security reasons do not use  with rsa_pkcs1_padding.
+> For digital signatures the use of [`verify/4`](`verify/4`) together
+> with [`sign/3`](`sign/3`) is a prefered solution.
 """.
 -spec decrypt_public(CipherText, Key, Options) ->
 			    PlainText
@@ -898,8 +883,7 @@ decrypt_public(CipherText, #'RSAPublicKey'{modulus = N, publicExponent = E},
 %% Description: Public key encryption using the public key.
 %%--------------------------------------------------------------------
 -doc(#{equiv => encrypt_public(PlainText, Key, []),
-       deprecated => ~"Do not use",
-       title => <<"Deprecated API">>,
+       title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -spec encrypt_public(PlainText, Key) ->
 			     CipherText
@@ -909,15 +893,14 @@ decrypt_public(CipherText, #'RSAPublicKey'{modulus = N, publicExponent = E},
 encrypt_public(PlainText, Key) ->
     encrypt_public(PlainText, Key, []).
 
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Do not use",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP 21.1">>}).
 -doc """
 Public-key encryption using the public key. See also `crypto:public_encrypt/4`.
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons do not use.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
 """.
 -spec encrypt_public(PlainText, Key, Options) ->
 			     CipherText
@@ -931,8 +914,7 @@ encrypt_public(PlainText, #'RSAPublicKey'{modulus=N,publicExponent=E},
 
 %%--------------------------------------------------------------------
 -doc(#{equiv => encrypt_private(PlainText, Key, []),
-       deprecated => ~"Use sign and verify instead",
-       title => <<"Deprecated API">>,
+       title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP R14B">>}).
 -spec encrypt_private(PlainText, Key) ->
 			     CipherText
@@ -942,8 +924,7 @@ encrypt_public(PlainText, #'RSAPublicKey'{modulus=N,publicExponent=E},
 encrypt_private(PlainText, Key) ->
     encrypt_private(PlainText, Key, []).
 
--doc(#{title => <<"Deprecated API">>,
-       deprecated => ~"Use sign and verify instead",
+-doc(#{title => <<"Legacy RSA Encryption API">>,
        since => <<"OTP 21.1">>}).
 -doc """
 Public-key encryption using the private key.
@@ -956,7 +937,9 @@ or trusted platform modules (TPM).
 
 > #### Warning {: .warning }
 >
-> This is a legacy function, for security reasons use [`sign/3`](`sign/3`) together with [`verify/4`](`verify/4`)  instead.
+> This is a legacy function, for security reasons do not use with rsa_pkcs1_padding.
+> For digital signatures use of [`sign/3`](`sign/3`) together with [`verify/4`](`verify/4`)  is
+> the prefered solution.
 """.
 -spec encrypt_private(PlainText, Key, Options) ->
 			     CipherText

diff --git a/lib/stdlib/src/otp_internal.erl b/lib/stdlib/src/otp_internal.erl
@@ -38,14 +38,6 @@ obsolete(code, lib_dir, 2) ->
     {deprecated, "this functionality will be removed in a future release"};
 obsolete(crypto, enable_fips_mode, 1) ->
     {deprecated, "use config parameter fips_mode"};
-obsolete(crypto, private_decrypt, 4) ->
-    {deprecated, "do not use"};
-obsolete(crypto, private_encrypt, 4) ->
-    {deprecated, "use public_key:sign/3 instead"};
-obsolete(crypto, public_decrypt, 4) ->
-    {deprecated, "use public_key:verify/4 instead"};
-obsolete(crypto, public_encrypt, 4) ->
-    {deprecated, "do not use"};
 obsolete(crypto, rand_uniform, 2) ->
     {deprecated, "use rand:uniform/1 instead"};
 obsolete(crypto, start, 0) ->
@@ -76,22 +68,6 @@ obsolete(net, ping, 1) ->
     {deprecated, "use net_adm:ping/1 instead"};
 obsolete(net, sleep, 1) ->
     {deprecated, "use 'receive after T -> ok end' instead"};
-obsolete(public_key, decrypt_private, 2) ->
-    {deprecated, "do not use"};
-obsolete(public_key, decrypt_private, 3) ->
-    {deprecated, "do not use"};
-obsolete(public_key, decrypt_public, 2) ->
-    {deprecated, "use public_key:verify/4 instead"};
-obsolete(public_key, decrypt_public, 3) ->
-    {deprecated, "use public_key:verify/5 instead"};
-obsolete(public_key, encrypt_private, 2) ->
-    {deprecated, "use public_key:sign/3 instead"};
-obsolete(public_key, encrypt_private, 3) ->
-    {deprecated, "use public_key:sign 4 instead"};
-obsolete(public_key, encrypt_public, 2) ->
-    {deprecated, "do not use"};
-obsolete(public_key, encrypt_public, 3) ->
-    {deprecated, "do not use"};
 obsolete(queue, lait, 1) ->
     {deprecated, "use queue:liat/1 instead"};
 obsolete(ssl, prf, 5) ->

diff --git a/system/doc/general_info/DEPRECATIONS b/system/doc/general_info/DEPRECATIONS
@@ -31,18 +31,6 @@ mnesia_registry:create_table/_ since=27 remove=28
 code:lib_dir/2 since=27
 ssl:prf/5 since=27
 ssl:prf_random/0 since=27 remove=28
-public_key:decrypt_public/3 since=27
-public_key:decrypt_public/2 since=27
-public_key:encrypt_public/3 since=27
-public_key:encrypt_public/2 since=27
-public_key:decrypt_private/3 since=27
-public_key:decrypt_private/2 since=27
-public_key:encrypt_private/3 since=27
-public_key:encrypt_private/2 since=27
-crypto:public_decrypt/4 since=27
-crypto:public_encrypt/4 since=27
-crypto:private_decrypt/4 since=27
-crypto:private_encrypt/4 since=27
 
 #
 # Added in OTP 26.