diff --git a/README.md b/README.md
index 9e4d141..619ff5a 100644
--- a/README.md
+++ b/README.md
@@ -53,6 +53,7 @@ Here is the basic patch content.
| openssl-1.1.1c-prioritize_chacha_draft.patch | Priority applied patch for CHACHA20 and CHACHA20-DRAFT. [View Pull Request](https://github.com/hakasenyang/openssl-patch/pull/17) |
| openssl-3.0.0-session_tls13.patch | For TLS 1.2 and below, the existing session timeout value is written. For TLS 1.3, 172800 (2 days) is fixed. |
| openssl-3.0.0-dev_version_error.patch | **TEST** This is a way to fix nginx when the following errors occur during the build:
Error: missing binary operator before token "("
Maybe patched: [https://github.com/openssl/openssl/pull/7839](https://github.com/openssl/openssl/pull/7839)
Patched : [https://github.com/openssl/openssl/commit/5d609f22d28615c45685d9da871d432e9cb81127](https://github.com/openssl/openssl/commit/5d609f22d28615c45685d9da871d432e9cb81127) |
+| openssl-3.0.0-dev_revert.patch | **TEST** This file will revert the patch to use the old OpenSSL API. (This is an unsafe temporary measure.) |
**The "_ciphers" patch file is a temporary change to the TLS 1.3 configuration.**
diff --git a/openssl-1.1.1f-chacha_draft.patch b/openssl-1.1.1f-chacha_draft.patch
new file mode 100644
index 0000000..d460058
--- /dev/null
+++ b/openssl-1.1.1f-chacha_draft.patch
@@ -0,0 +1,509 @@
+diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
+index 22fdcc409c..2286caafae 100644
+--- a/crypto/evp/c_allc.c
++++ b/crypto/evp/c_allc.c
+@@ -261,6 +261,7 @@ void openssl_add_all_ciphers_int(void)
+ EVP_add_cipher(EVP_chacha20());
+ # ifndef OPENSSL_NO_POLY1305
+ EVP_add_cipher(EVP_chacha20_poly1305());
++ EVP_add_cipher(EVP_chacha20_poly1305_draft());
+ # endif
+ #endif
+ }
+diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
+index bdc406bb69..233f25b26c 100644
+--- a/crypto/evp/e_chacha20_poly1305.c
++++ b/crypto/evp/e_chacha20_poly1305.c
+@@ -156,6 +156,7 @@ typedef struct {
+ struct { uint64_t aad, text; } len;
+ int aad, mac_inited, tag_len, nonce_len;
+ size_t tls_payload_length;
++ unsigned char draft:1;
+ } EVP_CHACHA_AEAD_CTX;
+
+ # define NO_TLS_PAYLOAD_LENGTH ((size_t)-1)
+@@ -176,6 +177,7 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
+ actx->aad = 0;
+ actx->mac_inited = 0;
+ actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH;
++ actx->draft = 0;
+
+ if (iv != NULL) {
+ unsigned char temp[CHACHA_CTR_SIZE] = { 0 };
+@@ -197,6 +199,27 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
+ return 1;
+ }
+
++static int chacha20_poly1305_draft_init_key(EVP_CIPHER_CTX *ctx,
++ const unsigned char *inkey,
++ const unsigned char *iv, int enc)
++{
++ EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx);
++
++ if (!inkey)
++ return 1;
++
++ actx->len.aad = 0;
++ actx->len.text = 0;
++ actx->aad = 0;
++ actx->mac_inited = 0;
++ actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH;
++ actx->draft = 1;
++
++ chacha_init_key(ctx, inkey, NULL, enc);
++
++ return 1;
++}
++
+ # if !defined(OPENSSL_SMALL_FOOTPRINT)
+
+ # if defined(POLY1305_ASM) && (defined(__x86_64) || defined(__x86_64__) || \
+@@ -367,10 +390,11 @@ static int chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ {
+ EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx);
+ size_t rem, plen = actx->tls_payload_length;
++ uint64_t thirteen = EVP_AEAD_TLS1_AAD_LEN;
+
+ if (!actx->mac_inited) {
+ # if !defined(OPENSSL_SMALL_FOOTPRINT)
+- if (plen != NO_TLS_PAYLOAD_LENGTH && out != NULL)
++ if (plen != NO_TLS_PAYLOAD_LENGTH && out != NULL && !actx->draft)
+ return chacha20_poly1305_tls_cipher(ctx, out, in, len);
+ # endif
+ actx->key.counter[0] = 0;
+@@ -397,9 +421,14 @@ static int chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ return len;
+ } else { /* plain- or ciphertext */
+ if (actx->aad) { /* wrap up aad */
+- if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE))
+- Poly1305_Update(POLY1305_ctx(actx), zero,
+- POLY1305_BLOCK_SIZE - rem);
++ if (actx->draft) {
++ thirteen = actx->len.aad;
++ Poly1305_Update(POLY1305_ctx(actx), (const unsigned char *)&thirteen, sizeof(thirteen));
++ } else {
++ if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE))
++ Poly1305_Update(POLY1305_ctx(actx), zero,
++ POLY1305_BLOCK_SIZE - rem);
++ }
+ actx->aad = 0;
+ }
+
+@@ -432,40 +461,52 @@ static int chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ } is_endian = { 1 };
+ unsigned char temp[POLY1305_BLOCK_SIZE];
+
++ if (actx->draft) {
++ thirteen = actx->len.text;
++ Poly1305_Update(POLY1305_ctx(actx), (const unsigned char *)&thirteen, sizeof(thirteen));
++ }
++
+ if (actx->aad) { /* wrap up aad */
+- if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE))
+- Poly1305_Update(POLY1305_ctx(actx), zero,
+- POLY1305_BLOCK_SIZE - rem);
++ if (actx->draft) {
++ thirteen = actx->len.aad;
++ Poly1305_Update(POLY1305_ctx(actx), (const unsigned char *)&thirteen, sizeof(thirteen));
++ } else {
++ if ((rem = (size_t)actx->len.aad % POLY1305_BLOCK_SIZE))
++ Poly1305_Update(POLY1305_ctx(actx), zero,
++ POLY1305_BLOCK_SIZE - rem);
++ }
+ actx->aad = 0;
+ }
+
+- if ((rem = (size_t)actx->len.text % POLY1305_BLOCK_SIZE))
+- Poly1305_Update(POLY1305_ctx(actx), zero,
+- POLY1305_BLOCK_SIZE - rem);
++ if (!actx->draft) {
++ if ((rem = (size_t)actx->len.text % POLY1305_BLOCK_SIZE))
++ Poly1305_Update(POLY1305_ctx(actx), zero,
++ POLY1305_BLOCK_SIZE - rem);
+
+- if (is_endian.little) {
+- Poly1305_Update(POLY1305_ctx(actx),
+- (unsigned char *)&actx->len, POLY1305_BLOCK_SIZE);
+- } else {
+- temp[0] = (unsigned char)(actx->len.aad);
+- temp[1] = (unsigned char)(actx->len.aad>>8);
+- temp[2] = (unsigned char)(actx->len.aad>>16);
+- temp[3] = (unsigned char)(actx->len.aad>>24);
+- temp[4] = (unsigned char)(actx->len.aad>>32);
+- temp[5] = (unsigned char)(actx->len.aad>>40);
+- temp[6] = (unsigned char)(actx->len.aad>>48);
+- temp[7] = (unsigned char)(actx->len.aad>>56);
+-
+- temp[8] = (unsigned char)(actx->len.text);
+- temp[9] = (unsigned char)(actx->len.text>>8);
+- temp[10] = (unsigned char)(actx->len.text>>16);
+- temp[11] = (unsigned char)(actx->len.text>>24);
+- temp[12] = (unsigned char)(actx->len.text>>32);
+- temp[13] = (unsigned char)(actx->len.text>>40);
+- temp[14] = (unsigned char)(actx->len.text>>48);
+- temp[15] = (unsigned char)(actx->len.text>>56);
+-
+- Poly1305_Update(POLY1305_ctx(actx), temp, POLY1305_BLOCK_SIZE);
++ if (is_endian.little) {
++ Poly1305_Update(POLY1305_ctx(actx),
++ (unsigned char *)&actx->len, POLY1305_BLOCK_SIZE);
++ } else {
++ temp[0] = (unsigned char)(actx->len.aad);
++ temp[1] = (unsigned char)(actx->len.aad>>8);
++ temp[2] = (unsigned char)(actx->len.aad>>16);
++ temp[3] = (unsigned char)(actx->len.aad>>24);
++ temp[4] = (unsigned char)(actx->len.aad>>32);
++ temp[5] = (unsigned char)(actx->len.aad>>40);
++ temp[6] = (unsigned char)(actx->len.aad>>48);
++ temp[7] = (unsigned char)(actx->len.aad>>56);
++
++ temp[8] = (unsigned char)(actx->len.text);
++ temp[9] = (unsigned char)(actx->len.text>>8);
++ temp[10] = (unsigned char)(actx->len.text>>16);
++ temp[11] = (unsigned char)(actx->len.text>>24);
++ temp[12] = (unsigned char)(actx->len.text>>32);
++ temp[13] = (unsigned char)(actx->len.text>>40);
++ temp[14] = (unsigned char)(actx->len.text>>48);
++ temp[15] = (unsigned char)(actx->len.text>>56);
++
++ Poly1305_Update(POLY1305_ctx(actx), temp, POLY1305_BLOCK_SIZE);
++ }
+ }
+ Poly1305_Final(POLY1305_ctx(actx), ctx->encrypt ? actx->tag
+ : temp);
+@@ -539,12 +580,14 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ return 1;
+
+ case EVP_CTRL_AEAD_SET_IVLEN:
++ if (actx->draft) return -1;
+ if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN)
+ return 0;
+ actx->nonce_len = arg;
+ return 1;
+
+ case EVP_CTRL_AEAD_SET_IV_FIXED:
++ if (actx->draft) return -1;
+ if (arg != 12)
+ return 0;
+ actx->nonce[0] = actx->key.counter[1]
+@@ -629,9 +672,32 @@ static EVP_CIPHER chacha20_poly1305 = {
+ NULL /* app_data */
+ };
+
++static EVP_CIPHER chacha20_poly1305_draft = {
++ NID_chacha20_poly1305_draft,
++ 1, /* block_size */
++ CHACHA_KEY_SIZE, /* key_len */
++ 0, /* iv_len, none */
++ EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_CUSTOM_IV |
++ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT |
++ EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_CUSTOM_CIPHER,
++ chacha20_poly1305_draft_init_key,
++ chacha20_poly1305_cipher,
++ chacha20_poly1305_cleanup,
++ 0, /* 0 moves context-specific structure allocation to ctrl */
++ NULL, /* set_asn1_parameters */
++ NULL, /* get_asn1_parameters */
++ chacha20_poly1305_ctrl,
++ NULL /* app_data */
++};
++
+ const EVP_CIPHER *EVP_chacha20_poly1305(void)
+ {
+ return(&chacha20_poly1305);
+ }
++
++const EVP_CIPHER *EVP_chacha20_poly1305_draft(void)
++{
++ return(&chacha20_poly1305_draft);
++}
+ # endif
+ #endif
+diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
+index d1b1bc7faf..f6a8ada915 100644
+--- a/crypto/objects/obj_dat.h
++++ b/crypto/objects/obj_dat.h
+@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = {
+ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */
+ };
+
+-#define NUM_NID 1195
++#define NUM_NID 1196
+ static const ASN1_OBJECT nid_objs[NUM_NID] = {
+ {"UNDEF", "undefined", NID_undef},
+ {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
+@@ -2275,9 +2275,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
+ {"magma-mac", "magma-mac", NID_magma_mac},
+ {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]},
+ {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]},
++ {"ChaCha20-Poly1305-D", "chacha20-poly1305-draft", NID_chacha20_poly1305_draft},
+ };
+
+-#define NUM_SN 1186
++#define NUM_SN 1187
+ static const unsigned int sn_objs[NUM_SN] = {
+ 364, /* "AD_DVCS" */
+ 419, /* "AES-128-CBC" */
+@@ -2395,6 +2396,7 @@ static const unsigned int sn_objs[NUM_SN] = {
+ 417, /* "CSPName" */
+ 1019, /* "ChaCha20" */
+ 1018, /* "ChaCha20-Poly1305" */
++ 1195, /* "ChaCha20-Poly1305-D" */
+ 367, /* "CrlID" */
+ 391, /* "DC" */
+ 31, /* "DES-CBC" */
+@@ -3467,7 +3469,7 @@ static const unsigned int sn_objs[NUM_SN] = {
+ 1093, /* "x509ExtAdmission" */
+ };
+
+-#define NUM_LN 1186
++#define NUM_LN 1187
+ static const unsigned int ln_objs[NUM_LN] = {
+ 363, /* "AD Time Stamping" */
+ 405, /* "ANSI X9.62" */
+@@ -3846,6 +3848,7 @@ static const unsigned int ln_objs[NUM_LN] = {
+ 883, /* "certificateRevocationList" */
+ 1019, /* "chacha20" */
+ 1018, /* "chacha20-poly1305" */
++ 1195, /* "chacha20-poly1305-draft" */
+ 54, /* "challengePassword" */
+ 407, /* "characteristic-two-field" */
+ 395, /* "clearance" */
+diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
+index 1b6a9c61a1..c81ca25a53 100644
+--- a/crypto/objects/obj_mac.num
++++ b/crypto/objects/obj_mac.num
+@@ -1192,3 +1192,4 @@ magma_cfb 1191
+ magma_mac 1192
+ hmacWithSHA512_224 1193
+ hmacWithSHA512_256 1194
++chacha20_poly1305_draft 1195
+diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
+index c49d4c568b..bbf02995a9 100644
+--- a/crypto/objects/objects.txt
++++ b/crypto/objects/objects.txt
+@@ -1534,6 +1534,7 @@ sm-scheme 104 7 : SM4-CTR : sm4-ctr
+ : AES-192-CBC-HMAC-SHA256 : aes-192-cbc-hmac-sha256
+ : AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256
+ : ChaCha20-Poly1305 : chacha20-poly1305
++ : ChaCha20-Poly1305-D : chacha20-poly1305-draft
+ : ChaCha20 : chacha20
+
+ ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH
+diff --git a/include/openssl/evp.h b/include/openssl/evp.h
+index a411f3f2f9..502720466c 100644
+--- a/include/openssl/evp.h
++++ b/include/openssl/evp.h
+@@ -919,6 +919,7 @@ const EVP_CIPHER *EVP_camellia_256_ctr(void);
+ const EVP_CIPHER *EVP_chacha20(void);
+ # ifndef OPENSSL_NO_POLY1305
+ const EVP_CIPHER *EVP_chacha20_poly1305(void);
++const EVP_CIPHER *EVP_chacha20_poly1305_draft(void);
+ # endif
+ # endif
+
+diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
+index 483fc0509e..2e3fc93259 100644
+--- a/include/openssl/obj_mac.h
++++ b/include/openssl/obj_mac.h
+@@ -4807,6 +4807,10 @@
+ #define LN_chacha20_poly1305 "chacha20-poly1305"
+ #define NID_chacha20_poly1305 1018
+
++#define SN_chacha20_poly1305_draft "ChaCha20-Poly1305-D"
++#define LN_chacha20_poly1305_draft "chacha20-poly1305-draft"
++#define NID_chacha20_poly1305_draft 1195
++
+ #define SN_chacha20 "ChaCha20"
+ #define LN_chacha20 "chacha20"
+ #define NID_chacha20 1019
+diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
+index 6724ccf2d2..0365760200 100644
+--- a/include/openssl/ssl.h
++++ b/include/openssl/ssl.h
+@@ -125,6 +125,7 @@ extern "C" {
+ # define SSL_TXT_CAMELLIA256 "CAMELLIA256"
+ # define SSL_TXT_CAMELLIA "CAMELLIA"
+ # define SSL_TXT_CHACHA20 "CHACHA20"
++# define SSL_TXT_CHACHA20_D "CHACHA20-D"
+ # define SSL_TXT_GOST "GOST89"
+ # define SSL_TXT_ARIA "ARIA"
+ # define SSL_TXT_ARIA_GCM "ARIAGCM"
+diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
+index 76d9fda46e..9cf04607c6 100644
+--- a/include/openssl/tls1.h
++++ b/include/openssl/tls1.h
+@@ -597,7 +597,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
+ # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
+ # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
+
+-/* draft-ietf-tls-chacha20-poly1305-03 */
++/* Chacha20-Poly1305-Draft ciphersuites from draft-agl-tls-chacha20poly1305-04 */
++# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_D 0x0300CC13
++# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D 0x0300CC14
++# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305_D 0x0300CC15
++
++/* Chacha20-Poly1305 ciphersuites from RFC7905 */
+ # define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
+ # define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
+ # define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
+@@ -762,6 +767,9 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
+ # define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+ # define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+ # define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
++# define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305_D "OLD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
++# define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305_D "OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
++# define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D "OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
+ # define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+ # define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
+ # define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
+@@ -1090,7 +1098,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
+ # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
+ # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
+
+-/* draft-ietf-tls-chacha20-poly1305-03 */
++/* Chacha20-Poly1305-Draft ciphersuites from draft-agl-tls-chacha20poly1305-04 */
++# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_D "ECDHE-RSA-CHACHA20-POLY1305-OLD"
++# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D "ECDHE-ECDSA-CHACHA20-POLY1305-OLD"
++# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_D "DHE-RSA-CHACHA20-POLY1305-OLD"
++
++/* Chacha20-Poly1305 ciphersuites from RFC7905 */
+ # define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
+ # define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
+ # define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index a987604bcd..ada87e965a 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -2082,6 +2082,54 @@ static SSL_CIPHER ssl3_ciphers[] = {
+ 256,
+ 256,
+ },
++ {
++ 1,
++ TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305_D,
++ SSL_kDHE,
++ SSL_aRSA,
++ SSL_CHACHA20POLY1305_D,
++ SSL_AEAD,
++ TLS1_2_VERSION, TLS1_2_VERSION,
++ DTLS1_2_VERSION, DTLS1_2_VERSION,
++ SSL_HIGH,
++ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
++ 256,
++ 256,
++ },
++ {
++ 1,
++ TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_D,
++ SSL_kECDHE,
++ SSL_aRSA,
++ SSL_CHACHA20POLY1305_D,
++ SSL_AEAD,
++ TLS1_2_VERSION, TLS1_2_VERSION,
++ DTLS1_2_VERSION, DTLS1_2_VERSION,
++ SSL_HIGH,
++ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
++ 256,
++ 256,
++ },
++ {
++ 1,
++ TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D,
++ TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_D,
++ SSL_kECDHE,
++ SSL_aECDSA,
++ SSL_CHACHA20POLY1305_D,
++ SSL_AEAD,
++ TLS1_2_VERSION, TLS1_2_VERSION,
++ DTLS1_2_VERSION, DTLS1_2_VERSION,
++ SSL_HIGH,
++ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
++ 256,
++ 256,
++ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
+diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
+index 735a483c64..aced63c50c 100644
+--- a/ssl/ssl_ciph.c
++++ b/ssl/ssl_ciph.c
+@@ -43,7 +43,8 @@
+ #define SSL_ENC_CHACHA_IDX 19
+ #define SSL_ENC_ARIA128GCM_IDX 20
+ #define SSL_ENC_ARIA256GCM_IDX 21
+-#define SSL_ENC_NUM_IDX 22
++#define SSL_ENC_CHACHA20_D_IDX 22
++#define SSL_ENC_NUM_IDX 23
+
+ /* NB: make sure indices in these tables match values above */
+
+@@ -76,6 +77,7 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
+ {SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, /* SSL_ENC_CHACHA_IDX 19 */
+ {SSL_ARIA128GCM, NID_aria_128_gcm}, /* SSL_ENC_ARIA128GCM_IDX 20 */
+ {SSL_ARIA256GCM, NID_aria_256_gcm}, /* SSL_ENC_ARIA256GCM_IDX 21 */
++ {SSL_CHACHA20POLY1305_D, NID_chacha20_poly1305_draft}, /* SSL_ENC_CHACHA20POLY1305_IDX 22 */
+ };
+
+ static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX];
+@@ -275,6 +277,7 @@ static const SSL_CIPHER cipher_aliases[] = {
+ {0, SSL_TXT_CAMELLIA256, NULL, 0, 0, 0, SSL_CAMELLIA256},
+ {0, SSL_TXT_CAMELLIA, NULL, 0, 0, 0, SSL_CAMELLIA},
+ {0, SSL_TXT_CHACHA20, NULL, 0, 0, 0, SSL_CHACHA20},
++ {0, SSL_TXT_CHACHA20_D, NULL, 0, 0, 0, SSL_CHACHA20POLY1305_D},
+
+ {0, SSL_TXT_ARIA, NULL, 0, 0, 0, SSL_ARIA},
+ {0, SSL_TXT_ARIA_GCM, NULL, 0, 0, 0, SSL_ARIA128GCM | SSL_ARIA256GCM},
+@@ -1792,6 +1795,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
+ case SSL_CHACHA20POLY1305:
+ enc = "CHACHA20/POLY1305(256)";
+ break;
++ case SSL_CHACHA20POLY1305_D:
++ enc = "CHACHA20/POLY1305-Draft(256)";
++ break;
+ default:
+ enc = "unknown";
+ break;
+@@ -2116,7 +2122,7 @@ int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead,
+ out = EVP_CCM_TLS_EXPLICIT_IV_LEN + 16;
+ } else if (c->algorithm_enc & (SSL_AES128CCM8 | SSL_AES256CCM8)) {
+ out = EVP_CCM_TLS_EXPLICIT_IV_LEN + 8;
+- } else if (c->algorithm_enc & SSL_CHACHA20POLY1305) {
++ } else if (c->algorithm_enc & (SSL_CHACHA20POLY1305 | SSL_CHACHA20POLY1305_D)) {
+ out = 16;
+ } else if (c->algorithm_mac & SSL_AEAD) {
+ /* We're supposed to have handled all the AEAD modes above */
+diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
+index 8ddbde7729..9ef6ea092a 100644
+--- a/ssl/ssl_local.h
++++ b/ssl/ssl_local.h
+@@ -230,12 +230,13 @@
+ # define SSL_CHACHA20POLY1305 0x00080000U
+ # define SSL_ARIA128GCM 0x00100000U
+ # define SSL_ARIA256GCM 0x00200000U
++# define SSL_CHACHA20POLY1305_D 0x00400000U
+
+ # define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM)
+ # define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8)
+ # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM)
+ # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
+-# define SSL_CHACHA20 (SSL_CHACHA20POLY1305)
++# define SSL_CHACHA20 (SSL_CHACHA20POLY1305 | SSL_CHACHA20POLY1305_D)
+ # define SSL_ARIAGCM (SSL_ARIA128GCM | SSL_ARIA256GCM)
+ # define SSL_ARIA (SSL_ARIAGCM)
+
+diff --git a/util/libcrypto.num b/util/libcrypto.num
+index 876b7ca710..14fc37999f 100644
+--- a/util/libcrypto.num
++++ b/util/libcrypto.num
+@@ -4587,3 +4587,4 @@ EVP_PKEY_meth_set_digestverify 4540 1_1_1e EXIST::FUNCTION:
+ EVP_PKEY_meth_get_digestverify 4541 1_1_1e EXIST::FUNCTION:
+ EVP_PKEY_meth_get_digestsign 4542 1_1_1e EXIST::FUNCTION:
+ RSA_get0_pss_params 4543 1_1_1e EXIST::FUNCTION:RSA
++EVP_chacha20_poly1305_draft 4544 1_1_1f EXIST::FUNCTION:CHACHA,POLY1305
diff --git a/openssl-3.0.0-dev_revert.patch b/openssl-3.0.0-dev_revert.patch
new file mode 100644
index 0000000..4818a02
--- /dev/null
+++ b/openssl-3.0.0-dev_revert.patch
@@ -0,0 +1,3699 @@
+diff --git a/apps/build.info b/apps/build.info
+index 2186de3a27..ee934e1fb1 100644
+--- a/apps/build.info
++++ b/apps/build.info
+@@ -14,14 +14,14 @@ $OPENSSLSRC=\
+ openssl.c progs.c \
+ asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c \
+ ec.c ecparam.c enc.c engine.c errstr.c \
+- genpkey.c kdf.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c \
+- pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c \
+- s_client.c s_server.c s_time.c sess_id.c smime.c speed.c \
++ genpkey.c genrsa.c kdf.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c \
++ pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c \
++ rsautl.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c \
+ spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c \
+ list.c info.c provider.c fipsinstall.c
+ IF[{- !$disabled{'deprecated-3.0'} -}]
+ $OPENSSLSRC=$OPENSSLSRC \
+- dhparam.c dsa.c dsaparam.c gendsa.c rsa.c rsautl.c genrsa.c
++ dhparam.c dsa.c dsaparam.c gendsa.c
+ ENDIF
+ IF[{- !$disabled{'cmp'} -}]
+ $OPENSSLSRC=$OPENSSLSRC cmp_mock_srv.c
+diff --git a/apps/genrsa.c b/apps/genrsa.c
+index 3f76d9bada..a7d04fed30 100644
+--- a/apps/genrsa.c
++++ b/apps/genrsa.c
+@@ -7,9 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/* We need to use the deprecated RSA low level calls */
+-#define OPENSSL_SUPPRESS_DEPRECATED
+-
+ #include
+ #ifdef OPENSSL_NO_RSA
+ NON_EMPTY_TRANSLATION_UNIT
+diff --git a/apps/rsa.c b/apps/rsa.c
+index d626bbb31a..539b0144ab 100644
+--- a/apps/rsa.c
++++ b/apps/rsa.c
+@@ -7,9 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/* We need to use the deprecated RSA low level calls */
+-#define OPENSSL_SUPPRESS_DEPRECATED
+-
+ #include
+ #ifdef OPENSSL_NO_RSA
+ NON_EMPTY_TRANSLATION_UNIT
+diff --git a/apps/rsautl.c b/apps/rsautl.c
+index b72f527ce4..ddd507ce9a 100644
+--- a/apps/rsautl.c
++++ b/apps/rsautl.c
+@@ -7,9 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/* We need to use the deprecated RSA low level calls */
+-#define OPENSSL_SUPPRESS_DEPRECATED
+-
+ #include
+ #ifdef OPENSSL_NO_RSA
+ NON_EMPTY_TRANSLATION_UNIT
+diff --git a/apps/speed.c b/apps/speed.c
+index 9d4ab2c330..c735ad2031 100644
+--- a/apps/speed.c
++++ b/apps/speed.c
+@@ -94,7 +94,7 @@
+ #ifndef OPENSSL_NO_CAST
+ # include
+ #endif
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ # include
+ # include "./testrsa.h"
+ #endif
+@@ -417,7 +417,7 @@ static const OPT_PAIR dsa_choices[DSA_NUM] = {
+ static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
+ #endif /* OPENSSL_NO_DSA */
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ enum {
+ R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
+ R_RSA_15360, RSA_NUM
+@@ -543,7 +543,7 @@ typedef struct loopargs_st {
+ unsigned char *key;
+ unsigned int siglen;
+ size_t sigsize;
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ RSA *rsa_key[RSA_NUM];
+ #endif
+ #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+@@ -1022,7 +1022,7 @@ static int EVP_CMAC_loop(void *args)
+ }
+ #endif
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
+
+ static int RSA_sign_loop(void *args)
+@@ -1504,7 +1504,7 @@ int speed_main(int argc, char **argv)
+ #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+ CAMELLIA_KEY camellia_ks[3];
+ #endif
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ static const struct {
+ const unsigned char *data;
+ unsigned int length;
+@@ -1712,10 +1712,8 @@ int speed_main(int argc, char **argv)
+ goto end;
+ break;
+ case OPT_PRIMES:
+-#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (!opt_int(opt_arg(), &primes))
+ goto end;
+-#endif
+ break;
+ case OPT_SECONDS:
+ seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
+@@ -1753,7 +1751,7 @@ int speed_main(int argc, char **argv)
+ doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
+ continue;
+ }
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ if (strcmp(algo, "openssl") == 0) /* just for compatibility */
+ continue;
+ if (strncmp(algo, "rsa", 3) == 0) {
+@@ -1916,7 +1914,7 @@ int speed_main(int argc, char **argv)
+ if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
+ memset(doit, 1, sizeof(doit));
+ doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ memset(rsa_doit, 1, sizeof(rsa_doit));
+ #endif
+ #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+@@ -1940,7 +1938,7 @@ int speed_main(int argc, char **argv)
+ "You have chosen to measure elapsed time "
+ "instead of user CPU time.\n");
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ for (i = 0; i < loopargs_len; i++) {
+ if (primes > RSA_DEFAULT_PRIME_NUM) {
+ /* for multi-prime RSA, skip this */
+@@ -2110,7 +2108,7 @@ int speed_main(int argc, char **argv)
+ c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
+ }
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++# ifndef OPENSSL_NO_RSA
+ rsa_c[R_RSA_512][0] = count / 2000;
+ rsa_c[R_RSA_512][1] = count / 400;
+ for (i = 1; i < RSA_NUM; i++) {
+@@ -2866,7 +2864,7 @@ int speed_main(int argc, char **argv)
+ if (RAND_bytes(loopargs[i].buf, 36) <= 0)
+ goto end;
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ for (testnum = 0; testnum < RSA_NUM; testnum++) {
+ int st = 0;
+ if (!rsa_doit[testnum])
+@@ -3571,7 +3569,7 @@ int speed_main(int argc, char **argv)
+ }
+ printf("\n");
+ }
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ testnum = 1;
+ for (k = 0; k < RSA_NUM; k++) {
+ if (!rsa_doit[k])
+@@ -3698,7 +3696,7 @@ int speed_main(int argc, char **argv)
+ OPENSSL_free(loopargs[i].buf_malloc);
+ OPENSSL_free(loopargs[i].buf2_malloc);
+
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
++#ifndef OPENSSL_NO_RSA
+ for (k = 0; k < RSA_NUM; k++)
+ RSA_free(loopargs[i].rsa_key[k]);
+ #endif
+@@ -3894,9 +3892,7 @@ static int do_multi(int multi, int size_num)
+ sstrsep(&p, sep);
+ for (j = 0; j < size_num; ++j)
+ results[alg][j] += atof(sstrsep(&p, sep));
+- }
+-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+- else if (strncmp(buf, "+F2:", 4) == 0) {
++ } else if (strncmp(buf, "+F2:", 4) == 0) {
+ int k;
+ double d;
+
+@@ -3910,7 +3906,6 @@ static int do_multi(int multi, int size_num)
+ d = atof(sstrsep(&p, sep));
+ rsa_results[k][1] += d;
+ }
+-#endif
+ #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+ else if (strncmp(buf, "+F3:", 4) == 0) {
+ int k;
+diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c
+index 9a6f271000..d1d8b0b59e 100644
+--- a/crypto/evp/p_dec.c
++++ b/crypto/evp/p_dec.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c
+index 349eabde4c..4c169857c2 100644
+--- a/crypto/evp/p_enc.c
++++ b/crypto/evp/p_enc.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
+index fb378ae039..f4a5a06e5d 100644
+--- a/crypto/rsa/rsa_ameth.c
++++ b/crypto/rsa/rsa_ameth.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
+index 8798bd52d6..e6b81253fa 100644
+--- a/crypto/rsa/rsa_asn1.c
++++ b/crypto/rsa/rsa_asn1.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
+index e6b700bc0d..6ba0010c77 100644
+--- a/crypto/rsa/rsa_chk.c
++++ b/crypto/rsa/rsa_chk.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include "crypto/rsa.h"
+diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
+index 83cae46103..6abee298c6 100644
+--- a/crypto/rsa/rsa_crpt.c
++++ b/crypto/rsa/rsa_crpt.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include "internal/cryptlib.h"
+diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c
+index 8ba6e8c2ee..ed63262645 100644
+--- a/crypto/rsa/rsa_depr.c
++++ b/crypto/rsa/rsa_depr.c
+@@ -12,12 +12,6 @@
+ * "new" versions).
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #ifdef OPENSSL_NO_DEPRECATED_0_9_8
+ NON_EMPTY_TRANSLATION_UNIT
+diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
+index 5d82ae6f34..b74f43f8a1 100644
+--- a/crypto/rsa/rsa_gen.c
++++ b/crypto/rsa/rsa_gen.c
+@@ -13,12 +13,6 @@
+ * Geoff
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include "internal/cryptlib.h"
+diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
+index e9a5b48fbc..51fd3c5ca0 100644
+--- a/crypto/rsa/rsa_lib.c
++++ b/crypto/rsa/rsa_lib.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/crypto/rsa/rsa_meth.c b/crypto/rsa/rsa_meth.c
+index 6bbe21814e..a2a0426ee4 100644
+--- a/crypto/rsa/rsa_meth.c
++++ b/crypto/rsa/rsa_meth.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "rsa_local.h"
+ #include
+diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c
+index 5298ca7328..833ab94028 100644
+--- a/crypto/rsa/rsa_none.c
++++ b/crypto/rsa/rsa_none.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "internal/cryptlib.h"
+ #include
+ #include
+diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
+index ed486acbe6..a0af741183 100644
+--- a/crypto/rsa/rsa_oaep.c
++++ b/crypto/rsa/rsa_oaep.c
+@@ -20,12 +20,6 @@
+ * one-wayness. For the RSA function, this is an equivalent notion.
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "internal/constant_time.h"
+
+ #include
+diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
+index 504ad82f17..7746f6d961 100644
+--- a/crypto/rsa/rsa_ossl.c
++++ b/crypto/rsa/rsa_ossl.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "internal/cryptlib.h"
+ #include "crypto/bn.h"
+ #include "rsa_local.h"
+diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
+index b8aa49d701..c6bbf2dcd6 100644
+--- a/crypto/rsa/rsa_pk1.c
++++ b/crypto/rsa/rsa_pk1.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "internal/constant_time.h"
+
+ #include
+diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
+index 7a298d5d93..96937ae059 100644
+--- a/crypto/rsa/rsa_pmeth.c
++++ b/crypto/rsa/rsa_pmeth.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "internal/constant_time.h"
+
+ #include
+diff --git a/crypto/rsa/rsa_prn.c b/crypto/rsa/rsa_prn.c
+index 1e52e9e3e6..5e4c098a16 100644
+--- a/crypto/rsa/rsa_prn.c
++++ b/crypto/rsa/rsa_prn.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
+index 999fc3122f..bd82faf54a 100644
+--- a/crypto/rsa/rsa_pss.c
++++ b/crypto/rsa/rsa_pss.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
+index e7041ca2ae..7041535cc0 100644
+--- a/crypto/rsa/rsa_saos.c
++++ b/crypto/rsa/rsa_saos.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
+index 544cca446e..3d89a8db54 100644
+--- a/crypto/rsa/rsa_sign.c
++++ b/crypto/rsa/rsa_sign.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
+index 0309665338..49005a54a4 100644
+--- a/crypto/rsa/rsa_ssl.c
++++ b/crypto/rsa/rsa_ssl.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c
+index 7a1503752f..3caafb699f 100644
+--- a/crypto/rsa/rsa_x931.c
++++ b/crypto/rsa/rsa_x931.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include "internal/cryptlib.h"
+ #include
+diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c
+index 7b65133ec8..1f6042a3d2 100644
+--- a/crypto/rsa/rsa_x931g.c
++++ b/crypto/rsa/rsa_x931g.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/engines/build.info b/engines/build.info
+index 3bfe1dc057..fca41358e9 100644
+--- a/engines/build.info
++++ b/engines/build.info
+@@ -78,7 +78,6 @@ IF[{- !$disabled{"engine"} -}]
+ SOURCE[dasync]=dasync.ld
+ GENERATE[dasync.ld]=../util/engines.num
+ ENDIF
+-
+ SOURCE[ossltest]=e_ossltest.c
+ DEPEND[ossltest]=../libcrypto
+ INCLUDE[ossltest]=../include
+diff --git a/engines/e_dasync.c b/engines/e_dasync.c
+index 446680e535..c5d58ded09 100644
+--- a/engines/e_dasync.c
++++ b/engines/e_dasync.c
+@@ -15,7 +15,6 @@
+ */
+ #include "internal/deprecated.h"
+
+-#include
+ #if defined(_WIN32)
+ # include
+ #endif
+@@ -102,29 +101,22 @@ static int dasync_digest_nids(const int **nids)
+ }
+
+ /* RSA */
+-static int dasync_pkey(ENGINE *e, EVP_PKEY_METHOD **pmeth,
+- const int **pnids, int nid);
+-
+-static int dasync_rsa_init(EVP_PKEY_CTX *ctx);
+-static void dasync_rsa_cleanup(EVP_PKEY_CTX *ctx);
+-static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx);
+-static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+-static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx);
+-static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+-static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx);
+-static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen);
+-static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx);
+-static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen);
+-static int dasync_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+-static int dasync_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+- const char *value);
+-
+-static EVP_PKEY_METHOD *dasync_rsa;
+-static const EVP_PKEY_METHOD *dasync_rsa_orig;
++
++static int dasync_pub_enc(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++static int dasync_pub_dec(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++static int dasync_rsa_priv_enc(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++static int dasync_rsa_priv_dec(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
++ BN_CTX *ctx);
++
++static int dasync_rsa_init(RSA *rsa);
++static int dasync_rsa_finish(RSA *rsa);
++
++static RSA_METHOD *dasync_rsa_method = NULL;
+
+ /* AES */
+
+@@ -205,30 +197,26 @@ static int dasync_cipher_nids[] = {
+
+ static int bind_dasync(ENGINE *e)
+ {
+- /* Setup RSA */
+- ;
+- if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL
+- || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL)
++ /* Setup RSA_METHOD */
++ if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL
++ || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0
++ || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0
++ || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0
++ || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0
++ || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0
++ || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0
++ || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0
++ || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) {
++ DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED);
+ return 0;
+- EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init);
+- EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup);
+- EVP_PKEY_meth_set_paramgen(dasync_rsa, dasync_rsa_paramgen_init,
+- dasync_rsa_paramgen);
+- EVP_PKEY_meth_set_keygen(dasync_rsa, dasync_rsa_keygen_init,
+- dasync_rsa_keygen);
+- EVP_PKEY_meth_set_encrypt(dasync_rsa, dasync_rsa_encrypt_init,
+- dasync_rsa_encrypt);
+- EVP_PKEY_meth_set_decrypt(dasync_rsa, dasync_rsa_decrypt_init,
+- dasync_rsa_decrypt);
+- EVP_PKEY_meth_set_ctrl(dasync_rsa, dasync_rsa_ctrl,
+- dasync_rsa_ctrl_str);
++ }
+
+ /* Ensure the dasync error handling is set up */
+ ERR_load_DASYNC_strings();
+
+ if (!ENGINE_set_id(e, engine_dasync_id)
+ || !ENGINE_set_name(e, engine_dasync_name)
+- || !ENGINE_set_pkey_meths(e, dasync_pkey)
++ || !ENGINE_set_RSA(e, dasync_rsa_method)
+ || !ENGINE_set_digests(e, dasync_digests)
+ || !ENGINE_set_ciphers(e, dasync_ciphers)
+ || !ENGINE_set_destroy_function(e, dasync_destroy)
+@@ -307,13 +295,6 @@ static int bind_dasync(ENGINE *e)
+ return 1;
+ }
+
+-static void destroy_pkey(void)
+-{
+- EVP_PKEY_meth_free(dasync_rsa);
+- dasync_rsa_orig = NULL;
+- dasync_rsa = NULL;
+-}
+-
+ # ifndef OPENSSL_NO_DYNAMIC_ENGINE
+ static int bind_helper(ENGINE *e, const char *id)
+ {
+@@ -366,30 +347,11 @@ static int dasync_destroy(ENGINE *e)
+ {
+ destroy_digests();
+ destroy_ciphers();
+- destroy_pkey();
++ RSA_meth_free(dasync_rsa_method);
+ ERR_unload_DASYNC_strings();
+ return 1;
+ }
+
+-static int dasync_pkey(ENGINE *e, EVP_PKEY_METHOD **pmeth,
+- const int **pnids, int nid)
+-{
+- static const int rnid = EVP_PKEY_RSA;
+-
+- if (pmeth == NULL) {
+- *pnids = &rnid;
+- return 1;
+- }
+-
+- if (nid == EVP_PKEY_RSA) {
+- *pmeth = dasync_rsa;
+- return 1;
+- }
+-
+- *pmeth = NULL;
+- return 0;
+-}
+-
+ static int dasync_digests(ENGINE *e, const EVP_MD **digest,
+ const int **nids, int nid)
+ {
+@@ -560,6 +522,60 @@ static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+ return EVP_MD_meth_get_final(EVP_sha1())(ctx, md);
+ }
+
++/*
++ * RSA implementation
++ */
++
++static int dasync_pub_enc(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding) {
++ /* Ignore errors - we carry on anyway */
++ dummy_pause_job();
++ return RSA_meth_get_pub_enc(RSA_PKCS1_OpenSSL())
++ (flen, from, to, rsa, padding);
++}
++
++static int dasync_pub_dec(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding) {
++ /* Ignore errors - we carry on anyway */
++ dummy_pause_job();
++ return RSA_meth_get_pub_dec(RSA_PKCS1_OpenSSL())
++ (flen, from, to, rsa, padding);
++}
++
++static int dasync_rsa_priv_enc(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding)
++{
++ /* Ignore errors - we carry on anyway */
++ dummy_pause_job();
++ return RSA_meth_get_priv_enc(RSA_PKCS1_OpenSSL())
++ (flen, from, to, rsa, padding);
++}
++
++static int dasync_rsa_priv_dec(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding)
++{
++ /* Ignore errors - we carry on anyway */
++ dummy_pause_job();
++ return RSA_meth_get_priv_dec(RSA_PKCS1_OpenSSL())
++ (flen, from, to, rsa, padding);
++}
++
++static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
++{
++ /* Ignore errors - we carry on anyway */
++ dummy_pause_job();
++ return RSA_meth_get_mod_exp(RSA_PKCS1_OpenSSL())(r0, I, rsa, ctx);
++}
++
++static int dasync_rsa_init(RSA *rsa)
++{
++ return RSA_meth_get_init(RSA_PKCS1_OpenSSL())(rsa);
++}
++static int dasync_rsa_finish(RSA *rsa)
++{
++ return RSA_meth_get_finish(RSA_PKCS1_OpenSSL())(rsa);
++}
++
+ /* Cipher helper functions */
+
+ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg,
+@@ -787,125 +803,3 @@ static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx)
+ */
+ return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1());
+ }
+-
+-
+-/*
+- * RSA implementation
+- */
+-static int dasync_rsa_init(EVP_PKEY_CTX *ctx)
+-{
+- static int (*pinit)(EVP_PKEY_CTX *ctx);
+-
+- if (pinit == NULL)
+- EVP_PKEY_meth_get_init(dasync_rsa_orig, &pinit);
+- return pinit(ctx);
+-}
+-
+-static void dasync_rsa_cleanup(EVP_PKEY_CTX *ctx)
+-{
+- static void (*pcleanup)(EVP_PKEY_CTX *ctx);
+-
+- if (pcleanup == NULL)
+- EVP_PKEY_meth_get_cleanup(dasync_rsa_orig, &pcleanup);
+- pcleanup(ctx);
+-}
+-
+-static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx)
+-{
+- static int (*pparamgen_init)(EVP_PKEY_CTX *ctx);
+-
+- if (pparamgen_init == NULL)
+- EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, &pparamgen_init, NULL);
+- return pparamgen_init(ctx);
+-}
+-
+-static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+-{
+- static int (*pparamgen)(EVP_PKEY_CTX *c, EVP_PKEY *pkey);
+-
+- if (pparamgen == NULL)
+- EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, &pparamgen);
+- return pparamgen(ctx, pkey);
+-}
+-
+-static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx)
+-{
+- static int (*pkeygen_init)(EVP_PKEY_CTX *ctx);
+-
+- if (pkeygen_init == NULL)
+- EVP_PKEY_meth_get_keygen(dasync_rsa_orig, &pkeygen_init, NULL);
+- return pkeygen_init(ctx);
+-}
+-
+-static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+-{
+- static int (*pkeygen)(EVP_PKEY_CTX *c, EVP_PKEY *pkey);
+-
+- if (pkeygen == NULL)
+- EVP_PKEY_meth_get_keygen(dasync_rsa_orig, NULL, &pkeygen);
+- return pkeygen(ctx, pkey);
+-}
+-
+-static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx)
+-{
+- static int (*pencrypt_init)(EVP_PKEY_CTX *ctx);
+-
+- if (pencrypt_init == NULL)
+- EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, &pencrypt_init, NULL);
+- return pencrypt_init(ctx);
+-}
+-
+-static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen)
+-{
+- static int (*pencryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen);
+-
+- if (pencryptfn == NULL)
+- EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, NULL, &pencryptfn);
+- return pencryptfn(ctx, out, outlen, in, inlen);
+-}
+-
+-static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx)
+-{
+- static int (*pdecrypt_init)(EVP_PKEY_CTX *ctx);
+-
+- if (pdecrypt_init == NULL)
+- EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, &pdecrypt_init, NULL);
+- return pdecrypt_init(ctx);
+-}
+-
+-static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen)
+-{
+- static int (*pdecrypt)(EVP_PKEY_CTX *ctx, unsigned char *out,
+- size_t *outlen, const unsigned char *in,
+- size_t inlen);
+-
+- if (pdecrypt == NULL)
+- EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, NULL, &pdecrypt);
+- return pdecrypt(ctx, out, outlen, in, inlen);
+-}
+-
+-static int dasync_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+-{
+- static int (*pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+-
+- if (pctrl == NULL)
+- EVP_PKEY_meth_get_ctrl(dasync_rsa_orig, &pctrl, NULL);
+- return pctrl(ctx, type, p1, p2);
+-}
+-
+-static int dasync_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+- const char *value)
+-{
+- static int (*pctrl_str)(EVP_PKEY_CTX *ctx, const char *type,
+- const char *value);
+-
+- if (pctrl_str == NULL)
+- EVP_PKEY_meth_get_ctrl(dasync_rsa_orig, NULL, &pctrl_str);
+- return pctrl_str(ctx, type, value);
+-}
+diff --git a/fuzz/asn1.c b/fuzz/asn1.c
+index 0858bee91d..0212e5674d 100644
+--- a/fuzz/asn1.c
++++ b/fuzz/asn1.c
+@@ -338,7 +338,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
+ DO_TEST_NO_PRINT(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey);
+ DO_TEST_NO_PRINT(DSA, d2i_DSAparams, i2d_DSAparams);
+ #endif
+- DO_TEST_NO_PRINT(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey);
++ DO_TEST_PRINT_OFFSET(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey, RSA_print);
+ #ifndef OPENSSL_NO_EC
+ DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print);
+ DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print);
+diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
+index 49040bf7e6..1df1c08eb3 100644
+--- a/include/openssl/rsa.h
++++ b/include/openssl/rsa.h
+@@ -33,50 +33,46 @@
+ extern "C" {
+ # endif
+
++/* The types RSA and RSA_METHOD are defined in ossl_typ.h */
++
+ # ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+ # define OPENSSL_RSA_MAX_MODULUS_BITS 16384
+ # endif
+
+-# ifndef OPENSSL_NO_DEPRECATED_3_0
+-/* The types RSA and RSA_METHOD are defined in ossl_typ.h */
+-
+-# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
++# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
+
+-# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+-# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
+-# endif
++# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
++# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
++# endif
++# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+
+ /* exponent limit enforced for "large" modulus only */
+-# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+-# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
+-# endif
++# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
++# endif
+
+-# define RSA_3 0x3L
+-# define RSA_F4 0x10001L
++# define RSA_3 0x3L
++# define RSA_F4 0x10001L
+
+ /* based on RFC 8017 appendix A.1.2 */
+-# define RSA_ASN1_VERSION_DEFAULT 0
+-# define RSA_ASN1_VERSION_MULTI 1
++# define RSA_ASN1_VERSION_DEFAULT 0
++# define RSA_ASN1_VERSION_MULTI 1
+
+-# define RSA_DEFAULT_PRIME_NUM 2
+-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
++# define RSA_DEFAULT_PRIME_NUM 2
+
+ /* Don't check pub/private match */
+-/* TODO(3.0): deprecate this? It is exposed for sls/t1_lib.c's use */
+ # define RSA_METHOD_FLAG_NO_CHECK 0x0001
+
+-# ifndef OPENSSL_NO_DEPRECATED_3_0
+-# define RSA_FLAG_CACHE_PUBLIC 0x0002
+-# define RSA_FLAG_CACHE_PRIVATE 0x0004
+-# define RSA_FLAG_BLINDING 0x0008
+-# define RSA_FLAG_THREAD_SAFE 0x0010
++# define RSA_FLAG_CACHE_PUBLIC 0x0002
++# define RSA_FLAG_CACHE_PRIVATE 0x0004
++# define RSA_FLAG_BLINDING 0x0008
++# define RSA_FLAG_THREAD_SAFE 0x0010
+ /*
+ * This flag means the private key operations will be handled by rsa_mod_exp
+ * and that they do not depend on the private key components being present:
+ * for example a key stored in external hardware. Without this flag
+ * bn_mod_exp gets called when private key components are absent.
+ */
+-# define RSA_FLAG_EXT_PKEY 0x0020
++# define RSA_FLAG_EXT_PKEY 0x0020
+
+ /*
+ * new with 0.9.6j and 0.9.7b; the built-in
+@@ -84,14 +80,14 @@ extern "C" {
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+-# define RSA_FLAG_NO_BLINDING 0x0080
+-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
++# define RSA_FLAG_NO_BLINDING 0x0080
++# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+ /*
+ * Does nothing. Previously this switched off constant time behaviour.
+ */
+-# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+ # define RSA_FLAG_NO_CONSTTIME 0x0000
+ # endif
++# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+ /* deprecated name for the flag*/
+ /*
+ * new with 0.9.7h; the built-in RSA
+@@ -101,7 +97,6 @@ extern "C" {
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+-# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+ # define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
+ # endif
+
+@@ -135,6 +130,7 @@ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, char *name,
+ size_t namelen);
+
++
+ # define EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+@@ -145,7 +141,8 @@ int EVP_PKEY_CTX_set_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name,
+ size_t namelen);
+-int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen);
++int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label,
++ int llen);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ # define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
+@@ -189,10 +186,10 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+ # define RSA_get_app_data(s) RSA_get_ex_data(s,0)
+
+ RSA *RSA_new(void);
+-DEPRECATEDIN_3_0(RSA *RSA_new_method(ENGINE *engine))
+-DEPRECATEDIN_3_0(int RSA_bits(const RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_size(const RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_security_bits(const RSA *rsa))
++RSA *RSA_new_method(ENGINE *engine);
++int RSA_bits(const RSA *rsa);
++int RSA_size(const RSA *rsa);
++int RSA_security_bits(const RSA *rsa);
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+@@ -217,12 +214,12 @@ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+-DEPRECATEDIN_3_0(const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r))
++const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+-DEPRECATEDIN_3_0(int RSA_get_version(RSA *r))
+-DEPRECATEDIN_3_0(ENGINE *RSA_get0_engine(const RSA *r))
++int RSA_get_version(RSA *r);
++ENGINE *RSA_get0_engine(const RSA *r);
+
+ /* Deprecated version */
+ DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
+@@ -230,52 +227,43 @@ DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
+ void *cb_arg))
+
+ /* New version */
+-DEPRECATEDIN_3_0(int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
+- BN_GENCB *cb))
++int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ /* Multi-prime version */
+-DEPRECATEDIN_3_0(int RSA_generate_multi_prime_key(RSA *rsa, int bits,
+- int primes, BIGNUM *e,
+- BN_GENCB *cb))
+-
+-DEPRECATEDIN_3_0(int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
+- BIGNUM *q1, BIGNUM *q2,
+- const BIGNUM *Xp1, const BIGNUM *Xp2,
+- const BIGNUM *Xp, const BIGNUM *Xq1,
+- const BIGNUM *Xq2, const BIGNUM *Xq,
+- const BIGNUM *e, BN_GENCB *cb))
+-DEPRECATEDIN_3_0(int RSA_X931_generate_key_ex(RSA *rsa, int bits,
+- const BIGNUM *e, BN_GENCB *cb))
+-
+-DEPRECATEDIN_3_0(int RSA_check_key(const RSA *))
+-DEPRECATEDIN_3_0(int RSA_check_key_ex(const RSA *, BN_GENCB *cb))
++int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes,
++ BIGNUM *e, BN_GENCB *cb);
++
++int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1,
++ BIGNUM *q2, const BIGNUM *Xp1, const BIGNUM *Xp2,
++ const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2,
++ const BIGNUM *Xq, const BIGNUM *e, BN_GENCB *cb);
++int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e,
++ BN_GENCB *cb);
++
++int RSA_check_key(const RSA *);
++int RSA_check_key_ex(const RSA *, BN_GENCB *cb);
+ /* next 4 return -1 on error */
+-DEPRECATEDIN_3_0(int RSA_public_encrypt(int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa,
+- int padding))
+-DEPRECATEDIN_3_0(int RSA_private_encrypt(int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa,
+- int padding))
+-DEPRECATEDIN_3_0(int RSA_public_decrypt(int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa,
+- int padding))
+-DEPRECATEDIN_3_0(int RSA_private_decrypt(int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa,
+- int padding))
++int RSA_public_encrypt(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_private_encrypt(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_public_decrypt(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_private_decrypt(int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding);
+ void RSA_free(RSA *r);
+ /* "up" the RSA object's reference count */
+ int RSA_up_ref(RSA *r);
+
+-/* TODO(3.0): deprecate this one ssl/ssl_rsa.c can be changed to avoid it */
+ int RSA_flags(const RSA *r);
+
+-DEPRECATEDIN_3_0(void RSA_set_default_method(const RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_default_method(void))
+-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_null_method(void))
+-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_method(const RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_set_method(RSA *rsa, const RSA_METHOD *meth))
++void RSA_set_default_method(const RSA_METHOD *meth);
++const RSA_METHOD *RSA_get_default_method(void);
++const RSA_METHOD *RSA_null_method(void);
++const RSA_METHOD *RSA_get_method(const RSA *rsa);
++int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ /* these are the actual RSA functions */
+-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_PKCS1_OpenSSL(void))
++const RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
+
+@@ -304,129 +292,101 @@ typedef struct rsa_oaep_params_st {
+ DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+ # ifndef OPENSSL_NO_STDIO
+-DEPRECATEDIN_3_0(int RSA_print_fp(FILE *fp, const RSA *r, int offset))
++int RSA_print_fp(FILE *fp, const RSA *r, int offset);
+ # endif
+
+-DEPRECATEDIN_3_0(int RSA_print(BIO *bp, const RSA *r, int offset))
++int RSA_print(BIO *bp, const RSA *r, int offset);
+
+ /*
+ * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+ * PKCS#1 padded RSA encryption
+ */
+-DEPRECATEDIN_3_0(int RSA_sign(int type, const unsigned char *m,
+- unsigned int m_length, unsigned char *sigret,
+- unsigned int *siglen, RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_verify(int type, const unsigned char *m,
+- unsigned int m_length,
+- const unsigned char *sigbuf,
+- unsigned int siglen, RSA *rsa))
++int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
++ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
++int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
++ const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+ /*
+ * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+ * PKCS#1 padded RSA encryption
+ */
+-DEPRECATEDIN_3_0(int RSA_sign_ASN1_OCTET_STRING(int type,
+- const unsigned char *m,
+- unsigned int m_length,
+- unsigned char *sigret,
+- unsigned int *siglen, RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_verify_ASN1_OCTET_STRING(int type,
+- const unsigned char *m,
+- unsigned int m_length,
+- unsigned char *sigbuf,
+- unsigned int siglen,
+- RSA *rsa))
+-
+-/* TODO(3.0): figure out how to deprecate these two */
++int RSA_sign_ASN1_OCTET_STRING(int type,
++ const unsigned char *m, unsigned int m_length,
++ unsigned char *sigret, unsigned int *siglen,
++ RSA *rsa);
++int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
++ unsigned int m_length, unsigned char *sigbuf,
++ unsigned int siglen, RSA *rsa);
++
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+ void RSA_blinding_off(RSA *rsa);
+-DEPRECATEDIN_3_0(BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx))
+-
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+- const unsigned char *f,
+- int fl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+- const unsigned char *f,
+- int fl, int rsa_len))
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+- const unsigned char *f,
+- int fl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+- const unsigned char *f,
+- int fl, int rsa_len))
+-DEPRECATEDIN_3_0(int PKCS1_MGF1(unsigned char *mask, long len,
+- const unsigned char *seed, long seedlen,
+- const EVP_MD *dgst))
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+- const unsigned char *f, int fl,
+- const unsigned char *p, int pl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+- const unsigned char *f,
+- int fl, int rsa_len,
+- const unsigned char *p,
+- int pl))
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to,
+- int tlen,
+- const unsigned char *from,
+- int flen,
+- const unsigned char *param,
+- int plen,
+- const EVP_MD *md,
+- const EVP_MD *mgf1md))
+-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to,
+- int tlen,
+- const unsigned char *from,
+- int flen, int num,
+- const unsigned char *param,
+- int plen, const EVP_MD *md,
+- const EVP_MD *mgf1md))
+-DEPRECATEDIN_3_0(int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+- const unsigned char *f, int fl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+- const unsigned char *f, int fl,
+- int rsa_len))
+-DEPRECATEDIN_3_0(int RSA_padding_add_none(unsigned char *to, int tlen,
+- const unsigned char *f, int fl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_none(unsigned char *to, int tlen,
+- const unsigned char *f, int fl,
+- int rsa_len))
+-DEPRECATEDIN_3_0(int RSA_padding_add_X931(unsigned char *to, int tlen,
+- const unsigned char *f, int fl))
+-DEPRECATEDIN_3_0(int RSA_padding_check_X931(unsigned char *to, int tlen,
+- const unsigned char *f, int fl,
+- int rsa_len))
+-DEPRECATEDIN_3_0(int RSA_X931_hash_id(int nid))
+-
+-DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+- const EVP_MD *Hash,
+- const unsigned char *EM, int sLen))
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+- const unsigned char *mHash,
+- const EVP_MD *Hash, int sLen))
+-
+-DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa,
+- const unsigned char *mHash,
+- const EVP_MD *Hash,
+- const EVP_MD *mgf1Hash,
+- const unsigned char *EM,
+- int sLen))
+-
+-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa,
+- unsigned char *EM,
+- const unsigned char *mHash,
+- const EVP_MD *Hash,
+- const EVP_MD *mgf1Hash,
+- int sLen))
++BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
++
++int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
++ const unsigned char *f, int fl);
++int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
++ const unsigned char *f, int fl,
++ int rsa_len);
++int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
++ const unsigned char *f, int fl);
++int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
++ const unsigned char *f, int fl,
++ int rsa_len);
++int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
++ long seedlen, const EVP_MD *dgst);
++int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
++ const unsigned char *f, int fl,
++ const unsigned char *p, int pl);
++int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
++ const unsigned char *f, int fl, int rsa_len,
++ const unsigned char *p, int pl);
++int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
++ const unsigned char *from, int flen,
++ const unsigned char *param, int plen,
++ const EVP_MD *md, const EVP_MD *mgf1md);
++int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
++ const unsigned char *from, int flen,
++ int num, const unsigned char *param,
++ int plen, const EVP_MD *md,
++ const EVP_MD *mgf1md);
++int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
++ const unsigned char *f, int fl);
++int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
++ const unsigned char *f, int fl, int rsa_len);
++int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
++ int fl);
++int RSA_padding_check_none(unsigned char *to, int tlen,
++ const unsigned char *f, int fl, int rsa_len);
++int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
++ int fl);
++int RSA_padding_check_X931(unsigned char *to, int tlen,
++ const unsigned char *f, int fl, int rsa_len);
++int RSA_X931_hash_id(int nid);
++
++int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
++ const EVP_MD *Hash, const unsigned char *EM,
++ int sLen);
++int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
++ const unsigned char *mHash, const EVP_MD *Hash,
++ int sLen);
++
++int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
++ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
++ const unsigned char *EM, int sLen);
++
++int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
++ const unsigned char *mHash,
++ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
++ int sLen);
+
+ # define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
+-DEPRECATEDIN_3_0(int RSA_set_ex_data(RSA *r, int idx, void *arg))
+-DEPRECATEDIN_3_0(void *RSA_get_ex_data(const RSA *r, int idx))
++int RSA_set_ex_data(RSA *r, int idx, void *arg);
++void *RSA_get_ex_data(const RSA *r, int idx);
+
+ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPublicKey)
+ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
+
+-# ifndef OPENSSL_NO_DEPRECATED_3_0
+ /*
+ * If this flag is set the RSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+@@ -434,7 +394,7 @@ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
+ * result is compliant.
+ */
+
+-# define RSA_FLAG_FIPS_METHOD 0x0400
++# define RSA_FLAG_FIPS_METHOD 0x0400
+
+ /*
+ * If this flag is set the operations normally disabled in FIPS mode are
+@@ -442,101 +402,99 @@ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
+ * usage is compliant.
+ */
+
+-# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
++# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+ /*
+ * Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+-# define RSA_FLAG_CHECKED 0x0800
+-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+-
+-DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_new(const char *name, int flags))
+-DEPRECATEDIN_3_0(void RSA_meth_free(RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(const char *RSA_meth_get0_name(const RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(int RSA_meth_set1_name(RSA_METHOD *meth, const char *name))
+-DEPRECATEDIN_3_0(int RSA_meth_get_flags(const RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(int RSA_meth_set_flags(RSA_METHOD *meth, int flags))
+-DEPRECATEDIN_3_0(void *RSA_meth_get0_app_data(const RSA_METHOD *meth))
+-DEPRECATEDIN_3_0(int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
++# define RSA_FLAG_CHECKED 0x0800
++
++RSA_METHOD *RSA_meth_new(const char *name, int flags);
++void RSA_meth_free(RSA_METHOD *meth);
++RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
++const char *RSA_meth_get0_name(const RSA_METHOD *meth);
++int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
++int RSA_meth_get_flags(const RSA_METHOD *meth);
++int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
++void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
++int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
++int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa, int padding))
+-DEPRECATEDIN_3_0(int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+ int (*pub_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+- int padding)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
++ int padding));
++int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa, int padding))
+-DEPRECATEDIN_3_0(int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+ int (*pub_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+- int padding)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
++ int padding));
++int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa, int padding))
+-DEPRECATEDIN_3_0(int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+ int (*priv_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+- int padding)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
++ int padding));
++int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+- unsigned char *to, RSA *rsa, int padding))
+-DEPRECATEDIN_3_0(int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
++ unsigned char *to, RSA *rsa, int padding);
++int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+ int (*priv_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+- int padding)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
+- (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx))
+-DEPRECATEDIN_3_0(int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
++ int padding));
++int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
++ (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
++int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+ int (*mod_exp) (BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+- BN_CTX *ctx)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
++ BN_CTX *ctx));
++int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
+ (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx))
+-DEPRECATEDIN_3_0(int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
++ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
++int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+- BN_MONT_CTX *m_ctx)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_meth_set_init(RSA_METHOD *rsa, int (*init) (RSA *rsa)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_meth_set_finish(RSA_METHOD *rsa,
+- int (*finish) (RSA *rsa)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_sign(const RSA_METHOD *meth))
++ BN_MONT_CTX *m_ctx));
++int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa);
++int RSA_meth_set_init(RSA_METHOD *rsa, int (*init) (RSA *rsa));
++int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
++int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish) (RSA *rsa));
++int (*RSA_meth_get_sign(const RSA_METHOD *meth))
+ (int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+- const RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_meth_set_sign(RSA_METHOD *rsa,
++ const RSA *rsa);
++int RSA_meth_set_sign(RSA_METHOD *rsa,
+ int (*sign) (int type, const unsigned char *m,
+ unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+- const RSA *rsa)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_verify(const RSA_METHOD *meth))
++ const RSA *rsa));
++int (*RSA_meth_get_verify(const RSA_METHOD *meth))
+ (int dtype, const unsigned char *m,
+ unsigned int m_length, const unsigned char *sigbuf,
+- unsigned int siglen, const RSA *rsa))
+-DEPRECATEDIN_3_0(int RSA_meth_set_verify(RSA_METHOD *rsa,
++ unsigned int siglen, const RSA *rsa);
++int RSA_meth_set_verify(RSA_METHOD *rsa,
+ int (*verify) (int dtype, const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+- unsigned int siglen, const RSA *rsa)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
+- (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb))
+-DEPRECATEDIN_3_0(int RSA_meth_set_keygen(RSA_METHOD *rsa,
++ unsigned int siglen, const RSA *rsa));
++int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
++ (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
++int RSA_meth_set_keygen(RSA_METHOD *rsa,
+ int (*keygen) (RSA *rsa, int bits, BIGNUM *e,
+- BN_GENCB *cb)))
+-DEPRECATEDIN_3_0(int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
+- (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb))
+-DEPRECATEDIN_3_0(int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
++ BN_GENCB *cb));
++int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
++ (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);
++int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+ int (*keygen) (RSA *rsa, int bits,
+ int primes, BIGNUM *e,
+- BN_GENCB *cb)))
++ BN_GENCB *cb));
+
+ # ifdef __cplusplus
+ }
+diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
+index 5f05d1810b..dad9edf962 100644
+--- a/providers/implementations/asymciphers/rsa_enc.c
++++ b/providers/implementations/asymciphers/rsa_enc.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
+index 8ea394115b..f117d99001 100644
+--- a/providers/implementations/keymgmt/rsa_kmgmt.c
++++ b/providers/implementations/keymgmt/rsa_kmgmt.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/providers/implementations/serializers/serializer_rsa.c b/providers/implementations/serializers/serializer_rsa.c
+index 21898f9e3d..594c3d758f 100644
+--- a/providers/implementations/serializers/serializer_rsa.c
++++ b/providers/implementations/serializers/serializer_rsa.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include "crypto/rsa.h" /* rsa_get0_all_params() */
+ #include "prov/bio.h" /* ossl_prov_bio_printf() */
+ #include "prov/implementations.h" /* rsa_keymgmt_functions */
+diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c
+index 23042041de..af0aadcda1 100644
+--- a/providers/implementations/serializers/serializer_rsa_priv.c
++++ b/providers/implementations/serializers/serializer_rsa_priv.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/providers/implementations/serializers/serializer_rsa_pub.c b/providers/implementations/serializers/serializer_rsa_pub.c
+index 3ee0501ee1..f7eccf7624 100644
+--- a/providers/implementations/serializers/serializer_rsa_pub.c
++++ b/providers/implementations/serializers/serializer_rsa_pub.c
+@@ -7,12 +7,6 @@
+ * https://www.openssl.org/source/license.html
+ */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+ #include
+diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
+index 76bea32dbd..ea0fb750f1 100644
+--- a/ssl/s3_enc.c
++++ b/ssl/s3_enc.c
+@@ -86,7 +86,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
+ err:
+ EVP_MD_CTX_free(m5);
+ EVP_MD_CTX_free(s1);
+- ssl_evp_md_free(md5);
++ EVP_MD_free(md5);
+ return ret;
+ }
+
+@@ -257,16 +257,13 @@ int ssl3_setup_key_block(SSL *s)
+ if (s->s3.tmp.key_block_length != 0)
+ return 1;
+
+- if (!ssl_cipher_get_evp(s->ctx, s->session, &c, &hash, NULL, NULL, &comp,
+- 0)) {
++ if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, &comp, 0)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_SETUP_KEY_BLOCK,
+ SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return 0;
+ }
+
+- ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
+ s->s3.tmp.new_sym_enc = c;
+- ssl_evp_md_free(s->s3.tmp.new_hash);
+ s->s3.tmp.new_hash = hash;
+ #ifdef OPENSSL_NO_COMP
+ s->s3.tmp.new_compression = NULL;
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index 9902fa3811..26f19108ee 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -3334,9 +3334,6 @@ void ssl3_free(SSL *s)
+ s->s3.tmp.pkey = NULL;
+ #endif
+
+- ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
+- ssl_evp_md_free(s->s3.tmp.new_hash);
+-
+ OPENSSL_free(s->s3.tmp.ctype);
+ sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free);
+ OPENSSL_free(s->s3.tmp.ciphers_raw);
+@@ -4160,6 +4157,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+ STACK_OF(SSL_CIPHER) *prio, *allow;
+ int i, ii, ok, prefer_sha256 = 0;
+ unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
++ const EVP_MD *mdsha256 = EVP_sha256();
+ #ifndef OPENSSL_NO_CHACHA
+ STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
+ #endif
+@@ -4333,12 +4331,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+ if (prefer_sha256) {
+ const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
+
+- /*
+- * TODO: When there are no more legacy digests we can just use
+- * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn
+- */
+- if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2),
+- OBJ_nid2sn(NID_sha256))) {
++ if (ssl_md(tmp->algorithm2) == mdsha256) {
+ ret = tmp;
+ break;
+ }
+diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
+index 066c38a7cc..04ffae325c 100644
+--- a/ssl/ssl_ciph.c
++++ b/ssl/ssl_ciph.c
+@@ -22,6 +22,30 @@
+ #include "internal/thread_once.h"
+ #include "internal/cryptlib.h"
+
++#define SSL_ENC_DES_IDX 0
++#define SSL_ENC_3DES_IDX 1
++#define SSL_ENC_RC4_IDX 2
++#define SSL_ENC_RC2_IDX 3
++#define SSL_ENC_IDEA_IDX 4
++#define SSL_ENC_NULL_IDX 5
++#define SSL_ENC_AES128_IDX 6
++#define SSL_ENC_AES256_IDX 7
++#define SSL_ENC_CAMELLIA128_IDX 8
++#define SSL_ENC_CAMELLIA256_IDX 9
++#define SSL_ENC_GOST89_IDX 10
++#define SSL_ENC_SEED_IDX 11
++#define SSL_ENC_AES128GCM_IDX 12
++#define SSL_ENC_AES256GCM_IDX 13
++#define SSL_ENC_AES128CCM_IDX 14
++#define SSL_ENC_AES256CCM_IDX 15
++#define SSL_ENC_AES128CCM8_IDX 16
++#define SSL_ENC_AES256CCM8_IDX 17
++#define SSL_ENC_GOST8912_IDX 18
++#define SSL_ENC_CHACHA_IDX 19
++#define SSL_ENC_ARIA128GCM_IDX 20
++#define SSL_ENC_ARIA256GCM_IDX 21
++#define SSL_ENC_NUM_IDX 22
++
+ /* NB: make sure indices in these tables match values above */
+
+ typedef struct {
+@@ -55,6 +79,8 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
+ {SSL_ARIA256GCM, NID_aria_256_gcm}, /* SSL_ENC_ARIA256GCM_IDX 21 */
+ };
+
++static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX];
++
+ #define SSL_COMP_NULL_IDX 0
+ #define SSL_COMP_ZLIB_IDX 1
+ #define SSL_COMP_NUM_IDX 2
+@@ -65,6 +91,13 @@ static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+ static CRYPTO_ONCE ssl_load_builtin_comp_once = CRYPTO_ONCE_STATIC_INIT;
+ #endif
+
++/*
++ * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
++ * in the ssl_local.h
++ */
++
++#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
++
+ /* NB: make sure indices in this table matches values above */
+ static const ssl_cipher_table ssl_cipher_table_mac[SSL_MD_NUM_IDX] = {
+ {SSL_MD5, NID_md5}, /* SSL_MD_MD5_IDX 0 */
+@@ -81,6 +114,10 @@ static const ssl_cipher_table ssl_cipher_table_mac[SSL_MD_NUM_IDX] = {
+ {0, NID_sha512} /* SSL_MD_SHA512_IDX 11 */
+ };
+
++static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
++ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
++};
++
+ /* *INDENT-OFF* */
+ static const ssl_cipher_table ssl_cipher_table_kx[] = {
+ {SSL_kRSA, NID_kx_rsa},
+@@ -139,6 +176,8 @@ static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
+ NID_undef, NID_undef, NID_undef
+ };
+
++static size_t ssl_mac_secret_size[SSL_MD_NUM_IDX];
++
+ #define CIPHER_ADD 1
+ #define CIPHER_KILL 2
+ #define CIPHER_DEL 3
+@@ -317,37 +356,41 @@ static uint32_t disabled_mac_mask;
+ static uint32_t disabled_mkey_mask;
+ static uint32_t disabled_auth_mask;
+
+-int ssl_load_ciphers(SSL_CTX *ctx)
++int ssl_load_ciphers(void)
+ {
+ size_t i;
+ const ssl_cipher_table *t;
+
+ disabled_enc_mask = 0;
++ ssl_sort_cipher_list();
+ for (i = 0, t = ssl_cipher_table_cipher; i < SSL_ENC_NUM_IDX; i++, t++) {
+- if (t->nid != NID_undef) {
+- const EVP_CIPHER *cipher
+- = ssl_evp_cipher_fetch(ctx->libctx, t->nid, ctx->propq);
+-
+- ctx->ssl_cipher_methods[i] = cipher;
++ if (t->nid == NID_undef) {
++ ssl_cipher_methods[i] = NULL;
++ } else {
++ const EVP_CIPHER *cipher = EVP_get_cipherbynid(t->nid);
++ ssl_cipher_methods[i] = cipher;
+ if (cipher == NULL)
+ disabled_enc_mask |= t->mask;
+ }
+ }
+ disabled_mac_mask = 0;
+ for (i = 0, t = ssl_cipher_table_mac; i < SSL_MD_NUM_IDX; i++, t++) {
+- const EVP_MD *md
+- = ssl_evp_md_fetch(ctx->libctx, t->nid, ctx->propq);
+-
+- ctx->ssl_digest_methods[i] = md;
++ const EVP_MD *md = EVP_get_digestbynid(t->nid);
++ ssl_digest_methods[i] = md;
+ if (md == NULL) {
+ disabled_mac_mask |= t->mask;
+ } else {
+ int tmpsize = EVP_MD_size(md);
+ if (!ossl_assert(tmpsize >= 0))
+ return 0;
+- ctx->ssl_mac_secret_size[i] = tmpsize;
++ ssl_mac_secret_size[i] = tmpsize;
+ }
+ }
++ /* Make sure we can access MD5 and SHA1 */
++ if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL))
++ return 0;
++ if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL))
++ return 0;
+
+ disabled_mkey_mask = 0;
+ disabled_auth_mask = 0;
+@@ -380,14 +423,14 @@ int ssl_load_ciphers(SSL_CTX *ctx)
+ */
+ ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX])
+- ctx->ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
++ ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
+ else
+ disabled_mac_mask |= SSL_GOST89MAC;
+
+ ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX] =
+ get_optional_pkey_id("gost-mac-12");
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX])
+- ctx->ssl_mac_secret_size[SSL_MD_GOST89MAC12_IDX] = 32;
++ ssl_mac_secret_size[SSL_MD_GOST89MAC12_IDX] = 32;
+ else
+ disabled_mac_mask |= SSL_GOST89MAC12;
+
+@@ -440,39 +483,9 @@ static int load_builtin_compressions(void)
+ }
+ #endif
+
+-int ssl_cipher_get_evp_cipher(SSL_CTX *ctx, const SSL_CIPHER *sslc,
+- const EVP_CIPHER **enc)
+-{
+- int i = ssl_cipher_info_lookup(ssl_cipher_table_cipher, sslc->algorithm_enc);
+-
+- if (i == -1) {
+- *enc = NULL;
+- } else {
+- if (i == SSL_ENC_NULL_IDX) {
+- /*
+- * We assume we don't care about this coming from an ENGINE so
+- * just do a normal EVP_CIPHER_fetch instead of
+- * ssl_evp_cipher_fetch()
+- */
+- *enc = EVP_CIPHER_fetch(ctx->libctx, "NULL", ctx->propq);
+- if (*enc == NULL)
+- return 0;
+- } else {
+- const EVP_CIPHER *cipher = ctx->ssl_cipher_methods[i];
+-
+- if (cipher == NULL
+- || !ssl_evp_cipher_up_ref(cipher))
+- return 0;
+- *enc = ctx->ssl_cipher_methods[i];
+- }
+- }
+- return 1;
+-}
+-
+-int ssl_cipher_get_evp(SSL_CTX *ctx, const SSL_SESSION *s,
+- const EVP_CIPHER **enc, const EVP_MD **md,
+- int *mac_pkey_type, size_t *mac_secret_size,
+- SSL_COMP **comp, int use_etm)
++int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
++ const EVP_MD **md, int *mac_pkey_type,
++ size_t *mac_secret_size, SSL_COMP **comp, int use_etm)
+ {
+ int i;
+ const SSL_CIPHER *c;
+@@ -504,8 +517,16 @@ int ssl_cipher_get_evp(SSL_CTX *ctx, const SSL_SESSION *s,
+ if ((enc == NULL) || (md == NULL))
+ return 0;
+
+- if (!ssl_cipher_get_evp_cipher(ctx, c, enc))
+- return 0;
++ i = ssl_cipher_info_lookup(ssl_cipher_table_cipher, c->algorithm_enc);
++
++ if (i == -1) {
++ *enc = NULL;
++ } else {
++ if (i == SSL_ENC_NULL_IDX)
++ *enc = EVP_enc_null();
++ else
++ *enc = ssl_cipher_methods[i];
++ }
+
+ i = ssl_cipher_info_lookup(ssl_cipher_table_mac, c->algorithm_mac);
+ if (i == -1) {
+@@ -517,80 +538,67 @@ int ssl_cipher_get_evp(SSL_CTX *ctx, const SSL_SESSION *s,
+ if (c->algorithm_mac == SSL_AEAD)
+ mac_pkey_type = NULL;
+ } else {
+- if (!ssl_evp_md_up_ref(ctx->ssl_digest_methods[i])) {
+- ssl_evp_cipher_free(*enc);
+- return 0;
+- }
+- *md = ctx->ssl_digest_methods[i];
++ *md = ssl_digest_methods[i];
+ if (mac_pkey_type != NULL)
+ *mac_pkey_type = ssl_mac_pkey_id[i];
+ if (mac_secret_size != NULL)
+- *mac_secret_size = ctx->ssl_mac_secret_size[i];
++ *mac_secret_size = ssl_mac_secret_size[i];
+ }
+
+ if ((*enc != NULL) &&
+ (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
+ && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
+- const EVP_CIPHER *evp = NULL;
++ const EVP_CIPHER *evp;
+
+- if (use_etm
+- || s->ssl_version >> 8 != TLS1_VERSION_MAJOR
+- || s->ssl_version < TLS1_VERSION)
++ if (use_etm)
+ return 1;
+
+- if (c->algorithm_enc == SSL_RC4
+- && c->algorithm_mac == SSL_MD5)
+- evp = ssl_evp_cipher_fetch(ctx->libctx, NID_rc4_hmac_md5,
+- ctx->propq);
+- else if (c->algorithm_enc == SSL_AES128
+- && c->algorithm_mac == SSL_SHA1)
+- evp = ssl_evp_cipher_fetch(ctx->libctx,
+- NID_aes_128_cbc_hmac_sha1,
+- ctx->propq);
+- else if (c->algorithm_enc == SSL_AES256
+- && c->algorithm_mac == SSL_SHA1)
+- evp = ssl_evp_cipher_fetch(ctx->libctx,
+- NID_aes_256_cbc_hmac_sha1,
+- ctx->propq);
+- else if (c->algorithm_enc == SSL_AES128
+- && c->algorithm_mac == SSL_SHA256)
+- evp = ssl_evp_cipher_fetch(ctx->libctx,
+- NID_aes_128_cbc_hmac_sha256,
+- ctx->propq);
+- else if (c->algorithm_enc == SSL_AES256
+- && c->algorithm_mac == SSL_SHA256)
+- evp = ssl_evp_cipher_fetch(ctx->libctx,
+- NID_aes_256_cbc_hmac_sha256,
+- ctx->propq);
+-
+- if (evp != NULL) {
+- ssl_evp_cipher_free(*enc);
+- ssl_evp_md_free(*md);
+- *enc = evp;
+- *md = NULL;
+- }
++ if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
++ s->ssl_version < TLS1_VERSION)
++ return 1;
++
++ if (c->algorithm_enc == SSL_RC4 &&
++ c->algorithm_mac == SSL_MD5 &&
++ (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
++ *enc = evp, *md = NULL;
++ else if (c->algorithm_enc == SSL_AES128 &&
++ c->algorithm_mac == SSL_SHA1 &&
++ (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
++ *enc = evp, *md = NULL;
++ else if (c->algorithm_enc == SSL_AES256 &&
++ c->algorithm_mac == SSL_SHA1 &&
++ (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
++ *enc = evp, *md = NULL;
++ else if (c->algorithm_enc == SSL_AES128 &&
++ c->algorithm_mac == SSL_SHA256 &&
++ (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))
++ *enc = evp, *md = NULL;
++ else if (c->algorithm_enc == SSL_AES256 &&
++ c->algorithm_mac == SSL_SHA256 &&
++ (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
++ *enc = evp, *md = NULL;
+ return 1;
++ } else {
++ return 0;
+ }
+-
+- return 0;
+ }
+
+-const EVP_MD *ssl_md(SSL_CTX *ctx, int idx)
++const EVP_MD *ssl_md(int idx)
+ {
+ idx &= SSL_HANDSHAKE_MAC_MASK;
+ if (idx < 0 || idx >= SSL_MD_NUM_IDX)
+ return NULL;
+- return ctx->ssl_digest_methods[idx];
++ return ssl_digest_methods[idx];
+ }
+
+ const EVP_MD *ssl_handshake_md(SSL *s)
+ {
+- return ssl_md(s->ctx, ssl_get_algorithm2(s));
++ return ssl_md(ssl_get_algorithm2(s));
+ }
+
+ const EVP_MD *ssl_prf_md(SSL *s)
+ {
+- return ssl_md(s->ctx, ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
++ return ssl_md(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);
+ }
+
+ #define ITEM_SEP(a) \
+@@ -2087,7 +2095,7 @@ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c)
+
+ if (idx < 0 || idx >= SSL_MD_NUM_IDX)
+ return NULL;
+- return EVP_get_digestbynid(ssl_cipher_table_mac[idx].nid);
++ return ssl_digest_methods[idx];
+ }
+
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c)
+diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
+index 2ccbda7fa3..3e85426112 100644
+--- a/ssl/ssl_init.c
++++ b/ssl/ssl_init.c
+@@ -94,7 +94,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base)
+ */
+ SSL_COMP_get_compression_methods();
+ #endif
+- ssl_sort_cipher_list();
++ /* initialize cipher/digest methods table */
++ if (!ssl_load_ciphers())
++ return 0;
++
+ OSSL_TRACE(INIT,"ossl_init_ssl_base: SSL_add_ssl_module()\n");
+ /*
+ * We ignore an error return here. Not much we can do - but not that bad
+diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
+index a08ddb138b..b5239d6eb2 100644
+--- a/ssl/ssl_lib.c
++++ b/ssl/ssl_lib.c
+@@ -3146,10 +3146,6 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
+ goto err;
+ #endif
+
+- /* initialize cipher/digest methods table */
+- if (!ssl_load_ciphers(ret))
+- goto err2;
+-
+ if (!SSL_CTX_set_ciphersuites(ret, OSSL_default_ciphersuites()))
+ goto err;
+
+@@ -3166,12 +3162,14 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
+ if (ret->param == NULL)
+ goto err;
+
+- /*
+- * If these aren't available from the provider we'll get NULL returns.
+- * That's fine but will cause errors later if SSLv3 is negotiated
+- */
+- ret->md5 = ssl_evp_md_fetch(libctx, NID_md5, propq);
+- ret->sha1 = ssl_evp_md_fetch(libctx, NID_sha1, propq);
++ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
++ SSLerr(0, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
++ goto err2;
++ }
++ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
++ SSLerr(0, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
++ goto err2;
++ }
+
+ if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL)
+ goto err;
+@@ -3361,14 +3359,6 @@ void SSL_CTX_free(SSL_CTX *a)
+ OPENSSL_free(a->ext.alpn);
+ OPENSSL_secure_free(a->ext.secure);
+
+- ssl_evp_md_free(a->md5);
+- ssl_evp_md_free(a->sha1);
+-
+- for (i = 0; i < SSL_ENC_NUM_IDX; i++)
+- ssl_evp_cipher_free(a->ssl_cipher_methods[i]);
+- for (i = 0; i < SSL_MD_NUM_IDX; i++)
+- ssl_evp_md_free(a->ssl_digest_methods[i]);
+-
+ CRYPTO_THREAD_lock_free(a->lock);
+
+ OPENSSL_free(a->propq);
+@@ -5843,112 +5833,3 @@ void SSL_set_allow_early_data_cb(SSL *s,
+ s->allow_early_data_cb = cb;
+ s->allow_early_data_cb_data = arg;
+ }
+-
+-const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx,
+- int nid,
+- const char *properties)
+-{
+- EVP_CIPHER *ciph;
+-
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE *eng;
+-
+- /*
+- * If there is an Engine available for this cipher we use the "implicit"
+- * form to ensure we use that engine later.
+- */
+- eng = ENGINE_get_cipher_engine(nid);
+- if (eng != NULL) {
+- ENGINE_finish(eng);
+- return EVP_get_cipherbynid(nid);
+- }
+-#endif
+-
+- /* Otherwise we do an explicit fetch. This may fail and that could be ok */
+- ERR_set_mark();
+- ciph = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties);
+- ERR_pop_to_mark();
+- return ciph;
+-}
+-
+-
+-int ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher)
+-{
+- /* Don't up-ref an implicit EVP_CIPHER */
+- if (EVP_CIPHER_provider(cipher) == NULL)
+- return 1;
+-
+- /*
+- * The cipher was explicitly fetched and therefore it is safe to cast
+- * away the const
+- */
+- return EVP_CIPHER_up_ref((EVP_CIPHER *)cipher);
+-}
+-
+-void ssl_evp_cipher_free(const EVP_CIPHER *cipher)
+-{
+- if (cipher == NULL)
+- return;
+-
+- if (EVP_CIPHER_provider(cipher) != NULL) {
+- /*
+- * The cipher was explicitly fetched and therefore it is safe to cast
+- * away the const
+- */
+- EVP_CIPHER_free((EVP_CIPHER *)cipher);
+- }
+-}
+-
+-const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx,
+- int nid,
+- const char *properties)
+-{
+- EVP_MD *md;
+-
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE *eng;
+-
+- /*
+- * If there is an Engine available for this digest we use the "implicit"
+- * form to ensure we use that engine later.
+- */
+- eng = ENGINE_get_digest_engine(nid);
+- if (eng != NULL) {
+- ENGINE_finish(eng);
+- return EVP_get_digestbynid(nid);
+- }
+-#endif
+-
+- /* Otherwise we do an explicit fetch */
+- ERR_set_mark();
+- md = EVP_MD_fetch(libctx, OBJ_nid2sn(nid), properties);
+- ERR_pop_to_mark();
+- return md;
+-}
+-
+-int ssl_evp_md_up_ref(const EVP_MD *md)
+-{
+- /* Don't up-ref an implicit EVP_MD */
+- if (EVP_MD_provider(md) == NULL)
+- return 1;
+-
+- /*
+- * The digest was explicitly fetched and therefore it is safe to cast
+- * away the const
+- */
+- return EVP_MD_up_ref((EVP_MD *)md);
+-}
+-
+-void ssl_evp_md_free(const EVP_MD *md)
+-{
+- if (md == NULL)
+- return;
+-
+- if (EVP_MD_provider(md) != NULL) {
+- /*
+- * The digest was explicitly fetched and therefore it is safe to cast
+- * away the const
+- */
+- EVP_MD_free((EVP_MD *)md);
+- }
+-}
+diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
+index c48bcb9a9a..f0f0a53ecf 100644
+--- a/ssl/ssl_local.h
++++ b/ssl/ssl_local.h
+@@ -276,8 +276,6 @@
+ # define SSL_MD_SHA512_IDX 11
+ # define SSL_MAX_DIGEST 12
+
+-#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
+-
+ /* Bits for algorithm2 (handshake digests and other extra flags) */
+
+ /* Bits 0-7 are handshake MAC */
+@@ -391,30 +389,6 @@
+ # define SSL_PKEY_ED448 8
+ # define SSL_PKEY_NUM 9
+
+-# define SSL_ENC_DES_IDX 0
+-# define SSL_ENC_3DES_IDX 1
+-# define SSL_ENC_RC4_IDX 2
+-# define SSL_ENC_RC2_IDX 3
+-# define SSL_ENC_IDEA_IDX 4
+-# define SSL_ENC_NULL_IDX 5
+-# define SSL_ENC_AES128_IDX 6
+-# define SSL_ENC_AES256_IDX 7
+-# define SSL_ENC_CAMELLIA128_IDX 8
+-# define SSL_ENC_CAMELLIA256_IDX 9
+-# define SSL_ENC_GOST89_IDX 10
+-# define SSL_ENC_SEED_IDX 11
+-# define SSL_ENC_AES128GCM_IDX 12
+-# define SSL_ENC_AES256GCM_IDX 13
+-# define SSL_ENC_AES128CCM_IDX 14
+-# define SSL_ENC_AES256CCM_IDX 15
+-# define SSL_ENC_AES128CCM8_IDX 16
+-# define SSL_ENC_AES256CCM8_IDX 17
+-# define SSL_ENC_GOST8912_IDX 18
+-# define SSL_ENC_CHACHA_IDX 19
+-# define SSL_ENC_ARIA128GCM_IDX 20
+-# define SSL_ENC_ARIA256GCM_IDX 21
+-# define SSL_ENC_NUM_IDX 22
+-
+ /*-
+ * SSL_kRSA <- RSA_ENC
+ * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+@@ -891,7 +865,7 @@ struct ssl_ctx_st {
+ CRYPTO_EX_DATA ex_data;
+
+ const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
+- const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3-sha1' */
++ const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
+
+ STACK_OF(X509) *extra_certs;
+ STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
+@@ -1135,10 +1109,6 @@ struct ssl_ctx_st {
+ void *async_cb_arg;
+
+ char *propq;
+-
+- const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX];
+- const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX];
+- size_t ssl_mac_secret_size[SSL_MD_NUM_IDX];
+ };
+
+ typedef struct cert_pkey_st CERT_PKEY;
+@@ -2363,12 +2333,10 @@ __owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
+ STACK_OF(SSL_CIPHER) **scsvs, int sslv2format,
+ int fatal);
+ void ssl_update_cache(SSL *s, int mode);
+-__owur int ssl_cipher_get_evp_cipher(SSL_CTX *ctx, const SSL_CIPHER *sslc,
+- const EVP_CIPHER **enc);
+-__owur int ssl_cipher_get_evp(SSL_CTX *ctxc, const SSL_SESSION *s,
+- const EVP_CIPHER **enc, const EVP_MD **md,
+- int *mac_pkey_type, size_t *mac_secret_size,
+- SSL_COMP **comp, int use_etm);
++__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
++ const EVP_MD **md, int *mac_pkey_type,
++ size_t *mac_secret_size, SSL_COMP **comp,
++ int use_etm);
+ __owur int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead,
+ size_t *int_overhead, size_t *blocksize,
+ size_t *ext_overhead);
+@@ -2408,7 +2376,7 @@ void ssl_set_masks(SSL *s);
+ __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
+ __owur int ssl_x509err2alert(int type);
+ void ssl_sort_cipher_list(void);
+-int ssl_load_ciphers(SSL_CTX *ctx);
++int ssl_load_ciphers(void);
+ __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field,
+ size_t len, DOWNGRADE dgrd);
+ __owur int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
+@@ -2663,8 +2631,7 @@ __owur int tls1_save_u16(PACKET *pkt, uint16_t **pdest, size_t *pdestlen);
+ __owur int tls1_save_sigalgs(SSL *s, PACKET *pkt, int cert);
+ __owur int tls1_process_sigalgs(SSL *s);
+ __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
+-__owur int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu,
+- const EVP_MD **pmd);
++__owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
+ __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
+ # ifndef OPENSSL_NO_EC
+ __owur int tls_check_sigalg_curve(const SSL *s, int curve);
+@@ -2675,7 +2642,7 @@ __owur int ssl_cipher_disabled(const SSL *s, const SSL_CIPHER *c, int op, int ec
+
+ __owur int ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen,
+ size_t *hashlen);
+-__owur const EVP_MD *ssl_md(SSL_CTX *ctx, int idx);
++__owur const EVP_MD *ssl_md(int idx);
+ __owur const EVP_MD *ssl_handshake_md(SSL *s);
+ __owur const EVP_MD *ssl_prf_md(SSL *s);
+
+@@ -2753,18 +2720,6 @@ void ssl_comp_free_compression_methods_int(void);
+ /* ssl_mcnf.c */
+ void ssl_ctx_system_config(SSL_CTX *ctx);
+
+-const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx,
+- int nid,
+- const char *properties);
+-int ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher);
+-void ssl_evp_cipher_free(const EVP_CIPHER *cipher);
+-const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx,
+- int nid,
+- const char *properties);
+-int ssl_evp_md_up_ref(const EVP_MD *md);
+-void ssl_evp_md_free(const EVP_MD *md);
+-
+-
+ # else /* OPENSSL_UNIT_TEST */
+
+ # define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
+diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
+index 09d00bacbe..bc3fcfbd1d 100644
+--- a/ssl/ssl_txt.c
++++ b/ssl/ssl_txt.c
+@@ -117,7 +117,7 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
+ if (x->compress_meth != 0) {
+ SSL_COMP *comp = NULL;
+
+- if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
++ if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
+ goto err;
+ if (comp == NULL) {
+ if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0)
+diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
+index 776473e659..75fecdeaa6 100644
+--- a/ssl/statem/extensions_clnt.c
++++ b/ssl/statem/extensions_clnt.c
+@@ -981,7 +981,7 @@ EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt,
+ if (s->session->ssl_version == TLS1_3_VERSION
+ && s->session->ext.ticklen != 0
+ && s->session->cipher != NULL) {
+- const EVP_MD *md = ssl_md(s->ctx, s->session->cipher->algorithm2);
++ const EVP_MD *md = ssl_md(s->session->cipher->algorithm2);
+
+ if (md != NULL) {
+ /*
+@@ -1059,7 +1059,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
+ ERR_R_INTERNAL_ERROR);
+ return EXT_RETURN_FAIL;
+ }
+- mdres = ssl_md(s->ctx, s->session->cipher->algorithm2);
++ mdres = ssl_md(s->session->cipher->algorithm2);
+ if (mdres == NULL) {
+ /*
+ * Don't recognize this cipher so we can't use the session.
+@@ -1132,7 +1132,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
+ return EXT_RETURN_NOT_SENT;
+
+ if (s->psksession != NULL) {
+- mdpsk = ssl_md(s->ctx, s->psksession->cipher->algorithm2);
++ mdpsk = ssl_md(s->psksession->cipher->algorithm2);
+ if (mdpsk == NULL) {
+ /*
+ * Don't recognize this cipher so we can't use the session.
+diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
+index 549a207430..756ceafb50 100644
+--- a/ssl/statem/extensions_srvr.c
++++ b/ssl/statem/extensions_srvr.c
+@@ -1239,9 +1239,8 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ }
+ }
+
+- md = ssl_md(s->ctx, sess->cipher->algorithm2);
+- if (!EVP_MD_is_a(md,
+- EVP_MD_name(ssl_md(s->ctx, s->s3.tmp.new_cipher->algorithm2)))) {
++ md = ssl_md(sess->cipher->algorithm2);
++ if (md != ssl_md(s->s3.tmp.new_cipher->algorithm2)) {
+ /* The ciphersuite is not compatible with this session. */
+ SSL_SESSION_free(sess);
+ sess = NULL;
+diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
+index cdd413d1ef..8d843099f9 100644
+--- a/ssl/statem/statem_clnt.c
++++ b/ssl/statem/statem_clnt.c
+@@ -1376,8 +1376,8 @@ static int set_client_ciphersuite(SSL *s, const unsigned char *cipherchars)
+ * In TLSv1.3 it is valid for the server to select a different
+ * ciphersuite as long as the hash is the same.
+ */
+- if (ssl_md(s->ctx, c->algorithm2)
+- != ssl_md(s->ctx, s->session->cipher->algorithm2)) {
++ if (ssl_md(c->algorithm2)
++ != ssl_md(s->session->cipher->algorithm2)) {
+ SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
+ SSL_F_SET_CLIENT_CIPHERSUITE,
+ SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED);
+@@ -2339,7 +2339,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
+ goto err;
+ }
+
+- if (!tls1_lookup_md(s->ctx, s->s3.tmp.peer_sigalg, &md)) {
++ if (!tls1_lookup_md(s->s3.tmp.peer_sigalg, &md)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
+index e9cfee027e..b89566d840 100644
+--- a/ssl/statem/statem_lib.c
++++ b/ssl/statem/statem_lib.c
+@@ -247,7 +247,7 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
+ }
+ pkey = s->s3.tmp.cert->privatekey;
+
+- if (pkey == NULL || !tls1_lookup_md(s->ctx, lu, &md)) {
++ if (pkey == NULL || !tls1_lookup_md(lu, &md)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+@@ -422,7 +422,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
+ goto err;
+ }
+
+- if (!tls1_lookup_md(s->ctx, s->s3.tmp.peer_sigalg, &md)) {
++ if (!tls1_lookup_md(s->s3.tmp.peer_sigalg, &md)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index 43f9811163..a23187290e 100644
+--- a/ssl/statem/statem_srvr.c
++++ b/ssl/statem/statem_srvr.c
+@@ -2773,7 +2773,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
+ unsigned char *sigbytes1, *sigbytes2, *tbs;
+ size_t siglen = 0, tbslen;
+
+- if (pkey == NULL || !tls1_lookup_md(s->ctx, lu, &md)) {
++ if (pkey == NULL || !tls1_lookup_md(lu, &md)) {
+ /* Should never happen */
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
+diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
+index c50905589b..0a5c770a84 100644
+--- a/ssl/t1_enc.c
++++ b/ssl/t1_enc.c
+@@ -540,16 +540,14 @@ int tls1_setup_key_block(SSL *s)
+ if (s->s3.tmp.key_block_length != 0)
+ return 1;
+
+- if (!ssl_cipher_get_evp(s->ctx, s->session, &c, &hash, &mac_type,
+- &mac_secret_size, &comp, s->ext.use_etm)) {
++ if (!ssl_cipher_get_evp(s->session, &c, &hash, &mac_type, &mac_secret_size,
++ &comp, s->ext.use_etm)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_SETUP_KEY_BLOCK,
+ SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return 0;
+ }
+
+- ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
+ s->s3.tmp.new_sym_enc = c;
+- ssl_evp_md_free(s->s3.tmp.new_hash);
+ s->s3.tmp.new_hash = hash;
+ s->s3.tmp.new_mac_pkey_type = mac_type;
+ s->s3.tmp.new_mac_secret_size = mac_secret_size;
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index 624add64a8..235f5661ad 100644
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -893,7 +893,7 @@ static const SIGALG_LOOKUP *tls1_lookup_sigalg(uint16_t sigalg)
+ return NULL;
+ }
+ /* Lookup hash: return 0 if invalid or not enabled */
+-int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu, const EVP_MD **pmd)
++int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd)
+ {
+ const EVP_MD *md;
+ if (lu == NULL)
+@@ -902,7 +902,7 @@ int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu, const EVP_MD **pmd)
+ if (lu->hash == NID_undef) {
+ md = NULL;
+ } else {
+- md = ssl_md(ctx, lu->hash_idx);
++ md = ssl_md(lu->hash_idx);
+ if (md == NULL)
+ return 0;
+ }
+@@ -919,16 +919,15 @@ int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu, const EVP_MD **pmd)
+ * with a 128 byte (1024 bit) key.
+ */
+ #define RSA_PSS_MINIMUM_KEY_SIZE(md) (2 * EVP_MD_size(md) + 2)
+-static int rsa_pss_check_min_key_size(SSL_CTX *ctx, const EVP_PKEY *pkey,
+- const SIGALG_LOOKUP *lu)
++static int rsa_pss_check_min_key_size(const RSA *rsa, const SIGALG_LOOKUP *lu)
+ {
+ const EVP_MD *md;
+
+- if (pkey == NULL)
++ if (rsa == NULL)
+ return 0;
+- if (!tls1_lookup_md(ctx, lu, &md) || md == NULL)
++ if (!tls1_lookup_md(lu, &md) || md == NULL)
+ return 0;
+- if (EVP_PKEY_size(pkey) < RSA_PSS_MINIMUM_KEY_SIZE(md))
++ if (RSA_size(rsa) < RSA_PSS_MINIMUM_KEY_SIZE(md))
+ return 0;
+ return 1;
+ }
+@@ -979,7 +978,7 @@ static const SIGALG_LOOKUP *tls1_get_legacy_sigalg(const SSL *s, int idx)
+ if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
+ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
+
+- if (!tls1_lookup_md(s->ctx, lu, NULL))
++ if (!tls1_lookup_md(lu, NULL))
+ return NULL;
+ if (!tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, lu))
+ return NULL;
+@@ -1075,31 +1074,6 @@ int tls_check_sigalg_curve(const SSL *s, int curve)
+ }
+ #endif
+
+-/*
+- * Return the number of security bits for the signature algorithm, or 0 on
+- * error.
+- */
+-static int sigalg_security_bits(SSL_CTX *ctx, const SIGALG_LOOKUP *lu)
+-{
+- const EVP_MD *md = NULL;
+- int secbits = 0;
+-
+- if (!tls1_lookup_md(ctx, lu, &md))
+- return 0;
+- if (md != NULL)
+- {
+- /* Security bits: half digest bits */
+- secbits = EVP_MD_size(md) * 4;
+- } else {
+- /* Values from https://tools.ietf.org/html/rfc8032#section-8.5 */
+- if (lu->sigalg == TLSEXT_SIGALG_ed25519)
+- secbits = 128;
+- else if (lu->sigalg == TLSEXT_SIGALG_ed448)
+- secbits = 224;
+- }
+- return secbits;
+-}
+-
+ /*
+ * Check signature algorithm is consistent with sent supported signature
+ * algorithms and if so set relevant digest and signature scheme in
+@@ -1113,7 +1087,6 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
+ size_t sent_sigslen, i, cidx;
+ int pkeyid = EVP_PKEY_id(pkey);
+ const SIGALG_LOOKUP *lu;
+- int secbits = 0;
+
+ /* Should never happen */
+ if (pkeyid == -1)
+@@ -1210,25 +1183,25 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ return 0;
+ }
+- if (!tls1_lookup_md(s->ctx, lu, &md)) {
++ if (!tls1_lookup_md(lu, &md)) {
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS12_CHECK_PEER_SIGALG,
+ SSL_R_UNKNOWN_DIGEST);
+ return 0;
+ }
+- /*
+- * Make sure security callback allows algorithm. For historical
+- * reasons we have to pass the sigalg as a two byte char array.
+- */
+- sigalgstr[0] = (sig >> 8) & 0xff;
+- sigalgstr[1] = sig & 0xff;
+- secbits = sigalg_security_bits(s->ctx, lu);
+- if (secbits == 0 ||
+- !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,
+- md != NULL ? EVP_MD_type(md) : NID_undef,
+- (void *)sigalgstr)) {
+- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS12_CHECK_PEER_SIGALG,
+- SSL_R_WRONG_SIGNATURE_TYPE);
+- return 0;
++ if (md != NULL) {
++ /*
++ * Make sure security callback allows algorithm. For historical
++ * reasons we have to pass the sigalg as a two byte char array.
++ */
++ sigalgstr[0] = (sig >> 8) & 0xff;
++ sigalgstr[1] = sig & 0xff;
++ if (!ssl_security(s, SSL_SECOP_SIGALG_CHECK,
++ EVP_MD_size(md) * 4, EVP_MD_type(md),
++ (void *)sigalgstr)) {
++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS12_CHECK_PEER_SIGALG,
++ SSL_R_WRONG_SIGNATURE_TYPE);
++ return 0;
++ }
+ }
+ /* Store the sigalg the peer uses */
+ s->s3.tmp.peer_sigalg = lu;
+@@ -1705,7 +1678,7 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
+ int secbits;
+
+ /* See if sigalgs is recognised and if hash is enabled */
+- if (!tls1_lookup_md(s->ctx, lu, NULL))
++ if (!tls1_lookup_md(lu, NULL))
+ return 0;
+ /* DSA is not allowed in TLS 1.3 */
+ if (SSL_IS_TLS13(s) && lu->sig == EVP_PKEY_DSA)
+@@ -1760,8 +1733,11 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
+ }
+ }
+
++ if (lu->hash == NID_undef)
++ return 1;
++ /* Security bits: half digest bits */
++ secbits = EVP_MD_size(ssl_md(lu->hash_idx)) * 4;
+ /* Finally see if security callback allows it */
+- secbits = sigalg_security_bits(s->ctx, lu);
+ sigalgstr[0] = (lu->sigalg >> 8) & 0xff;
+ sigalgstr[1] = lu->sigalg & 0xff;
+ return ssl_security(s, op, secbits, lu->hash, (void *)sigalgstr);
+@@ -2809,7 +2785,7 @@ static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey)
+ || lu->sig == EVP_PKEY_RSA)
+ continue;
+ /* Check that we have a cert, and signature_algorithms_cert */
+- if (!tls1_lookup_md(s->ctx, lu, NULL))
++ if (!tls1_lookup_md(lu, NULL))
+ continue;
+ if ((pkey == NULL && !has_usable_cert(s, lu, -1))
+ || (pkey != NULL && !is_cert_usable(s, lu, x, pkey)))
+@@ -2831,7 +2807,7 @@ static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey)
+ #endif
+ } else if (lu->sig == EVP_PKEY_RSA_PSS) {
+ /* validate that key is large enough for the signature algorithm */
+- if (!rsa_pss_check_min_key_size(s->ctx, tmppkey, lu))
++ if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(tmppkey), lu))
+ continue;
+ }
+ break;
+@@ -2917,7 +2893,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
+ /* validate that key is large enough for the signature algorithm */
+ EVP_PKEY *pkey = s->cert->pkeys[sig_idx].privatekey;
+
+- if (!rsa_pss_check_min_key_size(s->ctx, pkey, lu))
++ if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(pkey), lu))
+ continue;
+ }
+ #ifndef OPENSSL_NO_EC
+diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
+index fba12fe5e4..181f3920a1 100644
+--- a/ssl/tls13_enc.c
++++ b/ssl/tls13_enc.c
+@@ -36,8 +36,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ #else
+ static const unsigned char label_prefix[] = "tls13 ";
+ #endif
+- EVP_KDF *kdf = EVP_KDF_fetch(s->ctx->libctx, OSSL_KDF_NAME_HKDF,
+- s->ctx->propq);
++ EVP_KDF *kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_HKDF, NULL);
+ EVP_KDF_CTX *kctx;
+ OSSL_PARAM params[5], *p = params;
+ int mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY;
+@@ -195,7 +194,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
+ #endif
+ unsigned char preextractsec[EVP_MAX_MD_SIZE];
+
+- kdf = EVP_KDF_fetch(s->ctx->libctx, OSSL_KDF_NAME_HKDF, s->ctx->propq);
++ kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_HKDF, NULL);
+ kctx = EVP_KDF_CTX_new(kdf);
+ EVP_KDF_free(kdf);
+ if (kctx == NULL) {
+@@ -312,27 +311,11 @@ int tls13_generate_master_secret(SSL *s, unsigned char *out,
+ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
+ unsigned char *out)
+ {
+- const char *mdname = EVP_MD_name(ssl_handshake_md(s));
+- EVP_MAC *hmac = EVP_MAC_fetch(s->ctx->libctx, "HMAC", s->ctx->propq);
++ const EVP_MD *md = ssl_handshake_md(s);
+ unsigned char hash[EVP_MAX_MD_SIZE];
+- unsigned char finsecret[EVP_MAX_MD_SIZE];
+ size_t hashlen, ret = 0;
+- EVP_MAC_CTX *ctx = NULL;
+- OSSL_PARAM params[4], *p = params;
+-
+- if (hmac == NULL) {
+- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_FINAL_FINISH_MAC,
+- ERR_R_INTERNAL_ERROR);
+- goto err;
+- }
+-
+- /* Safe to cast away const here since we're not "getting" any data */
+- *p++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_DIGEST,
+- (char *)mdname, 0);
+- if (s->ctx->propq != NULL)
+- *p++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_PROPERTIES,
+- (char *)s->ctx->propq,
+- 0);
++ EVP_PKEY *key = NULL;
++ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+
+ if (!ssl_handshake_hash(s, hash, sizeof(hash), &hashlen)) {
+ /* SSLfatal() already called */
+@@ -340,31 +323,29 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
+ }
+
+ if (str == s->method->ssl3_enc->server_finished_label) {
+- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+- s->server_finished_secret,
+- hashlen);
++ key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
++ s->server_finished_secret, hashlen);
+ } else if (SSL_IS_FIRST_HANDSHAKE(s)) {
+- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+- s->client_finished_secret,
+- hashlen);
++ key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
++ s->client_finished_secret, hashlen);
+ } else {
++ unsigned char finsecret[EVP_MAX_MD_SIZE];
++
+ if (!tls13_derive_finishedkey(s, ssl_handshake_md(s),
+ s->client_app_traffic_secret,
+ finsecret, hashlen))
+ goto err;
+
+- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, finsecret,
+- hashlen);
++ key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, finsecret,
++ hashlen);
++ OPENSSL_cleanse(finsecret, sizeof(finsecret));
+ }
+- *p++ = OSSL_PARAM_construct_end();
+
+- ctx = EVP_MAC_CTX_new(hmac);
+- if (ctx == NULL
+- || !EVP_MAC_CTX_set_params(ctx, params)
+- || !EVP_MAC_init(ctx)
+- || !EVP_MAC_update(ctx, hash, hashlen)
+- /* outsize as per sizeof(peer_finish_md) */
+- || !EVP_MAC_final(ctx, out, &hashlen, EVP_MAX_MD_SIZE * 2)) {
++ if (key == NULL
++ || ctx == NULL
++ || EVP_DigestSignInit(ctx, NULL, md, NULL, key) <= 0
++ || EVP_DigestSignUpdate(ctx, hash, hashlen) <= 0
++ || EVP_DigestSignFinal(ctx, out, &hashlen) <= 0) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_FINAL_FINISH_MAC,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+@@ -372,9 +353,8 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
+
+ ret = hashlen;
+ err:
+- OPENSSL_cleanse(finsecret, sizeof(finsecret));
+- EVP_MAC_CTX_free(ctx);
+- EVP_MAC_free(hmac);
++ EVP_PKEY_free(key);
++ EVP_MD_CTX_free(ctx);
+ return ret;
+ }
+
+@@ -388,16 +368,13 @@ int tls13_setup_key_block(SSL *s)
+ const EVP_MD *hash;
+
+ s->session->cipher = s->s3.tmp.new_cipher;
+- if (!ssl_cipher_get_evp(s->ctx, s->session, &c, &hash, NULL, NULL, NULL,
+- 0)) {
++ if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, NULL, 0)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_SETUP_KEY_BLOCK,
+ SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return 0;
+ }
+
+- ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
+ s->s3.tmp.new_sym_enc = c;
+- ssl_evp_md_free(s->s3.tmp.new_hash);
+ s->s3.tmp.new_hash = hash;
+
+ return 1;
+@@ -599,19 +576,8 @@ int tls13_change_cipher_state(SSL *s, int which)
+ SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+-
+- /*
+- * This ups the ref count on cipher so we better make sure we free
+- * it again
+- */
+- if (!ssl_cipher_get_evp_cipher(s->ctx, sslcipher, &cipher)) {
+- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+- SSL_F_TLS13_CHANGE_CIPHER_STATE,
+- SSL_R_ALGORITHM_FETCH_FAILED);
+- goto err;
+- }
+-
+- md = ssl_md(s->ctx, sslcipher->algorithm2);
++ cipher = EVP_get_cipherbynid(SSL_CIPHER_get_cipher_nid(sslcipher));
++ md = ssl_md(sslcipher->algorithm2);
+ if (md == NULL || !EVP_DigestInit_ex(mdctx, md, NULL)
+ || !EVP_DigestUpdate(mdctx, hdata, handlen)
+ || !EVP_DigestFinal_ex(mdctx, hashval, &hashlenui)) {
+@@ -766,10 +732,6 @@ int tls13_change_cipher_state(SSL *s, int which)
+ s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
+ ret = 1;
+ err:
+- if ((which & SSL3_CC_EARLY) != 0) {
+- /* We up-refed this so now we need to down ref */
+- ssl_evp_cipher_free(cipher);
+- }
+ OPENSSL_cleanse(secret, sizeof(secret));
+ return ret;
+ }
+@@ -900,7 +862,7 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
+ else
+ sslcipher = SSL_SESSION_get0_cipher(s->session);
+
+- md = ssl_md(s->ctx, sslcipher->algorithm2);
++ md = ssl_md(sslcipher->algorithm2);
+
+ /*
+ * Calculate the hash value and store it in |data|. The reason why
+diff --git a/test/build.info b/test/build.info
+index 6d670ea175..f7ccdd5d9c 100644
+--- a/test/build.info
++++ b/test/build.info
+@@ -35,6 +35,7 @@ IF[{- !$disabled{tests} -}]
+ ectest ecstresstest gmdifftest pbelutest \
+ destest mdc2test \
+ enginetest exptest \
++ ssltest_old exptest rsa_test \
+ evp_pkey_provided_test evp_test evp_extra_test evp_fetch_prov_test \
+ v3nametest v3ext \
+ crltest danetest bad_dtls_test lhash_test sparse_array_test \
+@@ -115,6 +116,14 @@ IF[{- !$disabled{tests} -}]
+ INCLUDE[exptest]=../include ../apps/include
+ DEPEND[exptest]=../libcrypto libtestutil.a
+
++ SOURCE[rsa_test]=rsa_test.c
++ INCLUDE[rsa_test]=../include ../apps/include
++ DEPEND[rsa_test]=../libcrypto libtestutil.a
++
++ SOURCE[rsa_mp_test]=rsa_mp_test.c
++ INCLUDE[rsa_mp_test]=../include ../apps/include
++ DEPEND[rsa_mp_test]=../libcrypto.a libtestutil.a
++
+ SOURCE[fatalerrtest]=fatalerrtest.c ssltestlib.c
+ INCLUDE[fatalerrtest]=../include ../apps/include
+ DEPEND[fatalerrtest]=../libcrypto ../libssl libtestutil.a
+@@ -494,8 +503,8 @@ IF[{- !$disabled{tests} -}]
+ IF[1]
+ PROGRAMS{noinst}=asn1_internal_test modes_internal_test x509_internal_test \
+ tls13encryptiontest wpackettest ctype_internal_test \
+- rdrand_sanitytest property_test ideatest rsa_mp_test \
+- rsa_sp800_56b_test bn_internal_test ecdsatest rsa_test \
++ rdrand_sanitytest property_test ideatest \
++ rsa_sp800_56b_test bn_internal_test ecdsatest \
+ rc2test rc4test rc5test hmactest ffc_internal_test \
+ asn1_dsa_internal_test dsatest dsa_no_digest_size_test \
+ dhtest ssltest_old
+@@ -539,13 +548,6 @@ IF[{- !$disabled{tests} -}]
+ INCLUDE[x509_internal_test]=.. ../include ../apps/include
+ DEPEND[x509_internal_test]=../libcrypto.a libtestutil.a
+
+- SOURCE[rsa_test]=rsa_test.c
+- INCLUDE[rsa_test]=../include ../apps/include
+- DEPEND[rsa_test]=../libcrypto.a libtestutil.a
+-
+- SOURCE[rsa_mp_test]=rsa_mp_test.c
+- INCLUDE[rsa_mp_test]=../include ../apps/include
+- DEPEND[rsa_mp_test]=../libcrypto.a libtestutil.a
+
+ SOURCE[ecdsatest]=ecdsatest.c
+ INCLUDE[ecdsatest]=../include ../apps/include
+diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t
+index 0ec0e65f18..d7d146a1d9 100644
+--- a/test/recipes/15-test_genrsa.t
++++ b/test/recipes/15-test_genrsa.t
+@@ -16,18 +16,10 @@ use OpenSSL::Test::Utils;
+
+ setup("test_genrsa");
+
+-plan tests => 9;
++plan tests => 5;
+
+ # We want to know that an absurdly small number of bits isn't support
+-if (disabled("deprecated-3.0")) {
+- is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
+- '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_bits:8',
+- '-pkeyopt', 'rsa_keygen_pubexp:3'])),
+- 0, "genrsa -3 8");
+-} else {
+- is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])),
+- 0, "genrsa -3 8");
+-}
++is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8");
+
+ # Depending on the shared library, we might have different lower limits.
+ # Let's find it! This is a simple binary search
+@@ -37,21 +29,10 @@ if (disabled("deprecated-3.0")) {
+ note "Looking for lowest amount of bits";
+ my $bad = 3; # Log2 of number of bits (2 << 3 == 8)
+ my $good = 11; # Log2 of number of bits (2 << 11 == 2048)
+-my $fin;
+ while ($good > $bad + 1) {
+ my $checked = int(($good + $bad + 1) / 2);
+- my $bits = 2 ** $checked;
+- if (disabled("deprecated-3.0")) {
+- $fin = run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',
+- '-algorithm', 'RSA', '-pkeyopt', 'rsa_keygen_pubexp:3',
+- '-pkeyopt', "rsa_keygen_bits:$bits",
+- ], stderr => undef));
+- } else {
+- $fin = run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem',
+- $bits
+- ], stderr => undef));
+- }
+- if ($fin) {
++ if (run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem',
++ 2 ** $checked ], stderr => undef))) {
+ note 2 ** $checked, " bits is good";
+ $good = $checked;
+ } else {
+@@ -63,30 +44,11 @@ $good++ if $good == $bad;
+ $good = 2 ** $good;
+ note "Found lowest allowed amount of bits to be $good";
+
+-ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
+- '-pkeyopt', 'rsa_keygen_pubexp:3',
+- '-pkeyopt', "rsa_keygen_bits:$good",
+- '-out', 'genrsatest.pem' ])),
+- "genpkey -3 $good");
+-ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+- "pkey -check");
+-ok(run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
+- '-pkeyopt', 'rsa_keygen_pubexp:65537',
+- '-pkeyopt', "rsa_keygen_bits:$good",
+- '-out', 'genrsatest.pem' ])),
+- "genpkey -f4 $good");
+-ok(run(app([ 'openssl', 'pkey', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+- "pkey -check");
+-
+- SKIP: {
+- skip "Skipping rsa command line test", 4 if disabled("deprecated-3.0");
+-
+- ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])),
+- "genrsa -3 $good");
+- ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+- "rsa -check");
+- ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])),
+- "genrsa -f4 $good");
+- ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
+- "rsa -check");
+-}
++ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', $good ])),
++ "genrsa -3 $good");
++ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
++ "rsa -check");
++ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])),
++ "genrsa -f4 $good");
++ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
++ "rsa -check");
+diff --git a/test/recipes/15-test_mp_rsa.t b/test/recipes/15-test_mp_rsa.t
+index 6ecf80c4e2..4a4ac3569d 100644
+--- a/test/recipes/15-test_mp_rsa.t
++++ b/test/recipes/15-test_mp_rsa.t
+@@ -17,6 +17,12 @@ use OpenSSL::Test::Utils;
+
+ setup("test_mp_rsa");
+
++plan tests => 31;
++
++ok(run(test(["rsa_mp_test"])), "running rsa multi prime test");
++
++my $cleartext = data_file("plain_text");
++
+ my @test_param = (
+ # 3 primes, 2048-bit
+ {
+@@ -35,14 +41,8 @@ my @test_param = (
+ },
+ );
+
+-plan tests => 1 + scalar(@test_param) * 5 * (disabled('deprecated-3.0') ? 1 : 2);
+-
+-ok(run(test(["rsa_mp_test"])), "running rsa multi prime test");
+-
+-my $cleartext = data_file("plain_text");
+-
+ # genrsa
+-run_mp_tests(0) if !disabled('deprecated-3.0');
++run_mp_tests(0);
+ # evp
+ run_mp_tests(1);
+
+@@ -60,9 +60,17 @@ sub run_mp_tests {
+ '-pkeyopt', "rsa_keygen_primes:$primes",
+ '-pkeyopt', "rsa_keygen_bits:$bits"])),
+ "genrsa $name");
+- ok(run(app([ 'openssl', 'pkey', '-check',
+- '-in', "rsamptest-$name.pem", '-noout'])),
+- "rsa -check $name");
++ } else {
++ ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem",
++ '-primes', $primes, $bits])),
++ "genrsa $name");
++ }
++
++ ok(run(app([ 'openssl', 'rsa', '-check', '-in', "rsamptest-$name.pem",
++ '-noout'])),
++ "rsa -check $name");
++
++ if ($evp) {
+ ok(run(app([ 'openssl', 'pkeyutl', '-inkey', "rsamptest-$name.pem",
+ '-encrypt', '-in', $cleartext,
+ '-out', "rsamptest-$name.enc" ])),
+@@ -72,11 +80,6 @@ sub run_mp_tests {
+ '-out', "rsamptest-$name.dec" ])),
+ "rsa $name decrypt");
+ } else {
+- ok(run(app([ 'openssl', 'genrsa', '-out', "rsamptest-$name.pem",
+- '-primes', $primes, $bits])), "genrsa $name");
+- ok(run(app([ 'openssl', 'rsa', '-check',
+- '-in', "rsamptest-$name.pem", '-noout'])),
+- "rsa -check $name");
+ ok(run(app([ 'openssl', 'rsautl', '-inkey', "rsamptest-$name.pem",
+ '-encrypt', '-in', $cleartext,
+ '-out', "rsamptest-$name.enc" ])),
+@@ -86,6 +89,7 @@ sub run_mp_tests {
+ '-out', "rsamptest-$name.dec" ])),
+ "rsa $name decrypt");
+ }
++
+ ok(check_msg("rsamptest-$name.dec"), "rsa $name check result");
+ }
+ }
+diff --git a/test/recipes/15-test_rsa.t b/test/recipes/15-test_rsa.t
+index 2e8afa8213..3b1a0fcd5d 100644
+--- a/test/recipes/15-test_rsa.t
++++ b/test/recipes/15-test_rsa.t
+@@ -16,48 +16,32 @@ use OpenSSL::Test::Utils;
+
+ setup("test_rsa");
+
+-#plan skip_all => "RSA command line tool not built"
+-# if disabled("deprecated-3.0");
++plan tests => 6;
+
+-plan tests => 10;
+-
+-require_ok(srctop_file('test', 'recipes', 'tconversion.pl'));
++require_ok(srctop_file('test','recipes','tconversion.pl'));
+
+ ok(run(test(["rsa_test"])), "running rsatest");
+
+-run_rsa_tests("pkey");
++ok(run(app([ 'openssl', 'rsa', '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), "rsa -check");
+
+ SKIP: {
+- skip "Skipping rsa command line tests", 4 if disabled('deprecated-3.0');
+-
+- run_rsa_tests("rsa");
++ skip "Skipping rsa conversion test", 3
++ if disabled("rsa");
++
++ subtest 'rsa conversions -- private key' => sub {
++ tconversion("rsa", srctop_file("test","testrsa.pem"));
++ };
++ subtest 'rsa conversions -- private key PKCS#8' => sub {
++ tconversion("rsa", srctop_file("test","testrsa.pem"), "pkey");
++ };
+ }
+
+-sub run_rsa_tests {
+- my $cmd = shift;
+-
+- ok(run(app([ 'openssl', $cmd, '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])),
+- "$cmd -check" );
+-
+- SKIP: {
+- skip "Skipping $cmd conversion test", 3
+- if disabled("rsa");
+-
+- subtest "$cmd conversions -- private key" => sub {
+- tconversion($cmd, srctop_file("test", "testrsa.pem"));
+- };
+- subtest "$cmd conversions -- private key PKCS#8" => sub {
+- tconversion($cmd, srctop_file("test", "testrsa.pem"), "pkey");
+- };
+- }
+-
+- SKIP: {
+- skip "Skipping msblob conversion test", 1
+- if disabled($cmd) || disabled("dsa") || $cmd == 'pkey';
+-
+- subtest "$cmd conversions -- public key" => sub {
+- tconversion("msb", srctop_file("test", "testrsapub.pem"), "rsa",
+- "-pubin", "-pubout");
+- };
+- }
++ SKIP: {
++ skip "Skipping msblob conversion test", 1
++ if disabled("rsa") || disabled("dsa");
++
++ subtest 'rsa conversions -- public key' => sub {
++ tconversion("msb", srctop_file("test","testrsapub.pem"), "rsa",
++ "-pubin", "-pubout");
++ };
+ }
+diff --git a/test/rsa_mp_test.c b/test/rsa_mp_test.c
+index 53e2966997..baa9dd2272 100644
+--- a/test/rsa_mp_test.c
++++ b/test/rsa_mp_test.c
+@@ -10,12 +10,6 @@
+
+ /* This aims to test the setting functions, including internal ones */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+
+diff --git a/test/rsa_test.c b/test/rsa_test.c
+index 1fbfe821cb..084f533ac1 100644
+--- a/test/rsa_test.c
++++ b/test/rsa_test.c
+@@ -9,12 +9,6 @@
+
+ /* test vectors from p1ovect1.txt */
+
+-/*
+- * RSA low level APIs are deprecated for public use, but still ok for
+- * internal use.
+- */
+-#include "internal/deprecated.h"
+-
+ #include
+ #include
+
+diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c
+index c6f65eaded..def78b9920 100644
+--- a/test/tls13secretstest.c
++++ b/test/tls13secretstest.c
+@@ -165,16 +165,9 @@ void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl)
+ {
+ }
+
+-int ssl_cipher_get_evp_cipher(SSL_CTX *ctx, const SSL_CIPHER *sslc,
+- const EVP_CIPHER **enc)
+-{
+- return 0;
+-}
+-
+-int ssl_cipher_get_evp(SSL_CTX *ctx, const SSL_SESSION *s,
+- const EVP_CIPHER **enc, const EVP_MD **md,
+- int *mac_pkey_type, size_t *mac_secret_size,
+- SSL_COMP **comp, int use_etm)
++int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
++ const EVP_MD **md, int *mac_pkey_type,
++ size_t *mac_secret_size, SSL_COMP **comp, int use_etm)
+
+ {
+ return 0;
+@@ -193,7 +186,7 @@ int ssl_log_secret(SSL *ssl,
+ return 1;
+ }
+
+-const EVP_MD *ssl_md(SSL_CTX *ctx, int idx)
++const EVP_MD *ssl_md(int idx)
+ {
+ return EVP_sha256();
+ }
+@@ -213,14 +206,6 @@ int ossl_statem_export_early_allowed(SSL *s)
+ return 1;
+ }
+
+-void ssl_evp_cipher_free(const EVP_CIPHER *cipher)
+-{
+-}
+-
+-void ssl_evp_md_free(const EVP_MD *md)
+-{
+-}
+-
+ /* End of mocked out code */
+
+ static int test_secret(SSL *s, unsigned char *prk,
+diff --git a/util/libcrypto.num b/util/libcrypto.num
+index 12761e4adc..f81fefb9b2 100644
+--- a/util/libcrypto.num
++++ b/util/libcrypto.num
+@@ -205,7 +205,7 @@ d2i_CRL_DIST_POINTS 208 3_0_0 EXIST::FUNCTION:
+ X509_CRL_INFO_free 209 3_0_0 EXIST::FUNCTION:
+ ERR_load_UI_strings 210 3_0_0 EXIST::FUNCTION:
+ ERR_load_strings 211 3_0_0 EXIST::FUNCTION:
+-RSA_X931_hash_id 212 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_X931_hash_id 212 3_0_0 EXIST::FUNCTION:RSA
+ EC_KEY_set_method 213 3_0_0 EXIST::FUNCTION:EC
+ PEM_write_PKCS8_PRIV_KEY_INFO 214 3_0_0 EXIST::FUNCTION:STDIO
+ X509at_get0_data_by_OBJ 215 3_0_0 EXIST::FUNCTION:
+@@ -241,7 +241,7 @@ MDC2 245 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3
+ BN_clear_free 246 3_0_0 EXIST::FUNCTION:
+ ENGINE_get_pkey_asn1_meths 247 3_0_0 EXIST::FUNCTION:ENGINE
+ DSO_merge 248 3_0_0 EXIST::FUNCTION:
+-RSA_get_ex_data 249 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_get_ex_data 249 3_0_0 EXIST::FUNCTION:RSA
+ EVP_PKEY_meth_get_decrypt 250 3_0_0 EXIST::FUNCTION:
+ DES_cfb_encrypt 251 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DES
+ CMS_SignerInfo_set1_signer_cert 252 3_0_0 EXIST::FUNCTION:CMS
+@@ -275,7 +275,7 @@ d2i_PKCS7_ENC_CONTENT 280 3_0_0 EXIST::FUNCTION:
+ BUF_MEM_grow 281 3_0_0 EXIST::FUNCTION:
+ TS_REQ_free 282 3_0_0 EXIST::FUNCTION:TS
+ PEM_read_DHparams 283 3_0_0 EXIST::FUNCTION:DH,STDIO
+-RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_private_decrypt 284 3_0_0 EXIST::FUNCTION:RSA
+ X509V3_EXT_get_nid 285 3_0_0 EXIST::FUNCTION:
+ BIO_s_log 286 3_0_0 EXIST::FUNCTION:
+ EC_POINT_set_to_infinity 287 3_0_0 EXIST::FUNCTION:EC
+@@ -345,7 +345,7 @@ RC4 350 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3
+ PKCS7_stream 352 3_0_0 EXIST::FUNCTION:
+ i2t_ASN1_OBJECT 353 3_0_0 EXIST::FUNCTION:
+ EC_GROUP_get0_generator 354 3_0_0 EXIST::FUNCTION:EC
+-RSA_padding_add_PKCS1_PSS_mgf1 355 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_PSS_mgf1 355 3_0_0 EXIST::FUNCTION:RSA
+ EVP_MD_meth_set_init 356 3_0_0 EXIST::FUNCTION:
+ X509_get_issuer_name 357 3_0_0 EXIST::FUNCTION:
+ EVP_SignFinal 358 3_0_0 EXIST::FUNCTION:
+@@ -367,7 +367,7 @@ BIO_new_mem_buf 373 3_0_0 EXIST::FUNCTION:
+ UI_get_input_flags 374 3_0_0 EXIST::FUNCTION:
+ X509V3_EXT_REQ_add_nconf 375 3_0_0 EXIST::FUNCTION:
+ X509v3_asid_subset 376 3_0_0 EXIST::FUNCTION:RFC3779
+-RSA_check_key_ex 377 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_check_key_ex 377 3_0_0 EXIST::FUNCTION:RSA
+ d2i_TS_MSG_IMPRINT_bio 378 3_0_0 EXIST::FUNCTION:TS
+ i2d_ASN1_TYPE 379 3_0_0 EXIST::FUNCTION:
+ EVP_aes_256_wrap_pad 380 3_0_0 EXIST::FUNCTION:
+@@ -440,7 +440,7 @@ X509_get_default_private_dir 447 3_0_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set0_dane 448 3_0_0 EXIST::FUNCTION:
+ EVP_des_ecb 449 3_0_0 EXIST::FUNCTION:DES
+ OCSP_resp_get0 450 3_0_0 EXIST::FUNCTION:OCSP
+-RSA_X931_generate_key_ex 452 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_X931_generate_key_ex 452 3_0_0 EXIST::FUNCTION:RSA
+ X509_get_serialNumber 453 3_0_0 EXIST::FUNCTION:
+ BIO_sock_should_retry 454 3_0_0 EXIST::FUNCTION:SOCK
+ ENGINE_get_digests 455 3_0_0 EXIST::FUNCTION:ENGINE
+@@ -533,7 +533,7 @@ CONF_get_number 544 3_0_0 EXIST::FUNCTION:
+ X509_EXTENSION_get_object 545 3_0_0 EXIST::FUNCTION:
+ X509_EXTENSIONS_it 546 3_0_0 EXIST::FUNCTION:
+ EC_POINT_set_compressed_coordinates_GF2m 547 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC,EC2M
+-RSA_sign_ASN1_OCTET_STRING 548 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_sign_ASN1_OCTET_STRING 548 3_0_0 EXIST::FUNCTION:RSA
+ d2i_X509_CRL_fp 549 3_0_0 EXIST::FUNCTION:STDIO
+ i2d_RSA_PUBKEY 550 3_0_0 EXIST::FUNCTION:RSA
+ EVP_aes_128_ccm 551 3_0_0 EXIST::FUNCTION:
+@@ -553,7 +553,7 @@ X509_EXTENSION_free 564 3_0_0 EXIST::FUNCTION:
+ EVP_DigestSignInit 565 3_0_0 EXIST::FUNCTION:
+ CT_POLICY_EVAL_CTX_get0_issuer 566 3_0_0 EXIST::FUNCTION:CT
+ TLS_FEATURE_new 567 3_0_0 EXIST::FUNCTION:
+-RSA_get_default_method 568 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_get_default_method 568 3_0_0 EXIST::FUNCTION:RSA
+ CRYPTO_cts128_encrypt_block 569 3_0_0 EXIST::FUNCTION:
+ ASN1_digest 570 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
+ ERR_load_X509V3_strings 571 3_0_0 EXIST::FUNCTION:
+@@ -726,7 +726,7 @@ BN_set_params 744 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_0
+ BN_add 745 3_0_0 EXIST::FUNCTION:
+ OPENSSL_sk_free 746 3_0_0 EXIST::FUNCTION:
+ TS_TST_INFO_get_ext_d2i 747 3_0_0 EXIST::FUNCTION:TS
+-RSA_check_key 748 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_check_key 748 3_0_0 EXIST::FUNCTION:RSA
+ TS_MSG_IMPRINT_set_algo 749 3_0_0 EXIST::FUNCTION:TS
+ BN_nist_mod_521 750 3_0_0 EXIST::FUNCTION:
+ CRYPTO_THREAD_get_local 751 3_0_0 EXIST::FUNCTION:
+@@ -838,18 +838,18 @@ X509_STORE_free 858 3_0_0 EXIST::FUNCTION:
+ ECDSA_sign_ex 859 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
+ TXT_DB_insert 860 3_0_0 EXIST::FUNCTION:
+ EC_POINTs_make_affine 861 3_0_0 EXIST::FUNCTION:EC
+-RSA_padding_add_PKCS1_PSS 862 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_PSS 862 3_0_0 EXIST::FUNCTION:RSA
+ BF_options 863 3_0_0 EXIST::FUNCTION:BF,DEPRECATEDIN_3_0
+ OCSP_BASICRESP_it 864 3_0_0 EXIST::FUNCTION:OCSP
+ X509_VERIFY_PARAM_get0_name 865 3_0_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_signer_digest 866 3_0_0 EXIST::FUNCTION:TS
+ X509_VERIFY_PARAM_set1_email 867 3_0_0 EXIST::FUNCTION:
+ BIO_sock_error 868 3_0_0 EXIST::FUNCTION:SOCK
+-RSA_set_default_method 869 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_set_default_method 869 3_0_0 EXIST::FUNCTION:RSA
+ BN_GF2m_mod_sqrt_arr 870 3_0_0 EXIST::FUNCTION:EC2M
+ X509_get0_extensions 871 3_0_0 EXIST::FUNCTION:
+ TS_STATUS_INFO_set_status 872 3_0_0 EXIST::FUNCTION:TS
+-RSA_verify 873 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_verify 873 3_0_0 EXIST::FUNCTION:RSA
+ ASN1_FBOOLEAN_it 874 3_0_0 EXIST::FUNCTION:
+ d2i_ASN1_TIME 875 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_get_signctx 876 3_0_0 EXIST::FUNCTION:
+@@ -899,7 +899,7 @@ CONF_set_default_method 920 3_0_0 EXIST::FUNCTION:
+ ASN1_PCTX_get_nm_flags 921 3_0_0 EXIST::FUNCTION:
+ X509_add1_ext_i2d 922 3_0_0 EXIST::FUNCTION:
+ i2d_PKCS7_RECIP_INFO 924 3_0_0 EXIST::FUNCTION:
+-PKCS1_MGF1 925 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++PKCS1_MGF1 925 3_0_0 EXIST::FUNCTION:RSA
+ BIO_vsnprintf 926 3_0_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_current_issuer 927 3_0_0 EXIST::FUNCTION:
+ CRYPTO_secure_malloc_initialized 928 3_0_0 EXIST::FUNCTION:
+@@ -936,7 +936,7 @@ PKEY_USAGE_PERIOD_new 959 3_0_0 EXIST::FUNCTION:
+ OBJ_NAME_init 960 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_keygen 961 3_0_0 EXIST::FUNCTION:
+ RSA_PSS_PARAMS_new 962 3_0_0 EXIST::FUNCTION:RSA
+-RSA_sign 963 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_sign 963 3_0_0 EXIST::FUNCTION:RSA
+ EVP_DigestVerifyFinal 964 3_0_0 EXIST::FUNCTION:
+ d2i_RSA_PUBKEY_bio 965 3_0_0 EXIST::FUNCTION:RSA
+ TS_RESP_dup 966 3_0_0 EXIST::FUNCTION:TS
+@@ -1078,7 +1078,7 @@ PEM_read_bio_EC_PUBKEY 1104 3_0_0 EXIST::FUNCTION:EC
+ BN_MONT_CTX_set 1105 3_0_0 EXIST::FUNCTION:
+ TS_CONF_set_serial 1106 3_0_0 EXIST::FUNCTION:TS
+ X509_NAME_ENTRY_new 1107 3_0_0 EXIST::FUNCTION:
+-RSA_security_bits 1108 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_security_bits 1108 3_0_0 EXIST::FUNCTION:RSA
+ X509v3_addr_add_prefix 1109 3_0_0 EXIST::FUNCTION:RFC3779
+ X509_REQ_print_fp 1110 3_0_0 EXIST::FUNCTION:STDIO
+ ASN1_item_ex_new 1111 3_0_0 EXIST::FUNCTION:
+@@ -1089,7 +1089,7 @@ ASN1_TYPE_get 1115 3_0_0 EXIST::FUNCTION:
+ i2d_X509_EXTENSIONS 1116 3_0_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_store 1117 3_0_0 EXIST::FUNCTION:
+ PKCS12_pack_p7data 1118 3_0_0 EXIST::FUNCTION:
+-RSA_print_fp 1119 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA,STDIO
++RSA_print_fp 1119 3_0_0 EXIST::FUNCTION:RSA,STDIO
+ OPENSSL_INIT_set_config_appname 1120 3_0_0 EXIST::FUNCTION:STDIO
+ EC_KEY_print_fp 1121 3_0_0 EXIST::FUNCTION:EC,STDIO
+ BIO_dup_chain 1122 3_0_0 EXIST::FUNCTION:
+@@ -1192,7 +1192,7 @@ OCSP_CERTSTATUS_it 1218 3_0_0 EXIST::FUNCTION:OCSP
+ BIO_f_reliable 1219 3_0_0 EXIST::FUNCTION:
+ OCSP_resp_count 1220 3_0_0 EXIST::FUNCTION:OCSP
+ i2d_X509_AUX 1221 3_0_0 EXIST::FUNCTION:
+-RSA_verify_PKCS1_PSS_mgf1 1222 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_verify_PKCS1_PSS_mgf1 1222 3_0_0 EXIST::FUNCTION:RSA
+ X509_time_adj 1223 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_asn1_find_str 1224 3_0_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_get_flags 1225 3_0_0 EXIST::FUNCTION:
+@@ -1209,7 +1209,7 @@ X509_NAME_hash_old 1235 3_0_0 EXIST::FUNCTION:
+ PBKDF2PARAM_free 1236 3_0_0 EXIST::FUNCTION:
+ i2d_CMS_ContentInfo 1237 3_0_0 EXIST::FUNCTION:CMS
+ EVP_CIPHER_meth_set_ctrl 1238 3_0_0 EXIST::FUNCTION:
+-RSA_public_decrypt 1239 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_public_decrypt 1239 3_0_0 EXIST::FUNCTION:RSA
+ ENGINE_get_id 1240 3_0_0 EXIST::FUNCTION:ENGINE
+ PKCS12_item_decrypt_d2i 1241 3_0_0 EXIST::FUNCTION:
+ PEM_read_bio_DSAparams 1242 3_0_0 EXIST::FUNCTION:DSA
+@@ -1299,7 +1299,7 @@ EVP_CIPHER_do_all 1327 3_0_0 EXIST::FUNCTION:
+ POLICY_MAPPINGS_it 1328 3_0_0 EXIST::FUNCTION:
+ SCT_set0_log_id 1329 3_0_0 EXIST::FUNCTION:CT
+ CRYPTO_cfb128_encrypt 1330 3_0_0 EXIST::FUNCTION:
+-RSA_padding_add_PKCS1_type_2 1331 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_type_2 1331 3_0_0 EXIST::FUNCTION:RSA
+ TS_CONF_set_signer_cert 1332 3_0_0 EXIST::FUNCTION:TS
+ i2d_ASN1_OBJECT 1333 3_0_0 EXIST::FUNCTION:
+ d2i_PKCS8_PRIV_KEY_INFO_bio 1334 3_0_0 EXIST::FUNCTION:
+@@ -1392,7 +1392,7 @@ EVP_PBE_get 1424 3_0_0 EXIST::FUNCTION:
+ CRYPTO_nistcts128_encrypt 1425 3_0_0 EXIST::FUNCTION:
+ CONF_modules_finish 1426 3_0_0 EXIST::FUNCTION:
+ BN_value_one 1427 3_0_0 EXIST::FUNCTION:
+-RSA_padding_add_SSLv23 1428 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_SSLv23 1428 3_0_0 EXIST::FUNCTION:RSA
+ OCSP_RESPBYTES_it 1429 3_0_0 EXIST::FUNCTION:OCSP
+ EVP_aes_192_wrap 1430 3_0_0 EXIST::FUNCTION:
+ OCSP_CERTID_it 1431 3_0_0 EXIST::FUNCTION:OCSP
+@@ -1559,7 +1559,7 @@ CTLOG_get0_name 1593 3_0_0 EXIST::FUNCTION:CT
+ ASN1_TBOOLEAN_it 1594 3_0_0 EXIST::FUNCTION:
+ RC2_set_key 1595 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RC2
+ X509_REVOKED_get_ext_by_NID 1596 3_0_0 EXIST::FUNCTION:
+-RSA_padding_add_none 1597 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_none 1597 3_0_0 EXIST::FUNCTION:RSA
+ EVP_rc5_32_12_16_cbc 1599 3_0_0 EXIST::FUNCTION:RC5
+ PEM_dek_info 1600 3_0_0 EXIST::FUNCTION:
+ ASN1_SCTX_get_template 1601 3_0_0 EXIST::FUNCTION:
+@@ -1613,7 +1613,7 @@ i2d_EDIPARTYNAME 1649 3_0_0 EXIST::FUNCTION:
+ X509_policy_tree_get0_policies 1650 3_0_0 EXIST::FUNCTION:
+ X509at_add1_attr 1651 3_0_0 EXIST::FUNCTION:
+ X509_get_ex_data 1653 3_0_0 EXIST::FUNCTION:
+-RSA_set_method 1654 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_set_method 1654 3_0_0 EXIST::FUNCTION:RSA
+ X509_REVOKED_dup 1655 3_0_0 EXIST::FUNCTION:
+ ASN1_TIME_new 1656 3_0_0 EXIST::FUNCTION:
+ PEM_write_NETSCAPE_CERT_SEQUENCE 1657 3_0_0 EXIST::FUNCTION:STDIO
+@@ -1664,7 +1664,7 @@ ESS_SIGNING_CERT_dup 1701 3_0_0 EXIST::FUNCTION:
+ ENGINE_set_default_DSA 1702 3_0_0 EXIST::FUNCTION:ENGINE
+ X509_REVOKED_new 1703 3_0_0 EXIST::FUNCTION:
+ NCONF_WIN32 1704 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
+-RSA_padding_check_PKCS1_OAEP_mgf1 1705 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_PKCS1_OAEP_mgf1 1705 3_0_0 EXIST::FUNCTION:RSA
+ X509_policy_tree_get0_level 1706 3_0_0 EXIST::FUNCTION:
+ ASN1_parse_dump 1708 3_0_0 EXIST::FUNCTION:
+ BIO_vfree 1709 3_0_0 EXIST::FUNCTION:
+@@ -1831,7 +1831,7 @@ OCSP_single_get0_status 1873 3_0_0 EXIST::FUNCTION:OCSP
+ d2i_AUTHORITY_INFO_ACCESS 1874 3_0_0 EXIST::FUNCTION:
+ PEM_read_RSAPrivateKey 1875 3_0_0 EXIST::FUNCTION:RSA,STDIO
+ BIO_closesocket 1876 3_0_0 EXIST::FUNCTION:SOCK
+-RSA_verify_ASN1_OCTET_STRING 1877 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_verify_ASN1_OCTET_STRING 1877 3_0_0 EXIST::FUNCTION:RSA
+ SCT_set_log_entry_type 1878 3_0_0 EXIST::FUNCTION:CT
+ BN_new 1879 3_0_0 EXIST::FUNCTION:
+ X509_OBJECT_retrieve_by_subject 1880 3_0_0 EXIST::FUNCTION:
+@@ -2070,7 +2070,7 @@ i2d_ASIdentifiers 2115 3_0_0 EXIST::FUNCTION:RFC3779
+ X509V3_EXT_cleanup 2116 3_0_0 EXIST::FUNCTION:
+ CAST_ecb_encrypt 2117 3_0_0 EXIST::FUNCTION:CAST,DEPRECATEDIN_3_0
+ BIO_s_file 2118 3_0_0 EXIST::FUNCTION:
+-RSA_X931_derive_ex 2119 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_X931_derive_ex 2119 3_0_0 EXIST::FUNCTION:RSA
+ EVP_PKEY_decrypt_init 2120 3_0_0 EXIST::FUNCTION:
+ ENGINE_get_destroy_function 2121 3_0_0 EXIST::FUNCTION:ENGINE
+ SHA224_Init 2122 3_0_0 EXIST::FUNCTION:
+@@ -2252,7 +2252,7 @@ ESS_ISSUER_SERIAL_free 2299 3_0_0 EXIST::FUNCTION:
+ BN_mod_exp_mont_word 2300 3_0_0 EXIST::FUNCTION:
+ X509V3_EXT_nconf_nid 2301 3_0_0 EXIST::FUNCTION:
+ UTF8_putc 2302 3_0_0 EXIST::FUNCTION:
+-RSA_private_encrypt 2303 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_private_encrypt 2303 3_0_0 EXIST::FUNCTION:RSA
+ X509_LOOKUP_shutdown 2304 3_0_0 EXIST::FUNCTION:
+ TS_TST_INFO_set_accuracy 2305 3_0_0 EXIST::FUNCTION:TS
+ OCSP_basic_verify 2306 3_0_0 EXIST::FUNCTION:OCSP
+@@ -2348,7 +2348,7 @@ X509_LOOKUP_by_alias 2396 3_0_0 EXIST::FUNCTION:
+ EC_KEY_set_conv_form 2397 3_0_0 EXIST::FUNCTION:EC
+ X509_TRUST_get_count 2399 3_0_0 EXIST::FUNCTION:
+ IPAddressOrRange_free 2400 3_0_0 EXIST::FUNCTION:RFC3779
+-RSA_padding_add_PKCS1_OAEP 2401 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_OAEP 2401 3_0_0 EXIST::FUNCTION:RSA
+ EC_KEY_set_ex_data 2402 3_0_0 EXIST::FUNCTION:EC
+ SRP_VBASE_new 2403 3_0_0 EXIST::FUNCTION:SRP
+ i2d_ECDSA_SIG 2404 3_0_0 EXIST::FUNCTION:EC
+@@ -2375,7 +2375,7 @@ ASN1_GENERALIZEDTIME_it 2425 3_0_0 EXIST::FUNCTION:
+ PKCS8_pkey_get0 2426 3_0_0 EXIST::FUNCTION:
+ OCSP_sendreq_new 2427 3_0_0 EXIST::FUNCTION:OCSP
+ EVP_aes_256_cfb128 2428 3_0_0 EXIST::FUNCTION:
+-RSA_set_ex_data 2429 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_set_ex_data 2429 3_0_0 EXIST::FUNCTION:RSA
+ BN_GENCB_call 2430 3_0_0 EXIST::FUNCTION:
+ X509V3_EXT_add_nconf_sk 2431 3_0_0 EXIST::FUNCTION:
+ i2d_TS_MSG_IMPRINT_fp 2432 3_0_0 EXIST::FUNCTION:STDIO,TS
+@@ -2521,7 +2521,7 @@ EVP_CIPHER_meth_get_cleanup 2574 3_0_0 EXIST::FUNCTION:
+ ASN1_item_ex_d2i 2575 3_0_0 EXIST::FUNCTION:
+ EVP_MD_meth_free 2576 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_new 2577 3_0_0 EXIST::FUNCTION:
+-RSA_padding_check_PKCS1_OAEP 2578 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_PKCS1_OAEP 2578 3_0_0 EXIST::FUNCTION:RSA
+ OCSP_SERVICELOC_it 2579 3_0_0 EXIST::FUNCTION:OCSP
+ PKCS12_SAFEBAG_get_nid 2580 3_0_0 EXIST::FUNCTION:
+ EVP_MD_CTX_set_update_fn 2581 3_0_0 EXIST::FUNCTION:
+@@ -2586,7 +2586,7 @@ d2i_PBKDF2PARAM 2640 3_0_0 EXIST::FUNCTION:
+ ERR_load_COMP_strings 2641 3_0_0 EXIST::FUNCTION:COMP
+ EVP_PKEY_meth_add0 2642 3_0_0 EXIST::FUNCTION:
+ EVP_rc4_40 2643 3_0_0 EXIST::FUNCTION:RC4
+-RSA_bits 2645 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_bits 2645 3_0_0 EXIST::FUNCTION:RSA
+ ASN1_item_dup 2646 3_0_0 EXIST::FUNCTION:
+ GENERAL_NAMES_it 2647 3_0_0 EXIST::FUNCTION:
+ X509_issuer_name_hash 2648 3_0_0 EXIST::FUNCTION:
+@@ -2610,7 +2610,7 @@ X509_load_cert_file 2665 3_0_0 EXIST::FUNCTION:
+ EC_GFp_nistp521_method 2667 3_0_0 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+ ECDSA_SIG_free 2668 3_0_0 EXIST::FUNCTION:EC
+ d2i_PKCS12_BAGS 2669 3_0_0 EXIST::FUNCTION:
+-RSA_public_encrypt 2670 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_public_encrypt 2670 3_0_0 EXIST::FUNCTION:RSA
+ X509_CRL_get0_extensions 2671 3_0_0 EXIST::FUNCTION:
+ CMS_digest_verify 2672 3_0_0 EXIST::FUNCTION:CMS
+ ASN1_GENERALIZEDTIME_set 2673 3_0_0 EXIST::FUNCTION:
+@@ -2839,7 +2839,7 @@ ENGINE_get_last 2900 3_0_0 EXIST::FUNCTION:ENGINE
+ EVP_PKEY_encrypt_init 2901 3_0_0 EXIST::FUNCTION:
+ i2d_RSAPrivateKey_fp 2902 3_0_0 EXIST::FUNCTION:RSA,STDIO
+ X509_REQ_print 2903 3_0_0 EXIST::FUNCTION:
+-RSA_size 2904 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_size 2904 3_0_0 EXIST::FUNCTION:RSA
+ EVP_CIPHER_CTX_iv_noconst 2905 3_0_0 EXIST::FUNCTION:
+ DH_set_default_method 2906 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
+ X509_ALGOR_new 2907 3_0_0 EXIST::FUNCTION:
+@@ -2933,7 +2933,7 @@ SHA384 2995 3_0_0 EXIST::FUNCTION:
+ NCONF_get_string 2996 3_0_0 EXIST::FUNCTION:
+ d2i_PROXY_CERT_INFO_EXTENSION 2997 3_0_0 EXIST::FUNCTION:
+ EC_POINT_point2buf 2998 3_0_0 EXIST::FUNCTION:EC
+-RSA_padding_add_PKCS1_OAEP_mgf1 2999 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_OAEP_mgf1 2999 3_0_0 EXIST::FUNCTION:RSA
+ COMP_CTX_get_type 3000 3_0_0 EXIST::FUNCTION:COMP
+ TS_RESP_CTX_set_status_info 3001 3_0_0 EXIST::FUNCTION:TS
+ BIO_f_nbio_test 3002 3_0_0 EXIST::FUNCTION:
+@@ -3014,7 +3014,7 @@ ENGINE_load_private_key 3078 3_0_0 EXIST::FUNCTION:ENGINE
+ GENERAL_NAMES_new 3079 3_0_0 EXIST::FUNCTION:
+ i2d_POLICYQUALINFO 3080 3_0_0 EXIST::FUNCTION:
+ EC_GF2m_simple_method 3081 3_0_0 EXIST::FUNCTION:EC,EC2M
+-RSA_get_method 3082 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_get_method 3082 3_0_0 EXIST::FUNCTION:RSA
+ d2i_ASRange 3083 3_0_0 EXIST::FUNCTION:RFC3779
+ CMS_ContentInfo_new 3084 3_0_0 EXIST::FUNCTION:CMS
+ OPENSSL_init_crypto 3085 3_0_0 EXIST::FUNCTION:
+@@ -3053,7 +3053,7 @@ i2d_RSA_PSS_PARAMS 3117 3_0_0 EXIST::FUNCTION:RSA
+ EVP_aes_128_wrap_pad 3118 3_0_0 EXIST::FUNCTION:
+ ASN1_BIT_STRING_set 3119 3_0_0 EXIST::FUNCTION:
+ PKCS5_PBKDF2_HMAC_SHA1 3120 3_0_0 EXIST::FUNCTION:
+-RSA_padding_check_PKCS1_type_2 3121 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_PKCS1_type_2 3121 3_0_0 EXIST::FUNCTION:RSA
+ EVP_des_ede3_ecb 3122 3_0_0 EXIST::FUNCTION:DES
+ CBIGNUM_it 3123 3_0_0 EXIST::FUNCTION:
+ BIO_new_NDEF 3124 3_0_0 EXIST::FUNCTION:
+@@ -3124,7 +3124,7 @@ BN_mod_add 3189 3_0_0 EXIST::FUNCTION:
+ EC_POINT_set_affine_coordinates_GFp 3190 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
+ X509_get_default_cert_file 3191 3_0_0 EXIST::FUNCTION:
+ UI_method_set_flusher 3192 3_0_0 EXIST::FUNCTION:
+-RSA_new_method 3193 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_new_method 3193 3_0_0 EXIST::FUNCTION:RSA
+ OCSP_request_verify 3194 3_0_0 EXIST::FUNCTION:OCSP
+ CRYPTO_THREAD_run_once 3195 3_0_0 EXIST::FUNCTION:
+ TS_REQ_print_bio 3196 3_0_0 EXIST::FUNCTION:TS
+@@ -3211,7 +3211,7 @@ POLICY_CONSTRAINTS_free 3277 3_0_0 EXIST::FUNCTION:
+ EVP_aes_256_cfb8 3278 3_0_0 EXIST::FUNCTION:
+ d2i_DSA_PUBKEY_bio 3279 3_0_0 EXIST::FUNCTION:DSA
+ X509_NAME_get_text_by_OBJ 3280 3_0_0 EXIST::FUNCTION:
+-RSA_padding_check_none 3281 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_none 3281 3_0_0 EXIST::FUNCTION:RSA
+ CRYPTO_set_mem_debug 3282 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
+ TS_VERIFY_CTX_init 3283 3_0_0 EXIST::FUNCTION:TS
+ OCSP_cert_id_new 3284 3_0_0 EXIST::FUNCTION:OCSP
+@@ -3265,7 +3265,7 @@ X509_PKEY_free 3332 3_0_0 EXIST::FUNCTION:
+ OCSP_CRLID_new 3333 3_0_0 EXIST::FUNCTION:OCSP
+ CONF_dump_bio 3334 3_0_0 EXIST::FUNCTION:
+ d2i_PKCS8PrivateKey_fp 3335 3_0_0 EXIST::FUNCTION:STDIO
+-RSA_setup_blinding 3336 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_setup_blinding 3336 3_0_0 EXIST::FUNCTION:RSA
+ ERR_peek_error_line 3337 3_0_0 EXIST::FUNCTION:
+ d2i_PKCS7 3338 3_0_0 EXIST::FUNCTION:
+ ERR_reason_error_string 3339 3_0_0 EXIST::FUNCTION:
+@@ -3286,7 +3286,7 @@ OPENSSL_sk_is_sorted 3353 3_0_0 EXIST::FUNCTION:
+ OCSP_SIGNATURE_new 3354 3_0_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_meth_get_paramgen 3355 3_0_0 EXIST::FUNCTION:
+ X509_ATTRIBUTE_create_by_OBJ 3356 3_0_0 EXIST::FUNCTION:
+-RSA_generate_key_ex 3357 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_generate_key_ex 3357 3_0_0 EXIST::FUNCTION:RSA
+ CMS_SignerInfo_get0_algs 3358 3_0_0 EXIST::FUNCTION:CMS
+ DIST_POINT_free 3359 3_0_0 EXIST::FUNCTION:
+ ESS_SIGNING_CERT_free 3360 3_0_0 EXIST::FUNCTION:
+@@ -3302,7 +3302,7 @@ PKCS7_ENVELOPE_new 3369 3_0_0 EXIST::FUNCTION:
+ EDIPARTYNAME_new 3370 3_0_0 EXIST::FUNCTION:
+ CMS_add1_cert 3371 3_0_0 EXIST::FUNCTION:CMS
+ DSO_convert_filename 3372 3_0_0 EXIST::FUNCTION:
+-RSA_padding_check_SSLv23 3373 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_SSLv23 3373 3_0_0 EXIST::FUNCTION:RSA
+ CRYPTO_gcm128_finish 3374 3_0_0 EXIST::FUNCTION:
+ PKCS12_SAFEBAGS_it 3375 3_0_0 EXIST::FUNCTION:
+ PKCS12_PBE_add 3376 3_0_0 EXIST::FUNCTION:
+@@ -3393,7 +3393,7 @@ BIO_number_written 3463 3_0_0 EXIST::FUNCTION:
+ TS_TST_INFO_set_msg_imprint 3464 3_0_0 EXIST::FUNCTION:TS
+ CRYPTO_get_ex_data 3465 3_0_0 EXIST::FUNCTION:
+ X509_PURPOSE_get0_sname 3466 3_0_0 EXIST::FUNCTION:
+-RSA_verify_PKCS1_PSS 3467 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_verify_PKCS1_PSS 3467 3_0_0 EXIST::FUNCTION:RSA
+ HMAC_CTX_reset 3468 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
+ EVP_PKEY_meth_set_init 3469 3_0_0 EXIST::FUNCTION:
+ X509_REQ_extension_nid 3470 3_0_0 EXIST::FUNCTION:
+@@ -3558,7 +3558,7 @@ SHA384_Update 3635 3_0_0 EXIST::FUNCTION:
+ CRYPTO_cfb128_1_encrypt 3636 3_0_0 EXIST::FUNCTION:
+ BIO_set_cipher 3637 3_0_0 EXIST::FUNCTION:
+ PEM_read_PUBKEY 3638 3_0_0 EXIST::FUNCTION:STDIO
+-RSA_PKCS1_OpenSSL 3639 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_PKCS1_OpenSSL 3639 3_0_0 EXIST::FUNCTION:RSA
+ AUTHORITY_INFO_ACCESS_free 3640 3_0_0 EXIST::FUNCTION:
+ SCT_get0_signature 3641 3_0_0 EXIST::FUNCTION:CT
+ DISPLAYTEXT_it 3643 3_0_0 EXIST::FUNCTION:
+@@ -3569,7 +3569,7 @@ X509_REQ_set_extension_nids 3647 3_0_0 EXIST::FUNCTION:
+ X509_free 3648 3_0_0 EXIST::FUNCTION:
+ ERR_load_ERR_strings 3649 3_0_0 EXIST::FUNCTION:
+ ASN1_const_check_infinite_end 3650 3_0_0 EXIST::FUNCTION:
+-RSA_null_method 3651 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_null_method 3651 3_0_0 EXIST::FUNCTION:RSA
+ TS_REQ_ext_free 3652 3_0_0 EXIST::FUNCTION:TS
+ EVP_PKEY_meth_get_encrypt 3653 3_0_0 EXIST::FUNCTION:
+ Camellia_ecb_encrypt 3654 3_0_0 EXIST::FUNCTION:CAMELLIA,DEPRECATEDIN_3_0
+@@ -3604,7 +3604,7 @@ BIO_ADDR_free 3683 3_0_0 EXIST::FUNCTION:SOCK
+ ASN1_STRING_free 3684 3_0_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_inherit 3685 3_0_0 EXIST::FUNCTION:
+ EC_GROUP_get_curve_name 3686 3_0_0 EXIST::FUNCTION:EC
+-RSA_print 3687 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_print 3687 3_0_0 EXIST::FUNCTION:RSA
+ i2d_ASN1_BMPSTRING 3688 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_decrypt_old 3689 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
+ ASN1_UTCTIME_cmp_time_t 3690 3_0_0 EXIST::FUNCTION:
+@@ -3678,7 +3678,7 @@ BIO_set_callback 3757 3_0_0 EXIST::FUNCTION:
+ BN_GF2m_poly2arr 3758 3_0_0 EXIST::FUNCTION:EC2M
+ CMS_unsigned_get_attr_count 3759 3_0_0 EXIST::FUNCTION:CMS
+ EVP_aes_256_gcm 3760 3_0_0 EXIST::FUNCTION:
+-RSA_padding_check_X931 3761 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_check_X931 3761 3_0_0 EXIST::FUNCTION:RSA
+ ECDH_compute_key 3762 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
+ ASN1_TIME_print 3763 3_0_0 EXIST::FUNCTION:
+ EVP_PKEY_CTX_get0_peerkey 3764 3_0_0 EXIST::FUNCTION:
+@@ -3759,7 +3759,7 @@ i2d_ASN1_INTEGER 3840 3_0_0 EXIST::FUNCTION:
+ OCSP_SINGLERESP_add1_ext_i2d 3841 3_0_0 EXIST::FUNCTION:OCSP
+ PKCS7_add_signed_attribute 3842 3_0_0 EXIST::FUNCTION:
+ i2d_PrivateKey_bio 3843 3_0_0 EXIST::FUNCTION:
+-RSA_padding_add_PKCS1_type_1 3844 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_padding_add_PKCS1_type_1 3844 3_0_0 EXIST::FUNCTION:RSA
+ i2d_re_X509_tbs 3845 3_0_0 EXIST::FUNCTION:
+ EVP_CIPHER_iv_length 3846 3_0_0 EXIST::FUNCTION:
+ OCSP_REQ_CTX_get0_mem_bio 3847 3_0_0 EXIST::FUNCTION:
+@@ -3908,44 +3908,44 @@ X509_VERIFY_PARAM_set_auth_level 3991 3_0_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_get_auth_level 3992 3_0_0 EXIST::FUNCTION:
+ X509_REQ_get0_pubkey 3993 3_0_0 EXIST::FUNCTION:
+ RSA_set0_key 3994 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_get_flags 3995 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_finish 3996 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_priv_dec 3997 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_sign 3998 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_bn_mod_exp 3999 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_get_flags 3995 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_finish 3996 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_priv_dec 3997 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_sign 3998 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_bn_mod_exp 3999 3_0_0 EXIST::FUNCTION:RSA
+ RSA_test_flags 4000 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_new 4001 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get0_app_data 4002 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_dup 4003 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set1_name 4004 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set0_app_data 4005 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_new 4001 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get0_app_data 4002 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_dup 4003 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set1_name 4004 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set0_app_data 4005 3_0_0 EXIST::FUNCTION:RSA
+ RSA_set_flags 4006 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_set_sign 4007 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_set_sign 4007 3_0_0 EXIST::FUNCTION:RSA
+ RSA_clear_flags 4008 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_get_keygen 4009 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_keygen 4010 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_pub_dec 4011 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_finish 4012 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_get_keygen 4009 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_keygen 4010 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_pub_dec 4011 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_finish 4012 3_0_0 EXIST::FUNCTION:RSA
+ RSA_get0_key 4013 3_0_0 EXIST::FUNCTION:RSA
+-RSA_get0_engine 4014 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_priv_enc 4015 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_verify 4016 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_get0_engine 4014 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_priv_enc 4015 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_verify 4016 3_0_0 EXIST::FUNCTION:RSA
+ RSA_get0_factors 4017 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_get0_name 4018 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_mod_exp 4019 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_flags 4020 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_pub_dec 4021 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_bn_mod_exp 4022 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_init 4023 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_free 4024 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_pub_enc 4025 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_mod_exp 4026 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_get0_name 4018 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_mod_exp 4019 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_flags 4020 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_pub_dec 4021 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_bn_mod_exp 4022 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_init 4023 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_free 4024 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_pub_enc 4025 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_mod_exp 4026 3_0_0 EXIST::FUNCTION:RSA
+ RSA_set0_factors 4027 3_0_0 EXIST::FUNCTION:RSA
+-RSA_meth_set_pub_enc 4028 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_priv_dec 4029 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_verify 4030 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_set_init 4031 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
+-RSA_meth_get_priv_enc 4032 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_meth_set_pub_enc 4028 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_priv_dec 4029 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_verify 4030 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_set_init 4031 3_0_0 EXIST::FUNCTION:RSA
++RSA_meth_get_priv_enc 4032 3_0_0 EXIST::FUNCTION:RSA
+ RSA_set0_crt_params 4037 3_0_0 EXIST::FUNCTION:RSA
+ RSA_get0_crt_params 4038 3_0_0 EXIST::FUNCTION:RSA
+ DH_set0_pqg 4039 3_0_0 EXIST::FUNCTION:DH
+@@ -4899,7 +4899,7 @@ d2i_X509_PUBKEY_fp ? 3_0_0 EXIST::FUNCTION:STDIO
+ i2d_X509_PUBKEY_fp ? 3_0_0 EXIST::FUNCTION:STDIO
+ d2i_X509_PUBKEY_bio ? 3_0_0 EXIST::FUNCTION:
+ i2d_X509_PUBKEY_bio ? 3_0_0 EXIST::FUNCTION:
+-RSA_get0_pss_params ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
++RSA_get0_pss_params ? 3_0_0 EXIST::FUNCTION:RSA
+ X509_cmp_timeframe ? 3_0_0 EXIST::FUNCTION:
+ OSSL_CMP_MSG_get0_header ? 3_0_0 EXIST::FUNCTION:CMP
+ BIO_f_prefix ? 3_0_0 EXIST::FUNCTION: