1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
Deprecated Features
========================
The following functionality is currently deprecated, and will likely
be removed in a future release. If you think you have a good reason to
be using one of the following, contact the developers to explain your
use case if you want to make sure your code continues to work.
This is in addition to specific API calls marked with BOTAN_DEPRECATED
in the source.
- Directly accessing the member variables of types calendar_point, ASN1_Attribute,
AlgorithmIdentifier, and BER_Object
- The headers ``botan.h``, ``init.h``, ``lookup.h``, ``threefish.h``, ``sm2_enc.h``
- Using a default output length for "SHAKE-128" and "SHAKE-256". Instead,
always specify the desired output length.
- All or nothing package transform (``package.h``)
- The TLS constructors taking `std::function` for callbacks. Instead
use the TLS::Callbacks interface.
- Using ``X509_Certificate::subject_info`` and ``issuer_info`` to access any
information that is not included in the DN or subject alternative name. Prefer
using the specific assessor functions for other data, eg instead of
``cert.subject_info("X509.Certificate.serial")`` use ``cert.serial_number()``.
- The Buffered_Computation base class. In a future release the class will be
removed, and all of member functions instead declared directly on
MessageAuthenticationCode and HashFunction. So this only affects you if you
are directly referencing `Botan::Buffered_Computation` in some way.
- Platform support for Google Native Client
- Support for PathScale and HP compilers
- TLS: 3DES and SEED ciphersuites
- TLS: Anonymous DH/ECDH ciphersuites
- TLS: DHE-PSK ciphersuites
- TLS: SRP ciphersuites. All available TLS-SRP suites use obsolete
ciphers. It would be better to instead perform a standard TLS
negotiation, then a PAKE authentication within the TLS channel.
- TLS: DSA ciphersuites/certs
- TLS: static RSA key exchange ciphersuites
- TLS: CCM_8 ciphersuites
- TLS: TLSv1.0 and v1.1, DTLS v1.0
- TLS: CBC ciphersuites
- Block ciphers CAST-256, Kasumi, MISTY1, and DESX.
- CBC-MAC
- PBKDF1 key derivation
- GCM support for 64-bit tags
- Old (Google specific) ChaCha20 TLS ciphersuites
- Weak or rarely used ECC builtin groups including "secp160k1", "secp160r1",
"secp160r2", "secp192k1", "secp192r1", "secp224k1", "secp224r1",
"brainpool160r1", "brainpool192r1", "brainpool224r1", "brainpool320r1",
"x962_p192v2", "x962_p192v3", "x962_p239v1", "x962_p239v2", "x962_p239v3".
- All built in MODP groups < 2048 bits
- All pre-created DSA groups
|
