aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Correct the documentation for OPENSSL_MALLOC_FDMatt Caswell2022-08-171-8/+9
| | | | | | | | | | | | | | | The documentation was misleading in that it suggests that this environment variable will record information about all allocations. While this is true it doesn't record the most useful information that you might expect such as the requested size of the allocation! It is mainly for use in conjunction with OPENSSL_MALLOC_FAILURES, and reports information about what chance an allocation has of failing. We also clarify that the mem_debug functions are actually no-ops in 3.0. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18967)
* Make OSSL_TIME a structurePauli2022-08-121-9/+31
| | | | | | | | This prevents misuses creeping in. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18882)
* Change name of parameter in documentation from sigret to sigKurt Roeckx2022-08-043-3/+3
| | | | | | | | | The rest of the documentation talks about sig, not sigret Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18943)
* Properly document deprecation of DH_new() and related functionsTomas Mraz2022-08-042-3/+15
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18925)
* Fix EC_KEY_set_private_key() NULL priv_key docsRoberto Hueso Gomez2022-08-041-6/+12
| | | | | | | | | Updates the docs to describe EC_KEY_set_private_key() function behavior when a NULL priv_key argument is passed. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18942)
* Note that EVP_CIPHER_get_iv_length returns negative values on errorPauli2022-08-031-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18875)
* Implement AES-GCM-SIV (RFC8452)Todd Short2022-07-291-0/+2
| | | | | | | | | | | | | | | | | | | | | | | Fixes #16721 This uses AES-ECB to create a counter mode AES-CTR32 (32bit counter, I could not get AES-CTR to work as-is), and GHASH to implement POLYVAL. Optimally, there would be separate polyval assembly implementation(s), but the only one I could find (and it was SSE2 x86_64 code) was not Apache 2.0 licensed. This implementation lives only in the default provider; there is no legacy implementation. The code offered in #16721 is not used; that implementation sits on top of OpenSSL, this one is embedded inside OpenSSL. Full test vectors from RFC8452 are included, except the 0 length plaintext; that is not supported; and I'm not sure it's worthwhile to do so. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18693)
* Correction: uncompressed is the default valueGregoryTrzonkowski2022-07-291-2/+2
| | | | | | | | | | CLA: trivial The description was incorrect. The uncompressed is the default value. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18889)
* Add some documentation for the BIO_s_mem() datagram capabilityMatt Caswell2022-07-281-10/+25
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18596)
* Update EVP_KDF-X942-ASN1.podJoachim Vandersmissen2022-07-281-2/+2
| | | | | | | | | | | Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks like a fallback). Fixed name for OSSL_KDF_PARAM_X942_USE_KEYBITS. CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18878)
* x509_lu.c and x509_vfy.c: improve coding style, comments, and related docDr. David von Oheimb2022-07-265-45/+47
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18840)
* Fix error in LHASH documentationPauli2022-07-261-1/+1
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/18859)
* Fix error in example.Pauli2022-07-221-2/+1
| | | | | | | | Fixes #18828 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18829)
* X509_STORE_CTX_purpose_inherit(): add missing details to its documentationDr. David von Oheimb2022-07-211-3/+7
| | | | | | | | | Fixes #18801 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18830)
* Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg()Dr. David von Oheimb2022-07-202-0/+18
| | | | | | | | | | Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(), and add respective tests as well as the -srvcertout CLI option using the new function. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18656)
* apps/x509: Improve doc fix for -CAserial anc -CAcreateserialDr. David von Oheimb2022-07-191-5/+7
| | | | | | | | | This follows up on https://github.com/openssl/openssl/pull/18373 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18804)
* Add X509_PUBKEY_set0_public_key(), extracted from X509_PUBKEY_set0_param()Dr. David von Oheimb2022-07-191-7/+21
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18668)
* dhparam: Correct the documentation of -dsaparamTomas Mraz2022-07-181-6/+5
| | | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480)
* CMS: add CMS_SignedData_verify(), a variant of CMS_verify() with extensionsDr. David von Oheimb2022-07-162-29/+57
| | | | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18667)
* CMS_add0_cert.pod: various improvements of the descriptionDr. David von Oheimb2022-07-161-14/+20
| | | | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18667)
* Added paragraph to free objects alloced by X509V3_add1_i2d()Allan2022-07-151-23/+26
| | | | | | | | Fixes #18665 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18786)
* Updated X509v3_get_ext_by_NID.pod and X509_CRL_get0_by_serial.podAllan2022-07-152-56/+59
| | | | | | | | | | Updated these to the current documentation style. Moved X509v3_delete_ext() under BUGS to NOTES and added information to call free. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18786)
* openssl-x509.pod.in: fix description of certificate serial number storageDr. David von Oheimb2022-07-141-6/+6
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
* APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use ↵Dr. David von Oheimb2022-07-141-5/+7
| | | | | | | | | | | random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
* OSSL_trace_set_channel.pod and openssl.pod: fix missing/inconsistent ↵Dr. David von Oheimb2022-07-122-11/+59
| | | | | | | | | category items Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18763)
* Add config option for speed commandKan2022-07-111-0/+7
| | | | | | | | Fixed #16986 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18616)
* Add the LibreOffice Draw source for the QUIC overview graphTomas Mraz2022-07-111-0/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18745)
* Updated information for OSSL_SIGNATURE_PARAM_PSS_SALTLENAllan2022-07-061-3/+5
| | | | | | | | Fixes #18066 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18736)
* http_client.c: fix comment and documentation of the memory BIOs usedDr. David von Oheimb2022-07-062-16/+16
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18674)
* OSSL_HTTP_open(): improve use of use_ssl and its documentationDr. David von Oheimb2022-07-061-2/+2
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18674)
* openssl-cmds.pod.in: add missing entry for cmpDr. David von Oheimb2022-07-061-0/+2
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18653)
* Fix typos in SSL_CTX_use_certificate.pod fileEasySec2022-07-061-5/+6
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18087)
* doc: document the event queue internal APIPauli2022-07-061-0/+201
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18345)
* CMP: introduce version 3, while version 2 stays the defaultDr. David von Oheimb2022-07-011-1/+1
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18294)
* Documentation update for EVP_set_default_propertiesslontis2022-06-301-0/+6
| | | | | | | | | | Explicitly state that it is not thread safe. Fixes #18613 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18678)
* Update the default macsaltlen and Add the configure for macsaltlenKan2022-06-301-0/+7
| | | | | | | | | Fixed #18489 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18550)
* SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const ↵olszomal2022-06-281-2/+2
| | | | | | | | | | | | | | SSL_CIPHER *' Fix the documentation. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18599)
* Add missing documentation of OSSL_FUNC_store_export_object()Tomas Mraz2022-06-281-0/+9
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17554)
* Correct doubled OSSL_OSSL when documenting OSSL_FUNC_.._fnTomas Mraz2022-06-285-13/+13
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17554)
* CMS: Export CMS_EnvelopedData and add CMS_EnvelopedData_decrypt()Dr. David von Oheimb2022-06-284-30/+59
| | | | | | | | | Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18301)
* der_writer: Use uint32_t instead of long.Daniel Fiala2022-06-272-4/+4
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18615)
* Add initial demo-driven design demosHugo Landau2022-06-249-0/+2187
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17991)
* Added documentation for PEM_X509_INFO_read() and PEM_X509_INFO_read_bio()Allan2022-06-241-5/+17
| | | | | | | | | | Fixes #18342 Fixes <propq> to I<propq> Updated copyright year Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18623)
* Add deprecation macro for 3.1 and deprecate OPENSSL_LH_statsHugo Landau2022-06-224-5/+32
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17937)
* doc: document the new internal time APIPauli2022-06-221-0/+96
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
* doc: priority queue documentationPauli2022-06-221-0/+125
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18274)
* Add dgram API discussionHugo Landau2022-06-221-0/+487
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18210)
* Fix documentation of BIO_FLAGS_BASE64_NO_NLFraser Tweedale2022-06-161-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5 updated `BIO_f_base64(3)` to improve the documentation of the `BIO_FLAGS_BASE64_NO_NL` flag. In particular, the updated text states that when this flag is used, all newlines in the input are ignored. This is incorrect, as the following program proves: ```c unsigned char *in_buf = "IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n"; int main(int argc, char **argv) { BIO *b64 = BIO_new(BIO_f_base64()); if (b64 == NULL) return 1; BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL); int in_len = strlen(in_buf); BIO *in = BIO_new_mem_buf(in_buf, in_len); if (in == NULL) return 2; in = BIO_push(b64, in); unsigned char *out_buf = calloc(in_len, sizeof(unsigned char)); if (out_buf == NULL) return 3; size_t out_len; int r = BIO_read_ex(in, out_buf, in_len, &out_len); printf("rv = %d\n", r); printf("decoded = %s\n", out_buf); return 0; } ``` Update the text of `BIO_f_base64(3)` to clarify that when the flag is set, the data must be all on one line (with or without a trailing newline character). Signed-off-by: Fraser Tweedale <ftweedal@redhat.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18568)
* Fix for OSSL_PARAM sample code referencing OSSL_PARAM_UTF8_PTRMichael Baentsch2022-06-163-11/+14
| | | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18490)
* Update SIV mode documentationTodd Short2022-06-091-9/+20
| | | | | | | | | Fixes #18440 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18485)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-18 01:44:38 +0000