aboutsummaryrefslogtreecommitdiffstats
path: root/doc/build.info
Commit message (Collapse)AuthorAgeFilesLines
* Add FIPS indicator callback.slontis2024-07-111-0/+6
| | | | | | | | | | | | | | | | Add a FIPS indicator callback that can be set via OSSL_INDICATOR_set_callback(). This callback is intended to be run whenever a non approved algorithm check has occurred and strict checking has been disabled.The callback may be used to log non approved algorithms. The callback is passed a type and description string as well as the cbarg specified in OSSL_INDICATOR_set_callback. The return value can be either 0 or 1. A value of 0 can be used for testing purposes to force an error to occur from the algorithm that called the callback. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
* Add documentation for deprecated CMAC_CTX functionserbsland-dev2024-07-101-0/+6
| | | | | | | | Fixes #5539: Create a new manual page `CMAC_CTX.pod` documenting the deprecated `CMAC_CTX` functions and add the necessary build dependencies. This page includes function descriptions, usage details, and replacement suggestions with the `EVP_MAC` interface. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24814)
* Add and Update Documentation for TS_VERIFY_CTX Functionserbsland-dev2024-07-101-6/+6
| | | | | | | | | | | | | | | | | | | | | | Mark the existing `TS_VERIFY_CTX_set_certs` function as deprecated in the documentation. Add missing documentation for the deprecated functions `TS_VERIFY_CTX_set_data`, `TS_VERIFY_CTX_set_imprint`, and `TS_VERIFY_CTX_set_store`. Write missing documentation for the following functions: - `TS_VERIFY_CTX_new` - `TS_VERIFY_CTX_init` - `TS_VERIFY_CTX_free` - `TS_VERIFY_CTX_cleanup` - `TS_VERIFY_CTX_set_flags` - `TS_VERIFY_CTX_add_flags` - `TS_VERIFY_CTX_set0_data` - `TS_VERIFY_CTX_set0_imprint` - `TS_VERIFY_CTX_set0_store` - `TS_VERIFY_CTX_set0_certs` Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24701)
* CMP: add support for requesting cert template using genm/genpRajeev Ranjan2024-06-201-0/+6
| | | | | | Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24409)
* MVP demo TLS serverViktor Dukhovni2024-06-181-0/+6
| | | | | | | | | | | | | - No concurrency, one client-at-a-time - Blocking - No client certs - Fixed chain and key file names - Minimal support for session resumption Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/24505)
* Add support for targetingInformation X.509v3 extensionJonathan M. Wilbur2024-06-171-0/+6
| | | | | | | | | | Support for the targetingInformation X.509v3 extension defined in ITU-T Recommendation X.509 (2019), Section 17.1.2.2. This extension is used in attribute certificates. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22206)
* Add OPENSSL_riscvcap man pageHongren Zheng2024-05-091-0/+6
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24172)
* Add documentation for OSSL_LIB_CTX_set/get_conf_diagnosticsTomas Mraz2024-05-091-0/+6
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24275)
* Document the SSL_set_session_secret_cb() functionMatt Caswell2024-05-061-0/+6
| | | | | | | | | This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24309)
* CMP: add support for genm with crlStatusList and genp with crlsDr. David von Oheimb2024-05-011-0/+6
| | | | | | | | | | | | | | | | Introduce the capability to retrieve and update Certificate Revocation Lists (CRLs) in the CMP client, as specified in section 4.3.4 of RFC 9483. To request a CRL update, the CMP client can send a genm message with the option -infotype crlStatusList. The server will respond with a genp message containing the updated CRL, using the -infoType id-it-crls. The client can then save the CRL in a specified file using the -crlout parameter. Co-authored-by: Rajeev Ranjan <ranjan.rajeev@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23768)
* x509_acert: Load attributes from config file sectionDamian Hobson-Garcia2024-04-241-0/+6
| | | | | | | | | | | Several of the attribute values defined for use by attribute certificates use multi-valued data in an ASN.1 SEQUENCE. Allow reading of these values from a configuration file, similar to how generic X.509 extensions are handled. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* Add IETFAttrSyntax type supportDamian Hobson-Garcia2024-04-241-0/+12
| | | | | | | | | | | The IETFAtrrSyntax type is used for the values of several attributes defined in RFC 5755 for use with attribute certificates. Specifically this type is used with the "Charging Identity" and "Group" attributes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* x509_acert: Add, remove and get attribute certificate attributesDamian Hobson-Garcia2024-04-241-0/+12
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* Attribute certificate printing functionsDamian Hobson-Garcia2024-04-241-0/+6
| | | | | | | | | | | | | | Add functions to print an attribute certificate. Several attribute value types defined by the RFC 5755 specification are multi-field values (i.e ASN1_SEQUENCE rather than an ASN1_STRING or similar format). Currently those values are printed using `ASN1_item_print`. A more user-friendly output mechanism (maybe similar to the i2r_ functions used for X509 extensions) could be added in future. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* Attribute certificate getter and setter APIDamian Hobson-Garcia2024-04-241-0/+6
| | | | | | | | | | | Only fields that are allowed by RFC 5755 are accessible through this API. Fields that are only supported in version 1 attribute certificates (e.g. the AttCertIssuer v1Form fields) are not implemented. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* OSSL_STORE: Add reference docs for the built-in Windows store implementationRichard Levitte2024-04-191-0/+6
| | | | | | | | | Fixes openssl/project#422 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24170)
* make updateHugo Landau2024-02-101-0/+6
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23495)
* QUIC: Add documentation for tuning APIHugo Landau2024-02-081-0/+6
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QLOG: Add manpage openssl-qlog(7)Hugo Landau2024-02-021-0/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* Add missing documentation for X509_ATTRIBUTE related functions.slontis2024-01-031-0/+24
| | | | | | | | | Partial fix for #8026 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22656)
* Add a new guide page on writing a non-blocking QUIC clientMatt Caswell2023-09-081-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21950)
* Add a new guide page on writing a non-blocking TLS clientMatt Caswell2023-09-081-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21950)
* Add an initial guide page for writing a multi-stream QUIC clientMatt Caswell2023-08-251-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21765)
* QUIC: Rename SSL_set_initial_peer_addr to SSL_set1_initial_peer_addrHugo Landau2023-08-241-6/+6
| | | | | | | | Fixes #21701 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21814)
* doc: add the migration guide to the new guide seriesMatthias St. Pierre2023-08-231-6/+6
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21807)
* make updateMatt Caswell2023-08-081-12/+24
| | | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Anton Arapov <anton@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21560)
* QUIC err handling: Save and restore error stateTomas Mraz2023-07-071-0/+6
| | | | | | | | | | | | | | We save the error state from the thread that encountered a permanent error condition caused by system or internal error to the QUIC_CHANNEL. Then we restore it whenever we are returning to a user call when protocol is shutdown. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21087)
* Add a tutorial on writing a simple blocking QUIC clientMatt Caswell2023-06-281-0/+12
| | | | | | | | | | This tutorial only covers a single stream client at this stage. A future PR will cover adding multi-stream support. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21204)
* Split the blocking TLS client guide page into twoMatt Caswell2023-06-141-0/+6
| | | | | | | | | | We split the page into two: one covering basic TLS introductory material that applies to both clients and servers, and one with the specific material on writing a blocking TLS client. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
* Add a tutorial on writing a simple blocking TLS clientMatt Caswell2023-06-141-0/+6
| | | | | | | | | Provide guidance on the steps needed to write a very simple blocking TLS client. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
* Add SSL_get0_group_name() to get name of the group used for KEXAlex Bozarth2023-06-061-0/+6
| | | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20866)
* [feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes ↵Jairus Christensen2023-06-021-0/+6
| | | | | | | | it available Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20248)
* CMP: add support for genm/genp messages with id-it-caCertsDr. David von Oheimb2023-06-011-0/+6
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19231)
* QUIC Documentation: Rename SSL_tick, SSL_get_tick_timeoutHugo Landau2023-05-291-12/+12
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20879)
* QUIC man(7) DocumentationHugo Landau2023-05-171-0/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19899)
* QUIC APL: De-publicise SSL_attach_stream/SSL_detach_streamHugo Landau2023-05-121-6/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20765)
* QUIC MSST: Rename SSL_set_incoming_stream_reject_policyHugo Landau2023-05-121-6/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20765)
* QUIC MSST: make updateHugo Landau2023-05-121-0/+54
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20765)
* RFC7250 (RPK) supportTodd Short2023-03-281-0/+12
| | | | | | | | | | | | | | Add support for the RFC7250 certificate-type extensions. Alows the use of only private keys for connection (i.e. certs not needed). Add APIs Add unit tests Add documentation Add s_client/s_server support Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18185)
* QUIC: Add tests for datagram injection APIHugo Landau2023-03-221-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20451)
* providers: add Argon2 KDFČestmír Kalina2023-03-171-0/+6
| | | | | | | | | | https://datatracker.ietf.org/doc/rfc9106/ Signed-off-by: Čestmír Kalina <ckalina@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12256)
* Add documentation for "NULL" cipher and digest algorithms.slontis2023-02-281-0/+12
| | | | | | | | Fixes #20340 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20356)
* QUIC: Add documentation for stream and connection shutdown functionsHugo Landau2023-01-271-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19897)
* QUIC CSM: Tweak docs for tick functions, add DTLSv1 docsHugo Landau2023-01-131-0/+12
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19703)
* QUIC CSM: Documentation for new APIsHugo Landau2023-01-131-0/+36
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19703)
* Documentation for EVP_PKEY_CTX_get0_pkey() and EVP_PKEY_CTX_get0_peerkey().Nikhil Bisht2023-01-101-0/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19962)
* Docs: Move deprecated ECDSA_ functions into a separate file.slontis2022-12-221-0/+6
| | | | | | | | | | Fixes #19829 Examples added for setting/getting ECDSA SIG related r and s values Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19936)
* BIO_s_dgram: add documentation and hazard warningsHugo Landau2022-12-151-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19795)
* Move the description of the core types into their own pagesRichard Levitte2022-12-081-0/+24
| | | | | | | | | | This expands on some of the core type descriptions, and also makes it easier to find the documentation for each type, at least on Unix, with a simple call like "man OSSL_ALGORITHM". Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19842)
* Implement deterministic ECDSA sign (RFC6979)slontis2022-11-301-0/+6
| | | | | | | | | | | | | | | | | This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809)
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-29 17:47:53 +0000