1. Tweak the descriptions of EVP_MD_CTX_ctrl(3), EVP_MD_CTX_set_flags(3),

EVP_MD_CTX_clear_flags(3), EVP_MD_CTX_test_flags(3), and the atrocious EVP_MD_CTX_set_pkey_ctx(3) for precision. 2. Tweak the description of EVP_MD_type(3) and EVP_MD_CTX_type(3) for conciseness. 3. Add a few missing HISTORY bits.
author: schwarze <> 2023-08-12 16:12:19 +0000
committer: schwarze <> 2023-08-12 16:12:19 +0000
commit: 13c9e76d97efaceda625defc428aa31024f6fbef (patch)
tree: 63df11f5a271c86fc6dc922d2d34972461d2c7e7
parent: 985b27017507aa978afdd5c40588f1bb578ca290 (diff)
download: openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.tar.gz
openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.tar.bz2
openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.zip
1 files changed, 107 insertions, 52 deletions
diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3
index 08b64b59b2..6c75adcc98 100644
--- a/src/lib/libcrypto/man/EVP_DigestInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,11 +1,11 @@
-.\" $OpenBSD: EVP_DigestInit.3,v 1.26 2023/08/11 18:08:43 schwarze Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.27 2023/08/12 16:12:19 schwarze Exp $
 .\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
 .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
 .\" This file is a derived work.
 .\" The changes are covered by the following Copyright and license:
 .\"
-.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
+.\" Copyright (c) 2019, 2023 Ingo Schwarze <schwarze@openbsd.org>
 .\"
 .\" Permission to use, copy, modify, and distribute this software for any
 .\" purpose with or without fee is hereby granted, provided that the above
@@ -70,7 +70,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 11 2023 $
+.Dd $Mdocdate: August 12 2023 $
 .Dt EVP_DIGESTINIT 3
 .Os
 .Sh NAME
@@ -150,7 +150,7 @@
 .Ft int
 .Fo EVP_MD_CTX_ctrl
 .Fa "EVP_MD_CTX *ctx"
-.Fa "int cmd"
+.Fa "int command"
 .Fa "int p1"
 .Fa "void* p2"
 .Fc
@@ -339,43 +339,67 @@ and
 respectively.
 .Pp
 .Fn EVP_MD_CTX_ctrl
-performs digest-specific control actions on the context
+performs the digest-specific control
-.Fa ctx .
+.Fa command
-The control command is indicated in
+with the command-specific arguments
-.Fa cmd
-and any additional arguments in
 .Fa p1
 and
-.Fa p2 .
+.Fa p2
-.Fn EVP_MD_CTX_ctrl
+on
-must be called after
+.Fa ctx ,
-.Fn EVP_DigestInit_ex .
+which needs to already be set up with
-Other restrictions may apply depending on the control type
+.Fn EVP_DigestInit_ex
+before calling this function.
+Other restrictions may apply depending on the control
+.Fa command
 and digest implementation.
 .Pp
 If the
-.Fa cmd
+.Fa command
 is
 .Dv EVP_MD_CTRL_MICALG ,
-the digest Message Integrity Check algorithm string is written to
+.Fa p1
-.Pf * p2 .
+is ignored and
-This is used when creating S/MIME multipart/signed messages
+.Fa p2
-as specified in RFC 3851.
+is an output argument of the type
-.Pp
+.Fa "char **p2" .
-.Fn EVP_MD_CTX_set_flags ,
+A string specifying the digest Message Integrity Check algorithm
-.Fn EVP_MD_CTX_clear_flags ,
+is allocated and a pointer to this string is returned in
-and
+.Pf * Fa p2 .
-.Fn EVP_MD_CTX_test_flags
+It is the responsibility of the caller to
-set, clear and test the following
+.Xr free 3
+.Pf * Fa p2
+when it is no longer needed.
+This
+.Fa command
+is used by
+.Xr SMIME_write_ASN1 3
+when creating S/MIME multipart/signed messages as specified in RFC 3851.
+.Pp
+.Fn EVP_MD_CTX_set_flags
+sets and
+.Fn EVP_MD_CTX_clear_flags
+clears all the flag bits in
 .Fa ctx
-flags:
+that are set in the
+.Fa flags
+argument.
+.Fn EVP_MD_CTX_test_flags
+tests which of the flag bits that are set in the
+.Fa flags
+argument are also set in
+.Fa ctx .
+Possible flag bits are:
 .Bl -tag -width Ds -offset 2n
 .It Dv EVP_MD_CTX_FLAG_NO_INIT
 Instruct
-.Fn EVP_DigestInit
+.Fn EVP_DigestInit_ex
-and similar functions not to initialise the implementation specific data.
+and functions calling it not to initialise the internal data
+that is specific to the digest method and its implementation.
 .It Dv EVP_MD_CTX_FLAG_ONESHOT
 Instruct the digest to optimize for one update only, if possible.
+For digest algorithms built into the library, this flag usually
+has no effect.
 .El
 .Pp
 .Fn EVP_DigestInit_ex
@@ -508,19 +532,15 @@ or an
 .Vt EVP_MD_CTX
 structure.
 .Pp
-.Fn EVP_MD_type ,
+.Fn EVP_MD_type
-.Fn EVP_MD_pkey_type ,
 and
 .Fn EVP_MD_CTX_type
-return the NID of the OBJECT IDENTIFIER representing the given message
+return the NID of the OBJECT IDENTIFIER representing the message digest.
-digest when passed an
-.Vt EVP_MD
-structure.
 For example
 .Fn EVP_MD_type EVP_sha1()
 returns
 .Dv NID_sha1 .
-This function is normally used when setting ASN.1 OIDs.
+These functions are normally used when setting ASN.1 OIDs.
 .Pp
 .Fn EVP_MD_CTX_md_data
 returns the digest method private data of
@@ -561,27 +581,43 @@ assigns
 .Fa pctx
 to
 .Fa ctx .
-This is usually used to provide a customized
+This is normally used to provide a customized
 .Vt EVP_PKEY_CTX
 to
 .Xr EVP_DigestSignInit 3
 or
 .Xr EVP_DigestVerifyInit 3 .
-The
+The caller retains ownership of the
 .Fa pctx
-passed to this function should be freed by the caller.
+passed to this function and is responsible for freeing it
-A
+when it is no longer needed.
+.Pp
+If the
+.Fa ctx
+already contains a
+.Vt EVP_PKEY_CTX
+when this function is called, that old
+.Vt EVP_PKEY_CTX
+is freed if it was created internally, but if it was also installed with
+.Fn EVP_MD_CTX_set_pkey_ctx ,
+the pointer to the old
+.Vt EVP_PKEY_CTX
+is merely replaced by the new pointer and ownership of the old
+.Vt EVP_PKEY_CTX
+remains with the previous caller.
+.Pp
+Passing a
 .Dv NULL
+pointer for the
 .Fa pctx
-pointer is also allowed to clear the
+argument is also allowed.
-.Vt EVP_PKEY_CTX
+In that case, any
-assigned to
-.Fa ctx .
-In this case, freeing the cleared
 .Vt EVP_PKEY_CTX
-or not depends on how the
+already assigned to
+.Fa ctx
+is dissociated from it as described above, but no new
 .Vt EVP_PKEY_CTX
-was created.
+is assigned.
 .Pp
 .Fn EVP_md5 ,
 .Fn EVP_sha1 ,
@@ -688,6 +724,12 @@ and
 .Fn EVP_MD_CTX_copy
 return 1 for success or 0 for failure.
 .Pp
+.Fn EVP_MD_CTX_test_flags
+returns the bitwise OR of the
+.Fa flags
+argument and the flags set in
+.Fa ctx .
+.Pp
 .Fn EVP_MD_type ,
 .Fn EVP_MD_pkey_type ,
 and
@@ -846,6 +888,9 @@ first appeared in OpenSSL 0.9.5 and has been available since
 .Fn EVP_MD_CTX_create ,
 .Fn EVP_MD_CTX_cleanup ,
 .Fn EVP_MD_CTX_destroy ,
+.Fn EVP_MD_CTX_set_flags ,
+.Fn EVP_MD_CTX_clear_flags ,
+.Fn EVP_MD_CTX_test_flags ,
 .Fn EVP_DigestInit_ex ,
 .Fn EVP_DigestFinal_ex ,
 .Fn EVP_Digest ,
@@ -863,11 +908,10 @@ first appeared in OpenSSL 0.9.7h and 0.9.8a
 and have been available since
 .Ox 4.0 .
 .Pp
-.Fn EVP_sha512_224
+.Fn EVP_MD_flags
-and
+first appeared in OpenSSL 1.0.0
-.Fn EVP_sha512_256
+and has been available since
-first appeared in OpenSSL 1.1.1 and has been available since
+.Ox 4.9 .
-.Ox 7.4 .
 .Pp
 .Fn EVP_MD_CTX_ctrl
 first appeared in OpenSSL 1.1.0 and has been available since
@@ -881,10 +925,21 @@ and
 first appeared in OpenSSL 1.1.0 and have been available since
 .Ox 6.3 .
 .Pp
+.Fn EVP_MD_CTX_md_data
+and
+.Fn EVP_MD_CTX_pkey_ctx
+first appeared in OpenSSL 1.1.0 and
 .Fn EVP_MD_CTX_set_pkey_ctx
-first appeared in OpenSSL 1.1.1 and has been available since
+in OpenSSL 1.1.1.
+These functions have been available since
 .Ox 7.1 .
 .Pp
+.Fn EVP_sha512_224
+and
+.Fn EVP_sha512_256
+first appeared in OpenSSL 1.1.1 and have been available since
+.Ox 7.4 .
+.Pp
 The link between digests and signing algorithms was fixed in OpenSSL 1.0
 and later, so now
 .Fn EVP_sha1
author	schwarze <>	2023-08-12 16:12:19 +0000
committer	schwarze <>	2023-08-12 16:12:19 +0000
commit	13c9e76d97efaceda625defc428aa31024f6fbef (patch)
tree	63df11f5a271c86fc6dc922d2d34972461d2c7e7
parent	985b27017507aa978afdd5c40588f1bb578ca290 (diff)
download	openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.tar.gz openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.tar.bz2 openbsd-13c9e76d97efaceda625defc428aa31024f6fbef.zip

diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3 index 08b64b59b2..6c75adcc98 100644 --- a/src/lib/libcrypto/man/EVP_DigestInit.3 +++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,11 +1,11 @@
1	.\" $OpenBSD: EVP_DigestInit.3,v 1.26 2023/08/11 18:08:43 schwarze Exp $	1	.\" $OpenBSD: EVP_DigestInit.3,v 1.27 2023/08/12 16:12:19 schwarze Exp $
2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000	2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
3	.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100	3	.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4	.\"	4	.\"
5	.\" This file is a derived work.	5	.\" This file is a derived work.
6	.\" The changes are covered by the following Copyright and license:	6	.\" The changes are covered by the following Copyright and license:
7	.\"	7	.\"
8	.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>	8	.\" Copyright (c) 2019, 2023 Ingo Schwarze <schwarze@openbsd.org>
9	.\"	9	.\"
10	.\" Permission to use, copy, modify, and distribute this software for any	10	.\" Permission to use, copy, modify, and distribute this software for any
11	.\" purpose with or without fee is hereby granted, provided that the above	11	.\" purpose with or without fee is hereby granted, provided that the above
@@ -70,7 +70,7 @@
70	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	70	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
71	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	71	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
72	.\"	72	.\"
73	.Dd $Mdocdate: August 11 2023 $	73	.Dd $Mdocdate: August 12 2023 $
74	.Dt EVP_DIGESTINIT 3	74	.Dt EVP_DIGESTINIT 3
75	.Os	75	.Os
76	.Sh NAME	76	.Sh NAME
@@ -150,7 +150,7 @@
150	.Ft int	150	.Ft int
151	.Fo EVP_MD_CTX_ctrl	151	.Fo EVP_MD_CTX_ctrl
152	.Fa "EVP_MD_CTX *ctx"	152	.Fa "EVP_MD_CTX *ctx"
153	.Fa "int cmd"	153	.Fa "int command"
154	.Fa "int p1"	154	.Fa "int p1"
155	.Fa "void* p2"	155	.Fa "void* p2"
156	.Fc	156	.Fc
@@ -339,43 +339,67 @@ and
339	respectively.	339	respectively.
340	.Pp	340	.Pp
341	.Fn EVP_MD_CTX_ctrl	341	.Fn EVP_MD_CTX_ctrl
342	performs digest-specific control actions on the context	342	performs the digest-specific control
343	.Fa ctx .	343	.Fa command
344	The control command is indicated in	344	with the command-specific arguments
345	.Fa cmd
346	and any additional arguments in
347	.Fa p1	345	.Fa p1
348	and	346	and
349	.Fa p2 .	347	.Fa p2
350	.Fn EVP_MD_CTX_ctrl	348	on
351	must be called after	349	.Fa ctx ,
352	.Fn EVP_DigestInit_ex .	350	which needs to already be set up with
353	Other restrictions may apply depending on the control type	351	.Fn EVP_DigestInit_ex
		352	before calling this function.
		353	Other restrictions may apply depending on the control
		354	.Fa command
354	and digest implementation.	355	and digest implementation.
355	.Pp	356	.Pp
356	If the	357	If the
357	.Fa cmd	358	.Fa command
358	is	359	is
359	.Dv EVP_MD_CTRL_MICALG ,	360	.Dv EVP_MD_CTRL_MICALG ,
360	the digest Message Integrity Check algorithm string is written to	361	.Fa p1
361	.Pf * p2 .	362	is ignored and
362	This is used when creating S/MIME multipart/signed messages	363	.Fa p2
363	as specified in RFC 3851.	364	is an output argument of the type
364	.Pp	365	.Fa "char **p2" .
365	.Fn EVP_MD_CTX_set_flags ,	366	A string specifying the digest Message Integrity Check algorithm
366	.Fn EVP_MD_CTX_clear_flags ,	367	is allocated and a pointer to this string is returned in
367	and	368	.Pf * Fa p2 .
368	.Fn EVP_MD_CTX_test_flags	369	It is the responsibility of the caller to
369	set, clear and test the following	370	.Xr free 3
		371	.Pf * Fa p2
		372	when it is no longer needed.
		373	This
		374	.Fa command
		375	is used by
		376	.Xr SMIME_write_ASN1 3
		377	when creating S/MIME multipart/signed messages as specified in RFC 3851.
		378	.Pp
		379	.Fn EVP_MD_CTX_set_flags
		380	sets and
		381	.Fn EVP_MD_CTX_clear_flags
		382	clears all the flag bits in
370	.Fa ctx	383	.Fa ctx
371	flags:	384	that are set in the
		385	.Fa flags
		386	argument.
		387	.Fn EVP_MD_CTX_test_flags
		388	tests which of the flag bits that are set in the
		389	.Fa flags
		390	argument are also set in
		391	.Fa ctx .
		392	Possible flag bits are:
372	.Bl -tag -width Ds -offset 2n	393	.Bl -tag -width Ds -offset 2n
373	.It Dv EVP_MD_CTX_FLAG_NO_INIT	394	.It Dv EVP_MD_CTX_FLAG_NO_INIT
374	Instruct	395	Instruct
375	.Fn EVP_DigestInit	396	.Fn EVP_DigestInit_ex
376	and similar functions not to initialise the implementation specific data.	397	and functions calling it not to initialise the internal data
		398	that is specific to the digest method and its implementation.
377	.It Dv EVP_MD_CTX_FLAG_ONESHOT	399	.It Dv EVP_MD_CTX_FLAG_ONESHOT
378	Instruct the digest to optimize for one update only, if possible.	400	Instruct the digest to optimize for one update only, if possible.
		401	For digest algorithms built into the library, this flag usually
		402	has no effect.
379	.El	403	.El
380	.Pp	404	.Pp
381	.Fn EVP_DigestInit_ex	405	.Fn EVP_DigestInit_ex
@@ -508,19 +532,15 @@ or an
508	.Vt EVP_MD_CTX	532	.Vt EVP_MD_CTX
509	structure.	533	structure.
510	.Pp	534	.Pp
511	.Fn EVP_MD_type ,	535	.Fn EVP_MD_type
512	.Fn EVP_MD_pkey_type ,
513	and	536	and
514	.Fn EVP_MD_CTX_type	537	.Fn EVP_MD_CTX_type
515	return the NID of the OBJECT IDENTIFIER representing the given message	538	return the NID of the OBJECT IDENTIFIER representing the message digest.
516	digest when passed an
517	.Vt EVP_MD
518	structure.
519	For example	539	For example
520	.Fn EVP_MD_type EVP_sha1()	540	.Fn EVP_MD_type EVP_sha1()
521	returns	541	returns
522	.Dv NID_sha1 .	542	.Dv NID_sha1 .
523	This function is normally used when setting ASN.1 OIDs.	543	These functions are normally used when setting ASN.1 OIDs.
524	.Pp	544	.Pp
525	.Fn EVP_MD_CTX_md_data	545	.Fn EVP_MD_CTX_md_data
526	returns the digest method private data of	546	returns the digest method private data of
@@ -561,27 +581,43 @@ assigns
561	.Fa pctx	581	.Fa pctx
562	to	582	to
563	.Fa ctx .	583	.Fa ctx .
564	This is usually used to provide a customized	584	This is normally used to provide a customized
565	.Vt EVP_PKEY_CTX	585	.Vt EVP_PKEY_CTX
566	to	586	to
567	.Xr EVP_DigestSignInit 3	587	.Xr EVP_DigestSignInit 3
568	or	588	or
569	.Xr EVP_DigestVerifyInit 3 .	589	.Xr EVP_DigestVerifyInit 3 .
570	The	590	The caller retains ownership of the
571	.Fa pctx	591	.Fa pctx
572	passed to this function should be freed by the caller.	592	passed to this function and is responsible for freeing it
573	A	593	when it is no longer needed.
		594	.Pp
		595	If the
		596	.Fa ctx
		597	already contains a
		598	.Vt EVP_PKEY_CTX
		599	when this function is called, that old
		600	.Vt EVP_PKEY_CTX
		601	is freed if it was created internally, but if it was also installed with
		602	.Fn EVP_MD_CTX_set_pkey_ctx ,
		603	the pointer to the old
		604	.Vt EVP_PKEY_CTX
		605	is merely replaced by the new pointer and ownership of the old
		606	.Vt EVP_PKEY_CTX
		607	remains with the previous caller.
		608	.Pp
		609	Passing a
574	.Dv NULL	610	.Dv NULL
		611	pointer for the
575	.Fa pctx	612	.Fa pctx
576	pointer is also allowed to clear the	613	argument is also allowed.
577	.Vt EVP_PKEY_CTX	614	In that case, any
578	assigned to
579	.Fa ctx .
580	In this case, freeing the cleared
581	.Vt EVP_PKEY_CTX	615	.Vt EVP_PKEY_CTX
582	or not depends on how the	616	already assigned to
		617	.Fa ctx
		618	is dissociated from it as described above, but no new
583	.Vt EVP_PKEY_CTX	619	.Vt EVP_PKEY_CTX
584	was created.	620	is assigned.
585	.Pp	621	.Pp
586	.Fn EVP_md5 ,	622	.Fn EVP_md5 ,
587	.Fn EVP_sha1 ,	623	.Fn EVP_sha1 ,
@@ -688,6 +724,12 @@ and
688	.Fn EVP_MD_CTX_copy	724	.Fn EVP_MD_CTX_copy
689	return 1 for success or 0 for failure.	725	return 1 for success or 0 for failure.
690	.Pp	726	.Pp
		727	.Fn EVP_MD_CTX_test_flags
		728	returns the bitwise OR of the
		729	.Fa flags
		730	argument and the flags set in
		731	.Fa ctx .
		732	.Pp
691	.Fn EVP_MD_type ,	733	.Fn EVP_MD_type ,
692	.Fn EVP_MD_pkey_type ,	734	.Fn EVP_MD_pkey_type ,
693	and	735	and
@@ -846,6 +888,9 @@ first appeared in OpenSSL 0.9.5 and has been available since
846	.Fn EVP_MD_CTX_create ,	888	.Fn EVP_MD_CTX_create ,
847	.Fn EVP_MD_CTX_cleanup ,	889	.Fn EVP_MD_CTX_cleanup ,
848	.Fn EVP_MD_CTX_destroy ,	890	.Fn EVP_MD_CTX_destroy ,
		891	.Fn EVP_MD_CTX_set_flags ,
		892	.Fn EVP_MD_CTX_clear_flags ,
		893	.Fn EVP_MD_CTX_test_flags ,
849	.Fn EVP_DigestInit_ex ,	894	.Fn EVP_DigestInit_ex ,
850	.Fn EVP_DigestFinal_ex ,	895	.Fn EVP_DigestFinal_ex ,
851	.Fn EVP_Digest ,	896	.Fn EVP_Digest ,
@@ -863,11 +908,10 @@ first appeared in OpenSSL 0.9.7h and 0.9.8a
863	and have been available since	908	and have been available since
864	.Ox 4.0 .	909	.Ox 4.0 .
865	.Pp	910	.Pp
866	.Fn EVP_sha512_224	911	.Fn EVP_MD_flags
867	and	912	first appeared in OpenSSL 1.0.0
868	.Fn EVP_sha512_256	913	and has been available since
869	first appeared in OpenSSL 1.1.1 and has been available since	914	.Ox 4.9 .
870	.Ox 7.4 .
871	.Pp	915	.Pp
872	.Fn EVP_MD_CTX_ctrl	916	.Fn EVP_MD_CTX_ctrl
873	first appeared in OpenSSL 1.1.0 and has been available since	917	first appeared in OpenSSL 1.1.0 and has been available since
@@ -881,10 +925,21 @@ and
881	first appeared in OpenSSL 1.1.0 and have been available since	925	first appeared in OpenSSL 1.1.0 and have been available since
882	.Ox 6.3 .	926	.Ox 6.3 .
883	.Pp	927	.Pp
		928	.Fn EVP_MD_CTX_md_data
		929	and
		930	.Fn EVP_MD_CTX_pkey_ctx
		931	first appeared in OpenSSL 1.1.0 and
884	.Fn EVP_MD_CTX_set_pkey_ctx	932	.Fn EVP_MD_CTX_set_pkey_ctx
885	first appeared in OpenSSL 1.1.1 and has been available since	933	in OpenSSL 1.1.1.
		934	These functions have been available since
886	.Ox 7.1 .	935	.Ox 7.1 .
887	.Pp	936	.Pp
		937	.Fn EVP_sha512_224
		938	and
		939	.Fn EVP_sha512_256
		940	first appeared in OpenSSL 1.1.1 and have been available since
		941	.Ox 7.4 .
		942	.Pp
888	The link between digests and signing algorithms was fixed in OpenSSL 1.0	943	The link between digests and signing algorithms was fixed in OpenSSL 1.0
889	and later, so now	944	and later, so now
890	.Fn EVP_sha1	945	.Fn EVP_sha1