| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
for consistency with all the other X509_STORE_*(3) manual pages
|
|
and add a sentence pointing to the detailed description
in RSA_get_ex_new_index(3), worded like in DH_get_ex_new_index(3).
|
|
|
|
|
|
|
|
|
|
still under a free license, tweaked by me
|
|
|
|
The algorithm is insecure and yet its description would spread over
three paragraphs in the cipher list, including remarkable advice
like using a 40 bit key length.
|
|
this moves a large number of functions out of the way that are no
longer the latest and greatest. Also mention a few that were missing.
|
|
that are also documented in OpenSSL 1.1.1 (still under a free license)
|
|
in r1.28 when the AES ciphers were split into their own manual.
|
|
patch from Peter Piwowarski <peterjpiwowarski at gmail dot com>
|
|
AES wrap modes, the function EVP_CIPHER_CTX_set_flags(3) needed to
set it, and the companion functions EVP_CIPHER_CTX_clear_flags(3)
and EVP_CIPHER_CTX_test_flags(3).
With help and an OK from tb@.
|
|
from Jan Stary <hans at stare dot cz>.
Where here, correct one .Vt NULL -> .Dv NULL.
|
|
both resulting pages are still long.
Mention a number of missing functions.
Add some text from the OpenSSL 1.1.1 EVP_aes.pod manual page,
which is still under a free license.
Add missing HISTORY information.
Triggered by tb@ providing EVP_aes_{128,192,256}_wrap(3)
in evp.h rev. 1.74.
|
|
|
|
Document it.
Even though OpenSSL muddles the waters by lumping the description
together with the other EVP_PKEY_get0_*() functions, describe it
separately because a char * has no reference count and because
the function fills in an additional length parameter.
|
|
From Viktor Dukhovni via OpenSSL commit 0df65d82 Jun 12 11:51:53 2018 -0400
which is still under a free license because it is before the 1.1.1 branch point.
While here, add several missing const qualifiers.
|
|
so mention it here, too.
|
|
From David dot von dot Oheimb at siemens dot com
via OpenSSL commit b8c32081 Feb 10 15:45:11 2018 +0100, which is still
under a free license because it is before the 1.1.1 branch point.
|
|
|
|
because CRYPTO_set_locking_callback() is now a no-op
and was never documented in the first place;
no text change;
requested by jmc@ long ago
|
|
and that don't do anything in OpenSSL either;
no significant amount of text remains from OpenSSL, so change the
Copyright information and license of CRYPTO_set_locking_callback.3;
OK inoguchi@ jmc@
|
|
xchacha is a chacha stream that allows for an extended nonce, which
in turn makes it feasible to use random nonces.
ok tb@
|
|
|
|
EVP_ENCODE_CTX_free(3). Docomuent them, in part using text
from OpenSSL that was still published under a free license.
|
|
|
|
about functions that are deprecated, identical to other functions, and
never made sense in the first place.
As deraadt@ points out, we should not hide the information that
matters in a heap of clutter. It would waste reader's time and
make confusion and accidental misuse more likely.
OK deraadt@ jmc@
|
|
EVP_MD_CTX_free() instead if the goal is to avoid leaking memory.
From my corresponding upstream commit, reminded by schwarze
|
|
from Matt Caswell <matt at openssl dot org>
via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000.
|
|
is no need to know at which time BN_pseudo_rand(3) was made the
same as BN_rand(3). Considering that question might even mislead
people to attempt ill-advised #ifdef'ing.
Pointed out by deraadt@.
|
|
Also clarify to which algorithms it applies.
From Matt Caswell <matt at openssl dot org>
via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000.
Document
EVP_PKEY_CTX_get_rsa_padding(3), EVP_PKEY_CTX_get_rsa_pss_saltlen(3),
EVP_PKEY_CTX_set_rsa_mgf1_md(3), and EVP_PKEY_CTX_get_rsa_mgf1_md(3).
From Antoine Salon <asalon at vmware dot com>
via OpenSSL commit 87103969 Oct 1 14:11:57 2018 -0700
from the OpenSSL_1_1_1-stable branch, which is still under a free license.
|
|
Inspired by OpenSSL commit 6da34cfb Jun 2 16:17:32 2018 -0400
by Ken Goldman <kgoldman at us dot ibm dot com>,
but use the same wording as in ASN1_item_new(3) instead.
|
|
from <Matthias dot St dot Pierre at ncp dash e dot com>
via OpenSSL commit 5777254b May 27 09:07:07 2018 +0200.
|
|
via OpenSSL commit 521738e9 Oct 5 14:58:30 2018 -0400
|
|
Say so, and note that OpenSSL followed suit in 1.1.0 according
to OpenSSL commit 5ecff87d Jun 21 13:55:02 2017 +0100.
|
|
argument of 3; from Beat Bolli <dev at drbeat dot li>
via OpenSSL commit bd93f1ac Jul 28 16:45:22 2018 -0400.
|
|
Inspired by OpenSSL commit a130950d Aug 23 12:06:41 2017 -0400
by Rich Salz <rsalz at openssl dot org>, but using a more explicit
wording, and fixing *both* places rather than only half of them.
|
|
inspired by OpenSSL commit 1f13ad31 Dec 25 17:50:39 2017 +0800
by Paul Yang <yang sot yang at baishancloud dot com>,
but without creating a RETURN VALUES section because that makes
no sense here: it would either result in a confusing order of
information or in duplicate information.
|
|
from Jakub Wilk <jwilk at jwilk dot net> via
OpenSSL commit a21285b3 Aug 21 18:30:34 2018 +0200
|
|
|
|
RSA_meth_get_finish() RSA_meth_set1_name() EVP_CIPHER_CTX_(get|set)_iv()
feedback and ok jsing@ tb@
|
|
|
|
|
|
need <openssl/x509.h>. The functions {d2i,i2d}_DSA_params_{bio,fp}(3)
were missing from the manual, so document them. The return values
of the i2d_* functions are left undocumented, as these still need to
be audited.
ok schwarze (lots of input and help as usual)
|
|
|
|
ok jsing
|
