Update for OpenSSL 0.9.7. No assembler code at the moment. This
will follow.
This commit is contained in:
+193
-286
@@ -1,144 +1,115 @@
|
||||
# $FreeBSD$
|
||||
|
||||
.include "Makefile.inc"
|
||||
|
||||
.PATH: ${LCRYPTO_SRC} ${LCRYPTO_SRC}/asn1 ${LCRYPTO_SRC}/bf \
|
||||
${LCRYPTO_SRC}/bio ${LCRYPTO_SRC}/bn ${LCRYPTO_SRC}/buffer \
|
||||
${LCRYPTO_SRC}/cast ${LCRYPTO_SRC}/comp ${LCRYPTO_SRC}/conf \
|
||||
${LCRYPTO_SRC}/des ${LCRYPTO_SRC}/dh ${LCRYPTO_SRC}/dsa \
|
||||
${LCRYPTO_SRC}/dso ${LCRYPTO_SRC}/err ${LCRYPTO_SRC}/evp \
|
||||
${LCRYPTO_SRC}/hmac ${LCRYPTO_SRC}/lhash ${LCRYPTO_SRC}/md2 \
|
||||
${LCRYPTO_SRC}/md4 ${LCRYPTO_SRC}/md5 ${LCRYPTO_SRC}/mdc2 \
|
||||
${LCRYPTO_SRC}/objects ${LCRYPTO_SRC}/pem ${LCRYPTO_SRC}/pkcs7 \
|
||||
${LCRYPTO_SRC}/pkcs12 ${LCRYPTO_SRC}/rand ${LCRYPTO_SRC}/rc2 \
|
||||
${LCRYPTO_SRC}/rc4 ${LCRYPTO_SRC}/rc5 ${LCRYPTO_SRC}/ripemd \
|
||||
${LCRYPTO_SRC}/rsa ${LCRYPTO_SRC}/../rsaref ${LCRYPTO_SRC}/sha \
|
||||
${LCRYPTO_SRC}/stack ${LCRYPTO_SRC}/txt_db ${LCRYPTO_SRC}/x509 \
|
||||
${LCRYPTO_SRC}/x509v3 ${.CURDIR}/man
|
||||
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
.PATH: ${.CURDIR}/i386
|
||||
.endif
|
||||
|
||||
.if defined(MAKE_IDEA) && ${MAKE_IDEA} == YES
|
||||
.PATH: ${LCRYPTO_SRC}/idea
|
||||
.endif
|
||||
|
||||
LIB= crypto
|
||||
SHLIB_MAJOR= 2
|
||||
SHLIB_MAJOR= 3
|
||||
|
||||
NOLINT= true
|
||||
|
||||
.include "Makefile.inc"
|
||||
|
||||
# base sources
|
||||
SRCS+= cpt_err.c cryptlib.c cversion.c ebcdic.c ex_data.c mem.c mem_dbg.c \
|
||||
tmdiff.c uid.c
|
||||
SRCS+= cpt_err.c cryptlib.c cversion.c ebcdic.c ex_data.c mem.c mem_clr.c \
|
||||
mem_dbg.c o_time.c tmdiff.c uid.c
|
||||
|
||||
# aes
|
||||
SRCS+= aes_cbc.c aes_cfb.c aes_core.c aes_ctr.c aes_ecb.c aes_misc.c aes_ofb.c
|
||||
|
||||
# asn1
|
||||
SRCS+= a_bitstr.c a_bmp.c a_bool.c a_bytes.c a_d2i_fp.c a_digest.c \
|
||||
SRCS+= a_bitstr.c a_bool.c a_bytes.c a_d2i_fp.c a_digest.c \
|
||||
a_dup.c a_enum.c a_gentm.c a_hdr.c a_i2d_fp.c a_int.c \
|
||||
a_mbstr.c a_meth.c a_null.c a_object.c a_octet.c a_print.c \
|
||||
a_mbstr.c a_meth.c a_object.c a_octet.c a_print.c \
|
||||
a_set.c a_sign.c a_strex.c a_strnid.c a_time.c a_type.c \
|
||||
a_utctm.c a_utf8.c a_verify.c a_vis.c asn1_err.c asn1_lib.c \
|
||||
asn1_par.c asn_pack.c d2i_dhp.c d2i_dsap.c d2i_pr.c d2i_pu.c \
|
||||
d2i_r_pr.c d2i_r_pu.c d2i_s_pr.c d2i_s_pu.c evp_asn1.c \
|
||||
f_enum.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c i2d_pr.c \
|
||||
i2d_pu.c i2d_r_pr.c i2d_r_pu.c i2d_s_pr.c i2d_s_pu.c n_pkey.c \
|
||||
nsseq.c p5_pbe.c p5_pbev2.c p7_dgst.c p7_enc.c p7_enc_c.c \
|
||||
p7_evp.c p7_i_s.c p7_lib.c p7_recip.c p7_s_e.c p7_signd.c \
|
||||
p7_signi.c p8_pkey.c t_bitst.c t_crl.c t_pkey.c t_req.c \
|
||||
t_spki.c t_x509.c t_x509a.c x_algor.c x_attrib.c x_cinf.c \
|
||||
x_crl.c x_exten.c x_info.c x_name.c x_pkey.c x_pubkey.c \
|
||||
a_utctm.c a_utf8.c a_verify.c asn1_err.c asn1_lib.c \
|
||||
asn1_par.c asn_moid.c asn_pack.c d2i_pr.c d2i_pu.c \
|
||||
evp_asn1.c f_enum.c f_int.c f_string.c i2d_pr.c i2d_pu.c \
|
||||
n_pkey.c nsseq.c p5_pbe.c p5_pbev2.c p8_pkey.c t_bitst.c \
|
||||
t_crl.c t_pkey.c t_req.c t_spki.c t_x509.c t_x509a.c \
|
||||
tasn_dec.c tasn_enc.c tasn_fre.c tasn_new.c tasn_typ.c \
|
||||
tasn_utl.c x_algor.c x_attrib.c x_bignum.c x_crl.c \
|
||||
x_exten.c x_info.c x_long.c x_name.c x_pkey.c x_pubkey.c \
|
||||
x_req.c x_sig.c x_spki.c x_val.c x_x509.c x_x509a.c
|
||||
|
||||
# blowfish
|
||||
SRCS+= bf_cfb64.c bf_ecb.c bf_ofb64.c bf_skey.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
.if ${MACHINE_CPU:Mi686}
|
||||
SRCS+= bf-686.s
|
||||
.else
|
||||
SRCS+= bf-586.s
|
||||
.endif
|
||||
.else
|
||||
SRCS+= bf_enc.c
|
||||
.endif
|
||||
# bf
|
||||
SRCS+= bf_cfb64.c bf_ecb.c bf_enc.c bf_ofb64.c bf_skey.c
|
||||
|
||||
# bio
|
||||
SRCS+= b_dump.c b_print.c b_sock.c bf_buff.c bf_nbio.c bf_null.c \
|
||||
bio_cb.c bio_err.c bio_lib.c bss_acpt.c bss_bio.c bss_conn.c \
|
||||
bss_fd.c bss_file.c bss_log.c bss_mem.c bss_null.c bss_sock.c
|
||||
SRCS+= b_dump.c b_print.c b_sock.c bf_buff.c bf_lbuf.c bf_nbio.c \
|
||||
bf_null.c bio_cb.c bio_err.c bio_lib.c bss_acpt.c bss_bio.c \
|
||||
bss_conn.c bss_fd.c bss_file.c bss_log.c bss_mem.c \
|
||||
bss_null.c bss_sock.c
|
||||
|
||||
# bn
|
||||
|
||||
SRCS+= bn_add.c bn_blind.c bn_ctx.c bn_div.c bn_err.c \
|
||||
bn_exp.c bn_exp2.c bn_gcd.c bn_lib.c bn_mont.c bn_mpi.c \
|
||||
bn_mul.c bn_prime.c bn_print.c bn_rand.c bn_recp.c bn_shift.c \
|
||||
bn_sqr.c bn_word.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= bn-586.s co-586.s
|
||||
.else
|
||||
SRCS+= bn_asm.c
|
||||
.endif
|
||||
SRCS+= bn_add.c bn_asm.c bn_blind.c bn_ctx.c bn_div.c bn_err.c bn_exp.c \
|
||||
bn_exp2.c bn_gcd.c bn_kron.c bn_lib.c bn_mod.c bn_mont.c \
|
||||
bn_mpi.c bn_mul.c bn_prime.c bn_print.c bn_rand.c bn_recp.c \
|
||||
bn_shift.c bn_sqr.c bn_sqrt.c bn_word.c
|
||||
|
||||
# buffer
|
||||
SRCS+= buf_err.c buffer.c
|
||||
SRCS+= buf_err.c buffer.c
|
||||
|
||||
# cast
|
||||
SRCS+= c_cfb64.c c_ecb.c c_ofb64.c c_skey.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= cast-586.s
|
||||
.else
|
||||
SRCS+= c_enc.c
|
||||
.endif
|
||||
SRCS+= c_cfb64.c c_ecb.c c_enc.c c_ofb64.c c_skey.c
|
||||
|
||||
# comp
|
||||
SRCS+= c_rle.c c_zlib.c comp_lib.c
|
||||
SRCS+= c_rle.c c_zlib.c comp_err.c comp_lib.c
|
||||
|
||||
# conf
|
||||
SRCS+= conf_api.c conf_def.c conf_err.c conf_lib.c
|
||||
SRCS+= conf_api.c conf_def.c conf_err.c conf_lib.c conf_mall.c conf_mod.c conf_sap.c
|
||||
|
||||
# des
|
||||
SRCS+= cbc_cksm.c cbc_enc.c cfb64ede.c cfb64enc.c cfb_enc.c \
|
||||
ecb3_enc.c ecb_enc.c ede_cbcm_enc.c enc_read.c enc_writ.c \
|
||||
fcrypt.c ofb64ede.c ofb64enc.c ofb_enc.c pcbc_enc.c \
|
||||
qud_cksm.c rand_key.c read2pwd.c read_pwd.c rpc_enc.c \
|
||||
set_key.c str2key.c xcbc_enc.c rnd_keys.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= des-586.s crypt586.s
|
||||
.else
|
||||
SRCS+= des_enc.c fcrypt_b.c
|
||||
.endif
|
||||
SRCS+= cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64ede.c cfb64enc.c cfb_enc.c \
|
||||
des_enc.c des_old.c des_old2.c ecb3_enc.c ecb_enc.c ede_cbcm_enc.c \
|
||||
enc_read.c enc_writ.c fcrypt.c fcrypt_b.c ofb64ede.c ofb64enc.c \
|
||||
ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read2pwd.c rnd_keys.c \
|
||||
rpc_enc.c set_key.c str2key.c xcbc_enc.c
|
||||
|
||||
# dh
|
||||
SRCS+= dh_check.c dh_err.c dh_gen.c dh_key.c dh_lib.c
|
||||
SRCS+= dh_asn1.c dh_check.c dh_err.c dh_gen.c dh_key.c dh_lib.c
|
||||
|
||||
# dsa
|
||||
SRCS+= dsa_asn1.c dsa_err.c dsa_gen.c dsa_key.c dsa_lib.c dsa_ossl.c \
|
||||
dsa_sign.c dsa_vrf.c
|
||||
# dsa
|
||||
SRCS+= dsa_asn1.c dsa_err.c dsa_gen.c dsa_key.c dsa_lib.c dsa_ossl.c dsa_sign.c dsa_vrf.c
|
||||
|
||||
# dso
|
||||
SRCS+= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
|
||||
dso_openssl.c
|
||||
SRCS+= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c dso_openssl.c
|
||||
|
||||
# ec
|
||||
SRCS+= ec_cvt.c ec_err.c ec_lib.c ec_mult.c ecp_mont.c ecp_nist.c \
|
||||
ecp_recp.c ecp_smpl.c
|
||||
|
||||
# engine
|
||||
SRCS+= eng_all.c eng_cnf.c eng_ctrl.c eng_dyn.c eng_err.c eng_fat.c \
|
||||
eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c \
|
||||
eng_table.c hw_4758_cca.c hw_4758_cca_err.c hw_aep.c hw_aep_err.c \
|
||||
hw_atalla.c hw_atalla_err.c hw_cryptodev.c hw_cswift.c \
|
||||
hw_cswift_err.c hw_ncipher.c hw_ncipher_err.c hw_nuron.c \
|
||||
hw_nuron_err.c hw_sureware.c hw_sureware_err.c hw_ubsec.c \
|
||||
hw_ubsec_err.c tb_cipher.c tb_dh.c tb_digest.c tb_dsa.c tb_rand.c \
|
||||
tb_rsa.c
|
||||
|
||||
# err
|
||||
SRCS+= err.c err_all.c err_prn.c
|
||||
|
||||
# evp
|
||||
SRCS+= bio_b64.c bio_enc.c bio_md.c bio_ok.c c_all.c c_allc.c c_alld.c \
|
||||
digest.c e_bf.c e_cast.c e_des.c e_des3.c e_idea.c e_null.c \
|
||||
e_rc2.c e_rc4.c e_rc5.c e_xcbc_d.c encode.c evp_enc.c \
|
||||
evp_err.c evp_key.c evp_lib.c evp_pbe.c evp_pkey.c m_dss.c \
|
||||
m_dss1.c m_md2.c m_md4.c m_md5.c m_mdc2.c m_null.c m_ripemd.c \
|
||||
m_sha.c m_sha1.c names.c p5_crpt.c p5_crpt2.c p_dec.c p_enc.c \
|
||||
p_lib.c p_open.c p_seal.c p_sign.c p_verify.c
|
||||
digest.c e_aes.c e_bf.c e_cast.c e_des.c e_des3.c e_idea.c \
|
||||
e_null.c e_rc2.c e_rc4.c e_rc5.c e_xcbc_d.c encode.c evp_acnf.c \
|
||||
evp_enc.c evp_err.c evp_key.c evp_lib.c evp_pbe.c evp_pkey.c \
|
||||
m_dss.c m_dss1.c m_md2.c m_md4.c m_md5.c m_mdc2.c m_null.c \
|
||||
m_ripemd.c m_sha.c m_sha1.c names.c openbsd_hw.c p5_crpt.c \
|
||||
p5_crpt2.c p_dec.c p_enc.c p_lib.c p_open.c p_seal.c p_sign.c \
|
||||
p_verify.c
|
||||
|
||||
# hmac
|
||||
SRCS+= hmac.c
|
||||
|
||||
# idea
|
||||
.if defined(MAKE_IDEA) && ${MAKE_IDEA} == YES
|
||||
SRCS+= i_ecb.c i_cbc.c i_cfb64.c i_ofb64.c i_skey.c
|
||||
SRCS+= i_cbc.c i_cfb64.c i_ecb.c i_ofb64.c i_skey.c
|
||||
.endif
|
||||
|
||||
# krb5
|
||||
#SRCS+= krb5_asn.c
|
||||
|
||||
# lhash
|
||||
SRCS+= lh_stats.c lhash.c
|
||||
|
||||
@@ -150,233 +121,169 @@ SRCS+= md4_dgst.c md4_one.c
|
||||
|
||||
# md5
|
||||
SRCS+= md5_dgst.c md5_one.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= md5-586.s
|
||||
.endif
|
||||
|
||||
# mdc2
|
||||
SRCS+= mdc2dgst.c mdc2_one.c
|
||||
SRCS+= mdc2_one.c mdc2dgst.c
|
||||
|
||||
# objects
|
||||
SRCS+= o_names.c obj_dat.c obj_err.c obj_lib.c
|
||||
|
||||
# pem
|
||||
SRCS+= pem_all.c pem_err.c pem_info.c pem_lib.c pem_seal.c pem_sign.c
|
||||
# ocsp
|
||||
SRCS+= ocsp_asn.c ocsp_cl.c ocsp_err.c ocsp_ext.c ocsp_ht.c \
|
||||
ocsp_lib.c ocsp_prn.c ocsp_srv.c ocsp_vfy.c
|
||||
|
||||
# pkcs7
|
||||
SRCS+= pk7_attr.c pk7_doit.c pk7_lib.c pk7_mime.c pk7_smime.c pkcs7err.c
|
||||
# pem
|
||||
SRCS+= pem_all.c pem_err.c pem_info.c pem_lib.c pem_oth.c pem_pk8.c \
|
||||
pem_pkey.c pem_seal.c pem_sign.c pem_x509.c pem_xaux.c
|
||||
|
||||
# pkcs12
|
||||
SRCS+= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \
|
||||
p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c \
|
||||
p12_npas.c p12_sbag.c p12_utl.c pk12err.c
|
||||
SRCS+= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c \
|
||||
p12_decr.c p12_init.c p12_key.c p12_kiss.c p12_mutl.c \
|
||||
p12_npas.c p12_p8d.c p12_p8e.c p12_utl.c pk12err.c
|
||||
|
||||
# pkcs7
|
||||
SRCS+= example.c pk7_asn1.c pk7_attr.c pk7_dgst.c pk7_doit.c \
|
||||
pk7_lib.c pk7_mime.c pk7_smime.c pkcs7err.c
|
||||
|
||||
# rand
|
||||
SRCS+= md_rand.c rand_egd.c rand_err.c rand_lib.c rand_win.c randfile.c
|
||||
SRCS+= md_rand.c rand_egd.c rand_err.c rand_lib.c rand_unix.c randfile.c
|
||||
|
||||
# rc2
|
||||
SRCS+= rc2_cbc.c rc2cfb64.c rc2_ecb.c rc2ofb64.c rc2_skey.c
|
||||
SRCS+= rc2_cbc.c rc2_ecb.c rc2_skey.c rc2cfb64.c rc2ofb64.c
|
||||
|
||||
# rc4
|
||||
SRCS+= rc4_skey.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= rc4-586.s
|
||||
.else
|
||||
SRCS+= rc4_enc.c
|
||||
.endif
|
||||
SRCS+= rc4_enc.c rc4_skey.c
|
||||
|
||||
# rc5
|
||||
SRCS+= rc5cfb64.c rc5_ecb.c rc5ofb64.c rc5_skey.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= rc5-586.s
|
||||
.else
|
||||
SRCS+= rc5_enc.c
|
||||
.endif
|
||||
SRCS+= rc5_ecb.c rc5_enc.c rc5_skey.c rc5cfb64.c rc5ofb64.c
|
||||
|
||||
# ripemd
|
||||
SRCS+= rmd_dgst.c rmd_one.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= rmd-586.s
|
||||
.endif
|
||||
|
||||
# rsa
|
||||
.if defined(WITH_RSA) && ${WITH_RSA} == YES
|
||||
SRCS+= rsa_chk.c rsa_eay.c rsa_err.c rsa_gen.c rsa_lib.c rsa_none.c \
|
||||
rsa_null.c rsa_oaep.c rsa_pk1.c rsa_saos.c rsa_sign.c rsa_ssl.c
|
||||
.endif
|
||||
SRCS+= rsa_asn1.c rsa_chk.c rsa_eay.c rsa_err.c rsa_gen.c rsa_lib.c \
|
||||
rsa_none.c rsa_null.c rsa_oaep.c rsa_pk1.c rsa_saos.c \
|
||||
rsa_sign.c rsa_ssl.c
|
||||
|
||||
# sha
|
||||
SRCS+= sha_dgst.c sha_one.c sha1_one.c sha1dgst.c
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
SRCS+= sha1-586.s
|
||||
.endif
|
||||
SRCS+= sha1_one.c sha1dgst.c sha_dgst.c sha_one.c
|
||||
|
||||
# stack
|
||||
SRCS+= stack.c
|
||||
|
||||
# threads
|
||||
SRCS+= th-lock.c
|
||||
|
||||
# txt_db
|
||||
SRCS+= txt_db.c
|
||||
|
||||
# ui
|
||||
SRCS+= ui_compat.c ui_err.c ui_lib.c ui_openssl.c ui_util.c
|
||||
|
||||
# x509
|
||||
SRCS+= by_dir.c by_file.c x509_att.c x509_cmp.c x509_d2.c x509_def.c \
|
||||
x509_err.c x509_ext.c x509_lu.c x509_obj.c x509_r2x.c \
|
||||
x509_req.c x509_set.c x509_trs.c x509_txt.c x509_v3.c \
|
||||
x509_vfy.c x509name.c x509rset.c x509spki.c x509type.c x_all.c
|
||||
SRCS+= by_dir.c by_file.c x509_att.c x509_cmp.c x509_d2.c \
|
||||
x509_def.c x509_err.c x509_ext.c x509_lu.c x509_obj.c \
|
||||
x509_r2x.c x509_req.c x509_set.c x509_trs.c x509_txt.c \
|
||||
x509_v3.c x509_vfy.c x509cset.c x509name.c x509rset.c \
|
||||
x509spki.c x509type.c x_all.c
|
||||
|
||||
# x509v3
|
||||
SRCS+= v3_akey.c v3_alt.c v3_bcons.c v3_bitst.c v3_conf.c v3_cpols.c \
|
||||
v3_crld.c v3_enum.c v3_extku.c v3_genn.c v3_ia5.c v3_info.c \
|
||||
v3_int.c v3_lib.c v3_pku.c v3_prn.c v3_purp.c v3_skey.c \
|
||||
v3_sxnet.c v3_utl.c v3err.c
|
||||
SRCS+= v3_akey.c v3_akeya.c v3_alt.c v3_bcons.c v3_bitst.c \
|
||||
v3_conf.c v3_cpols.c v3_crld.c v3_enum.c v3_extku.c \
|
||||
v3_genn.c v3_ia5.c v3_info.c v3_int.c v3_lib.c v3_ocsp.c \
|
||||
v3_pku.c v3_prn.c v3_purp.c v3_skey.c v3_sxnet.c v3_utl.c v3err.c
|
||||
|
||||
POD1+= apps/CA.pl.pod apps/asn1parse.pod apps/ca.pod \
|
||||
apps/ciphers.pod apps/crl.pod \
|
||||
apps/crl2pkcs7.pod apps/dgst.pod apps/dhparam.pod apps/dsa.pod \
|
||||
apps/dsaparam.pod apps/enc.pod apps/gendsa.pod apps/genrsa.pod \
|
||||
apps/nseq.pod apps/openssl.pod apps/passwd.pod apps/pkcs12.pod \
|
||||
apps/pkcs7.pod apps/pkcs8.pod apps/rand.pod apps/req.pod \
|
||||
apps/rsa.pod apps/rsautl.pod apps/s_client.pod \
|
||||
apps/s_server.pod apps/sess_id.pod apps/smime.pod \
|
||||
apps/speed.pod apps/spkac.pod apps/verify.pod apps/version.pod \
|
||||
apps/x509.pod
|
||||
|
||||
POD3+= crypto/BIO_ctrl.pod crypto/BIO_f_base64.pod \
|
||||
crypto/BIO_f_buffer.pod crypto/BIO_f_cipher.pod \
|
||||
crypto/BIO_f_md.pod crypto/BIO_f_null.pod crypto/BIO_f_ssl.pod \
|
||||
crypto/BIO_find_type.pod crypto/BIO_new.pod \
|
||||
crypto/BIO_new_bio_pair.pod crypto/BIO_push.pod \
|
||||
crypto/BIO_read.pod crypto/BIO_s_accept.pod \
|
||||
crypto/BIO_s_bio.pod crypto/BIO_s_connect.pod \
|
||||
crypto/BIO_s_fd.pod crypto/BIO_s_file.pod crypto/BIO_s_mem.pod \
|
||||
crypto/BIO_s_null.pod crypto/BIO_s_socket.pod \
|
||||
crypto/BIO_set_callback.pod crypto/BIO_should_retry.pod \
|
||||
crypto/BN_CTX_new.pod crypto/BN_CTX_start.pod \
|
||||
crypto/BN_add.pod crypto/BN_add_word.pod crypto/BN_bn2bin.pod \
|
||||
crypto/BN_cmp.pod crypto/BN_copy.pod \
|
||||
crypto/BN_generate_prime.pod crypto/BN_mod_inverse.pod \
|
||||
crypto/BN_mod_mul_montgomery.pod \
|
||||
crypto/BN_mod_mul_reciprocal.pod crypto/BN_new.pod \
|
||||
crypto/BN_num_bytes.pod crypto/BN_rand.pod \
|
||||
crypto/BN_set_bit.pod crypto/BN_zero.pod \
|
||||
crypto/CRYPTO_set_ex_data.pod crypto/DH_generate_key.pod \
|
||||
crypto/DH_generate_parameters.pod \
|
||||
crypto/DH_get_ex_new_index.pod crypto/DH_new.pod \
|
||||
crypto/DH_set_method.pod crypto/DH_size.pod \
|
||||
crypto/DSA_SIG_new.pod crypto/DSA_do_sign.pod \
|
||||
crypto/DSA_dup_DH.pod crypto/DSA_generate_key.pod \
|
||||
crypto/DSA_generate_parameters.pod \
|
||||
crypto/DSA_get_ex_new_index.pod crypto/DSA_new.pod \
|
||||
crypto/DSA_set_method.pod crypto/DSA_sign.pod \
|
||||
crypto/DSA_size.pod crypto/ERR_GET_LIB.pod \
|
||||
crypto/ERR_clear_error.pod crypto/ERR_error_string.pod \
|
||||
crypto/ERR_get_error.pod crypto/ERR_load_crypto_strings.pod \
|
||||
crypto/ERR_load_strings.pod crypto/ERR_print_errors.pod \
|
||||
crypto/ERR_put_error.pod crypto/ERR_remove_state.pod \
|
||||
crypto/EVP_DigestInit.pod crypto/EVP_EncryptInit.pod \
|
||||
crypto/EVP_OpenInit.pod crypto/EVP_SealInit.pod \
|
||||
crypto/EVP_SignInit.pod crypto/EVP_VerifyInit.pod \
|
||||
crypto/OPENSSL_VERSION_NUMBER.pod \
|
||||
crypto/OpenSSL_add_all_algorithms.pod crypto/RAND_add.pod \
|
||||
crypto/RAND_bytes.pod crypto/RAND_cleanup.pod \
|
||||
crypto/RAND_egd.pod crypto/RAND_load_file.pod \
|
||||
crypto/RAND_set_rand_method.pod crypto/RSA_blinding_on.pod \
|
||||
crypto/RSA_check_key.pod crypto/RSA_generate_key.pod \
|
||||
crypto/RSA_get_ex_new_index.pod crypto/RSA_new.pod \
|
||||
crypto/RSA_padding_add_PKCS1_type_1.pod crypto/RSA_print.pod \
|
||||
crypto/RSA_private_encrypt.pod crypto/RSA_public_encrypt.pod \
|
||||
crypto/RSA_set_method.pod crypto/RSA_sign.pod \
|
||||
crypto/RSA_sign_ASN1_OCTET_STRING.pod crypto/RSA_size.pod \
|
||||
crypto/bio.pod crypto/blowfish.pod crypto/bn.pod \
|
||||
crypto/bn_internal.pod crypto/buffer.pod crypto/crypto.pod \
|
||||
crypto/d2i_DHparams.pod crypto/d2i_RSAPublicKey.pod \
|
||||
crypto/des.pod crypto/des_modes.pod crypto/dh.pod \
|
||||
crypto/dsa.pod crypto/err.pod crypto/evp.pod crypto/hmac.pod \
|
||||
crypto/lh_stats.pod crypto/lhash.pod crypto/md5.pod \
|
||||
crypto/mdc2.pod crypto/rand.pod crypto/rc4.pod \
|
||||
crypto/ripemd.pod crypto/rsa.pod crypto/sha.pod \
|
||||
crypto/threads.pod
|
||||
|
||||
POD3+= ssl/SSL_CIPHER_get_name.pod \
|
||||
ssl/SSL_CTX_add_extra_chain_cert.pod \
|
||||
ssl/SSL_CTX_add_session.pod ssl/SSL_CTX_flush_sessions.pod \
|
||||
ssl/SSL_CTX_free.pod ssl/SSL_CTX_get_ex_new_index.pod \
|
||||
ssl/SSL_CTX_get_verify_mode.pod \
|
||||
ssl/SSL_CTX_load_verify_locations.pod ssl/SSL_CTX_new.pod \
|
||||
ssl/SSL_CTX_sess_set_cache_size.pod ssl/SSL_CTX_sess_set_get_cb.pod \
|
||||
ssl/SSL_CTX_sessions.pod ssl/SSL_CTX_set_cipher_list.pod \
|
||||
ssl/SSL_CTX_set_client_CA_list.pod \
|
||||
ssl/SSL_CTX_set_client_cert_cb.pod \
|
||||
ssl/SSL_CTX_set_default_passwd_cb.pod ssl/SSL_CTX_set_options.pod\
|
||||
ssl/SSL_CTX_set_session_cache_mode.pod \
|
||||
ssl/SSL_CTX_set_session_id_context.pod \
|
||||
ssl/SSL_CTX_set_ssl_version.pod \
|
||||
ssl/SSL_CTX_set_timeout.pod ssl/SSL_CTX_set_verify.pod \
|
||||
ssl/SSL_CTX_use_certificate.pod ssl/SSL_SESSION_free.pod \
|
||||
ssl/SSL_SESSION_get_ex_new_index.pod \
|
||||
ssl/SSL_SESSION_get_time.pod \
|
||||
ssl/SSL_accept.pod ssl/SSL_clear.pod ssl/SSL_connect.pod \
|
||||
ssl/SSL_do_handshake.pod \
|
||||
ssl/SSL_free.pod ssl/SSL_get_ciphers.pod \
|
||||
ssl/SSL_get_client_CA_list.pod ssl/SSL_get_current_cipher.pod \
|
||||
ssl/SSL_get_error.pod ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod \
|
||||
ssl/SSL_get_ex_new_index.pod ssl/SSL_get_fd.pod \
|
||||
ssl/SSL_get_peer_cert_chain.pod ssl/SSL_get_peer_certificate.pod \
|
||||
ssl/SSL_get_rbio.pod ssl/SSL_get_session.pod \
|
||||
ssl/SSL_get_verify_result.pod ssl/SSL_library_init.pod \
|
||||
ssl/SSL_load_client_CA_file.pod ssl/SSL_new.pod ssl/SSL_pending.pod \
|
||||
ssl/SSL_read.pod ssl/SSL_set_bio.pod ssl/SSL_set_fd.pod \
|
||||
ssl/SSL_set_session.pod ssl/SSL_set_verify_result.pod \
|
||||
ssl/SSL_shutdown.pod ssl/SSL_write.pod ssl/d2i_SSL_SESSION.pod \
|
||||
ssl/ssl.pod ssl/SSL_CTX_sess_number.pod ssl/SSL_CTX_set_mode.pod \
|
||||
ssl/SSL_get_version.pod ssl/SSL_set_connect_state.pod \
|
||||
ssl/SSL_set_shutdown.pod ssl/SSL_alert_type_string.pod \
|
||||
ssl/SSL_COMP_add_compression_method.pod ssl/SSL_CTX_ctrl.pod \
|
||||
ssl/SSL_CTX_set_cert_store.pod \
|
||||
ssl/SSL_CTX_set_cert_verify_callback.pod \
|
||||
ssl/SSL_CTX_set_info_callback.pod ssl/SSL_CTX_set_quiet_shutdown.pod \
|
||||
ssl/SSL_CTX_set_tmp_dh_callback.pod \
|
||||
ssl/SSL_CTX_set_tmp_rsa_callback.pod ssl/SSL_get_default_timeout.pod \
|
||||
ssl/SSL_get_SSL_CTX.pod ssl/SSL_rstate_string.pod \
|
||||
ssl/SSL_session_reused.pod ssl/SSL_state_string.pod \
|
||||
ssl/SSL_want.pod
|
||||
|
||||
POD5+= apps/config.pod
|
||||
|
||||
.if defined(WANT_OPENSSL_MANPAGES)
|
||||
.for section in 1 3 5
|
||||
.for pod in ${POD${section}}
|
||||
.for target in ${pod:T:S/.pod/.${section}/g}
|
||||
MAN+= ${target}
|
||||
.endfor
|
||||
.endfor
|
||||
.endfor
|
||||
.endif
|
||||
|
||||
MAN+= des_crypt.3
|
||||
|
||||
MLINKS= des_crypt.3 des_read_password.3 \
|
||||
des_crypt.3 des_read_2password.3 des_crypt.3 des_string_to_key.3 \
|
||||
des_crypt.3 des_string_to_2key.3 des_crypt.3 des_read_pw_string.3 \
|
||||
des_crypt.3 des_random_key.3 des_crypt.3 des_set_key.3 \
|
||||
des_crypt.3 des_key_sched.3 des_crypt.3 des_ecb_encrypt.3 \
|
||||
des_crypt.3 des_3ecb_encrypt.3 des_crypt.3 des_cbc_encrypt.3 \
|
||||
des_crypt.3 des_3cbc_encrypt.3 des_crypt.3 des_pcbc_encrypt.3 \
|
||||
des_crypt.3 des_cfb_encrypt.3 des_crypt.3 des_ofb_encrypt.3 \
|
||||
des_crypt.3 des_cbc_cksum.3 des_crypt.3 des_quad_cksum.3 \
|
||||
des_crypt.3 des_enc_read.3 des_crypt.3 des_enc_write.3 \
|
||||
des_crypt.3 des_set_odd_parity.3 des_crypt.3 des_is_weak_key.3
|
||||
MAN3= ASN1_OBJECT_new.3 ASN1_STRING_length.3 ASN1_STRING_new.3 \
|
||||
ASN1_STRING_print_ex.3 BIO_ctrl.3 BIO_f_base64.3 BIO_f_buffer.3 \
|
||||
BIO_f_cipher.3 BIO_f_md.3 BIO_f_null.3 BIO_f_ssl.3 BIO_find_type.3 \
|
||||
BIO_new.3 BIO_push.3 BIO_read.3 BIO_s_accept.3 BIO_s_bio.3 \
|
||||
BIO_s_connect.3 BIO_s_fd.3 BIO_s_file.3 BIO_s_mem.3 BIO_s_null.3 \
|
||||
BIO_s_socket.3 BIO_set_callback.3 BIO_should_retry.3 BN_CTX_new.3 \
|
||||
BN_CTX_start.3 BN_add.3 BN_add_word.3 BN_bn2bin.3 BN_cmp.3 \
|
||||
BN_copy.3 BN_generate_prime.3 BN_mod_inverse.3 BN_mod_mul_montgomery.3 \
|
||||
BN_mod_mul_reciprocal.3 BN_new.3 BN_num_bytes.3 BN_rand.3 \
|
||||
BN_set_bit.3 BN_swap.3 BN_zero.3 CRYPTO_set_ex_data.3 \
|
||||
DH_generate_key.3 DH_generate_parameters.3 DH_get_ex_new_index.3 \
|
||||
DH_new.3 DH_set_method.3 DH_size.3 DSA_SIG_new.3 DSA_do_sign.3 \
|
||||
DSA_dup_DH.3 DSA_generate_key.3 DSA_generate_parameters.3 \
|
||||
DSA_get_ex_new_index.3 DSA_new.3 DSA_set_method.3 DSA_sign.3 \
|
||||
DSA_size.3 ERR_GET_LIB.3 ERR_clear_error.3 ERR_error_string.3 \
|
||||
ERR_get_error.3 ERR_load_crypto_strings.3 ERR_load_strings.3 \
|
||||
ERR_print_errors.3 ERR_put_error.3 ERR_remove_state.3 \
|
||||
EVP_BytesToKey.3 EVP_DigestInit.3 EVP_EncryptInit.3 EVP_OpenInit.3 \
|
||||
EVP_PKEY_new.3 EVP_PKEY_set1_RSA.3 EVP_SealInit.3 EVP_SignInit.3 \
|
||||
EVP_VerifyInit.3 OBJ_nid2obj.3 OPENSSL_VERSION_NUMBER.3 \
|
||||
OpenSSL_add_all_algorithms.3 PKCS12_create.3 PKCS12_parse.3 \
|
||||
PKCS7_decrypt.3 PKCS7_encrypt.3 PKCS7_sign.3 PKCS7_verify.3 \
|
||||
RAND_add.3 RAND_bytes.3 RAND_cleanup.3 RAND_egd.3 RAND_load_file.3 \
|
||||
RAND_set_rand_method.3 RSA_blinding_on.3 RSA_check_key.3 \
|
||||
RSA_generate_key.3 RSA_get_ex_new_index.3 RSA_new.3 \
|
||||
RSA_padding_add_PKCS1_type_1.3 RSA_print.3 RSA_private_encrypt.3 \
|
||||
RSA_public_encrypt.3 RSA_set_method.3 RSA_sign.3 \
|
||||
RSA_sign_ASN1_OCTET_STRING.3 RSA_size.3 SMIME_read_PKCS7.3 \
|
||||
SMIME_write_PKCS7.3 X509_NAME_ENTRY_get_object.3 \
|
||||
X509_NAME_add_entry_by_txt.3 X509_NAME_get_index_by_NID.3 \
|
||||
X509_NAME_print_ex.3 X509_new.3 bio.3 blowfish.3 bn.3 bn_internal.3 \
|
||||
buffer.3 crypto.3 d2i_ASN1_OBJECT.3 d2i_DHparams.3 d2i_DSAPublicKey.3 \
|
||||
d2i_PKCS8PrivateKey.3 d2i_RSAPublicKey.3 d2i_X509.3 d2i_X509_ALGOR.3 \
|
||||
d2i_X509_CRL.3 d2i_X509_NAME.3 d2i_X509_REQ.3 d2i_X509_SIG.3 \
|
||||
des.3 des_modes.3 dh.3 dsa.3 engine.3 err.3 evp.3 hmac.3 \
|
||||
lh_stats.3 lhash.3 md5.3 mdc2.3 pem.3 rand.3 rc4.3 ripemd.3 \
|
||||
rsa.3 sha.3 threads.3 ui.3 ui_compat.3
|
||||
|
||||
INCS= ${HDRS} openssl/evp.h openssl/opensslconf.h
|
||||
INCSDIR= ${INCLUDEDIR}/openssl
|
||||
INCSLINKS= openssl/des.h ${INCLUDEDIR}/des.h
|
||||
|
||||
afterinstall:
|
||||
.if !defined(NOPIC)
|
||||
SYMLINKS+= lib${LIB}.so.${SHLIB_MAJOR} ${LIBDIR}/libdes.so.3
|
||||
SYMLINKS+= lib${LIB}.so.${SHLIB_MAJOR} ${LIBDIR}/libdes.so
|
||||
.endif
|
||||
SYMLINKS+= lib${LIB}.a ${LIBDIR}/libdes.a
|
||||
.if !defined(NOPROFILE)
|
||||
SYMLINKS+= lib${LIB}_p.a ${LIBDIR}/libdes_p.a
|
||||
.endif
|
||||
|
||||
.include <bsd.lib.mk>
|
||||
|
||||
.if defined(MAKE_IDEA) && ${MAKE_IDEA} == YES
|
||||
_ideapath= ${LCRYPTO_SRC}/crypto/idea
|
||||
.endif
|
||||
|
||||
.PATH: \
|
||||
${LCRYPTO_SRC}/crypto \
|
||||
${LCRYPTO_SRC}/crypto/aes \
|
||||
${LCRYPTO_SRC}/crypto/asn1 \
|
||||
${LCRYPTO_SRC}/crypto/bf \
|
||||
${LCRYPTO_SRC}/crypto/bio \
|
||||
${LCRYPTO_SRC}/crypto/bn \
|
||||
${LCRYPTO_SRC}/crypto/buffer \
|
||||
${LCRYPTO_SRC}/crypto/cast \
|
||||
${LCRYPTO_SRC}/crypto/comp \
|
||||
${LCRYPTO_SRC}/crypto/conf \
|
||||
${LCRYPTO_SRC}/crypto/des \
|
||||
${LCRYPTO_SRC}/crypto/dh \
|
||||
${LCRYPTO_SRC}/crypto/dsa \
|
||||
${LCRYPTO_SRC}/crypto/dso \
|
||||
${LCRYPTO_SRC}/crypto/ec \
|
||||
${LCRYPTO_SRC}/crypto/engine \
|
||||
${LCRYPTO_SRC}/crypto/err \
|
||||
${LCRYPTO_SRC}/crypto/evp \
|
||||
${LCRYPTO_SRC}/crypto/hmac \
|
||||
${_ideapath} \
|
||||
${LCRYPTO_SRC}/crypto/krb5 \
|
||||
${LCRYPTO_SRC}/crypto/lhash \
|
||||
${LCRYPTO_SRC}/crypto/md2 \
|
||||
${LCRYPTO_SRC}/crypto/md4 \
|
||||
${LCRYPTO_SRC}/crypto/md5 \
|
||||
${LCRYPTO_SRC}/crypto/mdc2 \
|
||||
${LCRYPTO_SRC}/crypto/objects \
|
||||
${LCRYPTO_SRC}/crypto/ocsp \
|
||||
${LCRYPTO_SRC}/crypto/pem \
|
||||
${LCRYPTO_SRC}/crypto/pkcs12 \
|
||||
${LCRYPTO_SRC}/crypto/pkcs7 \
|
||||
${LCRYPTO_SRC}/crypto/rand \
|
||||
${LCRYPTO_SRC}/crypto/rc2 \
|
||||
${LCRYPTO_SRC}/crypto/rc4 \
|
||||
${LCRYPTO_SRC}/crypto/rc5 \
|
||||
${LCRYPTO_SRC}/crypto/ripemd \
|
||||
${LCRYPTO_SRC}/crypto/rsa \
|
||||
${LCRYPTO_SRC}/crypto/sha \
|
||||
${LCRYPTO_SRC}/crypto/stack \
|
||||
${LCRYPTO_SRC}/crypto/threads \
|
||||
${LCRYPTO_SRC}/crypto/txt_db \
|
||||
${LCRYPTO_SRC}/crypto/ui \
|
||||
${LCRYPTO_SRC}/crypto/x509 \
|
||||
${LCRYPTO_SRC}/crypto/x509v3 \
|
||||
${LCRYPTO_SRC} \
|
||||
${.CURDIR}/man
|
||||
|
||||
@@ -1,33 +1,71 @@
|
||||
# $FreeBSD$
|
||||
|
||||
LCRYPTO_SRC= ${.CURDIR}/../../../crypto/openssl/crypto
|
||||
CFLAGS+= -DTERMIOS -DANSI_SOURCE -I${LCRYPTO_SRC} -I${.OBJDIR}
|
||||
LCRYPTO_SRC= ${.CURDIR}/../../../crypto/openssl
|
||||
LCRYPTO_DOC= ${.CURDIR}/../../../crypto/openssl/doc
|
||||
|
||||
CFLAGS+= -DTERMIOS -DANSI_SOURCE -DOPENSSL_NO_KRB5
|
||||
CFLAGS+= -I${LCRYPTO_SRC} -I${LCRYPTO_SRC}/crypto -I${.OBJDIR}
|
||||
|
||||
.if !defined(MAKE_IDEA) || ${MAKE_IDEA} != YES
|
||||
CFLAGS+= -DNO_IDEA
|
||||
CFLAGS+= -DNO_IDEA
|
||||
.else
|
||||
_idea_h= idea/idea.h
|
||||
.endif
|
||||
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
CFLAGS+= -DL_ENDIAN -DSHA1_ASM -DBN_ASM -DMD5_ASM -DRMD160_ASM
|
||||
CFLAGS+= -DL_ENDIAN
|
||||
.elif ${MACHINE_ARCH} == "alpha"
|
||||
# no ENDIAN stuff defined for alpha (64-bit)
|
||||
.endif
|
||||
|
||||
WITH_RSA?= YES
|
||||
|
||||
HDRS+= asn1/asn1.h asn1/asn1_mac.h bio/bio.h bf/blowfish.h bn/bn.h \
|
||||
buffer/buffer.h cast/cast.h comp/comp.h conf/conf.h crypto.h \
|
||||
des/des.h dh/dh.h dsa/dsa.h ../e_os.h ../e_os2.h ebcdic.h \
|
||||
err/err.h hmac/hmac.h lhash/lhash.h md2/md2.h \
|
||||
md5/md5.h mdc2/mdc2.h objects/objects.h opensslv.h pem/pem.h \
|
||||
pem/pem2.h pkcs12/pkcs12.h pkcs7/pkcs7.h rand/rand.h rc2/rc2.h \
|
||||
rc4/rc4.h rc5/rc5.h ripemd/ripemd.h rsa/rsa.h stack/safestack.h \
|
||||
sha/sha.h stack/stack.h tmdiff.h txt_db/txt_db.h x509/x509.h \
|
||||
x509/x509_vfy.h x509v3/x509v3.h symhacks.h objects/obj_mac.h \
|
||||
md4/md4.h dso/dso.h conf/conf_api.h
|
||||
|
||||
.if defined(MAKE_IDEA) && ${MAKE_IDEA} == YES
|
||||
HDRS+= idea/idea.h
|
||||
.endif
|
||||
HDRS+= \
|
||||
../e_os.h ../e_os2.h \
|
||||
crypto.h \
|
||||
ebcdic.h \
|
||||
opensslv.h \
|
||||
ossl_typ.h \
|
||||
symhacks.h \
|
||||
tmdiff.h \
|
||||
aes/aes.h aes/aes_locl.h \
|
||||
asn1/asn1.h asn1/asn1_mac.h asn1/asn1t.h \
|
||||
bio/bio.h \
|
||||
bf/blowfish.h \
|
||||
bn/bn.h \
|
||||
buffer/buffer.h \
|
||||
cast/cast.h \
|
||||
comp/comp.h \
|
||||
conf/conf.h conf/conf_api.h \
|
||||
des/des.h des/des_old.h \
|
||||
dh/dh.h \
|
||||
dsa/dsa.h \
|
||||
dso/dso.h \
|
||||
ec/ec.h \
|
||||
engine/eng_int.h engine/engine.h engine/hw_4758_cca_err.h \
|
||||
engine/hw_aep_err.h engine/hw_atalla_err.h engine/hw_cswift_err.h \
|
||||
engine/hw_ncipher_err.h engine/hw_nuron_err.h engine/hw_sureware_err.h \
|
||||
engine/hw_ubsec_err.h \
|
||||
err/err.h \
|
||||
hmac/hmac.h \
|
||||
${_idea_h} \
|
||||
krb5/krb5_asn.h \
|
||||
lhash/lhash.h \
|
||||
md2/md2.h \
|
||||
md4/md4.h \
|
||||
md5/md5.h \
|
||||
mdc2/mdc2.h \
|
||||
ocsp/ocsp.h \
|
||||
objects/objects.h objects/obj_mac.h \
|
||||
pem/pem.h pem/pem2.h \
|
||||
pkcs12/pkcs12.h pkcs7/pkcs7.h \
|
||||
rand/rand.h \
|
||||
rc2/rc2.h rc4/rc4.h rc5/rc5.h \
|
||||
ripemd/ripemd.h \
|
||||
rsa/rsa.h \
|
||||
stack/stack.h stack/safestack.h \
|
||||
sha/sha.h \
|
||||
txt_db/txt_db.h \
|
||||
ui/ui.h ui/ui_compat.h ui/ui_locl.h \
|
||||
x509/x509.h x509/x509_vfy.h x509v3/x509v3.h
|
||||
|
||||
SRCS+= buildinf.h openssl/opensslconf.h openssl/evp.h
|
||||
CLEANFILES+= buildinf.h openssl/opensslconf.h openssl/evp.h
|
||||
@@ -41,11 +79,11 @@ buildinf.h:
|
||||
echo " #define DATE \"`LC_ALL=C date`\""; \
|
||||
echo "#endif" ) > ${.TARGET}
|
||||
|
||||
openssl/opensslconf.h: ../libcrypto/opensslconf-${MACHINE_ARCH}.h
|
||||
openssl/opensslconf.h: ../../lib/libcrypto/opensslconf-${MACHINE_ARCH}.h
|
||||
mkdir -p openssl
|
||||
cp ${.OODATE} ${.TARGET}
|
||||
|
||||
openssl/evp.h: ${LCRYPTO_SRC}/evp/evp.h
|
||||
openssl/evp.h: ${LCRYPTO_SRC}/crypto/evp/evp.h
|
||||
mkdir -p openssl
|
||||
.if !defined(MAKE_IDEA) || ${MAKE_IDEA} != YES
|
||||
sed '/^#ifndef NO_IDEA$$/,/^#endif$$/d' ${.OODATE} > ${.TARGET}
|
||||
@@ -54,8 +92,17 @@ openssl/evp.h: ${LCRYPTO_SRC}/evp/evp.h
|
||||
.endif
|
||||
|
||||
SRCS+= ${HDRS:T:S;^;openssl/;}
|
||||
.for h in ${HDRS:S/^/${LCRYPTO_SRC}\//}
|
||||
.for h in ${HDRS:S/^/${LCRYPTO_SRC}\/crypto\//}
|
||||
openssl/${h:T}: ${h}
|
||||
mkdir -p openssl
|
||||
${INSTALL} -C -m 444 ${h} openssl
|
||||
.endfor
|
||||
|
||||
man-update:
|
||||
for i in `( cd ${LCRYPTO_DOC}/${LIB}${PROG} ; ls *.pod )` ; do \
|
||||
cp ${LCRYPTO_DOC}/${LIB}/$$i . ;\
|
||||
pod2man --section=3 --release="0.9.7" --center="OpenSSL" \
|
||||
$$i > ${.CURDIR}/man/$${i%%.pod}.3 ;\
|
||||
rm $$i ;\
|
||||
echo $${i%%.pod} ;\
|
||||
done
|
||||
|
||||
@@ -1,509 +0,0 @@
|
||||
.\" $FreeBSD$
|
||||
.TH DES_CRYPT 3
|
||||
.SH NAME
|
||||
des_read_password, des_read_2password,
|
||||
des_string_to_key, des_string_to_2key, des_read_pw_string,
|
||||
des_random_key, des_set_key,
|
||||
des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
|
||||
des_3cbc_encrypt,
|
||||
des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
|
||||
des_cbc_cksum, des_quad_cksum,
|
||||
des_enc_read, des_enc_write, des_set_odd_parity,
|
||||
des_is_weak_key, crypt \- (non USA) DES encryption
|
||||
.SH SYNOPSIS
|
||||
.nf
|
||||
.nj
|
||||
.ft B
|
||||
#include <openssl/des.h>
|
||||
.PP
|
||||
.B int des_read_password(key,prompt,verify)
|
||||
des_cblock *key;
|
||||
char *prompt;
|
||||
int verify;
|
||||
.PP
|
||||
.B int des_read_2password(key1,key2,prompt,verify)
|
||||
des_cblock *key1,*key2;
|
||||
char *prompt;
|
||||
int verify;
|
||||
.PP
|
||||
.B int des_string_to_key(str,key)
|
||||
char *str;
|
||||
des_cblock *key;
|
||||
.PP
|
||||
.B int des_string_to_2keys(str,key1,key2)
|
||||
char *str;
|
||||
des_cblock *key1,*key2;
|
||||
.PP
|
||||
.B int des_read_pw_string(buf,length,prompt,verify)
|
||||
char *buf;
|
||||
int length;
|
||||
char *prompt;
|
||||
int verify;
|
||||
.PP
|
||||
.B int des_random_key(key)
|
||||
des_cblock *key;
|
||||
.PP
|
||||
.B int des_set_key(key,schedule)
|
||||
des_cblock *key;
|
||||
des_key_schedule schedule;
|
||||
.PP
|
||||
.B int des_key_sched(key,schedule)
|
||||
des_cblock *key;
|
||||
des_key_schedule schedule;
|
||||
.PP
|
||||
.B int des_ecb_encrypt(input,output,schedule,encrypt)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
des_key_schedule schedule;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
des_key_schedule ks1,ks2;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
long length;
|
||||
des_key_schedule schedule;
|
||||
des_cblock *ivec;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
long length;
|
||||
des_key_schedule sk1;
|
||||
des_key_schedule sk2;
|
||||
des_cblock *ivec1;
|
||||
des_cblock *ivec2;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
long length;
|
||||
des_key_schedule schedule;
|
||||
des_cblock *ivec;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
|
||||
unsigned char *input;
|
||||
unsigned char *output;
|
||||
int numbits;
|
||||
long length;
|
||||
des_key_schedule schedule;
|
||||
des_cblock *ivec;
|
||||
int encrypt;
|
||||
.PP
|
||||
.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
|
||||
unsigned char *input,*output;
|
||||
int numbits;
|
||||
long length;
|
||||
des_key_schedule schedule;
|
||||
des_cblock *ivec;
|
||||
.PP
|
||||
.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
long length;
|
||||
des_key_schedule schedule;
|
||||
des_cblock *ivec;
|
||||
.PP
|
||||
.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
|
||||
des_cblock *input;
|
||||
des_cblock *output;
|
||||
long length;
|
||||
int out_count;
|
||||
des_cblock *seed;
|
||||
.PP
|
||||
.B int des_check_key;
|
||||
.PP
|
||||
.B int des_enc_read(fd,buf,len,sched,iv)
|
||||
int fd;
|
||||
char *buf;
|
||||
int len;
|
||||
des_key_schedule sched;
|
||||
des_cblock *iv;
|
||||
.PP
|
||||
.B int des_enc_write(fd,buf,len,sched,iv)
|
||||
int fd;
|
||||
char *buf;
|
||||
int len;
|
||||
des_key_schedule sched;
|
||||
des_cblock *iv;
|
||||
.PP
|
||||
.B extern int des_rw_mode;
|
||||
.PP
|
||||
.B void des_set_odd_parity(key)
|
||||
des_cblock *key;
|
||||
.PP
|
||||
.B int des_is_weak_key(key)
|
||||
des_cblock *key;
|
||||
.PP
|
||||
.B char *crypt(passwd,salt)
|
||||
char *passwd;
|
||||
char *salt;
|
||||
.PP
|
||||
.fi
|
||||
.SH DESCRIPTION
|
||||
This library contains a fast implementation of the DES encryption
|
||||
algorithm.
|
||||
.PP
|
||||
There are two phases to the use of DES encryption.
|
||||
The first is the generation of a
|
||||
.I des_key_schedule
|
||||
from a key,
|
||||
the second is the actual encryption.
|
||||
A des key is of type
|
||||
.I des_cblock.
|
||||
This type is made from 8 characters with odd parity.
|
||||
The least significant bit in the character is the parity bit.
|
||||
The key schedule is an expanded form of the key; it is used to speed the
|
||||
encryption process.
|
||||
.PP
|
||||
.I des_read_password
|
||||
writes the string specified by prompt to the standard output,
|
||||
turns off echo and reads an input string from standard input
|
||||
until terminated with a newline.
|
||||
If verify is non-zero, it prompts and reads the input again and verifies
|
||||
that both entered passwords are the same.
|
||||
The entered string is converted into a des key by using the
|
||||
.I des_string_to_key
|
||||
routine.
|
||||
The new key is placed in the
|
||||
.I des_cblock
|
||||
that was passed (by reference) to the routine.
|
||||
If there were no errors,
|
||||
.I des_read_password
|
||||
returns 0,
|
||||
-1 is returned if there was a terminal error and 1 is returned for
|
||||
any other error.
|
||||
.PP
|
||||
.I des_read_2password
|
||||
operates in the same way as
|
||||
.I des_read_password
|
||||
except that it generates 2 keys by using the
|
||||
.I des_string_to_2key
|
||||
function.
|
||||
.PP
|
||||
.I des_read_pw_string
|
||||
is called by
|
||||
.I des_read_password
|
||||
to read and verify a string from a terminal device.
|
||||
The string is returned in
|
||||
.I buf.
|
||||
The size of
|
||||
.I buf
|
||||
is passed to the routine via the
|
||||
.I length
|
||||
parameter.
|
||||
.PP
|
||||
.I des_string_to_key
|
||||
converts a string into a valid des key.
|
||||
.PP
|
||||
.I des_string_to_2key
|
||||
converts a string into 2 valid des keys.
|
||||
This routine is best suited for used to generate keys for use with
|
||||
.I des_ecb3_encrypt.
|
||||
.PP
|
||||
.I des_random_key
|
||||
returns a random key that is made of a combination of process id,
|
||||
time and an increasing counter.
|
||||
.PP
|
||||
Before a des key can be used it is converted into a
|
||||
.I des_key_schedule
|
||||
via the
|
||||
.I des_set_key
|
||||
routine.
|
||||
If the
|
||||
.I des_check_key
|
||||
flag is non-zero,
|
||||
.I des_set_key
|
||||
will check that the key passed is of odd parity and is not a week or
|
||||
semi-weak key.
|
||||
If the parity is wrong,
|
||||
then -1 is returned.
|
||||
If the key is a weak key,
|
||||
then -2 is returned.
|
||||
If an error is returned,
|
||||
the key schedule is not generated.
|
||||
.PP
|
||||
.I des_key_sched
|
||||
is another name for the
|
||||
.I des_set_key
|
||||
function.
|
||||
.PP
|
||||
The following routines mostly operate on an input and output stream of
|
||||
.I des_cblock's.
|
||||
.PP
|
||||
.I des_ecb_encrypt
|
||||
is the basic DES encryption routine that encrypts or decrypts a single 8-byte
|
||||
.I des_cblock
|
||||
in
|
||||
.I electronic code book
|
||||
mode.
|
||||
It always transforms the input data, pointed to by
|
||||
.I input,
|
||||
into the output data,
|
||||
pointed to by the
|
||||
.I output
|
||||
argument.
|
||||
If the
|
||||
.I encrypt
|
||||
argument is non-zero (DES_ENCRYPT),
|
||||
the
|
||||
.I input
|
||||
(cleartext) is encrypted in to the
|
||||
.I output
|
||||
(ciphertext) using the key_schedule specified by the
|
||||
.I schedule
|
||||
argument,
|
||||
previously set via
|
||||
.I des_set_key.
|
||||
If
|
||||
.I encrypt
|
||||
is zero (DES_DECRYPT),
|
||||
the
|
||||
.I input
|
||||
(now ciphertext)
|
||||
is decrypted into the
|
||||
.I output
|
||||
(now cleartext).
|
||||
Input and output may overlap.
|
||||
No meaningful value is returned.
|
||||
.PP
|
||||
.I des_ecb3_encrypt
|
||||
encrypts/decrypts the
|
||||
.I input
|
||||
block by using triple ecb DES encryption.
|
||||
This involves encrypting the input with
|
||||
.I ks1,
|
||||
decryption with the key schedule
|
||||
.I ks2,
|
||||
and then encryption with the first again.
|
||||
This routine greatly reduces the chances of brute force breaking of
|
||||
DES and has the advantage of if
|
||||
.I ks1
|
||||
and
|
||||
.I ks2
|
||||
are the same, it is equivalent to just encryption using ecb mode and
|
||||
.I ks1
|
||||
as the key.
|
||||
.PP
|
||||
.I des_cbc_encrypt
|
||||
encrypts/decrypts using the
|
||||
.I cipher-block-chaining
|
||||
mode of DES.
|
||||
If the
|
||||
.I encrypt
|
||||
argument is non-zero,
|
||||
the routine cipher-block-chain encrypts the cleartext data pointed to by the
|
||||
.I input
|
||||
argument into the ciphertext pointed to by the
|
||||
.I output
|
||||
argument,
|
||||
using the key schedule provided by the
|
||||
.I schedule
|
||||
argument,
|
||||
and initialisation vector provided by the
|
||||
.I ivec
|
||||
argument.
|
||||
If the
|
||||
.I length
|
||||
argument is not an integral multiple of eight bytes,
|
||||
the last block is copied to a temporary area and zero filled.
|
||||
The output is always
|
||||
an integral multiple of eight bytes.
|
||||
To make multiple cbc encrypt calls on a large amount of data appear to
|
||||
be one
|
||||
.I des_cbc_encrypt
|
||||
call, the
|
||||
.I ivec
|
||||
of subsequent calls should be the last 8 bytes of the output.
|
||||
.PP
|
||||
.I des_3cbc_encrypt
|
||||
encrypts/decrypts the
|
||||
.I input
|
||||
block by using triple cbc DES encryption.
|
||||
This involves encrypting the input with key schedule
|
||||
.I ks1,
|
||||
decryption with the key schedule
|
||||
.I ks2,
|
||||
and then encryption with the first again.
|
||||
2 initialisation vectors are required,
|
||||
.I ivec1
|
||||
and
|
||||
.I ivec2.
|
||||
Unlike
|
||||
.I des_cbc_encrypt,
|
||||
these initialisation vectors are modified by the subroutine.
|
||||
This routine greatly reduces the chances of brute force breaking of
|
||||
DES and has the advantage of if
|
||||
.I ks1
|
||||
and
|
||||
.I ks2
|
||||
are the same, it is equivalent to just encryption using cbc mode and
|
||||
.I ks1
|
||||
as the key.
|
||||
.PP
|
||||
.I des_pcbc_encrypt
|
||||
encrypt/decrypts using a modified block chaining mode.
|
||||
It provides better error propagation characteristics than cbc
|
||||
encryption.
|
||||
.PP
|
||||
.I des_cfb_encrypt
|
||||
encrypt/decrypts using cipher feedback mode. This method takes an
|
||||
array of characters as input and outputs and array of characters. It
|
||||
does not require any padding to 8 character groups. Note: the ivec
|
||||
variable is changed and the new changed value needs to be passed to
|
||||
the next call to this function. Since this function runs a complete
|
||||
DES ecb encryption per numbits, this function is only suggested for
|
||||
use when sending small numbers of characters.
|
||||
.PP
|
||||
.I des_ofb_encrypt
|
||||
encrypt using output feedback mode. This method takes an
|
||||
array of characters as input and outputs and array of characters. It
|
||||
does not require any padding to 8 character groups. Note: the ivec
|
||||
variable is changed and the new changed value needs to be passed to
|
||||
the next call to this function. Since this function runs a complete
|
||||
DES ecb encryption per numbits, this function is only suggested for
|
||||
use when sending small numbers of characters.
|
||||
.PP
|
||||
.I des_cbc_cksum
|
||||
produces an 8 byte checksum based on the input stream (via cbc encryption).
|
||||
The last 4 bytes of the checksum is returned and the complete 8 bytes is
|
||||
placed in
|
||||
.I output.
|
||||
.PP
|
||||
.I des_quad_cksum
|
||||
returns a 4 byte checksum from the input bytes.
|
||||
The algorithm can be iterated over the input,
|
||||
depending on
|
||||
.I out_count,
|
||||
1, 2, 3 or 4 times.
|
||||
If
|
||||
.I output
|
||||
is non-NULL,
|
||||
the 8 bytes generated by each pass are written into
|
||||
.I output.
|
||||
.PP
|
||||
.I des_enc_write
|
||||
is used to write
|
||||
.I len
|
||||
bytes
|
||||
to file descriptor
|
||||
.I fd
|
||||
from buffer
|
||||
.I buf.
|
||||
The data is encrypted via
|
||||
.I pcbc_encrypt
|
||||
(default) using
|
||||
.I sched
|
||||
for the key and
|
||||
.I iv
|
||||
as a starting vector.
|
||||
The actual data send down
|
||||
.I fd
|
||||
consists of 4 bytes (in network byte order) containing the length of the
|
||||
following encrypted data. The encrypted data then follows, padded with random
|
||||
data out to a multiple of 8 bytes.
|
||||
.PP
|
||||
.I des_enc_read
|
||||
is used to read
|
||||
.I len
|
||||
bytes
|
||||
from file descriptor
|
||||
.I fd
|
||||
into buffer
|
||||
.I buf.
|
||||
The data being read from
|
||||
.I fd
|
||||
is assumed to have come from
|
||||
.I des_enc_write
|
||||
and is decrypted using
|
||||
.I sched
|
||||
for the key schedule and
|
||||
.I iv
|
||||
for the initial vector.
|
||||
The
|
||||
.I des_enc_read/des_enc_write
|
||||
pair can be used to read/write to files, pipes and sockets.
|
||||
I have used them in implementing a version of rlogin in which all
|
||||
data is encrypted.
|
||||
.PP
|
||||
.I des_rw_mode
|
||||
is used to specify the encryption mode to use with
|
||||
.I des_enc_read
|
||||
and
|
||||
.I des_end_write.
|
||||
If set to
|
||||
.I DES_PCBC_MODE
|
||||
(the default), des_pcbc_encrypt is used.
|
||||
If set to
|
||||
.I DES_CBC_MODE
|
||||
des_cbc_encrypt is used.
|
||||
These two routines and the variable are not part of the normal MIT library.
|
||||
.PP
|
||||
.I des_set_odd_parity
|
||||
sets the parity of the passed
|
||||
.I key
|
||||
to odd. This routine is not part of the standard MIT library.
|
||||
.PP
|
||||
.I des_is_weak_key
|
||||
returns 1 is the passed key is a weak key (pick again :-),
|
||||
0 if it is ok.
|
||||
This routine is not part of the standard MIT library.
|
||||
.PP
|
||||
.I crypt
|
||||
is a replacement for the normal system crypt.
|
||||
It is much faster than the system crypt.
|
||||
.PP
|
||||
.SH FILES
|
||||
/usr/include/openssl/des.h
|
||||
.br
|
||||
/usr/lib/libcrypto.a
|
||||
.PP
|
||||
The encryption routines have been tested on 16bit, 32bit and 64bit
|
||||
machines of various endian and even works under VMS.
|
||||
.PP
|
||||
.SH BUGS
|
||||
.PP
|
||||
If you think this manual is sparse,
|
||||
read the des_crypt(3) manual from the MIT kerberos (or bones outside
|
||||
of the USA) distribution.
|
||||
.PP
|
||||
.I des_cfb_encrypt
|
||||
and
|
||||
.I des_ofb_encrypt
|
||||
operates on input of 8 bits. What this means is that if you set
|
||||
numbits to 12, and length to 2, the first 12 bits will come from the 1st
|
||||
input byte and the low half of the second input byte. The second 12
|
||||
bits will have the low 8 bits taken from the 3rd input byte and the
|
||||
top 4 bits taken from the 4th input byte. The same holds for output.
|
||||
This function has been implemented this way because most people will
|
||||
be using a multiple of 8 and because once you get into pulling bytes input
|
||||
bytes apart things get ugly!
|
||||
.PP
|
||||
.I des_read_pw_string
|
||||
is the most machine/OS dependent function and normally generates the
|
||||
most problems when porting this code.
|
||||
.PP
|
||||
.I des_string_to_key
|
||||
is probably different from the MIT version since there are lots
|
||||
of fun ways to implement one-way encryption of a text string.
|
||||
.PP
|
||||
The routines are optimised for 32 bit machines and so are not efficient
|
||||
on IBM PCs.
|
||||
.PP
|
||||
NOTE: extensive work has been done on this library since this document
|
||||
was origionally written. Please try to read des.doc from the libdes
|
||||
distribution since it is far more upto date and documents more of the
|
||||
functions. Libdes is now also being shipped as part of SSLeay, a
|
||||
general cryptographic library that amonst other things implements
|
||||
netscapes SSL protocoll. The most recent version can be found in
|
||||
SSLeay distributions.
|
||||
.SH AUTHOR
|
||||
Eric Young (eay@cryptsoft.com)
|
||||
@@ -0,0 +1,176 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:26:45 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ASN1_OBJECT_new 3"
|
||||
.TH ASN1_OBJECT_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ASN1_OBJECT_new, ASN1_OBJECT_free, \- object allocation functions
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 2
|
||||
\& ASN1_OBJECT *ASN1_OBJECT_new(void);
|
||||
\& void ASN1_OBJECT_free(ASN1_OBJECT *a);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
The \s-1ASN1_OBJECT\s0 allocation routines, allocate and free an
|
||||
\&\s-1ASN1_OBJECT\s0 structure, which represents an \s-1ASN1\s0 \s-1OBJECT\s0 \s-1IDENTIFIER\s0.
|
||||
.PP
|
||||
\&\fIASN1_OBJECT_new()\fR allocates and initializes a \s-1ASN1_OBJECT\s0 structure.
|
||||
.PP
|
||||
\&\fIASN1_OBJECT_free()\fR frees up the \fB\s-1ASN1_OBJECT\s0\fR structure \fBa\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Although \fIASN1_OBJECT_new()\fR allocates a new \s-1ASN1_OBJECT\s0 structure it
|
||||
is almost never used in applications. The \s-1ASN1\s0 object utility functions
|
||||
such as \fIOBJ_nid2obj()\fR are used instead.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
If the allocation fails, \fIASN1_OBJECT_new()\fR returns \fB\s-1NULL\s0\fR and sets an error
|
||||
code that can be obtained by ERR_get_error(3).
|
||||
Otherwise it returns a pointer to the newly allocated structure.
|
||||
.PP
|
||||
\&\fIASN1_OBJECT_free()\fR returns no value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3), d2i_ASN1_OBJECT(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIASN1_OBJECT_new()\fR and \fIASN1_OBJECT_free()\fR are available in all versions of SSLeay and OpenSSL.
|
||||
@@ -0,0 +1,221 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:26:46 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ASN1_STRING_length 3"
|
||||
.TH ASN1_STRING_length 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length,
|
||||
ASN1_STRING_length_set, ASN1_STRING_type, ASN1_STRING_data \-
|
||||
\&\s-1ASN1_STRING\s0 utility functions
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 2
|
||||
\& int ASN1_STRING_length(ASN1_STRING *x);
|
||||
\& unsigned char * ASN1_STRING_data(ASN1_STRING *x);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int ASN1_STRING_type(ASN1_STRING *x);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
These functions allow an \fB\s-1ASN1_STRING\s0\fR structure to be manipulated.
|
||||
.PP
|
||||
\&\fIASN1_STRING_length()\fR returns the length of the content of \fBx\fR.
|
||||
.PP
|
||||
\&\fIASN1_STRING_data()\fR returns an internal pointer to the data of \fBx\fR.
|
||||
Since this is an internal pointer it should \fBnot\fR be freed or
|
||||
modified in any way.
|
||||
.PP
|
||||
\&\fIASN1_STRING_dup()\fR returns a copy of the structure \fBa\fR.
|
||||
.PP
|
||||
\&\fIASN1_STRING_cmp()\fR compares \fBa\fR and \fBb\fR returning 0 if the two
|
||||
are identical. The string types and content are compared.
|
||||
.PP
|
||||
\&\fIASN1_STRING_set()\fR sets the data of string \fBstr\fR to the buffer
|
||||
\&\fBdata\fR or length \fBlen\fR. The supplied data is copied. If \fBlen\fR
|
||||
is \-1 then the length is determined by strlen(data).
|
||||
.PP
|
||||
\&\fIASN1_STRING_type()\fR returns the type of \fBx\fR, using standard constants
|
||||
such as \fBV_ASN1_OCTET_STRING\fR.
|
||||
.PP
|
||||
\&\fIASN1_STRING_to_UTF8()\fR converts the string \fBin\fR to \s-1UTF8\s0 format, the
|
||||
converted data is allocated in a buffer in \fB*out\fR. The length of
|
||||
\&\fBout\fR is returned or a negative error code. The buffer \fB*out\fR
|
||||
should be free using \fIOPENSSL_free()\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Almost all \s-1ASN1\s0 types in OpenSSL are represented as an \fB\s-1ASN1_STRING\s0\fR
|
||||
structure. Other types such as \fB\s-1ASN1_OCTET_STRING\s0\fR are simply typedefed
|
||||
to \fB\s-1ASN1_STRING\s0\fR and the functions call the \fB\s-1ASN1_STRING\s0\fR equivalents.
|
||||
\&\fB\s-1ASN1_STRING\s0\fR is also used for some \fB\s-1CHOICE\s0\fR types which consist
|
||||
entirely of primitive string types such as \fBDirectoryString\fR and
|
||||
\&\fBTime\fR.
|
||||
.PP
|
||||
These functions should \fBnot\fR be used to examine or modify \fB\s-1ASN1_INTEGER\s0\fR
|
||||
or \fB\s-1ASN1_ENUMERATED\s0\fR types: the relevant \fB\s-1INTEGER\s0\fR or \fB\s-1ENUMERATED\s0\fR
|
||||
utility functions should be used instead.
|
||||
.PP
|
||||
In general it cannot be assumed that the data returned by \fIASN1_STRING_data()\fR
|
||||
is null terminated or does not contain embedded nulls. The actual format
|
||||
of the data will depend on the actual string type itself: for example
|
||||
for and IA5String the data will be \s-1ASCII\s0, for a BMPString two bytes per
|
||||
character in big endian format, UTF8String will be in \s-1UTF8\s0 format.
|
||||
.PP
|
||||
Similar care should be take to ensure the data is in the correct format
|
||||
when calling \fIASN1_STRING_set()\fR.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
@@ -0,0 +1,177 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:26:47 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ASN1_STRING_new 3"
|
||||
.TH ASN1_STRING_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free \-
|
||||
\&\s-1ASN1_STRING\s0 allocation functions
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 3
|
||||
\& ASN1_STRING * ASN1_STRING_new(void);
|
||||
\& ASN1_STRING * ASN1_STRING_type_new(int type);
|
||||
\& void ASN1_STRING_free(ASN1_STRING *a);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIASN1_STRING_new()\fR returns an allocated \fB\s-1ASN1_STRING\s0\fR structure. Its type
|
||||
is undefined.
|
||||
.PP
|
||||
\&\fIASN1_STRING_type_new()\fR returns an allocated \fB\s-1ASN1_STRING\s0\fR structure of
|
||||
type \fBtype\fR.
|
||||
.PP
|
||||
\&\fIASN1_STRING_free()\fR frees up \fBa\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Other string types call the \fB\s-1ASN1_STRING\s0\fR functions. For example
|
||||
\&\fIASN1_OCTET_STRING_new()\fR calls ASN1_STRING_type(V_ASN1_OCTET_STRING).
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIASN1_STRING_new()\fR and \fIASN1_STRING_type_new()\fR return a valid
|
||||
\&\s-1ASN1_STRING\s0 structure or \fB\s-1NULL\s0\fR if an error occurred.
|
||||
.PP
|
||||
\&\fIASN1_STRING_free()\fR does not return a value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\s-1TBA\s0
|
||||
@@ -0,0 +1,230 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:26:48 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ASN1_STRING_print_ex 3"
|
||||
.TH ASN1_STRING_print_ex 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp \- \s-1ASN1_STRING\s0 output routines.
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/asn1.h>
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
|
||||
\& int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
|
||||
\& int ASN1_STRING_print(BIO *out, ASN1_STRING *str);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
These functions output an \fB\s-1ASN1_STRING\s0\fR structure. \fB\s-1ASN1_STRING\s0\fR is used to
|
||||
represent all the \s-1ASN1\s0 string types.
|
||||
.PP
|
||||
\&\fIASN1_STRING_print_ex()\fR outputs \fBstr\fR to \fBout\fR, the format is determined by
|
||||
the options \fBflags\fR. \fIASN1_STRING_print_ex_fp()\fR is identical except it outputs
|
||||
to \fBfp\fR instead.
|
||||
.PP
|
||||
\&\fIASN1_STRING_print()\fR prints \fBstr\fR to \fBout\fR but using a different format to
|
||||
\&\fIASN1_STRING_print_ex()\fR. It replaces unprintable characters (other than \s-1CR\s0, \s-1LF\s0)
|
||||
with '.'.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
\&\fIASN1_STRING_print()\fR is a legacy function which should be avoided in new applications.
|
||||
.PP
|
||||
Although there are a large number of options frequently \fB\s-1ASN1_STRFLAGS_RFC2253\s0\fR is
|
||||
suitable, or on \s-1UTF8\s0 terminals \fB\s-1ASN1_STRFLAGS_RFC2253\s0 & ~ASN1_STRFLAGS_ESC_MSB\fR.
|
||||
.PP
|
||||
The complete set of supported options for \fBflags\fR is listed below.
|
||||
.PP
|
||||
Various characters can be escaped. If \fB\s-1ASN1_STRFLGS_ESC_2253\s0\fR is set the characters
|
||||
determined by \s-1RFC2253\s0 are escaped. If \fB\s-1ASN1_STRFLGS_ESC_CTRL\s0\fR is set control
|
||||
characters are escaped. If \fB\s-1ASN1_STRFLGS_ESC_MSB\s0\fR is set characters with the
|
||||
\&\s-1MSB\s0 set are escaped: this option should \fBnot\fR be used if the terminal correctly
|
||||
interprets \s-1UTF8\s0 sequences.
|
||||
.PP
|
||||
Escaping takes several forms.
|
||||
.PP
|
||||
If the character being escaped is a 16 bit character then the form \*(L"\eWXXXX\*(R" is used
|
||||
using exactly four characters for the hex representation. If it is 32 bits then
|
||||
\&\*(L"\eUXXXXXXXX\*(R" is used using eight characters of its hex representation. These forms
|
||||
will only be used if \s-1UTF8\s0 conversion is not set (see below).
|
||||
.PP
|
||||
Printable characters are normally escaped using the backslash '\e' character. If
|
||||
\&\fB\s-1ASN1_STRFLGS_ESC_QUOTE\s0\fR is set then the whole string is instead surrounded by
|
||||
double quote characters: this is arguably more readable than the backslash
|
||||
notation. Other characters use the \*(L"\eXX\*(R" using exactly two characters of the hex
|
||||
representation.
|
||||
.PP
|
||||
If \fB\s-1ASN1_STRFLGS_UTF8_CONVERT\s0\fR is set then characters are converted to \s-1UTF8\s0
|
||||
format first. If the terminal supports the display of \s-1UTF8\s0 sequences then this
|
||||
option will correctly display multi byte characters.
|
||||
.PP
|
||||
If \fB\s-1ASN1_STRFLGS_IGNORE_TYPE\s0\fR is set then the string type is not interpreted at
|
||||
all: everything is assumed to be one byte per character. This is primarily for
|
||||
debugging purposes and can result in confusing output in multi character strings.
|
||||
.PP
|
||||
If \fB\s-1ASN1_STRFLGS_SHOW_TYPE\s0\fR is set then the string type itself is printed out
|
||||
before its value (for example \*(L"\s-1BMPSTRING\s0\*(R"), this actually uses \fIASN1_tag2str()\fR.
|
||||
.PP
|
||||
The content of a string instead of being interpreted can be \*(L"dumped\*(R": this just
|
||||
outputs the value of the string using the form #XXXX using hex format for each
|
||||
octet.
|
||||
.PP
|
||||
If \fB\s-1ASN1_STRFLGS_DUMP_ALL\s0\fR is set then any type is dumped.
|
||||
.PP
|
||||
Normally non character string types (such as \s-1OCTET\s0 \s-1STRING\s0) are assumed to be
|
||||
one byte per character, if \fB\s-1ASN1_STRFLAGS_DUMP_UNKNOWN\s0\fR is set then they will
|
||||
be dumped instead.
|
||||
.PP
|
||||
When a type is dumped normally just the content octets are printed, if
|
||||
\&\fB\s-1ASN1_STRFLGS_DUMP_DER\s0\fR is set then the complete encoding is dumped
|
||||
instead (including tag and length octets).
|
||||
.PP
|
||||
\&\fB\s-1ASN1_STRFLGS_RFC2253\s0\fR includes all the flags required by \s-1RFC2253\s0. It is
|
||||
equivalent to:
|
||||
\s-1ASN1_STRFLGS_ESC_2253\s0 | \s-1ASN1_STRFLGS_ESC_CTRL\s0 | \s-1ASN1_STRFLGS_ESC_MSB\s0 |
|
||||
\s-1ASN1_STRFLGS_UTF8_CONVERT\s0 | \s-1ASN1_STRFLGS_DUMP_UNKNOWN\s0 \s-1ASN1_STRFLGS_DUMP_DER\s0
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
X509_NAME_print_ex(3),
|
||||
ASN1_tag2str(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\s-1TBA\s0
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:01 2002
|
||||
.\" Mon Jan 13 19:26:49 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_ctrl 3"
|
||||
.TH BIO_ctrl 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_ctrl 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:01 2002
|
||||
.\" Mon Jan 13 19:26:50 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_base64 3"
|
||||
.TH BIO_f_base64 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_base64 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_base64 \- base64 \s-1BIO\s0 filter
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:02 2002
|
||||
.\" Mon Jan 13 19:26:52 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_buffer 3"
|
||||
.TH BIO_f_buffer 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_buffer 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_buffer \- buffering \s-1BIO\s0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:03 2002
|
||||
.\" Mon Jan 13 19:26:53 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_cipher 3"
|
||||
.TH BIO_f_cipher 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_cipher 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx \- cipher \s-1BIO\s0 filter
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:03 2002
|
||||
.\" Mon Jan 13 19:26:54 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_md 3"
|
||||
.TH BIO_f_md 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_md 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx \- message digest \s-1BIO\s0 filter
|
||||
@@ -168,7 +168,7 @@ Any data written or read through a digest \s-1BIO\s0 using \fIBIO_read()\fR and
|
||||
digest calculation and returns the digest value. \fIBIO_puts()\fR is
|
||||
not supported.
|
||||
.PP
|
||||
\&\fIBIO_reset()\fR reinitializes a digest \s-1BIO\s0.
|
||||
\&\fIBIO_reset()\fR reinitialises a digest \s-1BIO\s0.
|
||||
.PP
|
||||
\&\fIBIO_set_md()\fR sets the message digest of \s-1BIO\s0 \fBb\fR to \fBmd\fR: this
|
||||
must be called to initialize a digest \s-1BIO\s0 before any data is
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:04 2002
|
||||
.\" Mon Jan 13 19:26:55 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_null 3"
|
||||
.TH BIO_f_null 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_null 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_null \- null filter
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:05 2002
|
||||
.\" Mon Jan 13 19:26:56 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_f_ssl 3"
|
||||
.TH BIO_f_ssl 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_f_ssl 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:05 2002
|
||||
.\" Mon Jan 13 19:26:57 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_find_type 3"
|
||||
.TH BIO_find_type 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_find_type 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_find_type, BIO_next \- \s-1BIO\s0 chain traversal
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:06 2002
|
||||
.\" Mon Jan 13 19:26:58 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_new 3"
|
||||
.TH BIO_new 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_new, BIO_set, BIO_free, BIO_vfree, BIO_free_all \- \s-1BIO\s0 allocation and freeing functions
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:07 2002
|
||||
.\" Mon Jan 13 19:26:59 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_push 3"
|
||||
.TH BIO_push 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_push 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_push, BIO_pop \- add and remove BIOs from a chain.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:08 2002
|
||||
.\" Mon Jan 13 19:27:01 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_read 3"
|
||||
.TH BIO_read 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_read 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_read, BIO_write, BIO_gets, BIO_puts \- \s-1BIO\s0 I/O functions
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:08 2002
|
||||
.\" Mon Jan 13 19:27:02 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,10 +138,10 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_accept 3"
|
||||
.TH BIO_s_accept 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_accept 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_accept, BIO_set_nbio, BIO_set_accept_port, BIO_get_accept_port,
|
||||
BIO_s_accept, BIO_set_accept_port, BIO_get_accept_port,
|
||||
BIO_set_nbio_accept, BIO_set_accept_bios, BIO_set_bind_mode,
|
||||
BIO_get_bind_mode, BIO_do_accept \- accept \s-1BIO\s0
|
||||
.SH "SYNOPSIS"
|
||||
@@ -150,22 +150,22 @@ BIO_get_bind_mode, BIO_do_accept \- accept \s-1BIO\s0
|
||||
\& #include <openssl/bio.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIO_METHOD * BIO_s_accept(void);
|
||||
\& BIO_METHOD *BIO_s_accept(void);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& #define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||
\& #define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||
\& long BIO_set_accept_port(BIO *b, char *name);
|
||||
\& char *BIO_get_accept_port(BIO *b);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIO *BIO_new_accept(char *host_port);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& #define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
|
||||
\& #define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
|
||||
\& long BIO_set_nbio_accept(BIO *b, int n);
|
||||
\& long BIO_set_accept_bios(BIO *b, char *bio);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& #define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
|
||||
\& #define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
|
||||
\& long BIO_set_bind_mode(BIO *b, long mode);
|
||||
\& long BIO_get_bind_mode(BIO *b, long dummy);
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& #define BIO_BIND_NORMAL 0
|
||||
@@ -173,14 +173,14 @@ BIO_get_bind_mode, BIO_do_accept \- accept \s-1BIO\s0
|
||||
\& #define BIO_BIND_REUSEADDR 2
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& #define BIO_do_accept(b) BIO_do_handshake(b)
|
||||
\& int BIO_do_accept(BIO *b);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIBIO_s_accept()\fR returns the accept \s-1BIO\s0 method. This is a wrapper
|
||||
round the platform's \s-1TCP/IP\s0 socket accept routines.
|
||||
.PP
|
||||
Using accept BIOs \s-1TCP/IP\s0 connections can be accepted and data
|
||||
Using accept BIOs, \s-1TCP/IP\s0 connections can be accepted and data
|
||||
transferred using only \s-1BIO\s0 routines. In this way any platform
|
||||
specific operations are hidden by the \s-1BIO\s0 abstraction.
|
||||
.PP
|
||||
@@ -238,7 +238,7 @@ using \s-1BIO_BIND_REUSEADDR\s0.
|
||||
called, after the accept \s-1BIO\s0 has been setup, it will attempt
|
||||
to create the accept socket and bind an address to it. Second
|
||||
and subsequent calls to \fIBIO_do_accept()\fR will await an incoming
|
||||
connection.
|
||||
connection, or request a retry in non blocking mode.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
When an accept \s-1BIO\s0 is at the end of a chain it will await an
|
||||
@@ -275,6 +275,17 @@ perform I/O using the accept \s-1BIO\s0 itself. This is often undesirable
|
||||
however because the accept \s-1BIO\s0 will still accept additional incoming
|
||||
connections. This can be resolved by using \fIBIO_pop()\fR (see above)
|
||||
and freeing up the accept \s-1BIO\s0 after the initial connection.
|
||||
.PP
|
||||
If the underlying accept socket is non-blocking and \fIBIO_do_accept()\fR is
|
||||
called to await an incoming connection it is possible for
|
||||
\&\fIBIO_should_io_special()\fR with the reason \s-1BIO_RR_ACCEPT\s0. If this happens
|
||||
then it is an indication that an accept attempt would block: the application
|
||||
should take appropriate action to wait until the underlying socket has
|
||||
accepted a connection and retry the call.
|
||||
.PP
|
||||
\&\fIBIO_set_accept_port()\fR, \fIBIO_get_accept_port()\fR, \fIBIO_set_nbio_accept()\fR,
|
||||
\&\fIBIO_set_accept_bios()\fR, \fIBIO_set_bind_mode()\fR, \fIBIO_get_bind_mode()\fR and
|
||||
\&\fIBIO_do_accept()\fR are macros.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\s-1TBA\s0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:09 2002
|
||||
.\" Mon Jan 13 19:27:03 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_bio 3"
|
||||
.TH BIO_s_bio 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_bio 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
|
||||
@@ -223,7 +223,9 @@ If the size is not initialized a default value is used. This is currently
|
||||
\&\fIBIO_new_bio_pair()\fR combines the calls to \fIBIO_new()\fR, \fIBIO_make_bio_pair()\fR and
|
||||
\&\fIBIO_set_write_buf_size()\fR to create a connected pair of BIOs \fBbio1\fR, \fBbio2\fR
|
||||
with write buffer sizes \fBwritebuf1\fR and \fBwritebuf2\fR. If either size is
|
||||
zero then the default size is used.
|
||||
zero then the default size is used. \fIBIO_new_bio_pair()\fR does not check whether
|
||||
\&\fBbio1\fR or \fBbio2\fR do point to some other \s-1BIO\s0, the values are overwritten,
|
||||
\&\fIBIO_free()\fR is not called.
|
||||
.PP
|
||||
\&\fIBIO_get_write_guarantee()\fR and \fIBIO_ctrl_get_write_guarantee()\fR return the maximum
|
||||
length of data that can be currently written to the \s-1BIO\s0. Writes larger than this
|
||||
@@ -263,9 +265,60 @@ buffer. \fIBIO_read()\fR will initially fail and \fIBIO_should_read()\fR will be
|
||||
the application then waits for data to be available on the underlying transport
|
||||
before flushing the write buffer it will never succeed because the request was
|
||||
never sent!
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIBIO_new_bio_pair()\fR returns 1 on success, with the new BIOs available in
|
||||
\&\fBbio1\fR and \fBbio2\fR, or 0 on failure, with \s-1NULL\s0 pointers stored into the
|
||||
locations for \fBbio1\fR and \fBbio2\fR. Check the error stack for more information.
|
||||
.PP
|
||||
[\s-1XXXXX:\s0 More return values need to be added here]
|
||||
.SH "EXAMPLE"
|
||||
.IX Header "EXAMPLE"
|
||||
\&\s-1TBA\s0
|
||||
The \s-1BIO\s0 pair can be used to have full control over the network access of an
|
||||
application. The application can call \fIselect()\fR on the socket as required
|
||||
without having to go through the SSL-interface.
|
||||
.PP
|
||||
.Vb 6
|
||||
\& BIO *internal_bio, *network_bio;
|
||||
\& ...
|
||||
\& BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
|
||||
\& SSL_set_bio(ssl, internal_bio, internal_bio);
|
||||
\& SSL_operations();
|
||||
\& ...
|
||||
.Ve
|
||||
.Vb 9
|
||||
\& application | TLS-engine
|
||||
\& | |
|
||||
\& +----------> SSL_operations()
|
||||
\& | /\e ||
|
||||
\& | || \e/
|
||||
\& | BIO-pair (internal_bio)
|
||||
\& +----------< BIO-pair (network_bio)
|
||||
\& | |
|
||||
\& socket |
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& ...
|
||||
\& SSL_free(ssl); /* implicitly frees internal_bio */
|
||||
\& BIO_free(network_bio);
|
||||
\& ...
|
||||
.Ve
|
||||
As the \s-1BIO\s0 pair will only buffer the data and never directly access the
|
||||
connection, it behaves non-blocking and will return as soon as the write
|
||||
buffer is full or the read buffer is drained. Then the application has to
|
||||
flush the write buffer and/or fill the read buffer.
|
||||
.PP
|
||||
Use the \fIBIO_ctrl_pending()\fR, to find out whether data is buffered in the \s-1BIO\s0
|
||||
and must be transfered to the network. Use \fIBIO_ctrl_get_read_request()\fR to
|
||||
find out, how many bytes must be written into the buffer before the
|
||||
\&\fISSL_operation()\fR can successfully be continued.
|
||||
.SH "WARNING"
|
||||
.IX Header "WARNING"
|
||||
As the data is buffered, \fISSL_operation()\fR may return with a \s-1ERROR_SSL_WANT_READ\s0
|
||||
condition, but there is still data in the write buffer. An application must
|
||||
not rely on the error value of \fISSL_operation()\fR but must assure that the
|
||||
write buffer is always flushed first. Otherwise a deadlock may occur as
|
||||
the peer might be waiting for the data before being able to continue.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
SSL_set_bio(3), ssl(3), bio(3),
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:09 2002
|
||||
.\" Mon Jan 13 19:27:04 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_connect 3"
|
||||
.TH BIO_s_connect 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_connect 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_connect, BIO_set_conn_hostname, BIO_set_conn_port,
|
||||
@@ -153,28 +153,31 @@ BIO_set_nbio, BIO_do_connect \- connect \s-1BIO\s0
|
||||
.Vb 1
|
||||
\& BIO_METHOD * BIO_s_connect(void);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIO *BIO_new_connect(char *name);
|
||||
.Ve
|
||||
.Vb 8
|
||||
\& #define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
|
||||
\& #define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
|
||||
\& #define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
|
||||
\& #define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
|
||||
\& #define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||
\& #define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||
\& #define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
|
||||
\& #define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
|
||||
\& long BIO_set_conn_hostname(BIO *b, char *name);
|
||||
\& long BIO_set_conn_port(BIO *b, char *port);
|
||||
\& long BIO_set_conn_ip(BIO *b, char *ip);
|
||||
\& long BIO_set_conn_int_port(BIO *b, char *port);
|
||||
\& char *BIO_get_conn_hostname(BIO *b);
|
||||
\& char *BIO_get_conn_port(BIO *b);
|
||||
\& char *BIO_get_conn_ip(BIO *b, dummy);
|
||||
\& long BIO_get_conn_int_port(BIO *b, int port);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||
\& long BIO_set_nbio(BIO *b, long n);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& #define BIO_do_connect(b) BIO_do_handshake(b)
|
||||
\& int BIO_do_connect(BIO *b);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIBIO_s_connect()\fR returns the connect \s-1BIO\s0 method. This is a wrapper
|
||||
round the platform's \s-1TCP/IP\s0 socket connection routines.
|
||||
.PP
|
||||
Using connect BIOs \s-1TCP/IP\s0 connections can be made and data
|
||||
Using connect BIOs, \s-1TCP/IP\s0 connections can be made and data
|
||||
transferred using only \s-1BIO\s0 routines. In this way any platform
|
||||
specific operations are hidden by the \s-1BIO\s0 abstraction.
|
||||
.PP
|
||||
@@ -197,7 +200,7 @@ to the same host again.
|
||||
it also returns the socket . If \fBc\fR is not \s-1NULL\s0 it should be of
|
||||
type (int *).
|
||||
.PP
|
||||
\&\fIBIO_set_conn_hostname()\fR uses the string \fBname\fR to set the hostname
|
||||
\&\fIBIO_set_conn_hostname()\fR uses the string \fBname\fR to set the hostname.
|
||||
The hostname can be an \s-1IP\s0 address. The hostname can also include the
|
||||
port in the form hostname:port . It is also acceptable to use the
|
||||
form \*(L"hostname/any/other/path\*(R" or \*(L"hostname:port/any/other/path\*(R".
|
||||
@@ -230,6 +233,9 @@ is set. Blocking I/O is the default. The call to \fIBIO_set_nbio()\fR
|
||||
should be made before the connection is established because
|
||||
non blocking I/O is set during the connect process.
|
||||
.PP
|
||||
\&\fIBIO_new_connect()\fR combines \fIBIO_new()\fR and \fIBIO_set_conn_hostname()\fR into
|
||||
a single call: that is it creates a new connect \s-1BIO\s0 with \fBname\fR.
|
||||
.PP
|
||||
\&\fIBIO_do_connect()\fR attempts to connect the supplied \s-1BIO\s0. It returns 1
|
||||
if the connection was established successfully. A zero or negative
|
||||
value is returned if the connection could not be established, the
|
||||
@@ -264,6 +270,11 @@ connection process with the reason \s-1BIO_RR_CONNECT\s0. If this is returned
|
||||
then this is an indication that a connection attempt would block,
|
||||
the application should then take appropriate action to wait until
|
||||
the underlying socket has connected and retry the call.
|
||||
.PP
|
||||
\&\fIBIO_set_conn_hostname()\fR, \fIBIO_set_conn_port()\fR, \fIBIO_set_conn_ip()\fR,
|
||||
\&\fIBIO_set_conn_int_port()\fR, \fIBIO_get_conn_hostname()\fR, \fIBIO_get_conn_port()\fR,
|
||||
\&\fIBIO_get_conn_ip()\fR, \fIBIO_get_conn_int_port()\fR, \fIBIO_set_nbio()\fR and
|
||||
\&\fIBIO_do_connect()\fR are macros.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIBIO_s_connect()\fR returns the connect \s-1BIO\s0 method.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:10 2002
|
||||
.\" Mon Jan 13 19:27:05 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_fd 3"
|
||||
.TH BIO_s_fd 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_fd 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd \- file descriptor \s-1BIO\s0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:11 2002
|
||||
.\" Mon Jan 13 19:27:06 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_file 3"
|
||||
.TH BIO_s_file 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_file 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:11 2002
|
||||
.\" Mon Jan 13 19:27:08 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_mem 3"
|
||||
.TH BIO_s_mem 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_mem 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:12 2002
|
||||
.\" Mon Jan 13 19:27:09 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_null 3"
|
||||
.TH BIO_s_null 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_null 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_null \- null data sink
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:13 2002
|
||||
.\" Mon Jan 13 19:27:10 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_s_socket 3"
|
||||
.TH BIO_s_socket 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_s_socket 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_s_socket, BIO_new_socket \- socket \s-1BIO\s0
|
||||
@@ -148,11 +148,11 @@ BIO_s_socket, BIO_new_socket \- socket \s-1BIO\s0
|
||||
\& #include <openssl/bio.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIO_METHOD * BIO_s_socket(void);
|
||||
\& BIO_METHOD *BIO_s_socket(void);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& #define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
|
||||
\& #define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
|
||||
\& long BIO_set_fd(BIO *b, int fd, long close_flag);
|
||||
\& long BIO_get_fd(BIO *b, int *c);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIO *BIO_new_socket(int sock, int close_flag);
|
||||
@@ -169,10 +169,10 @@ If the close flag is set then the socket is shut down and closed
|
||||
when the \s-1BIO\s0 is freed.
|
||||
.PP
|
||||
\&\fIBIO_set_fd()\fR sets the socket of \s-1BIO\s0 \fBb\fR to \fBfd\fR and the close
|
||||
flag to \fBc\fR.
|
||||
flag to \fBclose_flag\fR.
|
||||
.PP
|
||||
\&\fIBIO_get_fd()\fR places the socket in \fBc\fR if it is not \s-1NULL\s0, it also
|
||||
returns the socket . If \fBc\fR is not \s-1NULL\s0 it should be of type (int *).
|
||||
returns the socket. If \fBc\fR is not \s-1NULL\s0 it should be of type (int *).
|
||||
.PP
|
||||
\&\fIBIO_new_socket()\fR returns a socket \s-1BIO\s0 using \fBsock\fR and \fBclose_flag\fR.
|
||||
.SH "NOTES"
|
||||
@@ -184,6 +184,8 @@ The reason for having separate file descriptor and socket BIOs is that on some
|
||||
platforms sockets are not file descriptors and use distinct I/O routines,
|
||||
Windows is one such platform. Any code mixing the two will not work on
|
||||
all platforms.
|
||||
.PP
|
||||
\&\fIBIO_set_fd()\fR and \fIBIO_get_fd()\fR are macros.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIBIO_s_socket()\fR returns the socket \s-1BIO\s0 method.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:13 2002
|
||||
.\" Mon Jan 13 19:27:11 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_set_callback 3"
|
||||
.TH BIO_set_callback 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_set_callback 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:14 2002
|
||||
.\" Mon Jan 13 19:27:12 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_should_retry 3"
|
||||
.TH BIO_should_retry 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BIO_should_retry 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_should_retry, BIO_should_read, BIO_should_write,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:14 2002
|
||||
.\" Mon Jan 13 19:27:13 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_CTX_new 3"
|
||||
.TH BN_CTX_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_CTX_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_CTX_new, BN_CTX_init, BN_CTX_free \- allocate and free \s-1BN_CTX\s0 structures
|
||||
@@ -181,7 +181,7 @@ ERR_get_error(3).
|
||||
\&\fIBN_CTX_init()\fR and \fIBN_CTX_free()\fR have no return values.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_add(3),
|
||||
bn(3), ERR_get_error(3), BN_add(3),
|
||||
BN_CTX_start(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:15 2002
|
||||
.\" Mon Jan 13 19:27:14 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_CTX_start 3"
|
||||
.TH BN_CTX_start 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BN_CTX_start 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_CTX_start, BN_CTX_get, BN_CTX_end \- use temporary \s-1BIGNUM\s0 variables
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:16 2002
|
||||
.\" Mon Jan 13 19:27:15 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,11 +138,12 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_add 3"
|
||||
.TH BN_add 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_add 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_add, BN_sub, BN_mul, BN_div, BN_sqr, BN_mod, BN_mod_mul, BN_exp,
|
||||
BN_mod_exp, BN_gcd \- arithmetic operations on BIGNUMs
|
||||
BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add,
|
||||
BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd \-
|
||||
arithmetic operations on BIGNUMs
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
@@ -157,20 +158,34 @@ BN_mod_exp, BN_gcd \- arithmetic operations on BIGNUMs
|
||||
.Vb 1
|
||||
\& int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
|
||||
\& BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
|
||||
\& int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
|
||||
\& BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
|
||||
\& BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
|
||||
\& BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
|
||||
.Ve
|
||||
@@ -183,45 +198,59 @@ BN_mod_exp, BN_gcd \- arithmetic operations on BIGNUMs
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIBN_add()\fR adds \fBa\fR and \fBb\fR and places the result in \fBr\fR (\f(CW\*(C`r=a+b\*(C'\fR).
|
||||
\&\fBr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fBa\fR or \fBb\fR.
|
||||
\&\fIBN_add()\fR adds \fIa\fR and \fIb\fR and places the result in \fIr\fR (\f(CW\*(C`r=a+b\*(C'\fR).
|
||||
\&\fIr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fIa\fR or \fIb\fR.
|
||||
.PP
|
||||
\&\fIBN_sub()\fR subtracts \fBb\fR from \fBa\fR and places the result in \fBr\fR (\f(CW\*(C`r=a\-b\*(C'\fR).
|
||||
\&\fIBN_sub()\fR subtracts \fIb\fR from \fIa\fR and places the result in \fIr\fR (\f(CW\*(C`r=a\-b\*(C'\fR).
|
||||
.PP
|
||||
\&\fIBN_mul()\fR multiplies \fBa\fR and \fBb\fR and places the result in \fBr\fR (\f(CW\*(C`r=a*b\*(C'\fR).
|
||||
\&\fBr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fBa\fR or \fBb\fR.
|
||||
\&\fIBN_mul()\fR multiplies \fIa\fR and \fIb\fR and places the result in \fIr\fR (\f(CW\*(C`r=a*b\*(C'\fR).
|
||||
\&\fIr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fIa\fR or \fIb\fR.
|
||||
For multiplication by powers of 2, use BN_lshift(3).
|
||||
.PP
|
||||
\&\fIBN_div()\fR divides \fBa\fR by \fBd\fR and places the result in \fBdv\fR and the
|
||||
remainder in \fBrem\fR (\f(CW\*(C`dv=a/d, rem=a%d\*(C'\fR). Either of \fBdv\fR and \fBrem\fR may
|
||||
be \s-1NULL\s0, in which case the respective value is not returned.
|
||||
For division by powers of 2, use \fIBN_rshift\fR\|(3).
|
||||
.PP
|
||||
\&\fIBN_sqr()\fR takes the square of \fBa\fR and places the result in \fBr\fR
|
||||
(\f(CW\*(C`r=a^2\*(C'\fR). \fBr\fR and \fBa\fR may be the same \fB\s-1BIGNUM\s0\fR.
|
||||
\&\fIBN_sqr()\fR takes the square of \fIa\fR and places the result in \fIr\fR
|
||||
(\f(CW\*(C`r=a^2\*(C'\fR). \fIr\fR and \fIa\fR may be the same \fB\s-1BIGNUM\s0\fR.
|
||||
This function is faster than BN_mul(r,a,a).
|
||||
.PP
|
||||
\&\fIBN_mod()\fR find the remainder of \fBa\fR divided by \fBm\fR and places it in
|
||||
\&\fBrem\fR (\f(CW\*(C`rem=a%m\*(C'\fR).
|
||||
\&\fIBN_div()\fR divides \fIa\fR by \fId\fR and places the result in \fIdv\fR and the
|
||||
remainder in \fIrem\fR (\f(CW\*(C`dv=a/d, rem=a%d\*(C'\fR). Either of \fIdv\fR and \fIrem\fR may
|
||||
be \fB\s-1NULL\s0\fR, in which case the respective value is not returned.
|
||||
The result is rounded towards zero; thus if \fIa\fR is negative, the
|
||||
remainder will be zero or negative.
|
||||
For division by powers of 2, use \fIBN_rshift\fR\|(3).
|
||||
.PP
|
||||
\&\fIBN_mod_mul()\fR multiplies \fBa\fR by \fBb\fR and finds the remainder when
|
||||
divided by \fBm\fR (\f(CW\*(C`r=(a*b)%m\*(C'\fR). \fBr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fBa\fR
|
||||
or \fBb\fR. For a more efficient algorithm, see
|
||||
BN_mod_mul_montgomery(3); for repeated
|
||||
computations using the same modulus, see BN_mod_mul_reciprocal(3).
|
||||
\&\fIBN_mod()\fR corresponds to \fIBN_div()\fR with \fIdv\fR set to \fB\s-1NULL\s0\fR.
|
||||
.PP
|
||||
\&\fIBN_exp()\fR raises \fBa\fR to the \fBp\fR\-th power and places the result in \fBr\fR
|
||||
\&\fIBN_nnmod()\fR reduces \fIa\fR modulo \fIm\fR and places the non-negative
|
||||
remainder in \fIr\fR.
|
||||
.PP
|
||||
\&\fIBN_mod_add()\fR adds \fIa\fR to \fIb\fR modulo \fIm\fR and places the non-negative
|
||||
result in \fIr\fR.
|
||||
.PP
|
||||
\&\fIBN_mod_sub()\fR subtracts \fIb\fR from \fIa\fR modulo \fIm\fR and places the
|
||||
non-negative result in \fIr\fR.
|
||||
.PP
|
||||
\&\fIBN_mod_mul()\fR multiplies \fIa\fR by \fIb\fR and finds the non-negative
|
||||
remainder respective to modulus \fIm\fR (\f(CW\*(C`r=(a*b) mod m\*(C'\fR). \fIr\fR may be
|
||||
the same \fB\s-1BIGNUM\s0\fR as \fIa\fR or \fIb\fR. For more efficient algorithms for
|
||||
repeated computations using the same modulus, see
|
||||
BN_mod_mul_montgomery(3) and
|
||||
BN_mod_mul_reciprocal(3).
|
||||
.PP
|
||||
\&\fIBN_mod_sqr()\fR takes the square of \fIa\fR modulo \fBm\fR and places the
|
||||
result in \fIr\fR.
|
||||
.PP
|
||||
\&\fIBN_exp()\fR raises \fIa\fR to the \fIp\fR\-th power and places the result in \fIr\fR
|
||||
(\f(CW\*(C`r=a^p\*(C'\fR). This function is faster than repeated applications of
|
||||
\&\fIBN_mul()\fR.
|
||||
.PP
|
||||
\&\fIBN_mod_exp()\fR computes \fBa\fR to the \fBp\fR\-th power modulo \fBm\fR (\f(CW\*(C`r=a^p %
|
||||
\&\fIBN_mod_exp()\fR computes \fIa\fR to the \fIp\fR\-th power modulo \fIm\fR (\f(CW\*(C`r=a^p %
|
||||
m\*(C'\fR). This function uses less time and space than \fIBN_exp()\fR.
|
||||
.PP
|
||||
\&\fIBN_gcd()\fR computes the greatest common divisor of \fBa\fR and \fBb\fR and
|
||||
places the result in \fBr\fR. \fBr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fBa\fR or
|
||||
\&\fBb\fR.
|
||||
\&\fIBN_gcd()\fR computes the greatest common divisor of \fIa\fR and \fIb\fR and
|
||||
places the result in \fIr\fR. \fIr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fIa\fR or
|
||||
\&\fIb\fR.
|
||||
.PP
|
||||
For all functions, \fBctx\fR is a previously allocated \fB\s-1BN_CTX\s0\fR used for
|
||||
For all functions, \fIctx\fR is a previously allocated \fB\s-1BN_CTX\s0\fR used for
|
||||
temporary variables; see BN_CTX_new(3).
|
||||
.PP
|
||||
Unless noted otherwise, the result \fB\s-1BIGNUM\s0\fR must be different from
|
||||
@@ -233,11 +262,13 @@ value should always be checked (e.g., \f(CW\*(C`if (!BN_add(r,a,b)) goto err;\*(
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_CTX_new(3),
|
||||
bn(3), ERR_get_error(3), BN_CTX_new(3),
|
||||
BN_add_word(3), BN_set_bit(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIBN_add()\fR, \fIBN_sub()\fR, \fIBN_div()\fR, \fIBN_sqr()\fR, \fIBN_mod()\fR, \fIBN_mod_mul()\fR,
|
||||
\&\fIBN_add()\fR, \fIBN_sub()\fR, \fIBN_sqr()\fR, \fIBN_div()\fR, \fIBN_mod()\fR, \fIBN_mod_mul()\fR,
|
||||
\&\fIBN_mod_exp()\fR and \fIBN_gcd()\fR are available in all versions of SSLeay and
|
||||
OpenSSL. The \fBctx\fR argument to \fIBN_mul()\fR was added in SSLeay
|
||||
OpenSSL. The \fIctx\fR argument to \fIBN_mul()\fR was added in SSLeay
|
||||
0.9.1b. \fIBN_exp()\fR appeared in SSLeay 0.9.0.
|
||||
\&\fIBN_nnmod()\fR, \fIBN_mod_add()\fR, \fIBN_mod_sub()\fR, and \fIBN_mod_sqr()\fR were added in
|
||||
OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:16 2002
|
||||
.\" Mon Jan 13 19:27:17 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_add_word 3"
|
||||
.TH BN_add_word 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_add_word 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word \- arithmetic
|
||||
@@ -188,7 +188,7 @@ on error. The error codes can be obtained by ERR_get_error(3).
|
||||
\&\fIBN_mod_word()\fR and \fIBN_div_word()\fR return \fBa\fR%\fBw\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_add(3)
|
||||
bn(3), ERR_get_error(3), BN_add(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIBN_add_word()\fR and \fIBN_mod_word()\fR are available in all versions of
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:17 2002
|
||||
.\" Mon Jan 13 19:27:18 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_bn2bin 3"
|
||||
.TH BN_bn2bin 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH BN_bn2bin 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_bn2bin, BN_bin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn,
|
||||
@@ -221,7 +221,7 @@ returns the \fB\s-1BIGNUM\s0\fR, and \s-1NULL\s0 on error.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_zero(3),
|
||||
bn(3), ERR_get_error(3), BN_zero(3),
|
||||
ASN1_INTEGER_to_BN(3),
|
||||
BN_num_bytes(3)
|
||||
.SH "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:18 2002
|
||||
.\" Mon Jan 13 19:27:19 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_cmp 3"
|
||||
.TH BN_cmp 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_cmp 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd \- \s-1BIGNUM\s0 comparison and test functions
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:18 2002
|
||||
.\" Mon Jan 13 19:27:20 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_copy 3"
|
||||
.TH BN_copy 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_copy 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_copy, BN_dup \- copy BIGNUMs
|
||||
@@ -164,7 +164,7 @@ the new \fB\s-1BIGNUM\s0\fR, and \s-1NULL\s0 on error. The error codes can be ob
|
||||
by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3)
|
||||
bn(3), ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIBN_copy()\fR and \fIBN_dup()\fR are available in all versions of SSLeay and OpenSSL.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:19 2002
|
||||
.\" Mon Jan 13 19:27:21 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_generate_prime 3"
|
||||
.TH BN_generate_prime 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_generate_prime 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_generate_prime, BN_is_prime, BN_is_prime_fasttest \- generate primes and test for primality
|
||||
@@ -220,7 +220,7 @@ prime with an error probability of less than 0.25^\fBchecks\fR, and
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), rand(3)
|
||||
bn(3), ERR_get_error(3), rand(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
The \fBcb_arg\fR arguments to \fIBN_generate_prime()\fR and to \fIBN_is_prime()\fR
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:19 2002
|
||||
.\" Mon Jan 13 19:27:22 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_mod_inverse 3"
|
||||
.TH BN_mod_inverse 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_mod_inverse 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_mod_inverse \- compute inverse modulo n
|
||||
@@ -165,7 +165,7 @@ variables. \fBr\fR may be the same \fB\s-1BIGNUM\s0\fR as \fBa\fR or \fBn\fR.
|
||||
\&\s-1NULL\s0 on error. The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_add(3)
|
||||
bn(3), ERR_get_error(3), BN_add(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIBN_mod_inverse()\fR is available in all versions of SSLeay and OpenSSL.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:20 2002
|
||||
.\" Mon Jan 13 19:27:23 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_mod_mul_montgomery 3"
|
||||
.TH BN_mod_mul_montgomery 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BN_mod_mul_montgomery 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init,
|
||||
@@ -180,22 +180,23 @@ using the same modulus.
|
||||
\&\fIBN_MONT_CTX_new()\fR allocates and initializes a \fB\s-1BN_MONT_CTX\s0\fR structure.
|
||||
\&\fIBN_MONT_CTX_init()\fR initializes an existing uninitialized \fB\s-1BN_MONT_CTX\s0\fR.
|
||||
.PP
|
||||
\&\fIBN_MONT_CTX_set()\fR sets up the \fBmont\fR structure from the modulus \fBm\fR
|
||||
\&\fIBN_MONT_CTX_set()\fR sets up the \fImont\fR structure from the modulus \fIm\fR
|
||||
by precomputing its inverse and a value R.
|
||||
.PP
|
||||
\&\fIBN_MONT_CTX_copy()\fR copies the \fB\s-1BN_MONT_CTX\s0\fR \fBfrom\fR to \fBto\fR.
|
||||
\&\fIBN_MONT_CTX_copy()\fR copies the \fB\s-1BN_MONT_CTX\s0\fR \fIfrom\fR to \fIto\fR.
|
||||
.PP
|
||||
\&\fIBN_MONT_CTX_free()\fR frees the components of the \fB\s-1BN_MONT_CTX\s0\fR, and, if
|
||||
it was created by \fIBN_MONT_CTX_new()\fR, also the structure itself.
|
||||
.PP
|
||||
\&\fIBN_mod_mul_montgomery()\fR computes Mont(\fBa\fR,\fBb\fR):=\fBa\fR*\fBb\fR*R^\-1 and places
|
||||
the result in \fBr\fR.
|
||||
\&\fIBN_mod_mul_montgomery()\fR computes Mont(\fIa\fR,\fIb\fR):=\fIa\fR*\fIb\fR*R^\-1 and places
|
||||
the result in \fIr\fR.
|
||||
.PP
|
||||
\&\fIBN_from_montgomery()\fR performs the Montgomery reduction \fBr\fR = \fBa\fR*R^\-1.
|
||||
\&\fIBN_from_montgomery()\fR performs the Montgomery reduction \fIr\fR = \fIa\fR*R^\-1.
|
||||
.PP
|
||||
\&\fIBN_to_montgomery()\fR computes Mont(\fBa\fR,R^2), i.e. \fBa\fR*R.
|
||||
\&\fIBN_to_montgomery()\fR computes Mont(\fIa\fR,R^2), i.e. \fIa\fR*R.
|
||||
Note that \fIa\fR must be non-negative and smaller than the modulus.
|
||||
.PP
|
||||
For all functions, \fBctx\fR is a previously allocated \fB\s-1BN_CTX\s0\fR used for
|
||||
For all functions, \fIctx\fR is a previously allocated \fB\s-1BN_CTX\s0\fR used for
|
||||
temporary variables.
|
||||
.PP
|
||||
The \fB\s-1BN_MONT_CTX\s0\fR structure is defined as follows:
|
||||
@@ -222,9 +223,13 @@ on error.
|
||||
.PP
|
||||
For the other functions, 1 is returned for success, 0 on error.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "WARNING"
|
||||
.IX Header "WARNING"
|
||||
The inputs must be reduced modulo \fBm\fR, otherwise the result will be
|
||||
outside the expected range.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_add(3),
|
||||
bn(3), ERR_get_error(3), BN_add(3),
|
||||
BN_CTX_new(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:21 2002
|
||||
.\" Mon Jan 13 19:27:25 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_mod_mul_reciprocal 3"
|
||||
.TH BN_mod_mul_reciprocal 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BN_mod_mul_reciprocal 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_init,
|
||||
@@ -211,7 +211,7 @@ For the other functions, 1 is returned for success, 0 on error.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), BN_add(3),
|
||||
bn(3), ERR_get_error(3), BN_add(3),
|
||||
BN_CTX_new(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:21 2002
|
||||
.\" Mon Jan 13 19:27:26 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_new 3"
|
||||
.TH BN_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_new, BN_init, BN_clear, BN_free, BN_clear_free \- allocate and free BIGNUMs
|
||||
@@ -184,7 +184,7 @@ by ERR_get_error(3).
|
||||
values.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3)
|
||||
bn(3), ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIBN_new()\fR, \fIBN_clear()\fR, \fIBN_free()\fR and \fIBN_clear_free()\fR are available in
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:22 2002
|
||||
.\" Mon Jan 13 19:27:27 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_num_bytes 3"
|
||||
.TH BN_num_bytes 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_num_bytes 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_num_bits, BN_num_bytes, BN_num_bits_word \- get \s-1BIGNUM\s0 size
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:22 2002
|
||||
.\" Mon Jan 13 19:27:28 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_rand 3"
|
||||
.TH BN_rand 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH BN_rand 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_rand, BN_pseudo_rand \- generate pseudo-random number
|
||||
@@ -186,7 +186,7 @@ The functions return 1 on success, 0 on error.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
bn(3), err(3), rand(3),
|
||||
bn(3), ERR_get_error(3), rand(3),
|
||||
RAND_add(3), RAND_bytes(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:23 2002
|
||||
.\" Mon Jan 13 19:27:29 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_set_bit 3"
|
||||
.TH BN_set_bit 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH BN_set_bit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift,
|
||||
|
||||
@@ -0,0 +1,160 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:27:30 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_swap 3"
|
||||
.TH BN_swap 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_swap \- exchange BIGNUMs
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/bn.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& void BN_swap(BIGNUM *a, BIGNUM *b);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIBN_swap()\fR exchanges the values of \fIa\fR and \fIb\fR.
|
||||
.PP
|
||||
bn(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
BN_swap was added in OpenSSL 0.9.7.
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:24 2002
|
||||
.\" Mon Jan 13 19:27:31 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BN_zero 3"
|
||||
.TH BN_zero 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH BN_zero 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word \- \s-1BIGNUM\s0 assignment
|
||||
@@ -153,7 +153,7 @@ operations
|
||||
\& int BN_one(BIGNUM *a);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& BIGNUM *BN_value_one(void);
|
||||
\& const BIGNUM *BN_value_one(void);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int BN_set_word(BIGNUM *a, unsigned long w);
|
||||
@@ -190,3 +190,6 @@ bn(3), BN_bn2bin(3)
|
||||
\&\fIBN_zero()\fR, \fIBN_one()\fR and \fIBN_set_word()\fR are available in all versions of
|
||||
SSLeay and OpenSSL. \fIBN_value_one()\fR and \fIBN_get_word()\fR were added in
|
||||
SSLeay 0.8.
|
||||
.PP
|
||||
\&\fIBN_value_one()\fR was changed to return a true const \s-1BIGNUM\s0 * in OpenSSL
|
||||
0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:24 2002
|
||||
.\" Mon Jan 13 19:27:32 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "CRYPTO_set_ex_data 3"
|
||||
.TH CRYPTO_set_ex_data 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH CRYPTO_set_ex_data 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
CRYPTO_set_ex_data, CRYPTO_get_ex_data \- internal application specific data functions
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:25 2002
|
||||
.\" Mon Jan 13 19:27:33 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_generate_key 3"
|
||||
.TH DH_generate_key 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DH_generate_key 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_generate_key, DH_compute_key \- perform Diffie-Hellman key exchange
|
||||
@@ -179,7 +179,7 @@ on error.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dh(3), err(3), rand(3), DH_size(3)
|
||||
dh(3), ERR_get_error(3), rand(3), DH_size(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDH_generate_key()\fR and \fIDH_compute_key()\fR are available in all versions
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:25 2002
|
||||
.\" Mon Jan 13 19:27:34 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_generate_parameters 3"
|
||||
.TH DH_generate_parameters 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DH_generate_parameters 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_generate_parameters, DH_check \- generate and check Diffie-Hellman parameters
|
||||
@@ -196,7 +196,8 @@ If \fBgenerator\fR is not 2 or 5, \fBdh->g\fR=\fBgenerator\fR is not
|
||||
a usable generator.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dh(3), err(3), rand(3), DH_free(3)
|
||||
dh(3), ERR_get_error(3), rand(3),
|
||||
DH_free(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDH_check()\fR is available in all versions of SSLeay and OpenSSL.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:26 2002
|
||||
.\" Mon Jan 13 19:27:36 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_get_ex_new_index 3"
|
||||
.TH DH_get_ex_new_index 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH DH_get_ex_new_index 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data \- add application specific data to \s-1DH\s0 structures
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:27 2002
|
||||
.\" Mon Jan 13 19:27:37 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_new 3"
|
||||
.TH DH_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DH_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_new, DH_free \- allocate and free \s-1DH\s0 objects
|
||||
@@ -168,7 +168,7 @@ a pointer to the newly allocated structure.
|
||||
\&\fIDH_free()\fR returns no value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dh(3), err(3),
|
||||
dh(3), ERR_get_error(3),
|
||||
DH_generate_parameters(3),
|
||||
DH_generate_key(3)
|
||||
.SH "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:27 2002
|
||||
.\" Mon Jan 13 19:27:38 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,51 +138,63 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_set_method 3"
|
||||
.TH DH_set_method 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH DH_set_method 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_set_default_method, DH_get_default_method, DH_set_method,
|
||||
DH_new_method, DH_OpenSSL \- select \s-1DH\s0 method
|
||||
DH_set_default_method, DH_get_default_method,
|
||||
DH_set_method, DH_new_method, DH_OpenSSL \- select \s-1DH\s0 method
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
.Vb 2
|
||||
\& #include <openssl/dh.h>
|
||||
\& #include <openssl/engine.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& void DH_set_default_method(DH_METHOD *meth);
|
||||
\& void DH_set_default_method(const DH_METHOD *meth);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DH_METHOD *DH_get_default_method(void);
|
||||
\& const DH_METHOD *DH_get_default_method(void);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
|
||||
\& int DH_set_method(DH *dh, const DH_METHOD *meth);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DH *DH_new_method(DH_METHOD *meth);
|
||||
\& DH *DH_new_method(ENGINE *engine);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DH_METHOD *DH_OpenSSL(void);
|
||||
\& const DH_METHOD *DH_OpenSSL(void);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
A \fB\s-1DH_METHOD\s0\fR specifies the functions that OpenSSL uses for Diffie-Hellman
|
||||
operations. By modifying the method, alternative implementations
|
||||
such as hardware accelerators may be used.
|
||||
such as hardware accelerators may be used. \s-1IMPORTANT:\s0 See the \s-1NOTES\s0 section for
|
||||
important information about how these \s-1DH\s0 \s-1API\s0 functions are affected by the use
|
||||
of \fB\s-1ENGINE\s0\fR \s-1API\s0 calls.
|
||||
.PP
|
||||
Initially, the default is to use the OpenSSL internal implementation.
|
||||
\&\fIDH_OpenSSL()\fR returns a pointer to that method.
|
||||
Initially, the default \s-1DH_METHOD\s0 is the OpenSSL internal implementation, as
|
||||
returned by \fIDH_OpenSSL()\fR.
|
||||
.PP
|
||||
\&\fIDH_set_default_method()\fR makes \fBmeth\fR the default method for all \fB\s-1DH\s0\fR
|
||||
structures created later.
|
||||
\&\fIDH_set_default_method()\fR makes \fBmeth\fR the default method for all \s-1DH\s0
|
||||
structures created later. \fB\s-1NB\s0\fR: This is true only whilst no \s-1ENGINE\s0 has been set
|
||||
as a default for \s-1DH\s0, so this function is no longer recommended.
|
||||
.PP
|
||||
\&\fIDH_get_default_method()\fR returns a pointer to the current default
|
||||
method.
|
||||
\&\fIDH_get_default_method()\fR returns a pointer to the current default \s-1DH_METHOD\s0.
|
||||
However, the meaningfulness of this result is dependant on whether the \s-1ENGINE\s0
|
||||
\&\s-1API\s0 is being used, so this function is no longer recommended.
|
||||
.PP
|
||||
\&\fIDH_set_method()\fR selects \fBmeth\fR for all operations using the structure \fBdh\fR.
|
||||
\&\fIDH_set_method()\fR selects \fBmeth\fR to perform all operations using the key \fBdh\fR.
|
||||
This will replace the \s-1DH_METHOD\s0 used by the \s-1DH\s0 key and if the previous method
|
||||
was supplied by an \s-1ENGINE\s0, the handle to that \s-1ENGINE\s0 will be released during the
|
||||
change. It is possible to have \s-1DH\s0 keys that only work with certain \s-1DH_METHOD\s0
|
||||
implementations (eg. from an \s-1ENGINE\s0 module that supports embedded
|
||||
hardware-protected keys), and in such cases attempting to change the \s-1DH_METHOD\s0
|
||||
for the key can have unexpected results.
|
||||
.PP
|
||||
\&\fIDH_new_method()\fR allocates and initializes a \fB\s-1DH\s0\fR structure so that
|
||||
\&\fBmethod\fR will be used for the \s-1DH\s0 operations. If \fBmethod\fR is \fB\s-1NULL\s0\fR,
|
||||
the default method is used.
|
||||
\&\fIDH_new_method()\fR allocates and initializes a \s-1DH\s0 structure so that \fBengine\fR will
|
||||
be used for the \s-1DH\s0 operations. If \fBengine\fR is \s-1NULL\s0, the default \s-1ENGINE\s0 for \s-1DH\s0
|
||||
operations is used, and if no default \s-1ENGINE\s0 is set, the \s-1DH_METHOD\s0 controlled by
|
||||
\&\fIDH_set_default_method()\fR is used.
|
||||
.SH "THE DH_METHOD STRUCTURE"
|
||||
.IX Header "THE DH_METHOD STRUCTURE"
|
||||
.Vb 4
|
||||
@@ -229,12 +241,22 @@ the default method is used.
|
||||
.PP
|
||||
\&\fIDH_set_default_method()\fR returns no value.
|
||||
.PP
|
||||
\&\fIDH_set_method()\fR returns a pointer to the \fB\s-1DH_METHOD\s0\fR previously
|
||||
associated with \fBdh\fR.
|
||||
\&\fIDH_set_method()\fR returns non-zero if the provided \fBmeth\fR was successfully set as
|
||||
the method for \fBdh\fR (including unloading the \s-1ENGINE\s0 handle if the previous
|
||||
method was supplied by an \s-1ENGINE\s0).
|
||||
.PP
|
||||
\&\fIDH_new_method()\fR returns \fB\s-1NULL\s0\fR and sets an error code that can be
|
||||
obtained by ERR_get_error(3) if the allocation fails. Otherwise it
|
||||
\&\fIDH_new_method()\fR returns \s-1NULL\s0 and sets an error code that can be obtained by
|
||||
ERR_get_error(3) if the allocation fails. Otherwise it
|
||||
returns a pointer to the newly allocated structure.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
As of version 0.9.7, \s-1DH_METHOD\s0 implementations are grouped together with other
|
||||
algorithmic APIs (eg. \s-1RSA_METHOD\s0, \s-1EVP_CIPHER\s0, etc) in \fB\s-1ENGINE\s0\fR modules. If a
|
||||
default \s-1ENGINE\s0 is specified for \s-1DH\s0 functionality using an \s-1ENGINE\s0 \s-1API\s0 function,
|
||||
that will override any \s-1DH\s0 defaults set using the \s-1DH\s0 \s-1API\s0 (ie.
|
||||
\&\fIDH_set_default_method()\fR). For this reason, the \s-1ENGINE\s0 \s-1API\s0 is the recommended way
|
||||
to control default implementations for use in \s-1DH\s0 and other cryptographic
|
||||
algorithms.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dh(3), DH_new(3)
|
||||
@@ -242,3 +264,13 @@ dh(3), DH_new(3)
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDH_set_default_method()\fR, \fIDH_get_default_method()\fR, \fIDH_set_method()\fR,
|
||||
\&\fIDH_new_method()\fR and \fIDH_OpenSSL()\fR were added in OpenSSL 0.9.4.
|
||||
.PP
|
||||
\&\fIDH_set_default_openssl_method()\fR and \fIDH_get_default_openssl_method()\fR replaced
|
||||
\&\fIDH_set_default_method()\fR and \fIDH_get_default_method()\fR respectively, and
|
||||
\&\fIDH_set_method()\fR and \fIDH_new_method()\fR were altered to use \fB\s-1ENGINE\s0\fRs rather than
|
||||
\&\fB\s-1DH_METHOD\s0\fRs during development of the engine version of OpenSSL 0.9.6. For
|
||||
0.9.7, the handling of defaults in the \s-1ENGINE\s0 \s-1API\s0 was restructured so that this
|
||||
change was reversed, and behaviour of the other functions resembled more closely
|
||||
the previous behaviour. The behaviour of defaults in the \s-1ENGINE\s0 \s-1API\s0 now
|
||||
transparently overrides the behaviour of defaults in the \s-1DH\s0 \s-1API\s0 without
|
||||
requiring changing these function prototypes.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:28 2002
|
||||
.\" Mon Jan 13 19:27:39 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DH_size 3"
|
||||
.TH DH_size 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DH_size 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DH_size \- get Diffie-Hellman prime size
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:29 2002
|
||||
.\" Mon Jan 13 19:27:40 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_SIG_new 3"
|
||||
.TH DSA_SIG_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_SIG_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_SIG_new, DSA_SIG_free \- allocate and free \s-1DSA\s0 signature objects
|
||||
@@ -169,7 +169,8 @@ to the newly allocated structure.
|
||||
\&\fIDSA_SIG_free()\fR returns no value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3), DSA_do_sign(3)
|
||||
dsa(3), ERR_get_error(3),
|
||||
DSA_do_sign(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDSA_SIG_new()\fR and \fIDSA_SIG_free()\fR were added in OpenSSL 0.9.3.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:29 2002
|
||||
.\" Mon Jan 13 19:27:41 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_do_sign 3"
|
||||
.TH DSA_do_sign 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_do_sign 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_do_sign, DSA_do_verify \- raw \s-1DSA\s0 signature operations
|
||||
@@ -175,7 +175,7 @@ on error. The error codes can be obtained by
|
||||
ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3), rand(3),
|
||||
dsa(3), ERR_get_error(3), rand(3),
|
||||
DSA_SIG_new(3),
|
||||
DSA_sign(3)
|
||||
.SH "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:30 2002
|
||||
.\" Mon Jan 13 19:27:42 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_dup_DH 3"
|
||||
.TH DSA_dup_DH 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_dup_DH 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_dup_DH \- create a \s-1DH\s0 structure out of \s-1DSA\s0 structure
|
||||
@@ -148,7 +148,7 @@ DSA_dup_DH \- create a \s-1DH\s0 structure out of \s-1DSA\s0 structure
|
||||
\& #include <openssl/dsa.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DH * DSA_dup_DH(DSA *r);
|
||||
\& DH * DSA_dup_DH(const DSA *r);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
@@ -164,7 +164,7 @@ error codes can be obtained by ERR_get_error(3).
|
||||
Be careful to avoid small subgroup attacks when using this.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dh(3), dsa(3), err(3)
|
||||
dh(3), dsa(3), ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDSA_dup_DH()\fR was added in OpenSSL 0.9.4.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:30 2002
|
||||
.\" Mon Jan 13 19:27:43 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_generate_key 3"
|
||||
.TH DSA_generate_key 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_generate_key 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_generate_key \- generate \s-1DSA\s0 key pair
|
||||
@@ -162,7 +162,8 @@ The \s-1PRNG\s0 must be seeded prior to calling \fIDSA_generate_key()\fR.
|
||||
The error codes can be obtained by ERR_get_error(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3), rand(3), DSA_generate_parameters(3)
|
||||
dsa(3), ERR_get_error(3), rand(3),
|
||||
DSA_generate_parameters(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDSA_generate_key()\fR is available since SSLeay 0.8.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:31 2002
|
||||
.\" Mon Jan 13 19:27:44 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_generate_parameters 3"
|
||||
.TH DSA_generate_parameters 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_generate_parameters 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_generate_parameters \- generate \s-1DSA\s0 parameters
|
||||
@@ -209,7 +209,7 @@ obtained by ERR_get_error(3).
|
||||
Seed lengths > 20 are not supported.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3), rand(3),
|
||||
dsa(3), ERR_get_error(3), rand(3),
|
||||
DSA_free(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:32 2002
|
||||
.\" Mon Jan 13 19:27:45 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_get_ex_new_index 3"
|
||||
.TH DSA_get_ex_new_index 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_get_ex_new_index 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data \- add application specific data to \s-1DSA\s0 structures
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:32 2002
|
||||
.\" Mon Jan 13 19:27:46 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_new 3"
|
||||
.TH DSA_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_new, DSA_free \- allocate and free \s-1DSA\s0 objects
|
||||
@@ -155,7 +155,8 @@ DSA_new, DSA_free \- allocate and free \s-1DSA\s0 objects
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIDSA_new()\fR allocates and initializes a \fB\s-1DSA\s0\fR structure.
|
||||
\&\fIDSA_new()\fR allocates and initializes a \fB\s-1DSA\s0\fR structure. It is equivalent to
|
||||
calling DSA_new_method(\s-1NULL\s0).
|
||||
.PP
|
||||
\&\fIDSA_free()\fR frees the \fB\s-1DSA\s0\fR structure and its components. The values are
|
||||
erased before the memory is returned to the system.
|
||||
@@ -169,7 +170,7 @@ to the newly allocated structure.
|
||||
\&\fIDSA_free()\fR returns no value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3),
|
||||
dsa(3), ERR_get_error(3),
|
||||
DSA_generate_parameters(3),
|
||||
DSA_generate_key(3)
|
||||
.SH "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:33 2002
|
||||
.\" Mon Jan 13 19:27:47 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,27 +138,28 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_set_method 3"
|
||||
.TH DSA_set_method 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH DSA_set_method 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_set_default_method, DSA_get_default_method, DSA_set_method,
|
||||
DSA_new_method, DSA_OpenSSL \- select \s-1DSA\s0 method
|
||||
DSA_set_default_method, DSA_get_default_method,
|
||||
DSA_set_method, DSA_new_method, DSA_OpenSSL \- select \s-1DSA\s0 method
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
.Vb 2
|
||||
\& #include <openssl/dsa.h>
|
||||
\& #include <openssl/engine.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& void DSA_set_default_method(DSA_METHOD *meth);
|
||||
\& void DSA_set_default_method(const DSA_METHOD *meth);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DSA_METHOD *DSA_get_default_method(void);
|
||||
\& const DSA_METHOD *DSA_get_default_method(void);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth);
|
||||
\& int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DSA *DSA_new_method(DSA_METHOD *meth);
|
||||
\& DSA *DSA_new_method(ENGINE *engine);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& DSA_METHOD *DSA_OpenSSL(void);
|
||||
@@ -167,22 +168,35 @@ DSA_new_method, DSA_OpenSSL \- select \s-1DSA\s0 method
|
||||
.IX Header "DESCRIPTION"
|
||||
A \fB\s-1DSA_METHOD\s0\fR specifies the functions that OpenSSL uses for \s-1DSA\s0
|
||||
operations. By modifying the method, alternative implementations
|
||||
such as hardware accelerators may be used.
|
||||
such as hardware accelerators may be used. \s-1IMPORTANT:\s0 See the \s-1NOTES\s0 section for
|
||||
important information about how these \s-1DSA\s0 \s-1API\s0 functions are affected by the use
|
||||
of \fB\s-1ENGINE\s0\fR \s-1API\s0 calls.
|
||||
.PP
|
||||
Initially, the default is to use the OpenSSL internal implementation.
|
||||
\&\fIDSA_OpenSSL()\fR returns a pointer to that method.
|
||||
Initially, the default \s-1DSA_METHOD\s0 is the OpenSSL internal implementation,
|
||||
as returned by \fIDSA_OpenSSL()\fR.
|
||||
.PP
|
||||
\&\fIDSA_set_default_method()\fR makes \fBmeth\fR the default method for all \fB\s-1DSA\s0\fR
|
||||
structures created later.
|
||||
\&\fIDSA_set_default_method()\fR makes \fBmeth\fR the default method for all \s-1DSA\s0
|
||||
structures created later. \fB\s-1NB\s0\fR: This is true only whilst no \s-1ENGINE\s0 has
|
||||
been set as a default for \s-1DSA\s0, so this function is no longer recommended.
|
||||
.PP
|
||||
\&\fIDSA_get_default_method()\fR returns a pointer to the current default
|
||||
method.
|
||||
\&\s-1DSA_METHOD\s0. However, the meaningfulness of this result is dependant on
|
||||
whether the \s-1ENGINE\s0 \s-1API\s0 is being used, so this function is no longer
|
||||
recommended.
|
||||
.PP
|
||||
\&\fIDSA_set_method()\fR selects \fBmeth\fR for all operations using the structure \fBdsa\fR.
|
||||
\&\fIDSA_set_method()\fR selects \fBmeth\fR to perform all operations using the key
|
||||
\&\fBrsa\fR. This will replace the \s-1DSA_METHOD\s0 used by the \s-1DSA\s0 key and if the
|
||||
previous method was supplied by an \s-1ENGINE\s0, the handle to that \s-1ENGINE\s0 will
|
||||
be released during the change. It is possible to have \s-1DSA\s0 keys that only
|
||||
work with certain \s-1DSA_METHOD\s0 implementations (eg. from an \s-1ENGINE\s0 module
|
||||
that supports embedded hardware-protected keys), and in such cases
|
||||
attempting to change the \s-1DSA_METHOD\s0 for the key can have unexpected
|
||||
results.
|
||||
.PP
|
||||
\&\fIDSA_new_method()\fR allocates and initializes a \fB\s-1DSA\s0\fR structure so that
|
||||
\&\fBmethod\fR will be used for the \s-1DSA\s0 operations. If \fBmethod\fR is \fB\s-1NULL\s0\fR,
|
||||
the default method is used.
|
||||
\&\fIDSA_new_method()\fR allocates and initializes a \s-1DSA\s0 structure so that \fBengine\fR
|
||||
will be used for the \s-1DSA\s0 operations. If \fBengine\fR is \s-1NULL\s0, the default engine
|
||||
for \s-1DSA\s0 operations is used, and if no default \s-1ENGINE\s0 is set, the \s-1DSA_METHOD\s0
|
||||
controlled by \fIDSA_set_default_method()\fR is used.
|
||||
.SH "THE DSA_METHOD STRUCTURE"
|
||||
.IX Header "THE DSA_METHOD STRUCTURE"
|
||||
struct
|
||||
@@ -237,18 +251,27 @@ struct
|
||||
.Ve
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIDSA_OpenSSL()\fR and \fIDSA_get_default_method()\fR return pointers to the
|
||||
respective \fB\s-1DSA_METHOD\s0\fRs.
|
||||
\&\fIDSA_OpenSSL()\fR and \fIDSA_get_default_method()\fR return pointers to the respective
|
||||
\&\fB\s-1DSA_METHOD\s0\fRs.
|
||||
.PP
|
||||
\&\fIDSA_set_default_method()\fR returns no value.
|
||||
.PP
|
||||
\&\fIDSA_set_method()\fR returns a pointer to the \fB\s-1DSA_METHOD\s0\fR previously
|
||||
associated with \fBdsa\fR.
|
||||
\&\fIDSA_set_method()\fR returns non-zero if the provided \fBmeth\fR was successfully set as
|
||||
the method for \fBdsa\fR (including unloading the \s-1ENGINE\s0 handle if the previous
|
||||
method was supplied by an \s-1ENGINE\s0).
|
||||
.PP
|
||||
\&\fIDSA_new_method()\fR returns \fB\s-1NULL\s0\fR and sets an error code that can be
|
||||
\&\fIDSA_new_method()\fR returns \s-1NULL\s0 and sets an error code that can be
|
||||
obtained by ERR_get_error(3) if the allocation
|
||||
fails. Otherwise it returns a pointer to the newly allocated
|
||||
structure.
|
||||
fails. Otherwise it returns a pointer to the newly allocated structure.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
As of version 0.9.7, \s-1DSA_METHOD\s0 implementations are grouped together with other
|
||||
algorithmic APIs (eg. \s-1RSA_METHOD\s0, \s-1EVP_CIPHER\s0, etc) in \fB\s-1ENGINE\s0\fR modules. If a
|
||||
default \s-1ENGINE\s0 is specified for \s-1DSA\s0 functionality using an \s-1ENGINE\s0 \s-1API\s0 function,
|
||||
that will override any \s-1DSA\s0 defaults set using the \s-1DSA\s0 \s-1API\s0 (ie.
|
||||
\&\fIDSA_set_default_method()\fR). For this reason, the \s-1ENGINE\s0 \s-1API\s0 is the recommended way
|
||||
to control default implementations for use in \s-1DSA\s0 and other cryptographic
|
||||
algorithms.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), DSA_new(3)
|
||||
@@ -256,3 +279,13 @@ dsa(3), DSA_new(3)
|
||||
.IX Header "HISTORY"
|
||||
\&\fIDSA_set_default_method()\fR, \fIDSA_get_default_method()\fR, \fIDSA_set_method()\fR,
|
||||
\&\fIDSA_new_method()\fR and \fIDSA_OpenSSL()\fR were added in OpenSSL 0.9.4.
|
||||
.PP
|
||||
\&\fIDSA_set_default_openssl_method()\fR and \fIDSA_get_default_openssl_method()\fR replaced
|
||||
\&\fIDSA_set_default_method()\fR and \fIDSA_get_default_method()\fR respectively, and
|
||||
\&\fIDSA_set_method()\fR and \fIDSA_new_method()\fR were altered to use \fB\s-1ENGINE\s0\fRs rather than
|
||||
\&\fB\s-1DSA_METHOD\s0\fRs during development of the engine version of OpenSSL 0.9.6. For
|
||||
0.9.7, the handling of defaults in the \s-1ENGINE\s0 \s-1API\s0 was restructured so that this
|
||||
change was reversed, and behaviour of the other functions resembled more closely
|
||||
the previous behaviour. The behaviour of defaults in the \s-1ENGINE\s0 \s-1API\s0 now
|
||||
transparently overrides the behaviour of defaults in the \s-1DSA\s0 \s-1API\s0 without
|
||||
requiring changing these function prototypes.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:33 2002
|
||||
.\" Mon Jan 13 19:27:49 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_sign 3"
|
||||
.TH DSA_sign 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_sign 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_sign, DSA_sign_setup, DSA_verify \- \s-1DSA\s0 signatures
|
||||
@@ -194,7 +194,7 @@ ERR_get_error(3).
|
||||
Standard, \s-1DSS\s0), \s-1ANSI\s0 X9.30
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
dsa(3), err(3), rand(3),
|
||||
dsa(3), ERR_get_error(3), rand(3),
|
||||
DSA_do_sign(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:34 2002
|
||||
.\" Mon Jan 13 19:27:50 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "DSA_size 3"
|
||||
.TH DSA_size 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH DSA_size 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
DSA_size \- get \s-1DSA\s0 signature size
|
||||
@@ -148,7 +148,7 @@ DSA_size \- get \s-1DSA\s0 signature size
|
||||
\& #include <openssl/dsa.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int DSA_size(DSA *dsa);
|
||||
\& int DSA_size(const DSA *dsa);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:35 2002
|
||||
.\" Mon Jan 13 19:27:51 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_GET_LIB 3"
|
||||
.TH ERR_GET_LIB 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_GET_LIB 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
\&\s-1ERR_GET_LIB\s0, \s-1ERR_GET_FUNC\s0, \s-1ERR_GET_REASON\s0 \- get library, function and
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:35 2002
|
||||
.\" Mon Jan 13 19:27:52 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_clear_error 3"
|
||||
.TH ERR_clear_error 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_clear_error 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_clear_error \- clear the error queue
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:36 2002
|
||||
.\" Mon Jan 13 19:27:53 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_error_string 3"
|
||||
.TH ERR_error_string 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH ERR_error_string 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:36 2002
|
||||
.\" Mon Jan 13 19:27:54 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,37 +138,46 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_get_error 3"
|
||||
.TH ERR_get_error 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH ERR_get_error 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_get_error, ERR_peek_error, ERR_get_error_line, ERR_peek_error_line,
|
||||
ERR_get_error_line_data, ERR_peek_error_line_data \- obtain error code and data
|
||||
ERR_get_error, ERR_peek_error, ERR_peek_last_error,
|
||||
ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line,
|
||||
ERR_get_error_line_data, ERR_peek_error_line_data,
|
||||
ERR_peek_last_error_line_data \- obtain error code and data
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/err.h>
|
||||
.Ve
|
||||
.Vb 2
|
||||
.Vb 3
|
||||
\& unsigned long ERR_get_error(void);
|
||||
\& unsigned long ERR_peek_error(void);
|
||||
\& unsigned long ERR_peek_last_error(void);
|
||||
.Ve
|
||||
.Vb 2
|
||||
.Vb 3
|
||||
\& unsigned long ERR_get_error_line(const char **file, int *line);
|
||||
\& unsigned long ERR_peek_error_line(const char **file, int *line);
|
||||
\& unsigned long ERR_peek_last_error_line(const char **file, int *line);
|
||||
.Ve
|
||||
.Vb 4
|
||||
.Vb 6
|
||||
\& unsigned long ERR_get_error_line_data(const char **file, int *line,
|
||||
\& const char **data, int *flags);
|
||||
\& unsigned long ERR_peek_error_line_data(const char **file, int *line,
|
||||
\& const char **data, int *flags);
|
||||
\& unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
|
||||
\& const char **data, int *flags);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIERR_get_error()\fR returns the last error code from the thread's error
|
||||
\&\fIERR_get_error()\fR returns the earliest error code from the thread's error
|
||||
queue and removes the entry. This function can be called repeatedly
|
||||
until there are no more error codes to return.
|
||||
.PP
|
||||
\&\fIERR_peek_error()\fR returns the last error code from the thread's
|
||||
\&\fIERR_peek_error()\fR returns the earliest error code from the thread's
|
||||
error queue without modifying it.
|
||||
.PP
|
||||
\&\fIERR_peek_last_error()\fR returns the latest error code from the thread's
|
||||
error queue without modifying it.
|
||||
.PP
|
||||
See ERR_GET_LIB(3) for obtaining information about
|
||||
@@ -176,12 +185,14 @@ location and reason of the error, and
|
||||
ERR_error_string(3) for human-readable error
|
||||
messages.
|
||||
.PP
|
||||
\&\fIERR_get_error_line()\fR and \fIERR_peek_error_line()\fR are the same as the
|
||||
above, but they additionally store the file name and line number where
|
||||
\&\fIERR_get_error_line()\fR, \fIERR_peek_error_line()\fR and
|
||||
\&\fIERR_peek_last_error_line()\fR are the same as the above, but they
|
||||
additionally store the file name and line number where
|
||||
the error occurred in *\fBfile\fR and *\fBline\fR, unless these are \fB\s-1NULL\s0\fR.
|
||||
.PP
|
||||
\&\fIERR_get_error_line_data()\fR and \fIERR_peek_error_line_data()\fR store
|
||||
additional data and flags associated with the error code in *\fBdata\fR
|
||||
\&\fIERR_get_error_line_data()\fR, \fIERR_peek_error_line_data()\fR and
|
||||
\&\fIERR_get_last_error_line_data()\fR store additional data and flags
|
||||
associated with the error code in *\fBdata\fR
|
||||
and *\fBflags\fR, unless these are \fB\s-1NULL\s0\fR. *\fBdata\fR contains a string
|
||||
if *\fBflags\fR&\fB\s-1ERR_TXT_STRING\s0\fR. If it has been allocated by \fIOPENSSL_malloc()\fR,
|
||||
*\fBflags\fR&\fB\s-1ERR_TXT_MALLOCED\s0\fR is true.
|
||||
@@ -198,3 +209,5 @@ ERR_GET_LIB(3)
|
||||
\&\fIERR_peek_error_line()\fR are available in all versions of SSLeay and
|
||||
OpenSSL. \fIERR_get_error_line_data()\fR and \fIERR_peek_error_line_data()\fR
|
||||
were added in SSLeay 0.9.0.
|
||||
\&\fIERR_peek_last_error()\fR, \fIERR_peek_last_error_line()\fR and
|
||||
\&\fIERR_peek_last_error_line_data()\fR were added in OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:37 2002
|
||||
.\" Mon Jan 13 19:27:55 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_load_crypto_strings 3"
|
||||
.TH ERR_load_crypto_strings 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_load_crypto_strings 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings \-
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:38 2002
|
||||
.\" Mon Jan 13 19:27:56 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_load_strings 3"
|
||||
.TH ERR_load_strings 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_load_strings 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_load_strings, \s-1ERR_PACK\s0, ERR_get_next_error_library \- load
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:38 2002
|
||||
.\" Mon Jan 13 19:27:57 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_print_errors 3"
|
||||
.TH ERR_print_errors 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_print_errors 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_print_errors, ERR_print_errors_fp \- print error messages
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:39 2002
|
||||
.\" Mon Jan 13 19:27:58 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_put_error 3"
|
||||
.TH ERR_put_error 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH ERR_put_error 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_put_error, ERR_add_error_data \- record an error
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:39 2002
|
||||
.\" Mon Jan 13 19:27:59 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "ERR_remove_state 3"
|
||||
.TH ERR_remove_state 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH ERR_remove_state 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
ERR_remove_state \- free a thread's error queue
|
||||
|
||||
@@ -0,0 +1,204 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:01 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_BytesToKey 3"
|
||||
.TH EVP_BytesToKey 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
.Vb 1
|
||||
\& EVP_BytesToKey - password based encryption routine
|
||||
.Ve
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
|
||||
\& const unsigned char *salt,
|
||||
\& const unsigned char *data, int datal, int count,
|
||||
\& unsigned char *key,unsigned char *iv);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIEVP_BytesToKey()\fR derives a key and \s-1IV\s0 from various parameters. \fBtype\fR is
|
||||
the cipher to derive the key and \s-1IV\s0 for. \fBmd\fR is the message digest to use.
|
||||
The \fBsalt\fR paramter is used as a salt in the derivation: it should point to
|
||||
an 8 byte buffer or \s-1NULL\s0 if no salt is used. \fBdata\fR is a buffer containing
|
||||
\&\fBdatal\fR bytes which is used to derive the keying data. \fBcount\fR is the
|
||||
iteration count to use. The derived key and \s-1IV\s0 will be written to \fBkey\fR
|
||||
and \fBiv\fR respectively.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
A typical application of this function is to derive keying material for an
|
||||
encryption algorithm from a password in the \fBdata\fR parameter.
|
||||
.PP
|
||||
Increasing the \fBcount\fR parameter slows down the algorithm which makes it
|
||||
harder for an attacker to peform a brute force attack using a large number
|
||||
of candidate passwords.
|
||||
.PP
|
||||
If the total key and \s-1IV\s0 length is less than the digest length and
|
||||
\&\fB\s-1MD5\s0\fR is used then the derivation algorithm is compatible with PKCS#5 v1.5
|
||||
otherwise a non standard extension is used to derive the extra data.
|
||||
.PP
|
||||
Newer applications should use more standard algorithms such as PKCS#5
|
||||
v2.0 for key derivation.
|
||||
.SH "KEY DERIVATION ALGORITHM"
|
||||
.IX Header "KEY DERIVATION ALGORITHM"
|
||||
The key and \s-1IV\s0 is derived by concatenating D_1, D_2, etc until
|
||||
enough data is available for the key and \s-1IV\s0. D_i is defined as:
|
||||
.PP
|
||||
.Vb 1
|
||||
\& D_i = HASH^count(D_(i-1) || data || salt)
|
||||
.Ve
|
||||
where || denotes concatentaion, D_0 is empty, \s-1HASH\s0 is the digest
|
||||
algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
|
||||
is HASH(HASH(data)) and so on.
|
||||
.PP
|
||||
The initial bytes are used for the key and the subsequent bytes for
|
||||
the \s-1IV\s0.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_BytesToKey()\fR returns the size of the derived key in bytes.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
evp(3), rand(3),
|
||||
EVP_EncryptInit(3),
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:40 2002
|
||||
.\" Mon Jan 13 19:28:02 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,12 +138,13 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_DigestInit 3"
|
||||
.TH EVP_DigestInit 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH EVP_DigestInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal, \s-1EVP_MAX_MD_SIZE\s0,
|
||||
EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size,
|
||||
EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
|
||||
EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
|
||||
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, \s-1EVP_MAX_MD_SIZE\s0,
|
||||
EVP_MD_CTX_copy_ex EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
|
||||
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
|
||||
EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
|
||||
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj \-
|
||||
\&\s-1EVP\s0 digest routines
|
||||
@@ -152,17 +153,33 @@ EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj \-
|
||||
.Vb 1
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
|
||||
\& EVP_MD_CTX *EVP_MD_CTX_create(void);
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
\& void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
|
||||
\& int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
|
||||
\& int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
|
||||
\& unsigned int *s);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
||||
\& void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
\& int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
|
||||
\& unsigned int *s);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
|
||||
\& int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
|
||||
\& #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& #define EVP_MD_type(e) ((e)->type)
|
||||
@@ -177,15 +194,15 @@ EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj \-
|
||||
\& #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
|
||||
.Ve
|
||||
.Vb 9
|
||||
\& EVP_MD *EVP_md_null(void);
|
||||
\& EVP_MD *EVP_md2(void);
|
||||
\& EVP_MD *EVP_md5(void);
|
||||
\& EVP_MD *EVP_sha(void);
|
||||
\& EVP_MD *EVP_sha1(void);
|
||||
\& EVP_MD *EVP_dss(void);
|
||||
\& EVP_MD *EVP_dss1(void);
|
||||
\& EVP_MD *EVP_mdc2(void);
|
||||
\& EVP_MD *EVP_ripemd160(void);
|
||||
\& const EVP_MD *EVP_md_null(void);
|
||||
\& const EVP_MD *EVP_md2(void);
|
||||
\& const EVP_MD *EVP_md5(void);
|
||||
\& const EVP_MD *EVP_sha(void);
|
||||
\& const EVP_MD *EVP_sha1(void);
|
||||
\& const EVP_MD *EVP_dss(void);
|
||||
\& const EVP_MD *EVP_dss1(void);
|
||||
\& const EVP_MD *EVP_mdc2(void);
|
||||
\& const EVP_MD *EVP_ripemd160(void);
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& const EVP_MD *EVP_get_digestbyname(const char *name);
|
||||
@@ -196,25 +213,48 @@ EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj \-
|
||||
.IX Header "DESCRIPTION"
|
||||
The \s-1EVP\s0 digest routines are a high level interface to message digests.
|
||||
.PP
|
||||
\&\fIEVP_DigestInit()\fR initializes a digest context \fBctx\fR to use a digest
|
||||
\&\fBtype\fR: this will typically be supplied by a function such as
|
||||
\&\fIEVP_sha1()\fR.
|
||||
\&\fIEVP_MD_CTX_init()\fR initializes digest contet \fBctx\fR.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_create()\fR allocates, initializes and returns a digest contet.
|
||||
.PP
|
||||
\&\fIEVP_DigestInit_ex()\fR sets up digest context \fBctx\fR to use a digest
|
||||
\&\fBtype\fR from \s-1ENGINE\s0 \fBimpl\fR. \fBctx\fR must be initialized before calling this
|
||||
function. \fBtype\fR will typically be supplied by a functionsuch as \fIEVP_sha1()\fR.
|
||||
If \fBimpl\fR is \s-1NULL\s0 then the default implementation of digest \fBtype\fR is used.
|
||||
.PP
|
||||
\&\fIEVP_DigestUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
|
||||
digest context \fBctx\fR. This function can be called several times on the
|
||||
same \fBctx\fR to hash additional data.
|
||||
.PP
|
||||
\&\fIEVP_DigestFinal()\fR retrieves the digest value from \fBctx\fR and places
|
||||
\&\fIEVP_DigestFinal_ex()\fR retrieves the digest value from \fBctx\fR and places
|
||||
it in \fBmd\fR. If the \fBs\fR parameter is not \s-1NULL\s0 then the number of
|
||||
bytes of data written (i.e. the length of the digest) will be written
|
||||
to the integer at \fBs\fR, at most \fB\s-1EVP_MAX_MD_SIZE\s0\fR bytes will be written.
|
||||
After calling \fIEVP_DigestFinal()\fR no additional calls to \fIEVP_DigestUpdate()\fR
|
||||
can be made, but \fIEVP_DigestInit()\fR can be called to initialize a new
|
||||
After calling \fIEVP_DigestFinal_ex()\fR no additional calls to \fIEVP_DigestUpdate()\fR
|
||||
can be made, but \fIEVP_DigestInit_ex()\fR can be called to initialize a new
|
||||
digest operation.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_copy()\fR can be used to copy the message digest state from
|
||||
\&\fIEVP_MD_CTX_cleanup()\fR cleans up digest context \fBctx\fR, it should be called
|
||||
after a digest context is no longer needed.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_destroy()\fR cleans up digest context \fBctx\fR and frees up the
|
||||
space allocated to it, it should be called only on a context created
|
||||
using \fIEVP_MD_CTX_create()\fR.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_copy_ex()\fR can be used to copy the message digest state from
|
||||
\&\fBin\fR to \fBout\fR. This is useful if large amounts of data are to be
|
||||
hashed which only differ in the last few bytes.
|
||||
hashed which only differ in the last few bytes. \fBout\fR must be initialized
|
||||
before calling this function.
|
||||
.PP
|
||||
\&\fIEVP_DigestInit()\fR behaves in the same way as \fIEVP_DigestInit_ex()\fR except
|
||||
the passed context \fBctx\fR does not have to be initialized, and it always
|
||||
uses the default digest implementation.
|
||||
.PP
|
||||
\&\fIEVP_DigestFinal()\fR is similar to \fIEVP_DigestFinal_ex()\fR except the digest
|
||||
contet \fBctx\fR is automatically cleaned up.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_copy()\fR is similar to \fIEVP_MD_CTX_copy_ex()\fR except the destination
|
||||
\&\fBout\fR does not have to be initialized.
|
||||
.PP
|
||||
\&\fIEVP_MD_size()\fR and \fIEVP_MD_CTX_size()\fR return the size of the message digest
|
||||
when passed an \fB\s-1EVP_MD\s0\fR or an \fB\s-1EVP_MD_CTX\s0\fR structure, i.e. the size of the
|
||||
@@ -252,9 +292,10 @@ an \s-1ASN1_OBJECT\s0 structure respectively. The digest table must be initializ
|
||||
using, for example, \fIOpenSSL_add_all_digests()\fR for these functions to work.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_DigestInit()\fR, \fIEVP_DigestUpdate()\fR and \fIEVP_DigestFinal()\fR do not return values.
|
||||
\&\fIEVP_DigestInit_ex()\fR, \fIEVP_DigestUpdate()\fR and \fIEVP_DigestFinal_ex()\fR return 1 for
|
||||
success and 0 for failure.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_copy()\fR returns 1 if successful or 0 for failure.
|
||||
\&\fIEVP_MD_CTX_copy_ex()\fR returns 1 if successful or 0 for failure.
|
||||
.PP
|
||||
\&\fIEVP_MD_type()\fR, \fIEVP_MD_pkey_type()\fR and \fIEVP_MD_type()\fR return the \s-1NID\s0 of the
|
||||
corresponding \s-1OBJECT\s0 \s-1IDENTIFIER\s0 or NID_undef if none exists.
|
||||
@@ -277,6 +318,19 @@ transparent to the digest used and much more flexible.
|
||||
.PP
|
||||
\&\s-1SHA1\s0 is the digest of choice for new applications. The other digest algorithms
|
||||
are still in common use.
|
||||
.PP
|
||||
For most applications the \fBimpl\fR parameter to \fIEVP_DigestInit_ex()\fR will be
|
||||
set to \s-1NULL\s0 to use the default digest implementation.
|
||||
.PP
|
||||
The functions \fIEVP_DigestInit()\fR, \fIEVP_DigestFinal()\fR and \fIEVP_MD_CTX_copy()\fR are
|
||||
obsolete but are retained to maintain compatibility with existing code. New
|
||||
applications should use \fIEVP_DigestInit_ex()\fR, \fIEVP_DigestFinal_ex()\fR and
|
||||
\&\fIEVP_MD_CTX_copy_ex()\fR because they can efficiently reuse a digest context
|
||||
instead of initializing and cleaning it up on each call and allow non default
|
||||
implementations of digests to be specified.
|
||||
.PP
|
||||
In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
|
||||
memory leaks will occur.
|
||||
.SH "EXAMPLE"
|
||||
.IX Header "EXAMPLE"
|
||||
This example digests the data \*(L"Test Message\en\*(R" and \*(L"Hello World\en\*(R", using the
|
||||
@@ -314,11 +368,13 @@ digest name passed on the command line.
|
||||
\& exit(1);
|
||||
\& }
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& EVP_DigestInit(&mdctx, md);
|
||||
.Vb 6
|
||||
\& EVP_MD_CTX_init(&mdctx);
|
||||
\& EVP_DigestInit_ex(&mdctx, md, NULL);
|
||||
\& EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
|
||||
\& EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
|
||||
\& EVP_DigestFinal(&mdctx, md_value, &md_len);
|
||||
\& EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
|
||||
\& EVP_MD_CTX_cleanup(&mdctx);
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& printf("Digest is: ");
|
||||
@@ -328,16 +384,9 @@ digest name passed on the command line.
|
||||
.Ve
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
Several of the functions do not return values: maybe they should. Although the
|
||||
internal digest operations will never fail some future hardware based operations
|
||||
might.
|
||||
.PP
|
||||
The link between digests and signing algorithms results in a situation where
|
||||
\&\fIEVP_sha1()\fR must be used with \s-1RSA\s0 and \fIEVP_dss1()\fR must be used with \s-1DSS\s0
|
||||
even though they are identical digests.
|
||||
.PP
|
||||
The size of an \fB\s-1EVP_MD_CTX\s0\fR structure is determined at compile time: this results
|
||||
in code that must be recompiled if the size of \fB\s-1EVP_MD_CTX\s0\fR increases.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
evp(3), hmac(3), md2(3),
|
||||
@@ -347,3 +396,11 @@ sha(3), dgst(1)
|
||||
.IX Header "HISTORY"
|
||||
\&\fIEVP_DigestInit()\fR, \fIEVP_DigestUpdate()\fR and \fIEVP_DigestFinal()\fR are
|
||||
available in all versions of SSLeay and OpenSSL.
|
||||
.PP
|
||||
\&\fIEVP_MD_CTX_init()\fR, \fIEVP_MD_CTX_create()\fR, \fIEVP_MD_CTX_copy_ex()\fR,
|
||||
\&\fIEVP_MD_CTX_cleanup()\fR, \fIEVP_MD_CTX_destroy()\fR, \fIEVP_DigestInit_ex()\fR
|
||||
and \fIEVP_DigestFinal_ex()\fR were added in OpenSSL 0.9.7.
|
||||
.PP
|
||||
\&\fIEVP_md_null()\fR, \fIEVP_md2()\fR, \fIEVP_md5()\fR, \fIEVP_sha()\fR, \fIEVP_sha1()\fR,
|
||||
\&\fIEVP_dss()\fR, \fIEVP_dss1()\fR, \fIEVP_mdc2()\fR and \fIEVP_ripemd160()\fR were
|
||||
changed to return truely const \s-1EVP_MD\s0 * in OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:41 2002
|
||||
.\" Mon Jan 13 19:28:03 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,50 +138,76 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_EncryptInit 3"
|
||||
.TH EVP_EncryptInit 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH EVP_EncryptInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal, EVP_DecryptInit,
|
||||
EVP_DecryptUpdate, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherUpdate,
|
||||
EVP_CipherFinal, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl,
|
||||
EVP_CIPHER_CTX_cleanup, EVP_get_cipherbyname, EVP_get_cipherbynid,
|
||||
EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size,
|
||||
EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags,
|
||||
EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid,
|
||||
EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length,
|
||||
EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type,
|
||||
EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1,
|
||||
EVP_CIPHER_asn1_to_param \- \s-1EVP\s0 cipher routines
|
||||
EVP_CIPHER_CTX_init, EVP_EncryptInit_ex, EVP_EncryptUpdate,
|
||||
EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate,
|
||||
EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate,
|
||||
EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length,
|
||||
EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX_cleanup, EVP_EncryptInit,
|
||||
EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal,
|
||||
EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname,
|
||||
EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid,
|
||||
EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length,
|
||||
EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher,
|
||||
EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length,
|
||||
EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data,
|
||||
EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags,
|
||||
EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param,
|
||||
EVP_CIPHER_CTX_set_padding \- \s-1EVP\s0 cipher routines
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
|
||||
.Ve
|
||||
.Vb 6
|
||||
\& int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& unsigned char *key, unsigned char *iv);
|
||||
\& int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& ENGINE *impl, unsigned char *key, unsigned char *iv);
|
||||
\& int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl, unsigned char *in, int inl);
|
||||
\& int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 6
|
||||
\& int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& ENGINE *impl, unsigned char *key, unsigned char *iv);
|
||||
\& int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl, unsigned char *in, int inl);
|
||||
\& int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 6
|
||||
\& int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);
|
||||
\& int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl, unsigned char *in, int inl);
|
||||
\& int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& unsigned char *key, unsigned char *iv);
|
||||
\& int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 6
|
||||
.Vb 4
|
||||
\& int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& unsigned char *key, unsigned char *iv);
|
||||
\& int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl, unsigned char *in, int inl);
|
||||
\& int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 6
|
||||
.Vb 4
|
||||
\& int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
|
||||
\& unsigned char *key, unsigned char *iv, int enc);
|
||||
\& int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
\& int *outl, unsigned char *in, int inl);
|
||||
\& int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
|
||||
\& int *outl);
|
||||
.Ve
|
||||
.Vb 3
|
||||
.Vb 4
|
||||
\& int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
|
||||
\& int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
|
||||
\& int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
|
||||
\& int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
|
||||
@@ -221,14 +247,19 @@ EVP_CIPHER_asn1_to_param \- \s-1EVP\s0 cipher routines
|
||||
The \s-1EVP\s0 cipher routines are a high level interface to certain
|
||||
symmetric ciphers.
|
||||
.PP
|
||||
\&\fIEVP_EncryptInit()\fR initializes a cipher context \fBctx\fR for encryption
|
||||
with cipher \fBtype\fR. \fBtype\fR is normally supplied by a function such
|
||||
as \fIEVP_des_cbc()\fR . \fBkey\fR is the symmetric key to use and \fBiv\fR is the
|
||||
\&\s-1IV\s0 to use (if necessary), the actual number of bytes used for the
|
||||
key and \s-1IV\s0 depends on the cipher. It is possible to set all parameters
|
||||
to \s-1NULL\s0 except \fBtype\fR in an initial call and supply the remaining
|
||||
parameters in subsequent calls, all of which have \fBtype\fR set to \s-1NULL\s0.
|
||||
This is done when the default cipher parameters are not appropriate.
|
||||
\&\fIEVP_CIPHER_CTX_init()\fR initializes cipher contex \fBctx\fR.
|
||||
.PP
|
||||
\&\fIEVP_EncryptInit_ex()\fR sets up cipher context \fBctx\fR for encryption
|
||||
with cipher \fBtype\fR from \s-1ENGINE\s0 \fBimpl\fR. \fBctx\fR must be initialized
|
||||
before calling this function. \fBtype\fR is normally supplied
|
||||
by a function such as \fIEVP_des_cbc()\fR. If \fBimpl\fR is \s-1NULL\s0 then the
|
||||
default implementation is used. \fBkey\fR is the symmetric key to use
|
||||
and \fBiv\fR is the \s-1IV\s0 to use (if necessary), the actual number of bytes
|
||||
used for the key and \s-1IV\s0 depends on the cipher. It is possible to set
|
||||
all parameters to \s-1NULL\s0 except \fBtype\fR in an initial call and supply
|
||||
the remaining parameters in subsequent calls, all of which have \fBtype\fR
|
||||
set to \s-1NULL\s0. This is done when the default cipher parameters are not
|
||||
appropriate.
|
||||
.PP
|
||||
\&\fIEVP_EncryptUpdate()\fR encrypts \fBinl\fR bytes from the buffer \fBin\fR and
|
||||
writes the encrypted version to \fBout\fR. This function can be called
|
||||
@@ -236,32 +267,49 @@ multiple times to encrypt successive blocks of data. The amount
|
||||
of data written depends on the block alignment of the encrypted data:
|
||||
as a result the amount of data written may be anything from zero bytes
|
||||
to (inl + cipher_block_size \- 1) so \fBoutl\fR should contain sufficient
|
||||
room. The actual number of bytes written is placed in \fBoutl\fR.
|
||||
room. The actual number of bytes written is placed in \fBoutl\fR.
|
||||
.PP
|
||||
\&\fIEVP_EncryptFinal()\fR encrypts the \*(L"final\*(R" data, that is any data that
|
||||
remains in a partial block. It uses standard block padding (aka \s-1PKCS\s0
|
||||
padding). The encrypted final data is written to \fBout\fR which should
|
||||
have sufficient space for one cipher block. The number of bytes written
|
||||
is placed in \fBoutl\fR. After this function is called the encryption operation
|
||||
is finished and no further calls to \fIEVP_EncryptUpdate()\fR should be made.
|
||||
If padding is enabled (the default) then \fIEVP_EncryptFinal_ex()\fR encrypts
|
||||
the \*(L"final\*(R" data, that is any data that remains in a partial block.
|
||||
It uses standard block padding (aka \s-1PKCS\s0 padding). The encrypted
|
||||
final data is written to \fBout\fR which should have sufficient space for
|
||||
one cipher block. The number of bytes written is placed in \fBoutl\fR. After
|
||||
this function is called the encryption operation is finished and no further
|
||||
calls to \fIEVP_EncryptUpdate()\fR should be made.
|
||||
.PP
|
||||
\&\fIEVP_DecryptInit()\fR, \fIEVP_DecryptUpdate()\fR and \fIEVP_DecryptFinal()\fR are the
|
||||
If padding is disabled then \fIEVP_EncryptFinal_ex()\fR will not encrypt any more
|
||||
data and it will return an error if any data remains in a partial block:
|
||||
that is if the total data length is not a multiple of the block size.
|
||||
.PP
|
||||
\&\fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptUpdate()\fR and \fIEVP_DecryptFinal_ex()\fR are the
|
||||
corresponding decryption operations. \fIEVP_DecryptFinal()\fR will return an
|
||||
error code if the final block is not correctly formatted. The parameters
|
||||
and restrictions are identical to the encryption operations except that
|
||||
the decrypted data buffer \fBout\fR passed to \fIEVP_DecryptUpdate()\fR should
|
||||
have sufficient room for (\fBinl\fR + cipher_block_size) bytes unless the
|
||||
cipher block size is 1 in which case \fBinl\fR bytes is sufficient.
|
||||
error code if padding is enabled and the final block is not correctly
|
||||
formatted. The parameters and restrictions are identical to the encryption
|
||||
operations except that if padding is enabled the decrypted data buffer \fBout\fR
|
||||
passed to \fIEVP_DecryptUpdate()\fR should have sufficient room for
|
||||
(\fBinl\fR + cipher_block_size) bytes unless the cipher block size is 1 in
|
||||
which case \fBinl\fR bytes is sufficient.
|
||||
.PP
|
||||
\&\fIEVP_CipherInit()\fR, \fIEVP_CipherUpdate()\fR and \fIEVP_CipherFinal()\fR are functions
|
||||
that can be used for decryption or encryption. The operation performed
|
||||
depends on the value of the \fBenc\fR parameter. It should be set to 1 for
|
||||
encryption, 0 for decryption and \-1 to leave the value unchanged (the
|
||||
actual value of 'enc' being supplied in a previous call).
|
||||
\&\fIEVP_CipherInit_ex()\fR, \fIEVP_CipherUpdate()\fR and \fIEVP_CipherFinal_ex()\fR are
|
||||
functions that can be used for decryption or encryption. The operation
|
||||
performed depends on the value of the \fBenc\fR parameter. It should be set
|
||||
to 1 for encryption, 0 for decryption and \-1 to leave the value unchanged
|
||||
(the actual value of 'enc' being supplied in a previous call).
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_CTX_cleanup()\fR clears all information from a cipher context.
|
||||
It should be called after all operations using a cipher are complete
|
||||
so sensitive information does not remain in memory.
|
||||
\&\fIEVP_CIPHER_CTX_cleanup()\fR clears all information from a cipher context
|
||||
and free up any allocated memory associate with it. It should be called
|
||||
after all operations using a cipher are complete so sensitive information
|
||||
does not remain in memory.
|
||||
.PP
|
||||
\&\fIEVP_EncryptInit()\fR, \fIEVP_DecryptInit()\fR and \fIEVP_CipherInit()\fR behave in a
|
||||
similar way to \fIEVP_EncryptInit_ex()\fR, EVP_DecryptInit_ex and
|
||||
\&\fIEVP_CipherInit_ex()\fR except the \fBctx\fR paramter does not need to be
|
||||
initialized and they always use the default cipher implementation.
|
||||
.PP
|
||||
\&\fIEVP_EncryptFinal()\fR, \fIEVP_DecryptFinal()\fR and \fIEVP_CipherFinal()\fR behave in a
|
||||
similar way to \fIEVP_EncryptFinal_ex()\fR, \fIEVP_DecryptFinal_ex()\fR and
|
||||
\&\fIEVP_CipherFinal_ex()\fR except \fBctx\fR is automatically cleaned up
|
||||
after the call.
|
||||
.PP
|
||||
\&\fIEVP_get_cipherbyname()\fR, \fIEVP_get_cipherbynid()\fR and \fIEVP_get_cipherbyobj()\fR
|
||||
return an \s-1EVP_CIPHER\s0 structure when passed a cipher name, a \s-1NID\s0 or an
|
||||
@@ -272,6 +320,13 @@ passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR structure. The
|
||||
value is an internal value which may not have a corresponding \s-1OBJECT\s0
|
||||
\&\s-1IDENTIFIER\s0.
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_CTX_set_padding()\fR enables or disables padding. By default
|
||||
encryption operations are padded using standard block padding and the
|
||||
padding is checked and removed when decrypting. If the \fBpad\fR parameter
|
||||
is zero then no padding is performed, the total amount of data encrypted
|
||||
or decrypted must then be a multiple of the block size or an error will
|
||||
occur.
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_key_length()\fR and \fIEVP_CIPHER_CTX_key_length()\fR return the key
|
||||
length of a cipher when passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR
|
||||
structure. The constant \fB\s-1EVP_MAX_KEY_LENGTH\s0\fR is the maximum key length
|
||||
@@ -331,14 +386,14 @@ and set. Currently only the \s-1RC2\s0 effective key length and the number of ro
|
||||
\&\s-1RC5\s0 can be set.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_EncryptInit()\fR, \fIEVP_EncryptUpdate()\fR and \fIEVP_EncryptFinal()\fR return 1 for success
|
||||
and 0 for failure.
|
||||
EVP_CIPHER_CTX_init, \fIEVP_EncryptInit_ex()\fR, \fIEVP_EncryptUpdate()\fR and
|
||||
\&\fIEVP_EncryptFinal_ex()\fR return 1 for success and 0 for failure.
|
||||
.PP
|
||||
\&\fIEVP_DecryptInit()\fR and \fIEVP_DecryptUpdate()\fR return 1 for success and 0 for failure.
|
||||
\&\fIEVP_DecryptFinal()\fR returns 0 if the decrypt failed or 1 for success.
|
||||
\&\fIEVP_DecryptInit_ex()\fR and \fIEVP_DecryptUpdate()\fR return 1 for success and 0 for failure.
|
||||
\&\fIEVP_DecryptFinal_ex()\fR returns 0 if the decrypt failed or 1 for success.
|
||||
.PP
|
||||
\&\fIEVP_CipherInit()\fR and \fIEVP_CipherUpdate()\fR return 1 for success and 0 for failure.
|
||||
\&\fIEVP_CipherFinal()\fR returns 0 for a decryption failure or 1 for success.
|
||||
\&\fIEVP_CipherInit_ex()\fR and \fIEVP_CipherUpdate()\fR return 1 for success and 0 for failure.
|
||||
\&\fIEVP_CipherFinal_ex()\fR returns 0 for a decryption failure or 1 for success.
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_CTX_cleanup()\fR returns 1 for success and 0 for failure.
|
||||
.PP
|
||||
@@ -353,6 +408,8 @@ size.
|
||||
\&\fIEVP_CIPHER_key_length()\fR and \fIEVP_CIPHER_CTX_key_length()\fR return the key
|
||||
length.
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_CTX_set_padding()\fR always returns 1.
|
||||
.PP
|
||||
\&\fIEVP_CIPHER_iv_length()\fR and \fIEVP_CIPHER_CTX_iv_length()\fR return the \s-1IV\s0
|
||||
length or zero if the cipher does not use an \s-1IV\s0.
|
||||
.PP
|
||||
@@ -428,24 +485,25 @@ encrypted then 5 padding bytes of value 5 will be added.
|
||||
.PP
|
||||
When decrypting the final block is checked to see if it has the correct form.
|
||||
.PP
|
||||
Although the decryption operation can produce an error, it is not a strong
|
||||
test that the input data or key is correct. A random block has better than
|
||||
1 in 256 chance of being of the correct format and problems with the
|
||||
input data earlier on will not produce a final decrypt error.
|
||||
Although the decryption operation can produce an error if padding is enabled,
|
||||
it is not a strong test that the input data or key is correct. A random block
|
||||
has better than 1 in 256 chance of being of the correct format and problems with
|
||||
the input data earlier on will not produce a final decrypt error.
|
||||
.PP
|
||||
The functions \fIEVP_EncryptInit()\fR, \fIEVP_EncryptUpdate()\fR, \fIEVP_EncryptFinal()\fR,
|
||||
\&\fIEVP_DecryptInit()\fR, \fIEVP_DecryptUpdate()\fR, \fIEVP_CipherInit()\fR and \fIEVP_CipherUpdate()\fR
|
||||
and \fIEVP_CIPHER_CTX_cleanup()\fR did not return errors in OpenSSL version 0.9.5a or
|
||||
earlier. Software only versions of encryption algorithms will never return
|
||||
error codes for these functions, unless there is a programming error (for example
|
||||
and attempt to set the key before the cipher is set in \fIEVP_EncryptInit()\fR ).
|
||||
If padding is disabled then the decryption operation will always succeed if
|
||||
the total amount of data decrypted is a multiple of the block size.
|
||||
.PP
|
||||
The functions \fIEVP_EncryptInit()\fR, \fIEVP_EncryptFinal()\fR, \fIEVP_DecryptInit()\fR,
|
||||
\&\fIEVP_CipherInit()\fR and \fIEVP_CipherFinal()\fR are obsolete but are retained for
|
||||
compatibility with existing code. New code should use \fIEVP_EncryptInit_ex()\fR,
|
||||
\&\fIEVP_EncryptFinal_ex()\fR, \fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptFinal_ex()\fR,
|
||||
\&\fIEVP_CipherInit_ex()\fR and \fIEVP_CipherFinal_ex()\fR because they can reuse an
|
||||
existing context without allocating and freeing it up on each call.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
For \s-1RC5\s0 the number of rounds can currently only be set to 8, 12 or 16. This is
|
||||
a limitation of the current \s-1RC5\s0 code rather than the \s-1EVP\s0 interface.
|
||||
.PP
|
||||
It should be possible to disable \s-1PKCS\s0 padding: currently it isn't.
|
||||
.PP
|
||||
\&\s-1EVP_MAX_KEY_LENGTH\s0 and \s-1EVP_MAX_IV_LENGTH\s0 only refer to the internal ciphers with
|
||||
default key lengths. If custom ciphers exceed these values the results are
|
||||
unpredictable. This is because it has become standard practice to define a
|
||||
@@ -459,28 +517,128 @@ Get the number of rounds used in \s-1RC5:\s0
|
||||
.PP
|
||||
.Vb 2
|
||||
\& int nrounds;
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &i);
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &nrounds);
|
||||
.Ve
|
||||
Get the \s-1RC2\s0 effective key length:
|
||||
.PP
|
||||
.Vb 2
|
||||
\& int key_bits;
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &key_bits);
|
||||
.Ve
|
||||
Set the number of rounds used in \s-1RC5:\s0
|
||||
.PP
|
||||
.Vb 2
|
||||
\& int nrounds;
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, i, NULL);
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, nrounds, NULL);
|
||||
.Ve
|
||||
Set the number of rounds used in \s-1RC2:\s0
|
||||
Set the effective key length used in \s-1RC2:\s0
|
||||
.PP
|
||||
.Vb 2
|
||||
\& int nrounds;
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, i, NULL);
|
||||
\& int key_bits;
|
||||
\& EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
|
||||
.Ve
|
||||
Encrypt a string using blowfish:
|
||||
.PP
|
||||
.Vb 14
|
||||
\& int do_crypt(char *outfile)
|
||||
\& {
|
||||
\& unsigned char outbuf[1024];
|
||||
\& int outlen, tmplen;
|
||||
\& /* Bogus key and IV: we'd normally set these from
|
||||
\& * another source.
|
||||
\& */
|
||||
\& unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
|
||||
\& unsigned char iv[] = {1,2,3,4,5,6,7,8};
|
||||
\& char intext[] = "Some Crypto Text";
|
||||
\& EVP_CIPHER_CTX ctx;
|
||||
\& FILE *out;
|
||||
\& EVP_CIPHER_CTX_init(&ctx);
|
||||
\& EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv);
|
||||
.Ve
|
||||
.Vb 25
|
||||
\& if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext)))
|
||||
\& {
|
||||
\& /* Error */
|
||||
\& return 0;
|
||||
\& }
|
||||
\& /* Buffer passed to EVP_EncryptFinal() must be after data just
|
||||
\& * encrypted to avoid overwriting it.
|
||||
\& */
|
||||
\& if(!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen))
|
||||
\& {
|
||||
\& /* Error */
|
||||
\& return 0;
|
||||
\& }
|
||||
\& outlen += tmplen;
|
||||
\& EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
\& /* Need binary mode for fopen because encrypted data is
|
||||
\& * binary data. Also cannot use strlen() on it because
|
||||
\& * it wont be null terminated and may contain embedded
|
||||
\& * nulls.
|
||||
\& */
|
||||
\& out = fopen(outfile, "wb");
|
||||
\& fwrite(outbuf, 1, outlen, out);
|
||||
\& fclose(out);
|
||||
\& return 1;
|
||||
\& }
|
||||
.Ve
|
||||
The ciphertext from the above example can be decrypted using the \fBopenssl\fR
|
||||
utility with the command line:
|
||||
.PP
|
||||
.Vb 1
|
||||
\& S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
|
||||
.Ve
|
||||
General encryption, decryption function example using \s-1FILE\s0 I/O and \s-1RC2\s0 with an
|
||||
80 bit key:
|
||||
.PP
|
||||
.Vb 16
|
||||
\& int do_crypt(FILE *in, FILE *out, int do_encrypt)
|
||||
\& {
|
||||
\& /* Allow enough space in output buffer for additional block */
|
||||
\& inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
|
||||
\& int inlen, outlen;
|
||||
\& /* Bogus key and IV: we'd normally set these from
|
||||
\& * another source.
|
||||
\& */
|
||||
\& unsigned char key[] = "0123456789";
|
||||
\& unsigned char iv[] = "12345678";
|
||||
\& /* Don't set key or IV because we will modify the parameters */
|
||||
\& EVP_CIPHER_CTX_init(&ctx);
|
||||
\& EVP_CipherInit_ex(&ctx, EVP_rc2(), NULL, NULL, NULL, do_encrypt);
|
||||
\& EVP_CIPHER_CTX_set_key_length(&ctx, 10);
|
||||
\& /* We finished modifying parameters so now we can set key and IV */
|
||||
\& EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
|
||||
.Ve
|
||||
.Vb 17
|
||||
\& for(;;)
|
||||
\& {
|
||||
\& inlen = fread(inbuf, 1, 1024, in);
|
||||
\& if(inlen <= 0) break;
|
||||
\& if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
|
||||
\& {
|
||||
\& /* Error */
|
||||
\& return 0;
|
||||
\& }
|
||||
\& fwrite(outbuf, 1, outlen, out);
|
||||
\& }
|
||||
\& if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
|
||||
\& {
|
||||
\& /* Error */
|
||||
\& return 0;
|
||||
\& }
|
||||
\& fwrite(outbuf, 1, outlen, out);
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
\& return 1;
|
||||
\& }
|
||||
.Ve
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
evp(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIEVP_CIPHER_CTX_init()\fR, \fIEVP_EncryptInit_ex()\fR, \fIEVP_EncryptFinal_ex()\fR,
|
||||
\&\fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptFinal_ex()\fR, \fIEVP_CipherInit_ex()\fR,
|
||||
\&\fIEVP_CipherFinal_ex()\fR and \fIEVP_CIPHER_CTX_set_padding()\fR appeared in
|
||||
OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:41 2002
|
||||
.\" Mon Jan 13 19:28:05 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_OpenInit 3"
|
||||
.TH EVP_OpenInit 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH EVP_OpenInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal \- \s-1EVP\s0 envelope decryption
|
||||
|
||||
@@ -0,0 +1,180 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:06 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_PKEY_new 3"
|
||||
.TH EVP_PKEY_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_PKEY_new, EVP_PKEY_free \- private key allocation functions.
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& EVP_PKEY *EVP_PKEY_new(void);
|
||||
\& void EVP_PKEY_free(EVP_PKEY *key);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
The \fIEVP_PKEY_new()\fR function allocates an empty \fB\s-1EVP_PKEY\s0\fR
|
||||
structure which is used by OpenSSL to store private keys.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_free()\fR frees up the private key \fBkey\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
The \fB\s-1EVP_PKEY\s0\fR structure is used by various OpenSSL functions
|
||||
which require a general private key without reference to any
|
||||
particular algorithm.
|
||||
.PP
|
||||
The structure returned by \fIEVP_PKEY_new()\fR is empty. To add a
|
||||
private key to this empty structure the functions described in
|
||||
EVP_PKEY_set1_RSA(3) should be used.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_PKEY_new()\fR returns either the newly allocated \fB\s-1EVP_PKEY\s0\fR
|
||||
structure of \fB\s-1NULL\s0\fR if an error occurred.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_free()\fR does not return a value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
EVP_PKEY_set1_RSA(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\s-1TBA\s0
|
||||
+61
-76
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:06 2002
|
||||
.\" Mon Jan 13 19:28:07 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -137,96 +137,81 @@
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "BIO_new_bio_pair 3"
|
||||
.TH BIO_new_bio_pair 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.IX Title "EVP_PKEY_set1_RSA 3"
|
||||
.TH EVP_PKEY_set1_RSA 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
BIO_new_bio_pair \- create a new \s-1BIO\s0 pair
|
||||
EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
|
||||
EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
|
||||
EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY,
|
||||
EVP_PKEY_type \- \s-1EVP_PKEY\s0 assignment functions.
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/bio.h>
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
|
||||
\& int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
|
||||
\& int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
|
||||
\& int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
|
||||
\& DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
|
||||
\& DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
|
||||
\& EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
|
||||
\& int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
|
||||
\& int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
|
||||
\& int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
|
||||
\& int EVP_PKEY_type(int type);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIBIO_new_bio_pair()\fR creates a buffering \s-1BIO\s0 pair. It has two endpoints between
|
||||
data can be buffered. Its typical use is to connect one endpoint as underlying
|
||||
input/output \s-1BIO\s0 to an \s-1SSL\s0 and access the other one controlled by the program
|
||||
instead of accessing the network connection directly.
|
||||
\&\fIEVP_PKEY_set1_RSA()\fR, \fIEVP_PKEY_set1_DSA()\fR, \fIEVP_PKEY_set1_DH()\fR and
|
||||
\&\fIEVP_PKEY_set1_EC_KEY()\fR set the key referenced by \fBpkey\fR to \fBkey\fR.
|
||||
.PP
|
||||
The two new BIOs \fBbio1\fR and \fBbio2\fR are symmetric with respect to their
|
||||
functionality. The size of their buffers is determined by \fBwritebuf1\fR and
|
||||
\&\fBwritebuf2\fR. If the size give is 0, the default size is used.
|
||||
\&\fIEVP_PKEY_get1_RSA()\fR, \fIEVP_PKEY_get1_DSA()\fR, \fIEVP_PKEY_get1_DH()\fR and
|
||||
\&\fIEVP_PKEY_get1_EC_KEY()\fR return the referenced key in \fBpkey\fR or
|
||||
\&\fB\s-1NULL\s0\fR if the key is not of the correct type.
|
||||
.PP
|
||||
\&\fIBIO_new_bio_pair()\fR does not check whether \fBbio1\fR or \fBbio2\fR do point to
|
||||
some other \s-1BIO\s0, the values are overwritten, \fIBIO_free()\fR is not called.
|
||||
\&\fIEVP_PKEY_assign_RSA()\fR \fIEVP_PKEY_assign_DSA()\fR, \fIEVP_PKEY_assign_DH()\fR
|
||||
and \fIEVP_PKEY_assign_EC_KEY()\fR also set the referenced key to \fBkey\fR
|
||||
however these use the supplied \fBkey\fR internally and so \fBkey\fR
|
||||
will be freed when the parent \fBpkey\fR is freed.
|
||||
.PP
|
||||
The two BIOs, even though forming a \s-1BIO\s0 pair and must be \fIBIO_free()\fR'ed
|
||||
separately. This can be of importance, as some SSL-functions like \fISSL_set_bio()\fR
|
||||
or \fISSL_free()\fR call \fIBIO_free()\fR implicitly, so that the peer-BIO is left
|
||||
untouched and must also be \fIBIO_free()\fR'ed.
|
||||
.SH "EXAMPLE"
|
||||
.IX Header "EXAMPLE"
|
||||
The \s-1BIO\s0 pair can be used to have full control over the network access of an
|
||||
application. The application can call \fIselect()\fR on the socket as required
|
||||
without having to go through the SSL-interface.
|
||||
\&\fIEVP_PKEY_type()\fR returns the type of key corresponding to the value
|
||||
\&\fBtype\fR. The type of a key can be obtained with
|
||||
EVP_PKEY_type(pkey->type). The return value will be \s-1EVP_PKEY_RSA\s0,
|
||||
\&\s-1EVP_PKEY_DSA\s0, \s-1EVP_PKEY_DH\s0 or \s-1EVP_PKEY_EC\s0 for the corresponding
|
||||
key types or NID_undef if the key type is unassigned.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
In accordance with the OpenSSL naming convention the key obtained
|
||||
from or assigned to the \fBpkey\fR using the \fB1\fR functions must be
|
||||
freed as well as \fBpkey\fR.
|
||||
.PP
|
||||
.Vb 6
|
||||
\& BIO *internal_bio, *network_bio;
|
||||
\& ...
|
||||
\& BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
|
||||
\& SSL_set_bio(ssl, internal_bio);
|
||||
\& SSL_operations();
|
||||
\& ...
|
||||
.Ve
|
||||
.Vb 9
|
||||
\& application | TLS-engine
|
||||
\& | |
|
||||
\& +----------> SSL_operations()
|
||||
\& | /\e ||
|
||||
\& | || \e/
|
||||
\& | BIO-pair (internal_bio)
|
||||
\& +----------< BIO-pair (network_bio)
|
||||
\& | |
|
||||
\& socket |
|
||||
.Ve
|
||||
.Vb 4
|
||||
\& ...
|
||||
\& SSL_free(ssl); /* implicitly frees internal_bio */
|
||||
\& BIO_free(network_bio);
|
||||
\& ...
|
||||
.Ve
|
||||
As the \s-1BIO\s0 pair will only buffer the data and never directly access the
|
||||
connection, it behaves non-blocking and will return as soon as the write
|
||||
buffer is full or the read buffer is drained. Then the application has to
|
||||
flush the write buffer and/or fill the read buffer.
|
||||
.PP
|
||||
Use the \fIBIO_ctrl_pending()\fR, to find out whether data is buffered in the \s-1BIO\s0
|
||||
and must be transfered to the network. Use \fIBIO_ctrl_get_read_request()\fR to
|
||||
find out, how many bytes must be written into the buffer before the
|
||||
\&\fISSL_operation()\fR can successfully be continued.
|
||||
.SH "IMPORTANT"
|
||||
.IX Header "IMPORTANT"
|
||||
As the data is buffered, \fISSL_operation()\fR may return with a \s-1ERROR_SSL_WANT_READ\s0
|
||||
condition, but there is still data in the write buffer. An application must
|
||||
not rely on the error value of \fISSL_operation()\fR but must assure that the
|
||||
write buffer is always flushed first. Otherwise a deadlock may occur as
|
||||
the peer might be waiting for the data before being able to continue.
|
||||
\&\fIEVP_PKEY_assign_RSA()\fR \fIEVP_PKEY_assign_DSA()\fR, \fIEVP_PKEY_assign_DH()\fR
|
||||
\&\fIEVP_PKEY_assign_EC_KEY()\fR are implemented as macros.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
The following return values can occur:
|
||||
.Ip "1" 4
|
||||
.IX Item "1"
|
||||
The \s-1BIO\s0 pair was created successfully. The new BIOs are available in
|
||||
\&\fBbio1\fR and \fBbio2\fR.
|
||||
.Ip "0" 4
|
||||
The operation failed. The \s-1NULL\s0 pointer is stored into the locations for
|
||||
\&\fBbio1\fR and \fBbio2\fR. Check the error stack for more information.
|
||||
\&\fIEVP_PKEY_set1_RSA()\fR, \fIEVP_PKEY_set1_DSA()\fR, \fIEVP_PKEY_set1_DH()\fR and
|
||||
\&\fIEVP_PKEY_set1_EC_KEY()\fR return 1 for success or 0 for failure.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_get1_RSA()\fR, \fIEVP_PKEY_get1_DSA()\fR, \fIEVP_PKEY_get1_DH()\fR and
|
||||
\&\fIEVP_PKEY_get1_EC_KEY()\fR return the referenced key or \fB\s-1NULL\s0\fR if
|
||||
an error occurred.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_assign_RSA()\fR \fIEVP_PKEY_assign_DSA()\fR, \fIEVP_PKEY_assign_DH()\fR
|
||||
and \fIEVP_PKEY_assign_EC_KEY()\fR return 1 for success and 0 for failure.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
SSL_set_bio(3), ssl(3), bio(3),
|
||||
BIO_ctrl_pending(3),
|
||||
BIO_ctrl_get_read_request(3)
|
||||
EVP_PKEY_new(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\s-1TBA\s0
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:42 2002
|
||||
.\" Mon Jan 13 19:28:08 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_SealInit 3"
|
||||
.TH EVP_SealInit 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH EVP_SealInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_SealInit, EVP_SealUpdate, EVP_SealFinal \- \s-1EVP\s0 envelope encryption
|
||||
@@ -209,3 +209,4 @@ EVP_EncryptInit(3),
|
||||
EVP_OpenInit(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIEVP_SealFinal()\fR did not return a value before OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:43 2002
|
||||
.\" Mon Jan 13 19:28:10 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_SignInit 3"
|
||||
.TH EVP_SignInit 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH EVP_SignInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_SignInit, EVP_SignUpdate, EVP_SignFinal \- \s-1EVP\s0 signing functions
|
||||
@@ -148,11 +148,14 @@ EVP_SignInit, EVP_SignUpdate, EVP_SignFinal \- \s-1EVP\s0 signing functions
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
\& void EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
|
||||
\& int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int EVP_PKEY_size(EVP_PKEY *pkey);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
@@ -160,9 +163,9 @@ EVP_SignInit, EVP_SignUpdate, EVP_SignFinal \- \s-1EVP\s0 signing functions
|
||||
The \s-1EVP\s0 signature routines are a high level interface to digital
|
||||
signatures.
|
||||
.PP
|
||||
\&\fIEVP_SignInit()\fR initializes a signing context \fBctx\fR to using digest
|
||||
\&\fBtype\fR: this will typically be supplied by a function such as
|
||||
\&\fIEVP_sha1()\fR.
|
||||
\&\fIEVP_SignInit_ex()\fR sets up signing context \fBctx\fR to use digest
|
||||
\&\fBtype\fR from \s-1ENGINE\s0 \fBimpl\fR. \fBctx\fR must be initialized with
|
||||
\&\fIEVP_MD_CTX_init()\fR before calling this function.
|
||||
.PP
|
||||
\&\fIEVP_SignUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
|
||||
signature context \fBctx\fR. This function can be called several times on the
|
||||
@@ -172,17 +175,17 @@ same \fBctx\fR to include additional data.
|
||||
and places the signature in \fBsig\fR. If the \fBs\fR parameter is not \s-1NULL\s0
|
||||
then the number of bytes of data written (i.e. the length of the signature)
|
||||
will be written to the integer at \fBs\fR, at most EVP_PKEY_size(pkey) bytes
|
||||
will be written. After calling \fIEVP_SignFinal()\fR no additional calls to
|
||||
\&\fIEVP_SignUpdate()\fR can be made, but \fIEVP_SignInit()\fR can be called to initialize
|
||||
a new signature operation.
|
||||
will be written.
|
||||
.PP
|
||||
\&\fIEVP_SignInit()\fR initializes a signing context \fBctx\fR to use the default
|
||||
implementation of digest \fBtype\fR.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes. The actual
|
||||
signature returned by \fIEVP_SignFinal()\fR may be smaller.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_SignInit()\fR and \fIEVP_SignUpdate()\fR do not return values.
|
||||
.PP
|
||||
\&\fIEVP_SignFinal()\fR returns 1 for success and 0 for failure.
|
||||
\&\fIEVP_SignInit_ex()\fR, \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR return 1
|
||||
for success and 0 for failure.
|
||||
.PP
|
||||
\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes.
|
||||
.PP
|
||||
@@ -201,11 +204,18 @@ EVP_DigestInit(3).
|
||||
When signing with \s-1DSA\s0 private keys the random number generator must be seeded
|
||||
or the operation will fail. The random number generator does not need to be
|
||||
seeded for \s-1RSA\s0 signatures.
|
||||
.PP
|
||||
The call to \fIEVP_SignFinal()\fR internally finalizes a copy of the digest context.
|
||||
This means that calls to \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR can be called
|
||||
later to digest and sign additional data.
|
||||
.PP
|
||||
Since only a copy of the digest context is ever finalized the context must
|
||||
be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
|
||||
will occur.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
Several of the functions do not return values: maybe they should. Although the
|
||||
internal digest operations will never fail some future hardware based operations
|
||||
might.
|
||||
Older versions of this documentation wrongly stated that calls to
|
||||
\&\fIEVP_SignUpdate()\fR could not be made after calling \fIEVP_SignFinal()\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
EVP_VerifyInit(3),
|
||||
@@ -217,3 +227,5 @@ sha(3), dgst(1)
|
||||
.IX Header "HISTORY"
|
||||
\&\fIEVP_SignInit()\fR, \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR are
|
||||
available in all versions of SSLeay and OpenSSL.
|
||||
.PP
|
||||
\&\fIEVP_SignInit_ex()\fR was added in OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:43 2002
|
||||
.\" Mon Jan 13 19:28:11 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "EVP_VerifyInit 3"
|
||||
.TH EVP_VerifyInit 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH EVP_VerifyInit 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal \- \s-1EVP\s0 signature verification functions
|
||||
@@ -148,29 +148,35 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal \- \s-1EVP\s0 signature verifi
|
||||
\& #include <openssl/evp.h>
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& void EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
\& void EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
|
||||
\& int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
||||
\& int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
The \s-1EVP\s0 signature verification routines are a high level interface to digital
|
||||
signatures.
|
||||
.PP
|
||||
\&\fIEVP_VerifyInit()\fR initializes a verification context \fBctx\fR to using digest
|
||||
\&\fBtype\fR: this will typically be supplied by a function such as \fIEVP_sha1()\fR.
|
||||
\&\fIEVP_VerifyInit_ex()\fR sets up verification context \fBctx\fR to use digest
|
||||
\&\fBtype\fR from \s-1ENGINE\s0 \fBimpl\fR. \fBctx\fR must be initialized by calling
|
||||
\&\fIEVP_MD_CTX_init()\fR before calling this function.
|
||||
.PP
|
||||
\&\fIEVP_VerifyUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
|
||||
verification context \fBctx\fR. This function can be called several times on the
|
||||
same \fBctx\fR to include additional data.
|
||||
.PP
|
||||
\&\fIEVP_VerifyFinal()\fR verifies the data in \fBctx\fR using the public key \fBpkey\fR
|
||||
and against the \fBsiglen\fR bytes at \fBsigbuf\fR. After calling \fIEVP_VerifyFinal()\fR
|
||||
no additional calls to \fIEVP_VerifyUpdate()\fR can be made, but \fIEVP_VerifyInit()\fR
|
||||
can be called to initialize a new verification operation.
|
||||
and against the \fBsiglen\fR bytes at \fBsigbuf\fR.
|
||||
.PP
|
||||
\&\fIEVP_VerifyInit()\fR initializes verification context \fBctx\fR to use the default
|
||||
implementation of digest \fBtype\fR.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIEVP_VerifyInit()\fR and \fIEVP_VerifyUpdate()\fR do not return values.
|
||||
\&\fIEVP_VerifyInit_ex()\fR and \fIEVP_VerifyUpdate()\fR return 1 for success and 0 for
|
||||
failure.
|
||||
.PP
|
||||
\&\fIEVP_VerifyFinal()\fR returns 1 for a correct signature, 0 for failure and \-1 if some
|
||||
other error occurred.
|
||||
@@ -186,11 +192,18 @@ Due to the link between message digests and public key algorithms the correct
|
||||
digest algorithm must be used with the correct public key type. A list of
|
||||
algorithms and associated public key algorithms appears in
|
||||
EVP_DigestInit(3).
|
||||
.PP
|
||||
The call to \fIEVP_VerifyFinal()\fR internally finalizes a copy of the digest context.
|
||||
This means that calls to \fIEVP_VerifyUpdate()\fR and \fIEVP_VerifyFinal()\fR can be called
|
||||
later to digest and verify additional data.
|
||||
.PP
|
||||
Since only a copy of the digest context is ever finalized the context must
|
||||
be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
|
||||
will occur.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
Several of the functions do not return values: maybe they should. Although the
|
||||
internal digest operations will never fail some future hardware based operations
|
||||
might.
|
||||
Older versions of this documentation wrongly stated that calls to
|
||||
\&\fIEVP_VerifyUpdate()\fR could not be made after calling \fIEVP_VerifyFinal()\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
evp(3),
|
||||
@@ -203,3 +216,5 @@ sha(3), dgst(1)
|
||||
.IX Header "HISTORY"
|
||||
\&\fIEVP_VerifyInit()\fR, \fIEVP_VerifyUpdate()\fR and \fIEVP_VerifyFinal()\fR are
|
||||
available in all versions of SSLeay and OpenSSL.
|
||||
.PP
|
||||
\&\fIEVP_VerifyInit_ex()\fR was added in OpenSSL 0.9.7
|
||||
|
||||
@@ -0,0 +1,292 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:12 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "OBJ_nid2obj 3"
|
||||
.TH OBJ_nid2obj 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid,
|
||||
OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup \- \s-1ASN1\s0 object utility
|
||||
functions
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 3
|
||||
\& ASN1_OBJECT * OBJ_nid2obj(int n);
|
||||
\& const char * OBJ_nid2ln(int n);
|
||||
\& const char * OBJ_nid2sn(int n);
|
||||
.Ve
|
||||
.Vb 3
|
||||
\& int OBJ_obj2nid(const ASN1_OBJECT *o);
|
||||
\& int OBJ_ln2nid(const char *ln);
|
||||
\& int OBJ_sn2nid(const char *sn);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int OBJ_txt2nid(const char *s);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
|
||||
\& int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
|
||||
\& ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& int OBJ_create(const char *oid,const char *sn,const char *ln);
|
||||
\& void OBJ_cleanup(void);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
The \s-1ASN1\s0 object utility functions process \s-1ASN1_OBJECT\s0 structures which are
|
||||
a representation of the \s-1ASN1\s0 \s-1OBJECT\s0 \s-1IDENTIFIER\s0 (\s-1OID\s0) type.
|
||||
.PP
|
||||
\&\fIOBJ_nid2obj()\fR, \fIOBJ_nid2ln()\fR and \fIOBJ_nid2sn()\fR convert the \s-1NID\s0 \fBn\fR to
|
||||
an \s-1ASN1_OBJECT\s0 structure, its long name and its short name respectively,
|
||||
or \fB\s-1NULL\s0\fR is an error occurred.
|
||||
.PP
|
||||
\&\fIOBJ_obj2nid()\fR, \fIOBJ_ln2nid()\fR, \fIOBJ_sn2nid()\fR return the corresponding \s-1NID\s0
|
||||
for the object \fBo\fR, the long name <ln> or the short name <sn> respectively
|
||||
or NID_undef if an error occurred.
|
||||
.PP
|
||||
\&\fIOBJ_txt2nid()\fR returns \s-1NID\s0 corresponding to text string <s>. \fBs\fR can be
|
||||
a long name, a short name or the numerical respresentation of an object.
|
||||
.PP
|
||||
\&\fIOBJ_txt2obj()\fR converts the text string \fBs\fR into an \s-1ASN1_OBJECT\s0 structure.
|
||||
If \fBno_name\fR is 0 then long names and short names will be interpreted
|
||||
as well as numerical forms. If \fBno_name\fR is 1 only the numerical form
|
||||
is acceptable.
|
||||
.PP
|
||||
\&\fIOBJ_obj2txt()\fR converts the \fB\s-1ASN1_OBJECT\s0\fR \fBa\fR into a textual representation.
|
||||
The representation is written as a null terminated string to \fBbuf\fR
|
||||
at most \fBbuf_len\fR bytes are written, truncating the result if necessary.
|
||||
The total amount of space required is returned. If \fBno_name\fR is 0 then
|
||||
if the object has a long or short name then that will be used, otherwise
|
||||
the numerical form will be used. If \fBno_name\fR is 1 then the numerical
|
||||
form will always be used.
|
||||
.PP
|
||||
\&\fIOBJ_cmp()\fR compares \fBa\fR to \fBb\fR. If the two are identical 0 is returned.
|
||||
.PP
|
||||
\&\fIOBJ_dup()\fR returns a copy of \fBo\fR.
|
||||
.PP
|
||||
\&\fIOBJ_create()\fR adds a new object to the internal table. \fBoid\fR is the
|
||||
numerical form of the object, \fBsn\fR the short name and \fBln\fR the
|
||||
long name. A new \s-1NID\s0 is returned for the created object.
|
||||
.PP
|
||||
\&\fIOBJ_cleanup()\fR cleans up OpenSSLs internal object table: this should
|
||||
be called before an application exits if any new objects were added
|
||||
using \fIOBJ_create()\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Objects in OpenSSL can have a short name, a long name and a numerical
|
||||
identifier (\s-1NID\s0) associated with them. A standard set of objects is
|
||||
represented in an internal table. The appropriate values are defined
|
||||
in the header file \fBobjects.h\fR.
|
||||
.PP
|
||||
For example the \s-1OID\s0 for commonName has the following definitions:
|
||||
.PP
|
||||
.Vb 3
|
||||
\& #define SN_commonName "CN"
|
||||
\& #define LN_commonName "commonName"
|
||||
\& #define NID_commonName 13
|
||||
.Ve
|
||||
New objects can be added by calling \fIOBJ_create()\fR.
|
||||
.PP
|
||||
Table objects have certain advantages over other objects: for example
|
||||
their NIDs can be used in a C language switch statement. They are
|
||||
also static constant structures which are shared: that is there
|
||||
is only a single constant structure for each table object.
|
||||
.PP
|
||||
Objects which are not in the table have the \s-1NID\s0 value NID_undef.
|
||||
.PP
|
||||
Objects do not need to be in the internal tables to be processed,
|
||||
the functions \fIOBJ_txt2obj()\fR and \fIOBJ_obj2txt()\fR can process the numerical
|
||||
form of an \s-1OID\s0.
|
||||
.SH "EXAMPLES"
|
||||
.IX Header "EXAMPLES"
|
||||
Create an object for \fBcommonName\fR:
|
||||
.PP
|
||||
.Vb 2
|
||||
\& ASN1_OBJECT *o;
|
||||
\& o = OBJ_nid2obj(NID_commonName);
|
||||
.Ve
|
||||
Check if an object is \fBcommonName\fR
|
||||
.PP
|
||||
.Vb 2
|
||||
\& if (OBJ_obj2nid(obj) == NID_commonName)
|
||||
\& /* Do something */
|
||||
.Ve
|
||||
Create a new \s-1NID\s0 and initialize an object from it:
|
||||
.PP
|
||||
.Vb 3
|
||||
\& int new_nid;
|
||||
\& ASN1_OBJECT *obj;
|
||||
\& new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& obj = OBJ_nid2obj(new_nid);
|
||||
.Ve
|
||||
Create a new object directly:
|
||||
.PP
|
||||
.Vb 1
|
||||
\& obj = OBJ_txt2obj("1.2.3.4", 1);
|
||||
.Ve
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
\&\fIOBJ_obj2txt()\fR is awkward and messy to use: it doesn't follow the
|
||||
convention of other OpenSSL functions where the buffer can be set
|
||||
to \fB\s-1NULL\s0\fR to determine the amount of data that should be written.
|
||||
Instead \fBbuf\fR must point to a valid buffer and \fBbuf_len\fR should
|
||||
be set to a positive value. A buffer length of 80 should be more
|
||||
than enough to handle any \s-1OID\s0 encountered in practice.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIOBJ_nid2obj()\fR returns an \fB\s-1ASN1_OBJECT\s0\fR structure or \fB\s-1NULL\s0\fR is an
|
||||
error occurred.
|
||||
.PP
|
||||
\&\fIOBJ_nid2ln()\fR and \fIOBJ_nid2sn()\fR returns a valid string or \fB\s-1NULL\s0\fR
|
||||
on error.
|
||||
.PP
|
||||
\&\fIOBJ_obj2nid()\fR, \fIOBJ_ln2nid()\fR, \fIOBJ_sn2nid()\fR and \fIOBJ_txt2nid()\fR return
|
||||
a \s-1NID\s0 or \fBNID_undef\fR on error.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\s-1TBA\s0
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:44 2002
|
||||
.\" Mon Jan 13 19:28:13 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "OPENSSL_VERSION_NUMBER 3"
|
||||
.TH OPENSSL_VERSION_NUMBER 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH OPENSSL_VERSION_NUMBER 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
\&\s-1OPENSSL_VERSION_NUMBER\s0, SSLeay, SSLeay_version \- get OpenSSL version number
|
||||
@@ -211,6 +211,10 @@ or \*(L"built on: date not available\*(R" otherwise.
|
||||
.IX Item "SSLEAY_PLATFORM"
|
||||
The \*(L"Configure\*(R" target of the library build in the form \*(L"platform: ...\*(R"
|
||||
if available or \*(L"platform: information not available\*(R" otherwise.
|
||||
.Ip "\s-1SSLEAY_DIR\s0" 4
|
||||
.IX Item "SSLEAY_DIR"
|
||||
The \*(L"\s-1OPENSSLDIR\s0\*(R" setting of the library build in the form \*(L"\s-1OPENSSLDIR:\s0 \*(R"..."\*(L"
|
||||
if available or \*(R"\s-1OPENSSLDIR:\s0 N/A" otherwise.
|
||||
.PP
|
||||
For an unknown \fBt\fR, the text \*(L"not available\*(R" is returned.
|
||||
.SH "RETURN VALUE"
|
||||
@@ -223,3 +227,4 @@ crypto(3)
|
||||
.IX Header "HISTORY"
|
||||
\&\fISSLeay()\fR and \s-1SSLEAY_VERSION_NUMBER\s0 are available in all versions of SSLeay and OpenSSL.
|
||||
\&\s-1OPENSSL_VERSION_NUMBER\s0 is available in all versions of OpenSSL.
|
||||
\&\fB\s-1SSLEAY_DIR\s0\fR was added in OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:44 2002
|
||||
.\" Mon Jan 13 19:28:15 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "OpenSSL_add_all_algorithms 3"
|
||||
.TH OpenSSL_add_all_algorithms 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH OpenSSL_add_all_algorithms 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests \-
|
||||
|
||||
@@ -0,0 +1,192 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:16 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS12_create 3"
|
||||
.TH PKCS12_create 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS12_create \- create a PKCS#12 structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/pkcs12.h>
|
||||
.Ve
|
||||
.Vb 2
|
||||
\& PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca,
|
||||
\& int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS12_create()\fR creates a PKCS#12 structure.
|
||||
.PP
|
||||
\&\fBpass\fR is the passphrase to use. \fBname\fR is the \fBfriendlyName\fR to use for
|
||||
the supplied certifictate and key. \fBpkey\fR is the private key to include in
|
||||
the structure and \fBcert\fR its corresponding certificates. \fBca\fR, if not \fB\s-1NULL\s0\fR
|
||||
is an optional set of certificates to also include in the structure.
|
||||
.PP
|
||||
\&\fBnid_key\fR and \fBnid_cert\fR are the encryption algorithms that should be used
|
||||
for the key and certificate respectively. \fBiter\fR is the encryption algorithm
|
||||
iteration count to use and \fBmac_iter\fR is the \s-1MAC\s0 iteration count to use.
|
||||
\&\fBkeytype\fR is the type of key.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
The parameters \fBnid_key\fR, \fBnid_cert\fR, \fBiter\fR, \fBmac_iter\fR and \fBkeytype\fR
|
||||
can all be set to zero and sensible defaults will be used.
|
||||
.PP
|
||||
These defaults are: 40 bit \s-1RC2\s0 encryption for certificates, triple \s-1DES\s0
|
||||
encryption for private keys, a key iteration count of \s-1PKCS12_DEFAULT_ITER\s0
|
||||
(currently 2048) and a \s-1MAC\s0 iteration count of 1.
|
||||
.PP
|
||||
The default \s-1MAC\s0 iteration count is 1 in order to retain compatibility with
|
||||
old software which did not interpret \s-1MAC\s0 iteration counts. If such compatibility
|
||||
is not required then \fBmac_iter\fR should be set to \s-1PKCS12_DEFAULT_ITER\s0.
|
||||
.PP
|
||||
\&\fBkeytype\fR adds a flag to the store private key. This is a non standard extension
|
||||
that is only currently interpreted by \s-1MSIE\s0. If set to zero the flag is omitted,
|
||||
if set to \fB\s-1KEY_SIG\s0\fR the key can be used for signing only, if set to \fB\s-1KEY_EX\s0\fR
|
||||
it can be used for signing and encryption. This option was useful for old
|
||||
export grade software which could use signing only keys of arbitrary size but
|
||||
had restrictions on the permissible sizes of keys which could be used for
|
||||
encryption.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
d2i_PKCS12(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
PKCS12_create was added in OpenSSL 0.9.3
|
||||
@@ -0,0 +1,182 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:17 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS12_parse 3"
|
||||
.TH PKCS12_parse 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS12_parse \- parse a PKCS#12 structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 1
|
||||
\& #include <openssl/pkcs12.h>
|
||||
.Ve
|
||||
int PKCS12_parse(\s-1PKCS12\s0 *p12, const char *pass, \s-1EVP_PKEY\s0 **pkey, X509 **cert, STACK_OF(X509) **ca);
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS12_parse()\fR parses a \s-1PKCS12\s0 structure.
|
||||
.PP
|
||||
\&\fBp12\fR is the \fB\s-1PKCS12\s0\fR structure to parse. \fBpass\fR is the passphrase to use.
|
||||
If successful the private key will be written to \fB*pkey\fR, the corresponding
|
||||
certificate to \fB*cert\fR and any additional certificates to \fB*ca\fR.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
The parameters \fBpkey\fR and \fBcert\fR cannot be \fB\s-1NULL\s0\fR. \fBca\fR can be <\s-1NULL\s0>
|
||||
in which case additional certificates will be discarded. \fB*ca\fR can also
|
||||
be a valid \s-1STACK\s0 in which case additional certificates are appended to
|
||||
\&\fB*ca\fR. If \fB*ca\fR is \fB\s-1NULL\s0\fR a new \s-1STACK\s0 will be allocated.
|
||||
.PP
|
||||
The \fBfriendlyName\fR and \fBlocalKeyID\fR attributes (if present) on each certificate
|
||||
will be stored in the \fBalias\fR and \fBkeyid\fR attributes of the \fBX509\fR structure.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
Only a single private key and corresponding certificate is returned by this function.
|
||||
More complex PKCS#12 files with multiple private keys will only return the first
|
||||
match.
|
||||
.PP
|
||||
Only \fBfriendlyName\fR and \fBlocalKeyID\fR attributes are currently stored in certificates.
|
||||
Other attributes are discarded.
|
||||
.PP
|
||||
Attributes currently cannot be store in the private key \fB\s-1EVP_PKEY\s0\fR structure.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
d2i_PKCS12(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
PKCS12_parse was added in OpenSSL 0.9.3
|
||||
@@ -0,0 +1,183 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:18 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS7_decrypt 3"
|
||||
.TH PKCS7_decrypt 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS7_decrypt \- decrypt content from a PKCS#7 envelopedData structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
int PKCS7_decrypt(\s-1PKCS7\s0 *p7, \s-1EVP_PKEY\s0 *pkey, X509 *cert, \s-1BIO\s0 *data, int flags);
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS7_decrypt()\fR extracts and decrypts the content from a PKCS#7 envelopedData
|
||||
structure. \fBpkey\fR is the private key of the recipient, \fBcert\fR is the
|
||||
recipients certificate, \fBdata\fR is a \s-1BIO\s0 to write the content to and
|
||||
\&\fBflags\fR is an optional set of flags.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
\&\fIOpenSSL_add_all_algorithms()\fR (or equivalent) should be called before using this
|
||||
function or errors about unknown algorithms will occur.
|
||||
.PP
|
||||
Although the recipients certificate is not needed to decrypt the data it is needed
|
||||
to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
|
||||
.PP
|
||||
The following flags can be passed in the \fBflags\fR parameter.
|
||||
.PP
|
||||
If the \fB\s-1PKCS7_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are deleted
|
||||
from the content. If the content is not of type \fBtext/plain\fR then an error is
|
||||
returned.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIPKCS7_decrypt()\fR returns either 1 for success or 0 for failure.
|
||||
The error can be obtained from \fIERR_get_error\fR\|(3)
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
\&\fIPKCS7_decrypt()\fR must be passed the correct recipient key and certificate. It would
|
||||
be better if it could look up the correct key and certificate from a database.
|
||||
.PP
|
||||
The lack of single pass processing and need to hold all data in memory as
|
||||
mentioned in \fIPKCS7_sign()\fR also applies to \fIPKCS7_verify()\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3), PKCS7_encrypt(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIPKCS7_decrypt()\fR was added to OpenSSL 0.9.5
|
||||
@@ -0,0 +1,195 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:19 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS7_encrypt 3"
|
||||
.TH PKCS7_encrypt 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS7_encrypt \- create a PKCS#7 envelopedData structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
\&\s-1PKCS7\s0 *PKCS7_encrypt(STACK_OF(X509) *certs, \s-1BIO\s0 *in, const \s-1EVP_CIPHER\s0 *cipher, int flags);
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS7_encrypt()\fR creates and returns a PKCS#7 envelopedData structure. \fBcerts\fR
|
||||
is a list of recipient certificates. \fBin\fR is the content to be encrypted.
|
||||
\&\fBcipher\fR is the symmetric cipher to use. \fBflags\fR is an optional set of flags.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Only \s-1RSA\s0 keys are supported in PKCS#7 and envelopedData so the recipient certificates
|
||||
supplied to this function must all contain \s-1RSA\s0 public keys, though they do not have to
|
||||
be signed using the \s-1RSA\s0 algorithm.
|
||||
.PP
|
||||
\&\fIEVP_des_ede3_cbc()\fR (triple \s-1DES\s0) is the algorithm of choice for S/MIME use because
|
||||
most clients will support it.
|
||||
.PP
|
||||
Some old \*(L"export grade\*(R" clients may only support weak encryption using 40 or 64 bit
|
||||
\&\s-1RC2\s0. These can be used by passing \fIEVP_rc2_40_cbc()\fR and \fIEVP_rc2_64_cbc()\fR respectively.
|
||||
.PP
|
||||
The algorithm passed in the \fBcipher\fR parameter must support \s-1ASN1\s0 encoding of its
|
||||
parameters.
|
||||
.PP
|
||||
Many browsers implement a \*(L"sign and encrypt\*(R" option which is simply an S/MIME
|
||||
envelopedData containing an S/MIME signed message. This can be readily produced
|
||||
by storing the S/MIME signed message in a memory \s-1BIO\s0 and passing it to
|
||||
\&\fIPKCS7_encrypt()\fR.
|
||||
.PP
|
||||
The following flags can be passed in the \fBflags\fR parameter.
|
||||
.PP
|
||||
If the \fB\s-1PKCS7_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are prepended
|
||||
to the data.
|
||||
.PP
|
||||
Normally the supplied content is translated into \s-1MIME\s0 canonical format (as required
|
||||
by the S/MIME specifications) if \fB\s-1PKCS7_BINARY\s0\fR is set no translation occurs. This
|
||||
option should be used if the supplied data is in binary format otherwise the translation
|
||||
will corrupt it. If \fB\s-1PKCS7_BINARY\s0\fR is set then \fB\s-1PKCS7_TEXT\s0\fR is ignored.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIPKCS7_encrypt()\fR returns either a valid \s-1PKCS7\s0 structure or \s-1NULL\s0 if an error occurred.
|
||||
The error can be obtained from \fIERR_get_error\fR\|(3).
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
The lack of single pass processing and need to hold all data in memory as
|
||||
mentioned in \fIPKCS7_sign()\fR also applies to \fIPKCS7_verify()\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3), PKCS7_decrypt(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIPKCS7_decrypt()\fR was added to OpenSSL 0.9.5
|
||||
@@ -0,0 +1,215 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:20 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS7_sign 3"
|
||||
.TH PKCS7_sign 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS7_sign \- create a PKCS#7 signedData structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
\&\s-1PKCS7\s0 *PKCS7_sign(X509 *signcert, \s-1EVP_PKEY\s0 *pkey, STACK_OF(X509) *certs, \s-1BIO\s0 *data, int flags);
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS7_sign()\fR creates and returns a PKCS#7 signedData structure. \fBsigncert\fR
|
||||
is the certificate to sign with, \fBpkey\fR is the corresponsding private key.
|
||||
\&\fBcerts\fR is an optional additional set of certificates to include in the
|
||||
PKCS#7 structure (for example any intermediate CAs in the chain).
|
||||
.PP
|
||||
The data to be signed is read from \s-1BIO\s0 \fBdata\fR.
|
||||
.PP
|
||||
\&\fBflags\fR is an optional set of flags.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
Any of the following flags (ored together) can be passed in the \fBflags\fR parameter.
|
||||
.PP
|
||||
Many S/MIME clients expect the signed content to include valid \s-1MIME\s0 headers. If
|
||||
the \fB\s-1PKCS7_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are prepended
|
||||
to the data.
|
||||
.PP
|
||||
If \fB\s-1PKCS7_NOCERTS\s0\fR is set the signer's certificate will not be included in the
|
||||
\&\s-1PKCS7\s0 structure, the signer's certificate must still be supplied in the \fBsigncert\fR
|
||||
parameter though. This can reduce the size of the signature if the signers certificate
|
||||
can be obtained by other means: for example a previously signed message.
|
||||
.PP
|
||||
The data being signed is included in the \s-1PKCS7\s0 structure, unless \fB\s-1PKCS7_DETACHED\s0\fR
|
||||
is set in which case it is omitted. This is used for \s-1PKCS7\s0 detached signatures
|
||||
which are used in S/MIME plaintext signed messages for example.
|
||||
.PP
|
||||
Normally the supplied content is translated into \s-1MIME\s0 canonical format (as required
|
||||
by the S/MIME specifications) if \fB\s-1PKCS7_BINARY\s0\fR is set no translation occurs. This
|
||||
option should be used if the supplied data is in binary format otherwise the translation
|
||||
will corrupt it.
|
||||
.PP
|
||||
The signedData structure includes several PKCS#7 autenticatedAttributes including
|
||||
the signing time, the PKCS#7 content type and the supported list of ciphers in
|
||||
an SMIMECapabilities attribute. If \fB\s-1PKCS7_NOATTR\s0\fR is set then no authenticatedAttributes
|
||||
will be used. If \fB\s-1PKCS7_NOSMIMECAP\s0\fR is set then just the SMIMECapabilities are
|
||||
omitted.
|
||||
.PP
|
||||
If present the SMIMECapabilities attribute indicates support for the following
|
||||
algorithms: triple \s-1DES\s0, 128 bit \s-1RC2\s0, 64 bit \s-1RC2\s0, \s-1DES\s0 and 40 bit \s-1RC2\s0. If any
|
||||
of these algorithms is disabled then it will not be included.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
\&\fIPKCS7_sign()\fR is somewhat limited. It does not support multiple signers, some
|
||||
advanced attributes such as counter signatures are not supported.
|
||||
.PP
|
||||
The \s-1SHA1\s0 digest algorithm is currently always used.
|
||||
.PP
|
||||
When the signed data is not detached it will be stored in memory within the
|
||||
\&\fB\s-1PKCS7\s0\fR structure. This effectively limits the size of messages which can be
|
||||
signed due to memory restraints. There should be a way to sign data without
|
||||
having to hold it all in memory, this would however require fairly major
|
||||
revisions of the OpenSSL \s-1ASN1\s0 code.
|
||||
.PP
|
||||
Clear text signing does not store the content in memory but the way \fIPKCS7_sign()\fR
|
||||
operates means that two passes of the data must typically be made: one to compute
|
||||
the signatures and a second to output the data along with the signature. There
|
||||
should be a way to process the data with only a single pass.
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIPKCS7_sign()\fR returns either a valid \s-1PKCS7\s0 structure or \s-1NULL\s0 if an error occurred.
|
||||
The error can be obtained from \fIERR_get_error\fR\|(3).
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3), PKCS7_verify(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIPKCS7_sign()\fR was added to OpenSSL 0.9.5
|
||||
@@ -0,0 +1,245 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Mon Jan 13 19:28:22 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
.de Sh \" Subsection heading
|
||||
.br
|
||||
.if t .Sp
|
||||
.ne 5
|
||||
.PP
|
||||
\fB\\$1\fR
|
||||
.PP
|
||||
..
|
||||
.de Sp \" Vertical space (when we can't use .PP)
|
||||
.if t .sp .5v
|
||||
.if n .sp
|
||||
..
|
||||
.de Ip \" List item
|
||||
.br
|
||||
.ie \\n(.$>=3 .ne \\$3
|
||||
.el .ne 3
|
||||
.IP "\\$1" \\$2
|
||||
..
|
||||
.de Vb \" Begin verbatim text
|
||||
.ft CW
|
||||
.nf
|
||||
.ne \\$1
|
||||
..
|
||||
.de Ve \" End verbatim text
|
||||
.ft R
|
||||
|
||||
.fi
|
||||
..
|
||||
.\" Set up some character translations and predefined strings. \*(-- will
|
||||
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||||
.\" double quote, and \*(R" will give a right double quote. | will give a
|
||||
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
||||
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
||||
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
||||
.tr \(*W-|\(bv\*(Tr
|
||||
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||||
.ie n \{\
|
||||
. ds -- \(*W-
|
||||
. ds PI pi
|
||||
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||||
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||||
. ds L" ""
|
||||
. ds R" ""
|
||||
. ds C` ""
|
||||
. ds C' ""
|
||||
'br\}
|
||||
.el\{\
|
||||
. ds -- \|\(em\|
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
'br\}
|
||||
.\"
|
||||
.\" If the F register is turned on, we'll generate index entries on stderr
|
||||
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
||||
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
||||
.\" the output yourself in some meaningful fashion.
|
||||
.if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.\"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
||||
.\" makes way too many mistakes in technical documents.
|
||||
.hy 0
|
||||
.if n .na
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
.bd B 3
|
||||
. \" fudge factors for nroff and troff
|
||||
.if n \{\
|
||||
. ds #H 0
|
||||
. ds #V .8m
|
||||
. ds #F .3m
|
||||
. ds #[ \f1
|
||||
. ds #] \fP
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||||
. ds #V .6m
|
||||
. ds #F 0
|
||||
. ds #[ \&
|
||||
. ds #] \&
|
||||
.\}
|
||||
. \" simple accents for nroff and troff
|
||||
.if n \{\
|
||||
. ds ' \&
|
||||
. ds ` \&
|
||||
. ds ^ \&
|
||||
. ds , \&
|
||||
. ds ~ ~
|
||||
. ds /
|
||||
.\}
|
||||
.if t \{\
|
||||
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||||
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||||
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||||
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||||
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||||
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||||
.\}
|
||||
. \" troff and (daisy-wheel) nroff accents
|
||||
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||||
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||||
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||||
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||||
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||||
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||||
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||||
.ds ae a\h'-(\w'a'u*4/10)'e
|
||||
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||||
. \" corrections for vroff
|
||||
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||||
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||||
. \" for low resolution devices (crt and lpr)
|
||||
.if \n(.H>23 .if \n(.V>19 \
|
||||
\{\
|
||||
. ds : e
|
||||
. ds 8 ss
|
||||
. ds o a
|
||||
. ds d- d\h'-1'\(ga
|
||||
. ds D- D\h'-1'\(hy
|
||||
. ds th \o'bp'
|
||||
. ds Th \o'LP'
|
||||
. ds ae ae
|
||||
. ds Ae AE
|
||||
.\}
|
||||
.rm #[ #] #H #V #F C
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "PKCS7_verify 3"
|
||||
.TH PKCS7_verify 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
PKCS7_verify \- verify a PKCS#7 signedData structure
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
int PKCS7_verify(\s-1PKCS7\s0 *p7, STACK_OF(X509) *certs, X509_STORE *store, \s-1BIO\s0 *indata, \s-1BIO\s0 *out, int flags);
|
||||
.PP
|
||||
int PKCS7_get0_signers(\s-1PKCS7\s0 *p7, STACK_OF(X509) *certs, int flags);
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIPKCS7_verify()\fR verifies a PKCS#7 signedData structure. \fBp7\fR is the \s-1PKCS7\s0
|
||||
structure to verify. \fBcerts\fR is a set of certificates in which to search for
|
||||
the signer's certificate. \fBstore\fR is a trusted certficate store (used for
|
||||
chain verification). \fBindata\fR is the signed data if the content is not
|
||||
present in \fBp7\fR (that is it is detached). The content is written to \fBout\fR
|
||||
if it is not \s-1NULL\s0.
|
||||
.PP
|
||||
\&\fBflags\fR is an optional set of flags, which can be used to modify the verify
|
||||
operation.
|
||||
.PP
|
||||
\&\fIPKCS7_get0_signers()\fR retrieves the signer's certificates from \fBp7\fR, it does
|
||||
\&\fBnot\fR check their validity or whether any signatures are valid. The \fBcerts\fR
|
||||
and \fBflags\fR parameters have the same meanings as in \fIPKCS7_verify()\fR.
|
||||
.SH "VERIFY PROCESS"
|
||||
.IX Header "VERIFY PROCESS"
|
||||
Normally the verify process proceeds as follows.
|
||||
.PP
|
||||
Initially some sanity checks are performed on \fBp7\fR. The type of \fBp7\fR must
|
||||
be signedData. There must be at least one signature on the data and if
|
||||
the content is detached \fBindata\fR cannot be \fB\s-1NULL\s0\fR.
|
||||
.PP
|
||||
An attempt is made to locate all the signer's certificates, first looking in
|
||||
the \fBcerts\fR parameter (if it is not \fB\s-1NULL\s0\fR) and then looking in any certificates
|
||||
contained in the \fBp7\fR structure itself. If any signer's certificates cannot be
|
||||
located the operation fails.
|
||||
.PP
|
||||
Each signer's certificate is chain verified using the \fBsmimesign\fR purpose and
|
||||
the supplied trusted certificate store. Any internal certificates in the message
|
||||
are used as untrusted CAs. If any chain verify fails an error code is returned.
|
||||
.PP
|
||||
Finally the signed content is read (and written to \fBout\fR is it is not \s-1NULL\s0) and
|
||||
the signature's checked.
|
||||
.PP
|
||||
If all signature's verify correctly then the function is successful.
|
||||
.PP
|
||||
Any of the following flags (ored together) can be passed in the \fBflags\fR parameter
|
||||
to change the default verify behaviour. Only the flag \fB\s-1PKCS7_NOINTERN\s0\fR is
|
||||
meaningful to \fIPKCS7_get0_signers()\fR.
|
||||
.PP
|
||||
If \fB\s-1PKCS7_NOINTERN\s0\fR is set the certificates in the message itself are not
|
||||
searched when locating the signer's certificate. This means that all the signers
|
||||
certificates must be in the \fBcerts\fR parameter.
|
||||
.PP
|
||||
If the \fB\s-1PKCS7_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are deleted
|
||||
from the content. If the content is not of type \fBtext/plain\fR then an error is
|
||||
returned.
|
||||
.PP
|
||||
If \fB\s-1PKCS7_NOVERIFY\s0\fR is set the signer's certificates are not chain verified.
|
||||
.PP
|
||||
If \fB\s-1PKCS7_NOCHAIN\s0\fR is set then the certificates contained in the message are
|
||||
not used as untrusted CAs. This means that the whole verify chain (apart from
|
||||
the signer's certificate) must be contained in the trusted store.
|
||||
.PP
|
||||
If \fB\s-1PKCS7_NOSIGS\s0\fR is set then the signatures on the data are not checked.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
One application of \fB\s-1PKCS7_NOINTERN\s0\fR is to only accept messages signed by
|
||||
a small number of certificates. The acceptable certificates would be passed
|
||||
in the \fBcerts\fR parameter. In this case if the signer is not one of the
|
||||
certificates supplied in \fBcerts\fR then the verify will fail because the
|
||||
signer cannot be found.
|
||||
.PP
|
||||
Care should be taken when modifying the default verify behaviour, for example
|
||||
setting \fBPKCS7_NOVERIFY|PKCS7_NOSIGS\fR will totally disable all verification
|
||||
and any signed message will be considered valid. This combination is however
|
||||
useful if one merely wishes to write the content to \fBout\fR and its validity
|
||||
is not considered important.
|
||||
.PP
|
||||
Chain verification should arguably be performed using the signing time rather
|
||||
than the current time. However since the signing time is supplied by the
|
||||
signer it cannot be trusted without additional evidence (such as a trusted
|
||||
timestamp).
|
||||
.SH "RETURN VALUES"
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIPKCS7_verify()\fR returns 1 for a successful verification and zero or a negative
|
||||
value if an error occurs.
|
||||
.PP
|
||||
\&\fIPKCS7_get0_signers()\fR returns all signers or \fB\s-1NULL\s0\fR if an error occurred.
|
||||
.PP
|
||||
The error can be obtained from ERR_get_error(3)
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
The trusted certificate store is not searched for the signers certificate,
|
||||
this is primarily due to the inadequacies of the current \fBX509_STORE\fR
|
||||
functionality.
|
||||
.PP
|
||||
The lack of single pass processing and need to hold all data in memory as
|
||||
mentioned in \fIPKCS7_sign()\fR also applies to \fIPKCS7_verify()\fR.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
ERR_get_error(3), PKCS7_sign(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIPKCS7_verify()\fR was added to OpenSSL 0.9.5
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:45 2002
|
||||
.\" Mon Jan 13 19:28:23 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_add 3"
|
||||
.TH RAND_add 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RAND_add 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen \- add
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:46 2002
|
||||
.\" Mon Jan 13 19:28:24 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_bytes 3"
|
||||
.TH RAND_bytes 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RAND_bytes 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_bytes, RAND_pseudo_bytes \- generate random data
|
||||
@@ -174,7 +174,8 @@ functions return \-1 if they are not supported by the current \s-1RAND\s0
|
||||
method.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
rand(3), err(3), RAND_add(3)
|
||||
rand(3), ERR_get_error(3),
|
||||
RAND_add(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIRAND_bytes()\fR is available in all versions of SSLeay and OpenSSL. It
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:46 2002
|
||||
.\" Mon Jan 13 19:28:25 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_cleanup 3"
|
||||
.TH RAND_cleanup 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RAND_cleanup 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_cleanup \- erase the \s-1PRNG\s0 state
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:47 2002
|
||||
.\" Mon Jan 13 19:28:26 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_egd 3"
|
||||
.TH RAND_egd 3 "0.9.6e" "2001-02-17" "OpenSSL"
|
||||
.TH RAND_egd 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_egd \- query entropy gathering daemon
|
||||
@@ -151,6 +151,9 @@ RAND_egd \- query entropy gathering daemon
|
||||
\& int RAND_egd(const char *path);
|
||||
\& int RAND_egd_bytes(const char *path, int bytes);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIRAND_egd()\fR queries the entropy gathering daemon \s-1EGD\s0 on socket \fBpath\fR.
|
||||
@@ -166,6 +169,11 @@ When only one secret key must
|
||||
be generated, it is not necessary to request the full amount 255 bytes from
|
||||
the \s-1EGD\s0 socket. This can be advantageous, since the amount of entropy
|
||||
that can be retrieved from \s-1EGD\s0 over time is limited.
|
||||
.PP
|
||||
\&\fIRAND_query_egd_bytes()\fR performs the actual query of the \s-1EGD\s0 daemon on socket
|
||||
\&\fBpath\fR. If \fBbuf\fR is given, \fBbytes\fR bytes are queried and written into
|
||||
\&\fBbuf\fR. If \fBbuf\fR is \s-1NULL\s0, \fBbytes\fR bytes are queried and used to seed the
|
||||
OpenSSL built-in \s-1PRNG\s0 using RAND_add(3).
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
On systems without /dev/*random devices providing entropy from the kernel,
|
||||
@@ -185,11 +193,18 @@ available from
|
||||
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html .
|
||||
\&\s-1PRNGD\s0 does employ an internal \s-1PRNG\s0 itself and can therefore never run
|
||||
out of entropy.
|
||||
.PP
|
||||
OpenSSL automatically queries \s-1EGD\s0 when entropy is requested via \fIRAND_bytes()\fR
|
||||
or the status is checked via \fIRAND_status()\fR for the first time, if the socket
|
||||
is located at /var/run/egd-pool, /dev/egd-pool or /etc/egd-pool.
|
||||
.SH "RETURN VALUE"
|
||||
.IX Header "RETURN VALUE"
|
||||
\&\fIRAND_egd()\fR and \fIRAND_egd_bytes()\fR return the number of bytes read from the
|
||||
daemon on success, and \-1 if the connection failed or the daemon did not
|
||||
return enough data to fully seed the \s-1PRNG\s0.
|
||||
.PP
|
||||
\&\fIRAND_query_egd_bytes()\fR returns the number of bytes read from the daemon on
|
||||
success, and \-1 if the connection failed. The \s-1PRNG\s0 state is not considered.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
rand(3), RAND_add(3),
|
||||
@@ -199,3 +214,7 @@ RAND_cleanup(3)
|
||||
\&\fIRAND_egd()\fR is available since OpenSSL 0.9.5.
|
||||
.PP
|
||||
\&\fIRAND_egd_bytes()\fR is available since OpenSSL 0.9.6.
|
||||
.PP
|
||||
\&\fIRAND_query_egd_bytes()\fR is available since OpenSSL 0.9.7.
|
||||
.PP
|
||||
The automatic query of /var/run/egd-pool et al was added in OpenSSL 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:47 2002
|
||||
.\" Mon Jan 13 19:28:28 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_load_file 3"
|
||||
.TH RAND_load_file 3 "0.9.6e" "2001-05-19" "OpenSSL"
|
||||
.TH RAND_load_file 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_load_file, RAND_write_file, RAND_file_name \- \s-1PRNG\s0 seed file
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:48 2002
|
||||
.\" Mon Jan 13 19:28:29 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RAND_set_rand_method 3"
|
||||
.TH RAND_set_rand_method 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RAND_set_rand_method 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay \- select \s-1RAND\s0 method
|
||||
@@ -148,24 +148,32 @@ RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay \- select \s-1RAND\s0 me
|
||||
\& #include <openssl/rand.h>
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& void RAND_set_rand_method(RAND_METHOD *meth);
|
||||
\& void RAND_set_rand_method(const RAND_METHOD *meth);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& RAND_METHOD *RAND_get_rand_method(void);
|
||||
\& const RAND_METHOD *RAND_get_rand_method(void);
|
||||
.Ve
|
||||
.Vb 1
|
||||
\& RAND_METHOD *RAND_SSLeay(void);
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
A \fB\s-1RAND_METHOD\s0\fR specifies the functions that OpenSSL uses for random
|
||||
number generation. By modifying the method, alternative
|
||||
implementations such as hardware RNGs may be used. Initially, the
|
||||
default is to use the OpenSSL internal implementation. \fIRAND_SSLeay()\fR
|
||||
returns a pointer to that method.
|
||||
A \fB\s-1RAND_METHOD\s0\fR specifies the functions that OpenSSL uses for random number
|
||||
generation. By modifying the method, alternative implementations such as
|
||||
hardware RNGs may be used. \s-1IMPORTANT:\s0 See the \s-1NOTES\s0 section for important
|
||||
information about how these \s-1RAND\s0 \s-1API\s0 functions are affected by the use of
|
||||
\&\fB\s-1ENGINE\s0\fR \s-1API\s0 calls.
|
||||
.PP
|
||||
\&\fIRAND_set_rand_method()\fR sets the \s-1RAND\s0 method to \fBmeth\fR.
|
||||
\&\fIRAND_get_rand_method()\fR returns a pointer to the current method.
|
||||
Initially, the default \s-1RAND_METHOD\s0 is the OpenSSL internal implementation, as
|
||||
returned by \fIRAND_SSLeay()\fR.
|
||||
.PP
|
||||
\&\fIRAND_set_default_method()\fR makes \fBmeth\fR the method for \s-1PRNG\s0 use. \fB\s-1NB\s0\fR: This is
|
||||
true only whilst no \s-1ENGINE\s0 has been set as a default for \s-1RAND\s0, so this function
|
||||
is no longer recommended.
|
||||
.PP
|
||||
\&\fIRAND_get_default_method()\fR returns a pointer to the current \s-1RAND_METHOD\s0.
|
||||
However, the meaningfulness of this result is dependant on whether the \s-1ENGINE\s0
|
||||
\&\s-1API\s0 is being used, so this function is no longer recommended.
|
||||
.SH "THE RAND_METHOD STRUCTURE"
|
||||
.IX Header "THE RAND_METHOD STRUCTURE"
|
||||
.Vb 9
|
||||
@@ -187,10 +195,25 @@ Each component may be \s-1NULL\s0 if the function is not implemented.
|
||||
.IX Header "RETURN VALUES"
|
||||
\&\fIRAND_set_rand_method()\fR returns no value. \fIRAND_get_rand_method()\fR and
|
||||
\&\fIRAND_SSLeay()\fR return pointers to the respective methods.
|
||||
.SH "NOTES"
|
||||
.IX Header "NOTES"
|
||||
As of version 0.9.7, \s-1RAND_METHOD\s0 implementations are grouped together with other
|
||||
algorithmic APIs (eg. \s-1RSA_METHOD\s0, \s-1EVP_CIPHER\s0, etc) in \fB\s-1ENGINE\s0\fR modules. If a
|
||||
default \s-1ENGINE\s0 is specified for \s-1RAND\s0 functionality using an \s-1ENGINE\s0 \s-1API\s0 function,
|
||||
that will override any \s-1RAND\s0 defaults set using the \s-1RAND\s0 \s-1API\s0 (ie.
|
||||
\&\fIRAND_set_rand_method()\fR). For this reason, the \s-1ENGINE\s0 \s-1API\s0 is the recommended way
|
||||
to control default implementations for use in \s-1RAND\s0 and other cryptographic
|
||||
algorithms.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
rand(3)
|
||||
rand(3), engine(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIRAND_set_rand_method()\fR, \fIRAND_get_rand_method()\fR and \fIRAND_SSLeay()\fR are
|
||||
available in all versions of OpenSSL.
|
||||
.PP
|
||||
In the engine version of version 0.9.6, \fIRAND_set_rand_method()\fR was altered to
|
||||
take an \s-1ENGINE\s0 pointer as its argument. As of version 0.9.7, that has been
|
||||
reverted as the \s-1ENGINE\s0 \s-1API\s0 transparently overrides \s-1RAND\s0 defaults if used,
|
||||
otherwise \s-1RAND\s0 \s-1API\s0 functions work as before. \fIRAND_set_rand_engine()\fR was also
|
||||
introduced in version 0.9.7.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:49 2002
|
||||
.\" Mon Jan 13 19:28:30 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RSA_blinding_on 3"
|
||||
.TH RSA_blinding_on 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RSA_blinding_on 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RSA_blinding_on, RSA_blinding_off \- protect the \s-1RSA\s0 operation from timing attacks
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:49 2002
|
||||
.\" Mon Jan 13 19:28:31 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RSA_check_key 3"
|
||||
.TH RSA_check_key 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH RSA_check_key 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RSA_check_key \- validate private \s-1RSA\s0 keys
|
||||
@@ -174,9 +174,27 @@ This function does not work on \s-1RSA\s0 public keys that have only the modulus
|
||||
and public exponent elements populated. It performs integrity checks on all
|
||||
the \s-1RSA\s0 key material, so the \s-1RSA\s0 key structure must contain all the private
|
||||
key data too.
|
||||
.PP
|
||||
Unlike most other \s-1RSA\s0 functions, this function does \fBnot\fR work
|
||||
transparently with any underlying \s-1ENGINE\s0 implementation because it uses the
|
||||
key data in the \s-1RSA\s0 structure directly. An \s-1ENGINE\s0 implementation can
|
||||
override the way key data is stored and handled, and can even provide
|
||||
support for \s-1HSM\s0 keys \- in which case the \s-1RSA\s0 structure may contain \fBno\fR
|
||||
key data at all! If the \s-1ENGINE\s0 in question is only being used for
|
||||
acceleration or analysis purposes, then in all likelihood the \s-1RSA\s0 key data
|
||||
is complete and untouched, but this can't be assumed in the general case.
|
||||
.SH "BUGS"
|
||||
.IX Header "BUGS"
|
||||
A method of verifying the \s-1RSA\s0 key using opaque \s-1RSA\s0 \s-1API\s0 functions might need
|
||||
to be considered. Right now \fIRSA_check_key()\fR simply uses the \s-1RSA\s0 structure
|
||||
elements directly, bypassing the \s-1RSA_METHOD\s0 table altogether (and
|
||||
completely violating encapsulation and object-orientation in the process).
|
||||
The best fix will probably be to introduce a \*(L"\fIcheck_key()\fR\*(R" handler to the
|
||||
\&\s-1RSA_METHOD\s0 function table so that alternative implementations can also
|
||||
provide their own verifiers.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
rsa(3), err(3)
|
||||
rsa(3), ERR_get_error(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIRSA_check()\fR appeared in OpenSSL 0.9.4.
|
||||
\&\fIRSA_check_key()\fR appeared in OpenSSL 0.9.4.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:50 2002
|
||||
.\" Mon Jan 13 19:28:32 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RSA_generate_key 3"
|
||||
.TH RSA_generate_key 3 "0.9.6e" "2002-07-30" "OpenSSL"
|
||||
.TH RSA_generate_key 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RSA_generate_key \- generate \s-1RSA\s0 key pair
|
||||
@@ -186,7 +186,8 @@ error codes can be obtained by ERR_get_error(3).
|
||||
\&\fIRSA_generate_key()\fR goes into an infinite loop for illegal input values.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
err(3), rand(3), rsa(3), RSA_free(3)
|
||||
ERR_get_error(3), rand(3), rsa(3),
|
||||
RSA_free(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
The \fBcb_arg\fR argument was added in SSLeay 0.9.0.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:50 2002
|
||||
.\" Mon Jan 13 19:28:33 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RSA_get_ex_new_index 3"
|
||||
.TH RSA_get_ex_new_index 3 "0.9.6e" "2000-11-12" "OpenSSL"
|
||||
.TH RSA_get_ex_new_index 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data \- add application specific data to \s-1RSA\s0 structures
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" Automatically generated by Pod::Man version 1.15
|
||||
.\" Tue Jul 30 09:21:51 2002
|
||||
.\" Mon Jan 13 19:28:34 2003
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ======================================================================
|
||||
@@ -138,7 +138,7 @@
|
||||
.\" ======================================================================
|
||||
.\"
|
||||
.IX Title "RSA_new 3"
|
||||
.TH RSA_new 3 "0.9.6e" "2000-04-13" "OpenSSL"
|
||||
.TH RSA_new 3 "0.9.7" "2003-01-13" "OpenSSL"
|
||||
.UC
|
||||
.SH "NAME"
|
||||
RSA_new, RSA_free \- allocate and free \s-1RSA\s0 objects
|
||||
@@ -155,7 +155,8 @@ RSA_new, RSA_free \- allocate and free \s-1RSA\s0 objects
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
\&\fIRSA_new()\fR allocates and initializes an \fB\s-1RSA\s0\fR structure.
|
||||
\&\fIRSA_new()\fR allocates and initializes an \fB\s-1RSA\s0\fR structure. It is equivalent to
|
||||
calling RSA_new_method(\s-1NULL\s0).
|
||||
.PP
|
||||
\&\fIRSA_free()\fR frees the \fB\s-1RSA\s0\fR structure and its components. The key is
|
||||
erased before the memory is returned to the system.
|
||||
@@ -168,7 +169,9 @@ a pointer to the newly allocated structure.
|
||||
\&\fIRSA_free()\fR returns no value.
|
||||
.SH "SEE ALSO"
|
||||
.IX Header "SEE ALSO"
|
||||
err(3), rsa(3), RSA_generate_key(3)
|
||||
ERR_get_error(3), rsa(3),
|
||||
RSA_generate_key(3),
|
||||
RSA_new_method(3)
|
||||
.SH "HISTORY"
|
||||
.IX Header "HISTORY"
|
||||
\&\fIRSA_new()\fR and \fIRSA_free()\fR are available in all versions of SSLeay and OpenSSL.
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user