Unify description of the obsolete ENGINE parameter

This uses the same language in most manuals mentioning the obsolete ENGINE parameters. Make it clear that it is always ignored and that NULL should be passed. Always call it engine instead of a mix of e pe, impl, eng.
author: tb <> 2024-07-21 08:36:43 +0000
committer: tb <> 2024-07-21 08:36:43 +0000
commit: 4688a563b5da8909cc64fcc7369b1ec5491d5d58 (patch)
tree: ed0c4a447622751595335dd0ea2ec812761b3861 /src/lib
parent: bb0cbaff332e2117f157bdcb8acfe6689a081e39 (diff)
download: openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.tar.gz
openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.tar.bz2
openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.zip
14 files changed, 130 insertions, 142 deletions
diff --git a/src/lib/libcrypto/man/DH_get0_pqg.3 b/src/lib/libcrypto/man/DH_get0_pqg.3
index 340d50757b..eb012980f9 100644
--- a/src/lib/libcrypto/man/DH_get0_pqg.3
+++ b/src/lib/libcrypto/man/DH_get0_pqg.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: DH_get0_pqg.3,v 1.7 2023/03/06 13:25:46 tb Exp $
+.\" $OpenBSD: DH_get0_pqg.3,v 1.8 2024/07/21 08:36:43 tb Exp $
 .\" selective merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100
 .\"
 .\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 6 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt DH_GET0_PQG 3
 .Os
 .Sh NAME
@@ -307,15 +307,8 @@ or 0 if none of the given
 are set.
 .Pp
 .Fn DH_get0_engine
-returns a pointer to the
+always returns
-.Vt ENGINE
+.Dv NULL .
-used by the
-.Vt DH
-object
-.Fa dh ,
-or
-.Dv NULL
-if no engine was set for this object.
 .Sh SEE ALSO
 .Xr DH_generate_key 3 ,
 .Xr DH_generate_parameters 3 ,
diff --git a/src/lib/libcrypto/man/DSA_get0_pqg.3 b/src/lib/libcrypto/man/DSA_get0_pqg.3
index 8639b0115b..b82affba66 100644
--- a/src/lib/libcrypto/man/DSA_get0_pqg.3
+++ b/src/lib/libcrypto/man/DSA_get0_pqg.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: DSA_get0_pqg.3,v 1.10 2023/12/29 22:37:47 tb Exp $
+.\" $OpenBSD: DSA_get0_pqg.3,v 1.11 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL e90fc053 Jul 15 09:39:45 2017 -0400
 .\"
 .\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 29 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt DSA_GET0_PQG 3
 .Os
 .Sh NAME
@@ -283,15 +283,8 @@ or 0 if none of the given
 are set.
 .Pp
 .Fn DSA_get0_engine
-returns a pointer to the
+always returns
-.Vt ENGINE
+.Dv NULL .
-used by the
-.Vt DSA
-object
-Fa d ,
-or
-.Dv NULL
-if no engine was set for this object.
 .Sh SEE ALSO
 .Xr DSA_do_sign 3 ,
 .Xr DSA_dup_DH 3 ,
diff --git a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3 b/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
index 489bd3ac66..79c16ef014 100644
--- a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
+++ b/src/lib/libcrypto/man/EC_KEY_METHOD_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.3 2023/08/29 10:07:42 tb Exp $
+.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.4 2024/07/21 08:36:43 tb Exp $
 .\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
 .\"
 .\" Permission to use, copy, modify, and distribute this software for any
@@ -13,7 +13,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: August 29 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EC_KEY_METHOD_NEW 3
 .Os
 .Sh NAME
@@ -262,17 +262,15 @@ is
 .Fn EC_KEY_new_method
 creates and initializes a new
 .Vt EC_KEY
-object using the given
+object using the
-.Fa engine ,
-or the using the
 .Vt EC_KEY_METHOD
 set with
-.Fn EC_KEY_set_default_method
+.Fn EC_KEY_set_default_method .
-if
+The
-.Fa engine
+.Fa ENGINE *engine
-is
+argument is always ignored and passing
-.Dv NULL ,
+.Dv NULL
-or using the default EC_KEY implementation by default.
+is recommended.
 .Pp
 .Fn EC_KEY_set_method
 dissociates the
diff --git a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
index 01692c93e6..8b3b8adb0f 100644
--- a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
+++ b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.15 2023/09/12 13:58:06 schwarze Exp $
+.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.16 2024/07/21 08:36:43 tb Exp $
 .\"
 .\" Copyright (c) 2014, Google Inc.
 .\" Parts of the text were written by Adam Langley and David Benjamin.
@@ -17,7 +17,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 12 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_AEAD_CTX_INIT 3
 .Os
 .Sh NAME
@@ -51,7 +51,7 @@
 .Fa "const unsigned char *key"
 .Fa "size_t key_len"
 .Fa "size_t tag_len"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft void
 .Fo EVP_AEAD_CTX_cleanup
@@ -142,11 +142,11 @@ initializes the context
 for the given AEAD algorithm
 .Fa aead .
 The
-.Fa impl
+.Fa engine
 argument must be
 .Dv NULL
 for the default implementation;
-other values are currently not supported.
+other values are not supported.
 Authentication tags may be truncated by passing a tag length.
 A
 .Fa tag_len
diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3
index bb7a847d4f..c825725009 100644
--- a/src/lib/libcrypto/man/EVP_DigestInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_DigestInit.3,v 1.33 2024/03/19 17:34:05 tb Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.34 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
 .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
@@ -70,7 +70,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 19 2024 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_DIGESTINIT 3
 .Os
 .Sh NAME
@@ -132,7 +132,7 @@
 .Fo EVP_DigestInit_ex
 .Fa "EVP_MD_CTX *ctx"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft int
 .Fo EVP_DigestUpdate
@@ -153,7 +153,7 @@
 .Fa "unsigned char *md"
 .Fa "unsigned int *s"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft int
 .Fo EVP_MD_CTX_copy_ex
@@ -249,21 +249,16 @@ respectively.
 sets up the digest context
 .Fa ctx
 to use a digest
-.Fa type
+.Fa type .
-from
-.Vt ENGINE
-.Fa impl .
 The
 .Fa type
 will typically be supplied by a function such as
 .Fn EVP_sha512 .
-If
+The
-.Fa impl
+.Fa ENGINE *engine
-is
+argument is always ignored and passing
-.Dv NULL ,
+.Dv NULL
-then the default implementation of digest
+is recommended.
-.Fa type
-is used.
 .Pp
 .Fn EVP_DigestUpdate
 hashes
@@ -306,9 +301,6 @@ bytes of data at
 .Fa d
 using the digest
 .Fa type
-from
-.Vt ENGINE
-.Fa impl
 in a one-shot operation and place the digest value into
 .Fa md ,
 and, unless
@@ -323,6 +315,11 @@ This wrapper uses a temporary digest context and passes its arguments to
 and
 .Fn EVP_DigestFinal_ex
 internally.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn EVP_MD_CTX_copy_ex
 can be used to copy the message digest state from
@@ -335,8 +332,7 @@ differ in the last few bytes.
 .Fn EVP_DigestInit
 is a deprecated function behaving like
 .Fn EVP_DigestInit_ex
-except that it always uses the default digest implementation
+except that it requires
-and that it requires
 .Fn EVP_MD_CTX_reset
 before it can be used on a context that was already used.
 .Pp
@@ -399,11 +395,11 @@ in preference to the low-level interfaces.
 This is because the code then becomes transparent to the digest used and
 much more flexible.
 .Pp
-For most applications the
+The
-.Fa impl
+.Fa ENGINE *engine
-parameter to
+argument is always ignored and passing
-.Fn EVP_DigestInit_ex
+.Dv NULL
-will be set to NULL to use the default digest implementation.
+is recommended.
 .Pp
 The functions
 .Fn EVP_DigestInit ,
@@ -418,8 +414,7 @@ New applications should use
 and
 .Fn EVP_MD_CTX_copy_ex
 because they can efficiently reuse a digest context instead of
-initializing and cleaning it up on each call and allow non-default
+initializing and cleaning it up on each call.
-implementations of digests to be specified.
 .Pp
 If digest contexts are not cleaned up after use, memory leaks will occur.
 .Sh RETURN VALUES
diff --git a/src/lib/libcrypto/man/EVP_DigestSignInit.3 b/src/lib/libcrypto/man/EVP_DigestSignInit.3
index de6e57c2cd..92b656a106 100644
--- a/src/lib/libcrypto/man/EVP_DigestSignInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestSignInit.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: EVP_DigestSignInit.3,v 1.12 2022/01/15 09:08:51 tb Exp $
+.\"     $OpenBSD: EVP_DigestSignInit.3,v 1.13 2024/07/21 08:36:43 tb Exp $
 .\"     OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 15 2022 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_DIGESTSIGNINIT 3
 .Os
 .Sh NAME
@@ -65,7 +65,7 @@
 .Fa "EVP_MD_CTX *ctx"
 .Fa "EVP_PKEY_CTX **pctx"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "EVP_PKEY *pkey"
 .Fc
 .Ft int
@@ -97,11 +97,13 @@ sets up the signing context
 .Fa ctx
 to use the digest
 .Fa type
-from
-.Vt ENGINE
-.Fa e
 and private key
 .Fa pkey .
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Fa ctx
 must be initialized with
 .Xr EVP_MD_CTX_init 3
diff --git a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3
index 0eb3143467..b3286bf201 100644
--- a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: EVP_DigestVerifyInit.3,v 1.14 2022/01/15 09:08:51 tb Exp $
+.\"     $OpenBSD: EVP_DigestVerifyInit.3,v 1.15 2024/07/21 08:36:43 tb Exp $
 .\"     OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 15 2022 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_DIGESTVERIFYINIT 3
 .Os
 .Sh NAME
@@ -65,7 +65,7 @@
 .Fa "EVP_MD_CTX *ctx"
 .Fa "EVP_PKEY_CTX **pctx"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "EVP_PKEY *pkey"
 .Fc
 .Ft int
@@ -97,9 +97,6 @@ sets up verification context
 .Fa ctx
 to use digest
 .Fa type
-from
-.Vt ENGINE
-.Fa e
 and public key
 .Fa pkey .
 .Fa ctx
@@ -124,6 +121,11 @@ value returned must not be freed directly by the application.
 It will be freed automatically when the
 .Vt EVP_MD_CTX
 is freed.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn EVP_DigestVerifyUpdate
 hashes
diff --git a/src/lib/libcrypto/man/EVP_EncryptInit.3 b/src/lib/libcrypto/man/EVP_EncryptInit.3
index e8d22d8677..a0adfbab09 100644
--- a/src/lib/libcrypto/man/EVP_EncryptInit.3
+++ b/src/lib/libcrypto/man/EVP_EncryptInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_EncryptInit.3,v 1.51 2023/12/26 22:13:00 schwarze Exp $
+.\" $OpenBSD: EVP_EncryptInit.3,v 1.52 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
 .\"   EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod
 .\"   7c6d372a Nov 20 13:20:01 2018 +0000
@@ -69,7 +69,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 26 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_ENCRYPTINIT 3
 .Os
 .Sh NAME
@@ -142,7 +142,7 @@
 .Fo EVP_EncryptInit_ex
 .Fa "EVP_CIPHER_CTX *ctx"
 .Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *key"
 .Fa "const unsigned char *iv"
 .Fc
@@ -164,7 +164,7 @@
 .Fo EVP_DecryptInit_ex
 .Fa "EVP_CIPHER_CTX *ctx"
 .Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *key"
 .Fa "const unsigned char *iv"
 .Fc
@@ -186,7 +186,7 @@
 .Fo EVP_CipherInit_ex
 .Fa "EVP_CIPHER_CTX *ctx"
 .Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *key"
 .Fa "const unsigned char *iv"
 .Fa "int enc"
@@ -361,7 +361,7 @@ is the IV to use (if necessary).
 The actual number of bytes used for the
 key and IV depends on the cipher.
 The
-.Fa ENGINE *impl
+.Fa ENGINE *engine
 argument is always ignored and passing
 .Dv NULL
 is recommended.
diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3
index 7a72ac18fa..cc0f5f16dc 100644
--- a/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3
+++ b/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.13 2023/09/09 14:39:09 schwarze Exp $
+.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.14 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
 .\"
 .\" This file is a derived work.
@@ -65,7 +65,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 9 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_PKEY_CTX_NEW 3
 .Os
 .Sh NAME
@@ -79,12 +79,12 @@
 .Ft EVP_PKEY_CTX *
 .Fo EVP_PKEY_CTX_new
 .Fa "EVP_PKEY *pkey"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fc
 .Ft EVP_PKEY_CTX *
 .Fo EVP_PKEY_CTX_new_id
 .Fa "int id"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fc
 .Ft EVP_PKEY_CTX *
 .Fo EVP_PKEY_CTX_dup
@@ -99,26 +99,23 @@ The
 .Fn EVP_PKEY_CTX_new
 function allocates a public key algorithm context using the algorithm
 specified in
-.Fa pkey
+.Fa pkey .
-and using
+The
-.Fa e
+.Fa ENGINE *engine
-unless it is
+argument is always ignored and passing
-.Dv NULL .
+.Dv NULL
-If
+is recommended.
-.Fa pkey
-is associated with an engine, that engine is used and
-.Fa e
-is ignored.
 .Pp
 The
 .Fn EVP_PKEY_CTX_new_id
 function allocates a public key algorithm context using the algorithm
 specified by
-.Fa id
+.Fa id .
-and using
+The
-.Fa e
+.Fa ENGINE *engine
-unless it is
+argument is always ignored and passing
-.Dv NULL .
+.Dv NULL
+is recommended.
 It is normally used when no
 .Vt EVP_PKEY
 structure is associated with the operations, for example during
diff --git a/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 b/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3
index 85a6471aeb..6e6c25e253 100644
--- a/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3
+++ b/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_PKEY_asn1_get_count.3,v 1.8 2023/12/21 21:32:01 tb Exp $
+.\" $OpenBSD: EVP_PKEY_asn1_get_count.3,v 1.9 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000
 .\"
 .\" This file is a derived work.
@@ -65,7 +65,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 21 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_PKEY_ASN1_GET_COUNT 3
 .Os
 .Sh NAME
@@ -90,12 +90,12 @@
 .Fc
 .Ft const EVP_PKEY_ASN1_METHOD *
 .Fo EVP_PKEY_asn1_find
-.Fa "ENGINE **pe"
+.Fa "ENGINE **engine"
 .Fa "int type"
 .Fc
 .Ft const EVP_PKEY_ASN1_METHOD *
 .Fo EVP_PKEY_asn1_find_str
-.Fa "ENGINE **pe"
+.Fa "ENGINE **engine"
 .Fa "const char *str"
 .Fa "int len"
 .Fc
@@ -130,14 +130,12 @@ and
 .Xr EVP_PKEY_id 3
 may return.
 If
-.Fa pe
+.Fa engine
 is not
 .Dv NULL ,
-it first looks for an engine implementing a method for the NID
+.Pf * Fa engine
-.Fa type .
+is set to
-If one is found,
+.Dv NULL .
-.Pf * Fa pe
-is set to that engine and the method from that engine is returned instead.
 .Pp
 .Fn EVP_PKEY_asn1_find_str
 looks up the method with the PEM type string given by the first
@@ -157,10 +155,12 @@ manual page.
 Just like
 .Fn EVP_PKEY_asn1_find ,
 if
-.Fa pe
+.Fa engine
 is not
 .Dv NULL ,
-methods from engines are preferred.
+.Pf * Fa engine
+is set to
+.Dv NULL .
 .Pp
 .Fn EVP_PKEY_asn1_get0_info
 retrieves the public key ID as returned by
diff --git a/src/lib/libcrypto/man/EVP_PKEY_new.3 b/src/lib/libcrypto/man/EVP_PKEY_new.3
index 3b9611990a..36f3886856 100644
--- a/src/lib/libcrypto/man/EVP_PKEY_new.3
+++ b/src/lib/libcrypto/man/EVP_PKEY_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_PKEY_new.3,v 1.18 2022/12/14 22:37:07 schwarze Exp $
+.\" $OpenBSD: EVP_PKEY_new.3,v 1.19 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL 4dcfdfce May 27 11:50:05 2020 +0100
 .\"
 .\" This file is a derived work.
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 14 2022 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_PKEY_NEW 3
 .Os
 .Sh NAME
@@ -95,20 +95,20 @@
 .Ft EVP_PKEY *
 .Fo EVP_PKEY_new_raw_private_key
 .Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *rawpriv"
 .Fa "size_t rawlen"
 .Fc
 .Ft EVP_PKEY *
 .Fo EVP_PKEY_new_raw_public_key
 .Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *rawpub"
 .Fa "size_t rawlen"
 .Fc
 .Ft EVP_PKEY *
 .Fo EVP_PKEY_new_CMAC_key
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *rawpriv"
 .Fa "size_t rawlen"
 .Fa "const EVP_CIPHER *cipher"
@@ -116,7 +116,7 @@
 .Ft EVP_PKEY *
 .Fo EVP_PKEY_new_mac_key
 .Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
 .Fa "const unsigned char *rawpriv"
 .Fa "int rawlen"
 .Fc
@@ -165,12 +165,6 @@ pointer, no action occurs.
 .Fn EVP_PKEY_new_raw_private_key
 allocates a new
 .Vt EVP_PKEY .
-If
-.Fa e
-is
-.Pf non- Dv NULL ,
-the new structure is associated with the engine
-.Fa e .
 The NID of a public key algorithm that supports raw private keys, i.e.\&
 .Dv EVP_PKEY_HMAC ,
 .Dv EVP_PKEY_X25519 ,
@@ -184,6 +178,11 @@ bytes of raw private key data of that type in
 .Fa rawpriv .
 The public key data is automatically derived from the given private
 key data, if appropriate for the algorithm type.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn EVP_PKEY_new_raw_public_key
 works in the same way as
diff --git a/src/lib/libcrypto/man/EVP_SignInit.3 b/src/lib/libcrypto/man/EVP_SignInit.3
index dc042910bb..b8ead765b1 100644
--- a/src/lib/libcrypto/man/EVP_SignInit.3
+++ b/src/lib/libcrypto/man/EVP_SignInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_SignInit.3,v 1.17 2023/11/16 20:27:43 schwarze Exp $
+.\" $OpenBSD: EVP_SignInit.3,v 1.18 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
 .\"
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 16 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_SIGNINIT 3
 .Os
 .Sh NAME
@@ -65,7 +65,7 @@
 .Fo EVP_SignInit_ex
 .Fa "EVP_MD_CTX *ctx"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft int
 .Fo EVP_SignUpdate
@@ -94,13 +94,15 @@ sets up a signing context
 .Fa ctx
 to use the digest
 .Fa type
-from
-.Vt ENGINE
-.Fa impl .
 .Fa ctx
 must be initialized with
 .Xr EVP_MD_CTX_init 3
 before calling this function.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn EVP_SignUpdate
 hashes
diff --git a/src/lib/libcrypto/man/EVP_VerifyInit.3 b/src/lib/libcrypto/man/EVP_VerifyInit.3
index 90a774e514..dfebe8f2bf 100644
--- a/src/lib/libcrypto/man/EVP_VerifyInit.3
+++ b/src/lib/libcrypto/man/EVP_VerifyInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_VerifyInit.3,v 1.11 2023/11/16 20:27:43 schwarze Exp $
+.\" $OpenBSD: EVP_VerifyInit.3,v 1.12 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
 .\"
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 16 2023 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt EVP_VERIFYINIT 3
 .Os
 .Sh NAME
@@ -65,7 +65,7 @@
 .Fo EVP_VerifyInit_ex
 .Fa "EVP_MD_CTX *ctx"
 .Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft int
 .Fo EVP_VerifyUpdate
@@ -93,14 +93,16 @@ digital signatures.
 sets up a verification context
 .Fa ctx
 to use the digest
-.Fa type
+.Fa type .
-from
-.Vt ENGINE
-.Fa impl .
 .Fa ctx
 must be initialized by calling
 .Xr EVP_MD_CTX_init 3
 before calling this function.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn EVP_VerifyUpdate
 hashes
diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3
index fa853bb4a1..dc32a111be 100644
--- a/src/lib/libcrypto/man/HMAC.3
+++ b/src/lib/libcrypto/man/HMAC.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: HMAC.3,v 1.21 2024/05/26 09:54:16 tb Exp $
+.\" $OpenBSD: HMAC.3,v 1.22 2024/07/21 08:36:43 tb Exp $
 .\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400
 .\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400
 .\"
@@ -52,7 +52,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 26 2024 $
+.Dd $Mdocdate: July 21 2024 $
 .Dt HMAC 3
 .Os
 .Sh NAME
@@ -97,7 +97,7 @@
 .Fa "const void *key"
 .Fa "int key_len"
 .Fa "const EVP_MD *md"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
 .Fc
 .Ft int
 .Fo HMAC_Init
@@ -223,6 +223,11 @@ nor the same as the previous digest used by
 .Fa ctx ,
 then an error is returned because reuse of an existing key with a
 different digest is not supported.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
 .Pp
 .Fn HMAC_Init
 is a deprecated wrapper around
author	tb <>	2024-07-21 08:36:43 +0000
committer	tb <>	2024-07-21 08:36:43 +0000
commit	4688a563b5da8909cc64fcc7369b1ec5491d5d58 (patch)
tree	ed0c4a447622751595335dd0ea2ec812761b3861 /src/lib
parent	bb0cbaff332e2117f157bdcb8acfe6689a081e39 (diff)
download	openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.tar.gz openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.tar.bz2 openbsd-4688a563b5da8909cc64fcc7369b1ec5491d5d58.zip