1 files changed, 11 insertions, 6 deletions
diff --git a/src/lib/libcrypto/man/EVP_aes_128_gcm.3 b/src/lib/libcrypto/man/EVP_aes_128_gcm.3
index 1e15cb79aa..53c41ea162 100644
--- a/src/lib/libcrypto/man/EVP_aes_128_gcm.3
+++ b/src/lib/libcrypto/man/EVP_aes_128_gcm.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_aes_128_gcm.3,v 1.1 2024/12/17 18:11:44 schwarze Exp $
+.\" $OpenBSD: EVP_aes_128_gcm.3,v 1.2 2024/12/29 12:27:28 schwarze Exp $
 .\" full merge up to:
 .\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100
 .\" OpenSSL EVP_aes.pod a1ec85c1 Apr 21 10:49:12 2020 +0100
@@ -67,7 +67,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 17 2024 $
+.Dd $Mdocdate: December 29 2024 $
 .Dt EVP_AES_128_GCM 3
 .Os
 .Sh NAME
@@ -97,6 +97,11 @@ For GCM mode ciphers, the behaviour of the EVP interface is subtly
 altered and several additional
 .Xr EVP_CIPHER_CTX_ctrl 3
 operations are required to function correctly.
+Some of the
+.Dv EVP_CTRL_GCM_*
+control commands are older aliases for corresponding
+.Dv EVP_CTRL_AEAD_*
+constants as indicated below.
 .Pp
 To avoid using the cumbersome and error-prone API documented
 in the present manual page, consider using the functions documented in
@@ -109,7 +114,7 @@ instead.
 .\" EVP_GCM_TLS_EXPLICIT_IV_LEN and EVP_GCM_TLS_TAG_LEN (used internally
 .\" only in aes_gcm_tls_cipher(), which is unused)
 .Bl -tag -width Ds
-.It Dv EVP_CTRL_GCM_SET_IVLEN
+.It Dv EVP_CTRL_AEAD_SET_IVLEN Pq == Dv EVP_CTRL_GCM_SET_IVLEN
 Set the length of the initialization vector to
 .Fa arg
 bytes; the
@@ -124,7 +129,7 @@ Using this control command is discouraged because section 5.2.1.1 of the
 specification explicitly recommends that implementations of GCM restrict
 support to the default IV length of 12 bytes for interoperability,
 efficiency, and simplicity of design.
-.It Dv EVP_CTRL_GCM_SET_IV_FIXED
+.It Dv EVP_CTRL_AEAD_SET_IV_FIXED Pq == Dv EVP_CTRL_GCM_SET_IV_FIXED
 Usually, \-1 is passed for
 .Fa arg .
 In that case, the complete initialization vector is copied from
@@ -158,7 +163,7 @@ that may have been configured earlier and always operates on the
 last eight bytes of the initialization vector.
 It is an error to issue this command
 when no key or no initialization vector is set.
-.It Dv EVP_CTRL_GCM_GET_TAG
+.It Dv EVP_CTRL_AEAD_GET_TAG Pq == Dv EVP_CTRL_GCM_GET_TAG
 Write
 .Fa arg
 bytes of the tag value to the location pointed to by
@@ -194,7 +199,7 @@ When default lengths are in use, pass 8 for
 In that case, this control command sets the invocation field.
 It is an error to issue this command
 when no key or no initialization vector is set, or when encrypting.
-.It Dv EVP_CTRL_GCM_SET_TAG
+.It Dv EVP_CTRL_AEAD_SET_TAG Pq == Dv EVP_CTRL_GCM_SET_TAG
 Set the expected tag to the
 .Fa arg
 bytes located at

diff --git a/src/lib/libcrypto/man/EVP_aes_128_gcm.3 b/src/lib/libcrypto/man/EVP_aes_128_gcm.3 index 1e15cb79aa..53c41ea162 100644 --- a/src/lib/libcrypto/man/EVP_aes_128_gcm.3 +++ b/src/lib/libcrypto/man/EVP_aes_128_gcm.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_aes_128_gcm.3,v 1.1 2024/12/17 18:11:44 schwarze Exp $	1	.\" $OpenBSD: EVP_aes_128_gcm.3,v 1.2 2024/12/29 12:27:28 schwarze Exp $
2	.\" full merge up to:	2	.\" full merge up to:
3	.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100	3	.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100
4	.\" OpenSSL EVP_aes.pod a1ec85c1 Apr 21 10:49:12 2020 +0100	4	.\" OpenSSL EVP_aes.pod a1ec85c1 Apr 21 10:49:12 2020 +0100
@@ -67,7 +67,7 @@
67	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	67	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
68	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	68	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
69	.\"	69	.\"
70	.Dd $Mdocdate: December 17 2024 $	70	.Dd $Mdocdate: December 29 2024 $
71	.Dt EVP_AES_128_GCM 3	71	.Dt EVP_AES_128_GCM 3
72	.Os	72	.Os
73	.Sh NAME	73	.Sh NAME
@@ -97,6 +97,11 @@ For GCM mode ciphers, the behaviour of the EVP interface is subtly
97	altered and several additional	97	altered and several additional
98	.Xr EVP_CIPHER_CTX_ctrl 3	98	.Xr EVP_CIPHER_CTX_ctrl 3
99	operations are required to function correctly.	99	operations are required to function correctly.
		100	Some of the
		101	.Dv EVP_CTRL_GCM_*
		102	control commands are older aliases for corresponding
		103	.Dv EVP_CTRL_AEAD_*
		104	constants as indicated below.
100	.Pp	105	.Pp
101	To avoid using the cumbersome and error-prone API documented	106	To avoid using the cumbersome and error-prone API documented
102	in the present manual page, consider using the functions documented in	107	in the present manual page, consider using the functions documented in
@@ -109,7 +114,7 @@ instead.
109	.\" EVP_GCM_TLS_EXPLICIT_IV_LEN and EVP_GCM_TLS_TAG_LEN (used internally	114	.\" EVP_GCM_TLS_EXPLICIT_IV_LEN and EVP_GCM_TLS_TAG_LEN (used internally
110	.\" only in aes_gcm_tls_cipher(), which is unused)	115	.\" only in aes_gcm_tls_cipher(), which is unused)
111	.Bl -tag -width Ds	116	.Bl -tag -width Ds
112	.It Dv EVP_CTRL_GCM_SET_IVLEN	117	.It Dv EVP_CTRL_AEAD_SET_IVLEN Pq == Dv EVP_CTRL_GCM_SET_IVLEN
113	Set the length of the initialization vector to	118	Set the length of the initialization vector to
114	.Fa arg	119	.Fa arg
115	bytes; the	120	bytes; the
@@ -124,7 +129,7 @@ Using this control command is discouraged because section 5.2.1.1 of the
124	specification explicitly recommends that implementations of GCM restrict	129	specification explicitly recommends that implementations of GCM restrict
125	support to the default IV length of 12 bytes for interoperability,	130	support to the default IV length of 12 bytes for interoperability,
126	efficiency, and simplicity of design.	131	efficiency, and simplicity of design.
127	.It Dv EVP_CTRL_GCM_SET_IV_FIXED	132	.It Dv EVP_CTRL_AEAD_SET_IV_FIXED Pq == Dv EVP_CTRL_GCM_SET_IV_FIXED
128	Usually, \-1 is passed for	133	Usually, \-1 is passed for
129	.Fa arg .	134	.Fa arg .
130	In that case, the complete initialization vector is copied from	135	In that case, the complete initialization vector is copied from
@@ -158,7 +163,7 @@ that may have been configured earlier and always operates on the
158	last eight bytes of the initialization vector.	163	last eight bytes of the initialization vector.
159	It is an error to issue this command	164	It is an error to issue this command
160	when no key or no initialization vector is set.	165	when no key or no initialization vector is set.
161	.It Dv EVP_CTRL_GCM_GET_TAG	166	.It Dv EVP_CTRL_AEAD_GET_TAG Pq == Dv EVP_CTRL_GCM_GET_TAG
162	Write	167	Write
163	.Fa arg	168	.Fa arg
164	bytes of the tag value to the location pointed to by	169	bytes of the tag value to the location pointed to by
@@ -194,7 +199,7 @@ When default lengths are in use, pass 8 for
194	In that case, this control command sets the invocation field.	199	In that case, this control command sets the invocation field.
195	It is an error to issue this command	200	It is an error to issue this command
196	when no key or no initialization vector is set, or when encrypting.	201	when no key or no initialization vector is set, or when encrypting.
197	.It Dv EVP_CTRL_GCM_SET_TAG	202	.It Dv EVP_CTRL_AEAD_SET_TAG Pq == Dv EVP_CTRL_GCM_SET_TAG
198	Set the expected tag to the	203	Set the expected tag to the
199	.Fa arg	204	.Fa arg
200	bytes located at	205	bytes located at