fix the vague and misleading description of the EVP_MD_FLAG_* constants

author: schwarze <> 2023-09-12 12:11:05 +0000
committer: schwarze <> 2023-09-12 12:11:05 +0000
commit: d4f66fd58741d8da1a8a46df900cfcded61a4af2 (patch)
tree: 16dcf82a5c8cef3aace50928573e0a325fbe2c91 /src/lib
parent: c14354df0ba650d5c2288f522ab61e73e2b8ee6b (diff)
download: openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.tar.gz
openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.tar.bz2
openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.zip
1 files changed, 72 insertions, 22 deletions
diff --git a/src/lib/libcrypto/man/EVP_MD_meth_new.3 b/src/lib/libcrypto/man/EVP_MD_meth_new.3
index 0876312ac3..37b55b9e00 100644
--- a/src/lib/libcrypto/man/EVP_MD_meth_new.3
+++ b/src/lib/libcrypto/man/EVP_MD_meth_new.3
@@ -1,8 +1,25 @@
-.\" $OpenBSD: EVP_MD_meth_new.3,v 1.3 2023/08/12 16:48:23 schwarze Exp $
+.\" $OpenBSD: EVP_MD_meth_new.3,v 1.4 2023/09/12 12:11:05 schwarze Exp $
 .\" selective merge up to:
 .\" OpenSSL man3/EVP_MD_meth_new 0388d212 Dec 14 12:47:07 2018 -0800
 .\"
-.\" This file was written by Richard Levitte <levitte@openssl.org>
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Richard Levitte <levitte@openssl.org>
 .\" Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -49,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 12 2023 $
+.Dd $Mdocdate: September 12 2023 $
 .Dt EVP_MD_METH_NEW 3
 .Os
 .Sh NAME
@@ -179,26 +196,59 @@ sets the flags to describe optional behaviours in the particular
 Several flags can be or'd together.
 The available flags are:
 .Bl -tag -width Ds
-.It EVP_MD_FLAG_ONESHOT
+.It Dv EVP_MD_FLAG_DIGALGID_NULL
-This digest method can only handle one block of input.
+When setting up a
-.It EVP_MD_FLAG_DIGALGID_NULL
+.Vt DigestAlgorithmIdentifier
-When setting up a DigestAlgorithmIdentifier, this flag will have the
+with
-parameter set to NULL by default.
+.Xr X509_ALGOR_set_md 3 ,
+set the parameter type to
+.Dv V_ASN1_NULL
+and the parameter value to
+.Dv NULL .
+This is the default, which means that it takes effect for
+.Vt EVP_MD
+objects that do not have
+.Dv EVP_MD_FLAG_DIGALGID_ABSENT
+set.
 Use this for PKCS#1.
-.Em Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.
+.It Dv EVP_MD_FLAG_DIGALGID_ABSENT
-.It EVP_MD_FLAG_DIGALGID_ABSENT
+When setting up a
-When setting up a DigestAlgorithmIdentifier, this flag will have the
+.Vt DigestAlgorithmIdentifier
-parameter be left absent by default.
+with
-.Em Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.
+.Xr X509_ALGOR_set_md 3 ,
-.It EVP_MD_FLAG_DIGALGID_CUSTOM
+set the parameter type to
-Custom DigestAlgorithmIdentifier handling via ctrl, with
+.Dv V_ASN1_UNDEF
-.Sy EVP_MD_FLAG_DIGALGID_ABSENT
+and the parameter value to
-as default.
+.Dv NULL .
-.Em Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.
+This is used by the
-Currently unused.
+.Vt EVP_MD
-.It EVP_MD_FLAG_FIPS
+objects documented in the manual page
-This digest method is suitable for use in FIPS mode.
+.Xr EVP_sha3_224 3
-Currently unused.
+and by the objects returned from
+.Xr EVP_sha512 3 ,
+.Xr EVP_sha512_256 3 ,
+.Xr EVP_sha512_224 3 ,
+.Xr EVP_sha384 3 ,
+.Xr EVP_sha256 3 ,
+.Xr EVP_sha224 3 ,
+.Xr EVP_sha1 3 ,
+and
+.Xr EVP_sm3 3 .
+.It Dv EVP_MD_FLAG_DIGALGID_CUSTOM
+This flag is reserved for used-defined
+.Vt EVP_MD
+objects supporting custom
+.Vt DigestAlgorithmIdentifier
+handling via
+.Xr EVP_MD_CTX_ctrl 3 ,
+but actually, it is ignored by both LibreSSL and OpenSSL
+and such user-defined behaviour is not supported by the libraries.
+.It Dv EVP_MD_FLAG_FIPS
+Mark the digest method as suitable for FIPS mode.
+This flag is ignored by both LibreSSL and OpenSSL.
+.It Dv EVP_MD_FLAG_ONESHOT
+Intended to indicate that the digest method can only handle one block
+of input, but actually, this flag is ignored by both LibreSSL and OpenSSL.
 .El
 .Pp
 .Fn EVP_MD_meth_set_init
author	schwarze <>	2023-09-12 12:11:05 +0000
committer	schwarze <>	2023-09-12 12:11:05 +0000
commit	d4f66fd58741d8da1a8a46df900cfcded61a4af2 (patch)
tree	16dcf82a5c8cef3aace50928573e0a325fbe2c91 /src/lib
parent	c14354df0ba650d5c2288f522ab61e73e2b8ee6b (diff)
download	openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.tar.gz openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.tar.bz2 openbsd-d4f66fd58741d8da1a8a46df900cfcded61a4af2.zip

diff --git a/src/lib/libcrypto/man/EVP_MD_meth_new.3 b/src/lib/libcrypto/man/EVP_MD_meth_new.3 index 0876312ac3..37b55b9e00 100644 --- a/src/lib/libcrypto/man/EVP_MD_meth_new.3 +++ b/src/lib/libcrypto/man/EVP_MD_meth_new.3
@@ -1,8 +1,25 @@
1	.\" $OpenBSD: EVP_MD_meth_new.3,v 1.3 2023/08/12 16:48:23 schwarze Exp $	1	.\" $OpenBSD: EVP_MD_meth_new.3,v 1.4 2023/09/12 12:11:05 schwarze Exp $
2	.\" selective merge up to:	2	.\" selective merge up to:
3	.\" OpenSSL man3/EVP_MD_meth_new 0388d212 Dec 14 12:47:07 2018 -0800	3	.\" OpenSSL man3/EVP_MD_meth_new 0388d212 Dec 14 12:47:07 2018 -0800
4	.\"	4	.\"
5	.\" This file was written by Richard Levitte <levitte@openssl.org>	5	.\" This file is a derived work.
		6	.\" The changes are covered by the following Copyright and license:
		7	.\"
		8	.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
		9	.\"
		10	.\" Permission to use, copy, modify, and distribute this software for any
		11	.\" purpose with or without fee is hereby granted, provided that the above
		12	.\" copyright notice and this permission notice appear in all copies.
		13	.\"
		14	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		15	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		16	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		17	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		18	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		21	.\"
		22	.\" The original file was written by Richard Levitte <levitte@openssl.org>
6	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.	23	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.
7	.\"	24	.\"
8	.\" Redistribution and use in source and binary forms, with or without	25	.\" Redistribution and use in source and binary forms, with or without
@@ -49,7 +66,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	68	.\"
52	.Dd $Mdocdate: August 12 2023 $	69	.Dd $Mdocdate: September 12 2023 $
53	.Dt EVP_MD_METH_NEW 3	70	.Dt EVP_MD_METH_NEW 3
54	.Os	71	.Os
55	.Sh NAME	72	.Sh NAME
@@ -179,26 +196,59 @@ sets the flags to describe optional behaviours in the particular
179	Several flags can be or'd together.	196	Several flags can be or'd together.
180	The available flags are:	197	The available flags are:
181	.Bl -tag -width Ds	198	.Bl -tag -width Ds
182	.It EVP_MD_FLAG_ONESHOT	199	.It Dv EVP_MD_FLAG_DIGALGID_NULL
183	This digest method can only handle one block of input.	200	When setting up a
184	.It EVP_MD_FLAG_DIGALGID_NULL	201	.Vt DigestAlgorithmIdentifier
185	When setting up a DigestAlgorithmIdentifier, this flag will have the	202	with
186	parameter set to NULL by default.	203	.Xr X509_ALGOR_set_md 3 ,
		204	set the parameter type to
		205	.Dv V_ASN1_NULL
		206	and the parameter value to
		207	.Dv NULL .
		208	This is the default, which means that it takes effect for
		209	.Vt EVP_MD
		210	objects that do not have
		211	.Dv EVP_MD_FLAG_DIGALGID_ABSENT
		212	set.
187	Use this for PKCS#1.	213	Use this for PKCS#1.
188	.Em Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.	214	.It Dv EVP_MD_FLAG_DIGALGID_ABSENT
189	.It EVP_MD_FLAG_DIGALGID_ABSENT	215	When setting up a
190	When setting up a DigestAlgorithmIdentifier, this flag will have the	216	.Vt DigestAlgorithmIdentifier
191	parameter be left absent by default.	217	with
192	.Em Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.	218	.Xr X509_ALGOR_set_md 3 ,
193	.It EVP_MD_FLAG_DIGALGID_CUSTOM	219	set the parameter type to
194	Custom DigestAlgorithmIdentifier handling via ctrl, with	220	.Dv V_ASN1_UNDEF
195	.Sy EVP_MD_FLAG_DIGALGID_ABSENT	221	and the parameter value to
196	as default.	222	.Dv NULL .
197	.Em Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.	223	This is used by the
198	Currently unused.	224	.Vt EVP_MD
199	.It EVP_MD_FLAG_FIPS	225	objects documented in the manual page
200	This digest method is suitable for use in FIPS mode.	226	.Xr EVP_sha3_224 3
201	Currently unused.	227	and by the objects returned from
		228	.Xr EVP_sha512 3 ,
		229	.Xr EVP_sha512_256 3 ,
		230	.Xr EVP_sha512_224 3 ,
		231	.Xr EVP_sha384 3 ,
		232	.Xr EVP_sha256 3 ,
		233	.Xr EVP_sha224 3 ,
		234	.Xr EVP_sha1 3 ,
		235	and
		236	.Xr EVP_sm3 3 .
		237	.It Dv EVP_MD_FLAG_DIGALGID_CUSTOM
		238	This flag is reserved for used-defined
		239	.Vt EVP_MD
		240	objects supporting custom
		241	.Vt DigestAlgorithmIdentifier
		242	handling via
		243	.Xr EVP_MD_CTX_ctrl 3 ,
		244	but actually, it is ignored by both LibreSSL and OpenSSL
		245	and such user-defined behaviour is not supported by the libraries.
		246	.It Dv EVP_MD_FLAG_FIPS
		247	Mark the digest method as suitable for FIPS mode.
		248	This flag is ignored by both LibreSSL and OpenSSL.
		249	.It Dv EVP_MD_FLAG_ONESHOT
		250	Intended to indicate that the digest method can only handle one block
		251	of input, but actually, this flag is ignored by both LibreSSL and OpenSSL.
202	.El	252	.El
203	.Pp	253	.Pp
204	.Fn EVP_MD_meth_set_init	254	.Fn EVP_MD_meth_set_init