Deprecate the low level DES functions.

Use of the low level DES functions has been informally discouraged for a
long time. We now formally deprecate them.

Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions.
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10858)

apps/passwd.c

@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+/* We need to use some deprecated APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
 #include <string.h>
 
 #include "apps.h"
@@ -16,7 +19,7 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
 # include <openssl/des.h>
 #endif
 #include <openssl/md5.h>
@@ -82,7 +85,7 @@ const OPTIONS passwd_options[] = {
     {"apr1", OPT_APR1, '-', "MD5-based password algorithm, Apache variant"},
     {"1", OPT_1, '-', "MD5-based password algorithm"},
     {"aixmd5", OPT_AIXMD5, '-', "AIX MD5-based password algorithm"},
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     {"crypt", OPT_CRYPT, '-', "Standard Unix password algorithm (default)"},
 #endif
 
@@ -168,7 +171,7 @@ int passwd_main(int argc, char **argv)
             mode = passwd_aixmd5;
             break;
         case OPT_CRYPT:
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
             if (mode != passwd_unset)
                 goto opthelp;
             mode = passwd_crypt;
@@ -205,7 +208,7 @@ int passwd_main(int argc, char **argv)
         mode = passwd_crypt;
     }
 
-#ifdef OPENSSL_NO_DES
+#if defined(OPENSSL_NO_DES) || defined(OPENSSL_NO_DEPRECATED_3_0)
     if (mode == passwd_crypt)
         goto opthelp;
 #endif
@@ -798,7 +801,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
         size_t saltlen = 0;
         size_t i;
 
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
         if (mode == passwd_crypt)
             saltlen = 2;
 #endif                         /* !OPENSSL_NO_DES */
@@ -841,7 +844,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
     assert(strlen(passwd) <= pw_maxlen);
 
     /* now compute password hash */
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     if (mode == passwd_crypt)
         hash = DES_crypt(passwd, *salt_p);
 #endif

apps/speed.c

@@ -358,7 +358,7 @@ static const OPT_PAIR doit_choices[] = {
 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     {"rc4", D_RC4},
 #endif
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     {"des-cbc", D_CBC_DES},
     {"des-ede3", D_EDE3_DES},
 #endif
@@ -729,7 +729,7 @@ static int RC4_loop(void *args)
 }
 #endif
 
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
 static unsigned char DES_iv[8];
 static DES_key_schedule sch[3];
 static int DES_ncbc_encrypt_loop(void *args)
@@ -1722,7 +1722,7 @@ int speed_main(int argc, char **argv)
             doit[i] = 1;
             continue;
         }
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
         if (strcmp(algo, "des") == 0) {
             doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
             continue;
@@ -1945,7 +1945,7 @@ int speed_main(int argc, char **argv)
         loopargs[i].dsa_key[2] = get_dsa(2048);
     }
 #endif
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
         static DES_cblock keys[] = {
             { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
@@ -2001,7 +2001,7 @@ int speed_main(int argc, char **argv)
         CAST_set_key(&cast_ks, 16, key16);
 #endif
 #ifndef SIGALRM
-# ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
     count = 10;
     do {
@@ -2397,7 +2397,7 @@ int speed_main(int argc, char **argv)
         }
     }
 #endif
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     if (doit[D_CBC_DES]) {
         for (testnum = 0; testnum < size_num; testnum++) {
             print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
@@ -3501,7 +3501,7 @@ int speed_main(int argc, char **argv)
 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
         printf("%s ", RC4_options());
 #endif
-#ifndef OPENSSL_NO_DES
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
         printf("%s ", DES_options());
 #endif
 #ifndef OPENSSL_NO_DEPRECATED_3_0

apps/version.c

@@ -15,9 +15,6 @@
 #include <openssl/evp.h>
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
-#ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-#endif
 
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -117,9 +114,6 @@ opthelp:
     if (options) {
         printf("options: ");
         printf(" %s", BN_options());
-#ifndef OPENSSL_NO_DES
-        printf(" %s", DES_options());
-#endif
         printf("\n");
     }
     if (cflags)

crypto/des/build.info

@@ -25,6 +25,13 @@ SOURCE[../../providers/libfips.a]=$COMMON
 DEFINE[../../libcrypto]=$DESDEF
 DEFINE[../../providers/libfips.a]=$DESDEF
 
+IF[{- $disabled{"deprecated"}
+      && !$disabled{"mdc2"}
+      && (defined $config{"api"} && $config{"api"} >= 30000) -}]
+  SOURCE[../../providers/liblegacy.a]=set_key.c $DESASM
+  DEFINE[../../providers/liblegacy.a]=$DESDEF
+ENDIF
+
 GENERATE[des_enc-sparc.S]=asm/des_enc.m4
 GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl
 INCLUDE[dest4-sparcv9.o]=..

crypto/des/cbc_cksm.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,

crypto/des/cbc_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #define CBC_ENC_C__DONT_UPDATE_IV
 
 #include "ncbc_enc.c"           /* des_cbc_encrypt */

crypto/des/cfb64ede.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /*

crypto/des/cfb64enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /*

crypto/des/cfb_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "e_os.h"
 #include "des_local.h"
 #include <assert.h>

crypto/des/des_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/crypto.h>
 #include "des_local.h"
 #include "spr.h"

crypto/des/ecb3_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,

crypto/des/ecb_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 #include <openssl/opensslv.h>
 #include <openssl/bio.h>

crypto/des/fcrypt.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 /* NOCW */
 #include <stdio.h>
 #ifdef _OSD_POSIX

crypto/des/fcrypt_b.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 
 #define DES_FCRYPT

crypto/des/ofb64ede.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /*

crypto/des/ofb64enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /*

crypto/des/ofb_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /*

crypto/des/pcbc_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,

crypto/des/qud_cksm.c

@@ -13,6 +13,13 @@
  * only based on the code in this paper and is almost definitely not the same
  * as the MIT implementation.
  */
+
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 #define Q_B0(a) (((DES_LONG)(a)))

crypto/des/rand_key.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/des.h>
 #include <openssl/rand.h>
 

crypto/des/set_key.c

@@ -15,6 +15,13 @@
  * 1.1 added norm_expand_bits
  * 1.0 First working version
  */
+
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/crypto.h>
 #include "des_local.h"
 

crypto/des/str2key.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/crypto.h>
 #include "des_local.h"
 

crypto/des/xcbc_enc.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "des_local.h"
 
 /* RSA's DESX */

crypto/evp/e_des.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #ifndef OPENSSL_NO_DES

crypto/evp/e_des3.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #ifndef OPENSSL_NO_DES

crypto/evp/e_xcbc_d.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 

doc/man3/DES_random_key.pod

@@ -16,6 +16,10 @@ DES_fcrypt, DES_crypt - DES encryption
 
  #include <openssl/des.h>
 
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
  void DES_random_key(DES_cblock *ret);
 
  int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
@@ -94,6 +98,10 @@ DES_fcrypt, DES_crypt - DES encryption
 
 =head1 DESCRIPTION
 
+All of the functions described on this page are deprecated. Applications should
+instead use L<EVP_EncryptInit_ex(3)>, L<EVP_EncryptUpdate(3)> and
+L<EVP_EncryptFinal_ex(3)> or the equivalently named decrypt functions.
+
 This library contains a fast implementation of the DES encryption
 algorithm.
 
@@ -302,6 +310,8 @@ L<EVP_EncryptInit(3)>
 
 =head1 HISTORY
 
+All of these functions were deprecated in OpenSSL 3.0.
+
 The requirement that the B<salt> parameter to DES_crypt() and DES_fcrypt()
 be two ASCII characters was first enforced in
 OpenSSL 1.1.0.  Previous versions tried to use the letter uppercase B<A>
@@ -310,7 +320,7 @@ on some platforms.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy

include/openssl/des.h

@@ -24,12 +24,13 @@ extern "C" {
 #  endif
 #  include <openssl/e_os2.h>
 
+#  ifndef OPENSSL_NO_DEPRECATED_3_0
 typedef unsigned int DES_LONG;
 
-#  ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#   undef OPENSSL_EXTERN
-#   define OPENSSL_EXTERN OPENSSL_EXPORT
-#  endif
+#   ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#    undef OPENSSL_EXTERN
+#    define OPENSSL_EXTERN OPENSSL_EXPORT
+#   endif
 
 typedef unsigned char DES_cblock[8];
 typedef /* const */ unsigned char const_DES_cblock[8];
@@ -48,50 +49,61 @@ typedef struct DES_ks {
     } ks[16];
 } DES_key_schedule;
 
-#  define DES_KEY_SZ      (sizeof(DES_cblock))
-#  define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+#   define DES_KEY_SZ      (sizeof(DES_cblock))
+#   define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
 
-#  define DES_ENCRYPT     1
-#  define DES_DECRYPT     0
+#   define DES_ENCRYPT     1
+#   define DES_DECRYPT     0
 
-#  define DES_CBC_MODE    0
-#  define DES_PCBC_MODE   1
+#   define DES_CBC_MODE    0
+#   define DES_PCBC_MODE   1
 
-#  define DES_ecb2_encrypt(i,o,k1,k2,e) \
+#   define DES_ecb2_encrypt(i,o,k1,k2,e) \
         DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
 
-#  define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+#   define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
         DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
 
-#  define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+#   define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
         DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
 
-#  define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+#   define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
         DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
 
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-                      DES_key_schedule *ks1, DES_key_schedule *ks2,
-                      DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
-                       long length, DES_key_schedule *schedule,
-                       const_DES_cblock *ivec);
+#   define DES_fixup_key_parity DES_set_odd_parity
+#  endif
+
+DEPRECATEDIN_3_0(const char *DES_options(void))
+DEPRECATEDIN_3_0(void DES_ecb3_encrypt(const_DES_cblock *input,
+                                       DES_cblock *output,
+                                       DES_key_schedule *ks1,
+                                       DES_key_schedule *ks2,
+                                       DES_key_schedule *ks3, int enc))
+DEPRECATEDIN_3_0(DES_LONG DES_cbc_cksum(const unsigned char *input,
+                                        DES_cblock *output, long length,
+                                        DES_key_schedule *schedule,
+                                        const_DES_cblock *ivec))
 /* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec, int enc);
-void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, int enc);
-void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, const_DES_cblock *inw,
-                      const_DES_cblock *outw, int enc);
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec, int enc);
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-                     DES_key_schedule *ks, int enc);
+DEPRECATEDIN_3_0(void DES_cbc_encrypt(const unsigned char *input,
+                                      unsigned char *output, long length,
+                                      DES_key_schedule *schedule,
+                                      DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ncbc_encrypt(const unsigned char *input,
+                                       unsigned char *output, long length,
+                                       DES_key_schedule *schedule,
+                                       DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_xcbc_encrypt(const unsigned char *input,
+                                       unsigned char *output, long length,
+                                       DES_key_schedule *schedule,
+                                       DES_cblock *ivec, const_DES_cblock *inw,
+                                       const_DES_cblock *outw, int enc))
+DEPRECATEDIN_3_0(void DES_cfb_encrypt(const unsigned char *in,
+                                      unsigned char *out, int numbits,
+                                      long length, DES_key_schedule *schedule,
+                                      DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ecb_encrypt(const_DES_cblock *input,
+                                      DES_cblock *output, DES_key_schedule *ks,
+                                      int enc))
 
 /*
  * This is the DES encryption function that gets called by just about every
@@ -103,7 +115,8 @@ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
  * long's and ks is the DES_key_schedule to use.  enc, is non zero specifies
  * encryption, zero if decryption.
  */
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
+DEPRECATEDIN_3_0(void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks,
+                                   int enc))
 
 /*
  * This functions is the same as DES_encrypt1() except that the DES initial
@@ -113,60 +126,78 @@ void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
  * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
  * DES_encrypt1() DES_encrypt1() except faster :-).
  */
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
-                          long length,
-                          DES_key_schedule *ks1, DES_key_schedule *ks2,
-                          DES_key_schedule *ks3, DES_cblock *ivec, int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule *ks1,
-                            DES_key_schedule *ks2, DES_key_schedule *ks3,
-                            DES_cblock *ivec, int *num, int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
-                          int numbits, long length, DES_key_schedule *ks1,
-                          DES_key_schedule *ks2, DES_key_schedule *ks3,
-                          DES_cblock *ivec, int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule *ks1,
-                            DES_key_schedule *ks2, DES_key_schedule *ks3,
-                            DES_cblock *ivec, int *num);
-char *DES_fcrypt(const char *buf, const char *salt, char *ret);
-char *DES_crypt(const char *buf, const char *salt);
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-                        long length, int out_count, DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
+DEPRECATEDIN_3_0(void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks,
+                                   int enc))
+
+DEPRECATEDIN_3_0(void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3))
+DEPRECATEDIN_3_0(void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3))
+DEPRECATEDIN_3_0(void DES_ede3_cbc_encrypt(const unsigned char *input,
+                                           unsigned char *output, long length,
+                                           DES_key_schedule *ks1,
+                                           DES_key_schedule *ks2,
+                                           DES_key_schedule *ks3,
+                                           DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ede3_cfb64_encrypt(const unsigned char *in,
+                                             unsigned char *out, long length,
+                                             DES_key_schedule *ks1,
+                                             DES_key_schedule *ks2,
+                                             DES_key_schedule *ks3,
+                                             DES_cblock *ivec, int *num,
+                                             int enc))
+DEPRECATEDIN_3_0(void DES_ede3_cfb_encrypt(const unsigned char *in,
+                                           unsigned char *out, int numbits,
+                                           long length, DES_key_schedule *ks1,
+                                           DES_key_schedule *ks2,
+                                           DES_key_schedule *ks3,
+                                           DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ede3_ofb64_encrypt(const unsigned char *in,
+                                             unsigned char *out, long length,
+                                             DES_key_schedule *ks1,
+                                             DES_key_schedule *ks2,
+                                             DES_key_schedule *ks3,
+                                             DES_cblock *ivec, int *num))
+DEPRECATEDIN_3_0(char *DES_fcrypt(const char *buf, const char *salt, char *ret))
+DEPRECATEDIN_3_0(char *DES_crypt(const char *buf, const char *salt))
+DEPRECATEDIN_3_0(void DES_ofb_encrypt(const unsigned char *in,
+                                      unsigned char *out, int numbits,
+                                      long length, DES_key_schedule *schedule,
+                                      DES_cblock *ivec))
+DEPRECATEDIN_3_0(void DES_pcbc_encrypt(const unsigned char *input,
+                                       unsigned char *output, long length,
+                                       DES_key_schedule *schedule,
+                                       DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(DES_LONG DES_quad_cksum(const unsigned char *input,
+                                         DES_cblock output[], long length,
+                                         int out_count, DES_cblock *seed))
+DEPRECATEDIN_3_0(int DES_random_key(DES_cblock *ret))
+DEPRECATEDIN_3_0(void DES_set_odd_parity(DES_cblock *key))
+DEPRECATEDIN_3_0(int DES_check_key_parity(const_DES_cblock *key))
+DEPRECATEDIN_3_0(int DES_is_weak_key(const_DES_cblock *key))
 /*
  * DES_set_key (= set_key = DES_key_sched = key_sched) calls
  * DES_set_key_checked
  */
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
-void DES_string_to_key(const char *str, DES_cblock *key);
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, DES_key_schedule *schedule,
-                       DES_cblock *ivec, int *num, int enc);
-void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, DES_key_schedule *schedule,
-                       DES_cblock *ivec, int *num);
-
-#  define DES_fixup_key_parity DES_set_odd_parity
+DEPRECATEDIN_3_0(int DES_set_key(const_DES_cblock *key,
+                                 DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(int DES_key_sched(const_DES_cblock *key,
+                                   DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(int DES_set_key_checked(const_DES_cblock *key,
+                                         DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(void DES_set_key_unchecked(const_DES_cblock *key,
+                                            DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(void DES_string_to_key(const char *str, DES_cblock *key))
+DEPRECATEDIN_3_0(void DES_string_to_2keys(const char *str, DES_cblock *key1,
+                                          DES_cblock *key2))
+DEPRECATEDIN_3_0(void DES_cfb64_encrypt(const unsigned char *in,
+                                        unsigned char *out, long length,
+                                        DES_key_schedule *schedule,
+                                        DES_cblock *ivec, int *num, int enc))
+DEPRECATEDIN_3_0(void DES_ofb64_encrypt(const unsigned char *in,
+                                        unsigned char *out, long length,
+                                        DES_key_schedule *schedule,
+                                        DES_cblock *ivec, int *num))
 
 #  ifdef  __cplusplus
 }

providers/implementations/ciphers/cipher_des.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "prov/ciphercommon.h"
 #include "cipher_des.h"
 #include <openssl/rand.h>

providers/implementations/ciphers/cipher_des_hw.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "prov/ciphercommon.h"
 #include "cipher_des.h"
 

providers/implementations/ciphers/cipher_desx.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_tdes_default.h"
 #include "prov/implementations.h"
 

providers/implementations/ciphers/cipher_desx_hw.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/des.h>
 #include "cipher_tdes_default.h"
 

providers/implementations/ciphers/cipher_tdes.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "prov/ciphercommon.h"
 #include "cipher_tdes.h"
 #include <openssl/rand.h>

providers/implementations/ciphers/cipher_tdes_default.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_tdes_default.h"
 #include "prov/implementations.h"
 

providers/implementations/ciphers/cipher_tdes_default_hw.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_tdes_default.h"
 
 #define ks1 tks.ks[0]

providers/implementations/ciphers/cipher_tdes_hw.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "prov/ciphercommon.h"
 #include "cipher_tdes.h"
 

providers/implementations/ciphers/cipher_tdes_wrap.c

@@ -8,7 +8,7 @@
  */
 
 /*
- * SHA-1 low level APIs are deprecated for public use, but still ok for
+ * DES and SHA-1 low level APIs are deprecated for public use, but still ok for
  * internal use.
  */
 #include "internal/deprecated.h"

providers/implementations/ciphers/cipher_tdes_wrap_hw.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include "cipher_tdes_default.h"
 
 #define cipher_hw_tdes_wrap_initkey cipher_hw_tdes_ede3_initkey

providers/implementations/kdfs/krb5kdf.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.  We access the DES_set_odd_parity(3) function here.
+ */
+#include "internal/deprecated.h"
+
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>

test/build.info

@@ -114,10 +114,6 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[hmactest]=../include ../apps/include
   DEPEND[hmactest]=../libcrypto libtestutil.a
 
-  SOURCE[destest]=destest.c
-  INCLUDE[destest]=../include ../apps/include
-  DEPEND[destest]=../libcrypto libtestutil.a
-
   SOURCE[mdc2test]=mdc2test.c
   INCLUDE[mdc2test]=../include ../apps/include
   DEPEND[mdc2test]=../libcrypto libtestutil.a
@@ -581,6 +577,10 @@ IF[{- !$disabled{tests} -}]
     INCLUDE[sm4_internal_test]=.. ../include ../apps/include ../crypto/include
     DEPEND[sm4_internal_test]=../libcrypto.a libtestutil.a
 
+    SOURCE[destest]=destest.c
+    INCLUDE[destest]=../include ../apps/include
+    DEPEND[destest]=../libcrypto.a libtestutil.a
+
     SOURCE[rc2test]=rc2test.c
     INCLUDE[rc2test]=../include ../apps/include
     DEPEND[rc2test]=../libcrypto.a libtestutil.a

test/destest.c

@@ -7,6 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DES low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
 #include <openssl/e_os2.h>
 #include <string.h>
 

test/recipes/20-test_passwd.t

@@ -76,11 +76,11 @@ my @sha_tests =
        expected => '$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.' }
     );
 
-plan tests => (disabled("des") ? 9 : 11) + scalar @sha_tests;
+plan tests => (disabled("des") || disabled("deprecated") ? 9 : 11) + scalar @sha_tests;
 
 
 ok(compare1stline_re([qw{openssl passwd password}], '^.{13}\R$'),
-   'crypt password with random salt') if !disabled("des");
+   'crypt password with random salt') if !disabled("des") && !disabled("deprecated");
 ok(compare1stline_re([qw{openssl passwd -1 password}], '^\$1\$.{8}\$.{22}\R$'),
    'BSD style MD5 password with random salt');
 ok(compare1stline_re([qw{openssl passwd -apr1 password}], '^\$apr1\$.{8}\$.{22}\R$'),
@@ -91,7 +91,7 @@ ok(compare1stline_re([qw{openssl passwd -6 password}], '^\$6\$.{16}\$.{86}\R$'),
    'Apache SHA512 password with random salt');
 
 ok(compare1stline([qw{openssl passwd -salt xx password}], 'xxj31ZMTZzkVA'),
-   'crypt password with salt xx') if !disabled("des");
+   'crypt password with salt xx') if !disabled("des") && !disabled("deprecated");
 ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -1 password}], '$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.'),
    'BSD style MD5 password with salt xxxxxxxx');
 ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -apr1 password}], '$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0'),