5 files changed, 393 insertions, 210 deletions
diff --git a/src/lib/libcrypto/doc/HMAC.pod b/src/lib/libcrypto/doc/HMAC.pod
deleted file mode 100644
index d92138d273..0000000000
--- a/src/lib/libcrypto/doc/HMAC.pod
+++ /dev/null
@@ -1,106 +0,0 @@
-=pod
-=head1 NAME
-HMAC, HMAC_Init, HMAC_Update, HMAC_Final, HMAC_cleanup - HMAC message
-authentication code
-=head1 SYNOPSIS
- #include <openssl/hmac.h>
- unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
-               int key_len, const unsigned char *d, int n,
-               unsigned char *md, unsigned int *md_len);
- void HMAC_CTX_init(HMAC_CTX *ctx);
- int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
-               const EVP_MD *md);
- int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
-                   const EVP_MD *md, ENGINE *impl);
- int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
- int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
- void HMAC_CTX_cleanup(HMAC_CTX *ctx);
- void HMAC_cleanup(HMAC_CTX *ctx);
-=head1 DESCRIPTION
-HMAC is a MAC (message authentication code), i.e. a keyed hash
-function used for message authentication, which is based on a hash
-function.
-HMAC() computes the message authentication code of the B<n> bytes at
-B<d> using the hash function B<evp_md> and the key B<key> which is
-B<key_len> bytes long.
-It places the result in B<md> (which must have space for the output of
-the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
-If B<md> is NULL, the digest is placed in a static array.  The size of
-the output is placed in B<md_len>, unless it is B<NULL>.
-B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
-HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
-called.
-HMAC_CTX_cleanup() erases the key and other data from the B<HMAC_CTX>
-and releases any associated resources. It must be called when an
-B<HMAC_CTX> is no longer required.
-HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back
-compatibility with 0.9.6b, it is deprecated.
-The following functions may be used if the message is not completely
-stored in memory:
-HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
-function B<evp_md> and the key B<key> which is B<key_len> bytes
-long. It is deprecated and only included for backward compatibility
-with OpenSSL 0.9.6b.
-HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use
-the function B<evp_md> and key B<key>. Either can be NULL, in which
-case the existing one will be reused. HMAC_CTX_init() must have been
-called before the first use of an B<HMAC_CTX> in this
-function. B<N.B. HMAC_Init() had this undocumented behaviour in
-previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in
-programs that expect it will cause them to stop working>.
-HMAC_Update() can be called repeatedly with chunks of the message to
-be authenticated (B<len> bytes at B<data>).
-HMAC_Final() places the message authentication code in B<md>, which
-must have space for the hash function output.
-=head1 RETURN VALUES
-HMAC() returns a pointer to the message authentication code or NULL if
-an error occurred.
-HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
-an error occurred.
-HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
-=head1 CONFORMING TO
-RFC 2104
-=head1 SEE ALSO
-L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
-=head1 HISTORY
-HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
-are available since SSLeay 0.9.0.
-HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
-since OpenSSL 0.9.7.
-HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
-versions of OpenSSL before 1.0.0.
-=cut
diff --git a/src/lib/libcrypto/doc/MD5.pod b/src/lib/libcrypto/doc/MD5.pod
deleted file mode 100644
index b0edd5416f..0000000000
--- a/src/lib/libcrypto/doc/MD5.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-=head1 NAME
-MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
-MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
-=head1 SYNOPSIS
- #include <openssl/md2.h>
- unsigned char *MD2(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
- int MD2_Init(MD2_CTX *c);
- int MD2_Update(MD2_CTX *c, const unsigned char *data,
-                  unsigned long len);
- int MD2_Final(unsigned char *md, MD2_CTX *c);
- #include <openssl/md4.h>
- unsigned char *MD4(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
- int MD4_Init(MD4_CTX *c);
- int MD4_Update(MD4_CTX *c, const void *data,
-                  unsigned long len);
- int MD4_Final(unsigned char *md, MD4_CTX *c);
- #include <openssl/md5.h>
- unsigned char *MD5(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
- int MD5_Init(MD5_CTX *c);
- int MD5_Update(MD5_CTX *c, const void *data,
-                  unsigned long len);
- int MD5_Final(unsigned char *md, MD5_CTX *c);
-=head1 DESCRIPTION
-MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
-MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
-of the B<n> bytes at B<d> and place it in B<md> (which must have space
-for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
-bytes of output). If B<md> is NULL, the digest is placed in a static
-array.
-The following functions may be used if the message is not completely
-stored in memory:
-MD2_Init() initializes a B<MD2_CTX> structure.
-MD2_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-MD2_Final() places the message digest in B<md>, which must have space
-for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
-MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
-MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-etc. instead of calling the hash functions directly.
-=head1 NOTE
-MD2, MD4, and MD5 are recommended only for compatibility with existing
-applications. In new applications, SHA-1 or RIPEMD-160 should be
-preferred.
-=head1 RETURN VALUES
-MD2(), MD4(), and MD5() return pointers to the hash value.
-MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
-success, 0 otherwise.
-=head1 CONFORMING TO
-RFC 1319, RFC 1320, RFC 1321
-=head1 SEE ALSO
-L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-=head1 HISTORY
-MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
-MD5_Update() and MD5_Final() are available in all versions of SSLeay
-and OpenSSL.
-MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
-above.
-=cut
diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3
new file mode 100644
index 0000000000..577070afb0
--- /dev/null
+++ b/src/lib/libcrypto/man/HMAC.3
@@ -0,0 +1,206 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt HMAC 3
+.Os
+.Sh NAME
+.Nm HMAC ,
+.Nm HMAC_Init ,
+.Nm HMAC_Update ,
+.Nm HMAC_Final ,
+.Nm HMAC_cleanup
+.Nd HMAC message authentication code
+.Sh SYNOPSIS
+.In openssl/hmac.h
+.Ft unsigned char *
+.Fo HMAC
+.Fa "const EVP_MD *evp_md"
+.Fa "const void *key"
+.Fa "int key_len"
+.Fa "const unsigned char *d"
+.Fa "int n"
+.Fa "unsigned char *md"
+.Fa "unsigned int *md_len"
+.Fc
+.Ft void
+.Fo HMAC_CTX_init
+.Fa "HMAC_CTX *ctx"
+.Fc
+.Ft int
+.Fo HMAC_Init
+.Fa "HMAC_CTX *ctx"
+.Fa "const void *key"
+.Fa "int key_len"
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo HMAC_Init_ex
+.Fa "HMAC_CTX *ctx"
+.Fa "const void *key"
+.Fa "int key_len"
+.Fa "const EVP_MD *md"
+.Fa "ENGINE *impl"
+.Fc
+.Ft int
+.Fo HMAC_Update
+.Fa "HMAC_CTX *ctx"
+.Fa "const unsigned char *data"
+.Fa "int len"
+.Fc
+.Ft int
+.Fo HMAC_Final
+.Fa "HMAC_CTX *ctx"
+.Fa "unsigned char *md"
+.Fa "unsigned int *len"
+.Fc
+.Ft void
+.Fo HMAC_CTX_cleanup
+.Fa "HMAC_CTX *ctx"
+.Fc
+.Ft void
+.Fo HMAC_cleanup
+.Fa "HMAC_CTX *ctx"
+.Fc
+.Sh DESCRIPTION
+HMAC is a MAC (message authentication code), i.e. a keyed hash
+function used for message authentication, which is based on a hash
+function.
+.Pp
+.Fn HMAC
+computes the message authentication code of the
+.Fa n
+bytes at
+.Fa d
+using the hash function
+.Fa evp_md
+and the key
+.Fa key
+which is
+.Fa key_len
+bytes long.
+.Pp
+It places the result in
+.Fa md ,
+which must have space for the output of the hash function, which is no
+more than
+.Dv EVP_MAX_MD_SIZE
+bytes.
+If
+.Fa md
+is
+.Dv NULL ,
+the digest is placed in a static array.
+The size of the output is placed in
+.Fa md_len ,
+unless it is
+.Dv NULL .
+.Pp
+.Fa evp_md
+can be
+.Xr EVP_sha1 3 ,
+.Xr EVP_ripemd160 3 ,
+etc.
+.Pp
+.Fn HMAC_CTX_init
+initialises a
+.Vt HMAC_CTX
+before first use.
+It must be called.
+.Pp
+.Fn HMAC_CTX_cleanup
+erases the key and other data from the
+.Vt HMAC_CTX
+and releases any associated resources.
+It must be called when an
+.Vt HMAC_CTX
+is no longer required.
+.Pp
+.Fn HMAC_cleanup
+is an alias for
+.Fn HMAC_CTX_cleanup
+included for backward compatibility with 0.9.6b.
+It is deprecated.
+.Pp
+The following functions may be used if the message is not completely
+stored in memory:
+.Pp
+.Fn HMAC_Init
+initializes a
+.Vt HMAC_CTX
+structure to use the hash function
+.Fa evp_md
+and the key
+.Fa key
+which is
+.Fa key_len
+bytes long.
+It is deprecated and only included for backward compatibility with
+OpenSSL 0.9.6b.
+.Pp
+.Fn HMAC_Init_ex
+initializes or reuses a
+.Vt HMAC_CTX
+structure to use the function
+.Fa evp_md
+and key
+.Fa key .
+Either can be
+.Dv NULL ,
+in which case the existing one will be reused.
+.Fn HMAC_CTX_init
+must have been called before the first use of an
+.Vt HMAC_CTX
+in this function.
+.Sy N.B.
+.Fn HMAC_Init
+had this undocumented behaviour in previous versions of OpenSSL -
+failure to switch to
+.Fn HMAC_Init_ex
+in programs that expect it will cause them to stop working.
+.Pp
+.Fn HMAC_Update
+can be called repeatedly with chunks of the message to be authenticated
+.Pq Fa len No bytes at Fa data .
+.Pp
+.Fn HMAC_Final
+places the message authentication code in
+.Fa md ,
+which must have space for the hash function output.
+.Sh RETURN VALUES
+.Fn HMAC
+returns a pointer to the message authentication code or
+.Dv NULL
+if an error occurred.
+.Pp
+.Fn HMAC_Init_ex ,
+.Fn HMAC_Update ,
+and
+.Fn HMAC_Final
+return 1 for success or 0 if an error occurred.
+.Pp
+.Fn HMAC_CTX_init
+and
+.Fn HMAC_CTX_cleanup
+do not return values.
+.Sh SEE ALSO
+.Xr evp 3
+.Sh STANDARDS
+RFC 2104
+.Sh HISTORY
+.Fn HMAC ,
+.Fn HMAC_Init ,
+.Fn HMAC_Update ,
+.Fn HMAC_Final ,
+and
+.Fn HMAC_cleanup
+are available since SSLeay 0.9.0.
+.Pp
+.Fn HMAC_CTX_init ,
+.Fn HMAC_Init_ex ,
+and
+.Fn HMAC_CTX_cleanup
+are available since OpenSSL 0.9.7.
+.Pp
+.Fn HMAC_Init_ex ,
+.Fn HMAC_Update ,
+and
+.Fn HMAC_Final
+did not return values in versions of OpenSSL before 1.0.0.
diff --git a/src/lib/libcrypto/man/MD5.3 b/src/lib/libcrypto/man/MD5.3
new file mode 100644
index 0000000000..b0053c1acd
--- /dev/null
+++ b/src/lib/libcrypto/man/MD5.3
@@ -0,0 +1,184 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt MD5 3
+.Os
+.Sh NAME
+.Nm MD2 ,
+.Nm MD4 ,
+.Nm MD5 ,
+.Nm MD2_Init ,
+.Nm MD2_Update ,
+.Nm MD2_Final ,
+.Nm MD4_Init ,
+.Nm MD4_Update ,
+.Nm MD4_Final ,
+.Nm MD5_Init ,
+.Nm MD5_Update ,
+.Nm MD5_Final
+.Nd MD2, MD4, and MD5 hash functions
+.Sh SYNOPSIS
+.In openssl/md2.h
+.Ft unsigned char *
+.Fo MD2
+.Fa "const unsigned char *d"
+.Fa "unsigned long n"
+.Fa "unsigned char *md"
+.Fc
+.Ft int
+.Fo MD2_Init
+.Fa "MD2_CTX *c"
+.Fc
+.Ft int
+.Fo MD2_Update
+.Fa "MD2_CTX *c"
+.Fa "const unsigned char *data"
+.Fa "unsigned long len"
+.Fc
+.Ft int
+.Fo MD2_Final
+.Fa "unsigned char *md"
+.Fa "MD2_CTX *c"
+.Fc
+.In openssl/md4.h
+.Ft unsigned char *
+.Fo MD4
+.Fa "const unsigned char *d"
+.Fa "unsigned long n"
+.Fa "unsigned char *md"
+.Fc
+.Ft int
+.Fo MD4_Init
+.Fa "MD4_CTX *c"
+.Fc
+.Ft int
+.Fo MD4_Update
+.Fa "MD4_CTX *c"
+.Fa "const void *data"
+.Fa "unsigned long len"
+.Fc
+.Ft int
+.Fo MD4_Final
+.Fa "unsigned char *md"
+.Fa "MD4_CTX *c"
+.Fc
+.In openssl/md5.h
+.Ft unsigned char *
+.Fo MD5
+.Fa "const unsigned char *d"
+.Fa "unsigned long n"
+.Fa "unsigned char *md"
+.Fc
+.Ft int
+.Fo MD5_Init
+.Fa "MD5_CTX *c"
+.Fc
+.Ft int
+.Fo MD5_Update
+.Fa "MD5_CTX *c"
+.Fa "const void *data"
+.Fa "unsigned long len"
+.Fc
+.Ft int
+.Fo MD5_Final
+.Fa "unsigned char *md"
+.Fa "MD5_CTX *c"
+.Fc
+.Sh DESCRIPTION
+MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit
+output.
+.Pp
+.Fn MD2 ,
+.Fn MD4 ,
+and
+.Fn MD5
+compute the MD2, MD4, and MD5 message digest of the
+.Fa n
+bytes at
+.Fa d
+and place it in
+.Fa md ,
+which must have space for
+.Dv MD2_DIGEST_LENGTH No ==
+.Dv MD4_DIGEST_LENGTH No ==
+.Dv MD5_DIGEST_LENGTH No == 16
+bytes of output.
+If
+.Fa md
+is
+.Dv NULL ,
+the digest is placed in a static array.
+.Pp
+The following functions may be used if the message is not completely
+stored in memory:
+.Pp
+.Fn MD2_Init
+initializes a
+.Vt MD2_CTX
+structure.
+.Pp
+.Fn MD2_Update
+can be called repeatedly with chunks of the message to be hashed
+.Pq Fa len No bytes at Fa data .
+.Pp
+.Fn MD2_Final
+places the message digest in
+.Fa md ,
+which must have space for
+.Dv MD2_DIGEST_LENGTH No == 16
+bytes of output, and erases the
+.Vt MD2_CTX .
+.Pp
+.Fn MD4_Init ,
+.Fn MD4_Update ,
+.Fn MD4_Final ,
+.Fn MD5_Init ,
+.Fn MD5_Update ,
+and
+.Fn MD5_Final
+are analogous using an
+.Vt MD4_CTX
+and
+.Vt MD5_CTX
+structure.
+.Pp
+Applications should use the higher level functions
+.Xr EVP_DigestInit 3
+etc. instead of calling these hash functions directly.
+.Sh RETURN VALUES
+.Fn MD2 ,
+.Fn MD4 ,
+and
+.Fn MD5
+return pointers to the hash value.
+.Pp
+.Fn MD2_Init ,
+.Fn MD2_Update ,
+.Fn MD2_Final ,
+.Fn MD4_Init ,
+.Fn MD4_Update ,
+.Fn MD4_Final ,
+.Fn MD5_Init ,
+.Fn MD5_Update ,
+and
+.Fn MD5_Final
+return 1 for success or 0 otherwise.
+.Sh SEE ALSO
+.Xr EVP_DigestInit 3
+.Sh STANDARDS
+RFC 1319, RFC 1320, RFC 1321
+.Sh HISTORY
+.Fn MD2 ,
+.Fn MD2_Init ,
+.Fn MD2_Update ,
+.Fn MD2_Final ,
+.Fn MD5 ,
+.Fn MD5_Init ,
+.Fn MD5_Update ,
+and
+.Fn MD5_Final
+are available in all versions of SSLeay and OpenSSL.
+.Pp
+.Fn MD4 ,
+.Fn MD4_Init ,
+and
+.Fn MD4_Update
+are available in OpenSSL 0.9.6 and above.
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index f4fd152ff7..1989a25092 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.38 2016/11/03 09:35:34 schwarze Exp $
+# $OpenBSD: Makefile,v 1.39 2016/11/03 10:02:57 schwarze Exp $
 .include <bsd.own.mk>           # for NOMAN
@@ -115,6 +115,8 @@ MAN=	\
        EVP_SealInit.3 \
        EVP_SignInit.3 \
        EVP_VerifyInit.3 \
+        HMAC.3 \
+        MD5.3 \
        UI_new.3 \
        bn_dump.3 \
        crypto.3 \
@@ -124,8 +126,6 @@ MAN=	\
        lh_new.3 \
 GENMAN= \
-        HMAC.3 \
-        MD5.3 \
        OBJ_nid2obj.3 \
        OPENSSL_VERSION_NUMBER.3 \
        OPENSSL_config.3 \

diff --git a/src/lib/libcrypto/doc/HMAC.pod b/src/lib/libcrypto/doc/HMAC.pod deleted file mode 100644 index d92138d273..0000000000 --- a/src/lib/libcrypto/doc/HMAC.pod +++ /dev/null
@@ -1,106 +0,0 @@
1	=pod
2
3	=head1 NAME
4
5	HMAC, HMAC_Init, HMAC_Update, HMAC_Final, HMAC_cleanup - HMAC message
6	authentication code
7
8	=head1 SYNOPSIS
9
10	#include <openssl/hmac.h>
11
12	unsigned char HMAC(const EVP_MD evp_md, const void *key,
13	int key_len, const unsigned char *d, int n,
14	unsigned char md, unsigned int md_len);
15
16	void HMAC_CTX_init(HMAC_CTX *ctx);
17
18	int HMAC_Init(HMAC_CTX ctx, const void key, int key_len,
19	const EVP_MD *md);
20	int HMAC_Init_ex(HMAC_CTX ctx, const void key, int key_len,
21	const EVP_MD md, ENGINE impl);
22	int HMAC_Update(HMAC_CTX ctx, const unsigned char data, int len);
23	int HMAC_Final(HMAC_CTX ctx, unsigned char md, unsigned int *len);
24
25	void HMAC_CTX_cleanup(HMAC_CTX *ctx);
26	void HMAC_cleanup(HMAC_CTX *ctx);
27
28	=head1 DESCRIPTION
29
30	HMAC is a MAC (message authentication code), i.e. a keyed hash
31	function used for message authentication, which is based on a hash
32	function.
33
34	HMAC() computes the message authentication code of the B<n> bytes at
35	B<d> using the hash function B<evp_md> and the key B<key> which is
36	B<key_len> bytes long.
37
38	It places the result in B<md> (which must have space for the output of
39	the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
40	If B<md> is NULL, the digest is placed in a static array. The size of
41	the output is placed in B<md_len>, unless it is B<NULL>.
42
43	B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
44
45	HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
46	called.
47
48	HMAC_CTX_cleanup() erases the key and other data from the B<HMAC_CTX>
49	and releases any associated resources. It must be called when an
50	B<HMAC_CTX> is no longer required.
51
52	HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back
53	compatibility with 0.9.6b, it is deprecated.
54
55	The following functions may be used if the message is not completely
56	stored in memory:
57
58	HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
59	function B<evp_md> and the key B<key> which is B<key_len> bytes
60	long. It is deprecated and only included for backward compatibility
61	with OpenSSL 0.9.6b.
62
63	HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use
64	the function B<evp_md> and key B<key>. Either can be NULL, in which
65	case the existing one will be reused. HMAC_CTX_init() must have been
66	called before the first use of an B<HMAC_CTX> in this
67	function. B<N.B. HMAC_Init() had this undocumented behaviour in
68	previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in
69	programs that expect it will cause them to stop working>.
70
71	HMAC_Update() can be called repeatedly with chunks of the message to
72	be authenticated (B<len> bytes at B<data>).
73
74	HMAC_Final() places the message authentication code in B<md>, which
75	must have space for the hash function output.
76
77	=head1 RETURN VALUES
78
79	HMAC() returns a pointer to the message authentication code or NULL if
80	an error occurred.
81
82	HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
83	an error occurred.
84
85	HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
86
87	=head1 CONFORMING TO
88
89	RFC 2104
90
91	=head1 SEE ALSO
92
93	L<sha(3)\|sha(3)>, L<evp(3)\|evp(3)>
94
95	=head1 HISTORY
96
97	HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
98	are available since SSLeay 0.9.0.
99
100	HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
101	since OpenSSL 0.9.7.
102
103	HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
104	versions of OpenSSL before 1.0.0.
105
106	=cut


diff --git a/src/lib/libcrypto/doc/MD5.pod b/src/lib/libcrypto/doc/MD5.pod deleted file mode 100644 index b0edd5416f..0000000000 --- a/src/lib/libcrypto/doc/MD5.pod +++ /dev/null
@@ -1,101 +0,0 @@
1	=pod
2
3	=head1 NAME
4
5	MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
6	MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
7
8	=head1 SYNOPSIS
9
10	#include <openssl/md2.h>
11
12	unsigned char MD2(const unsigned char d, unsigned long n,
13	unsigned char *md);
14
15	int MD2_Init(MD2_CTX *c);
16	int MD2_Update(MD2_CTX c, const unsigned char data,
17	unsigned long len);
18	int MD2_Final(unsigned char md, MD2_CTX c);
19
20
21	#include <openssl/md4.h>
22
23	unsigned char MD4(const unsigned char d, unsigned long n,
24	unsigned char *md);
25
26	int MD4_Init(MD4_CTX *c);
27	int MD4_Update(MD4_CTX c, const void data,
28	unsigned long len);
29	int MD4_Final(unsigned char md, MD4_CTX c);
30
31
32	#include <openssl/md5.h>
33
34	unsigned char MD5(const unsigned char d, unsigned long n,
35	unsigned char *md);
36
37	int MD5_Init(MD5_CTX *c);
38	int MD5_Update(MD5_CTX c, const void data,
39	unsigned long len);
40	int MD5_Final(unsigned char md, MD5_CTX c);
41
42	=head1 DESCRIPTION
43
44	MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
45
46	MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
47	of the B<n> bytes at B<d> and place it in B<md> (which must have space
48	for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
49	bytes of output). If B<md> is NULL, the digest is placed in a static
50	array.
51
52	The following functions may be used if the message is not completely
53	stored in memory:
54
55	MD2_Init() initializes a B<MD2_CTX> structure.
56
57	MD2_Update() can be called repeatedly with chunks of the message to
58	be hashed (B<len> bytes at B<data>).
59
60	MD2_Final() places the message digest in B<md>, which must have space
61	for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
62
63	MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
64	MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
65
66	Applications should use the higher level functions
67	L<EVP_DigestInit(3)\|EVP_DigestInit(3)>
68	etc. instead of calling the hash functions directly.
69
70	=head1 NOTE
71
72	MD2, MD4, and MD5 are recommended only for compatibility with existing
73	applications. In new applications, SHA-1 or RIPEMD-160 should be
74	preferred.
75
76	=head1 RETURN VALUES
77
78	MD2(), MD4(), and MD5() return pointers to the hash value.
79
80	MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
81	MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
82	success, 0 otherwise.
83
84	=head1 CONFORMING TO
85
86	RFC 1319, RFC 1320, RFC 1321
87
88	=head1 SEE ALSO
89
90	L<sha(3)\|sha(3)>, L<ripemd(3)\|ripemd(3)>, L<EVP_DigestInit(3)\|EVP_DigestInit(3)>
91
92	=head1 HISTORY
93
94	MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
95	MD5_Update() and MD5_Final() are available in all versions of SSLeay
96	and OpenSSL.
97
98	MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
99	above.
100
101	=cut


diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3 new file mode 100644 index 0000000000..577070afb0 --- /dev/null +++ b/src/lib/libcrypto/man/HMAC.3
@@ -0,0 +1,206 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt HMAC 3
		3	.Os
		4	.Sh NAME
		5	.Nm HMAC ,
		6	.Nm HMAC_Init ,
		7	.Nm HMAC_Update ,
		8	.Nm HMAC_Final ,
		9	.Nm HMAC_cleanup
		10	.Nd HMAC message authentication code
		11	.Sh SYNOPSIS
		12	.In openssl/hmac.h
		13	.Ft unsigned char *
		14	.Fo HMAC
		15	.Fa "const EVP_MD *evp_md"
		16	.Fa "const void *key"
		17	.Fa "int key_len"
		18	.Fa "const unsigned char *d"
		19	.Fa "int n"
		20	.Fa "unsigned char *md"
		21	.Fa "unsigned int *md_len"
		22	.Fc
		23	.Ft void
		24	.Fo HMAC_CTX_init
		25	.Fa "HMAC_CTX *ctx"
		26	.Fc
		27	.Ft int
		28	.Fo HMAC_Init
		29	.Fa "HMAC_CTX *ctx"
		30	.Fa "const void *key"
		31	.Fa "int key_len"
		32	.Fa "const EVP_MD *md"
		33	.Fc
		34	.Ft int
		35	.Fo HMAC_Init_ex
		36	.Fa "HMAC_CTX *ctx"
		37	.Fa "const void *key"
		38	.Fa "int key_len"
		39	.Fa "const EVP_MD *md"
		40	.Fa "ENGINE *impl"
		41	.Fc
		42	.Ft int
		43	.Fo HMAC_Update
		44	.Fa "HMAC_CTX *ctx"
		45	.Fa "const unsigned char *data"
		46	.Fa "int len"
		47	.Fc
		48	.Ft int
		49	.Fo HMAC_Final
		50	.Fa "HMAC_CTX *ctx"
		51	.Fa "unsigned char *md"
		52	.Fa "unsigned int *len"
		53	.Fc
		54	.Ft void
		55	.Fo HMAC_CTX_cleanup
		56	.Fa "HMAC_CTX *ctx"
		57	.Fc
		58	.Ft void
		59	.Fo HMAC_cleanup
		60	.Fa "HMAC_CTX *ctx"
		61	.Fc
		62	.Sh DESCRIPTION
		63	HMAC is a MAC (message authentication code), i.e. a keyed hash
		64	function used for message authentication, which is based on a hash
		65	function.
		66	.Pp
		67	.Fn HMAC
		68	computes the message authentication code of the
		69	.Fa n
		70	bytes at
		71	.Fa d
		72	using the hash function
		73	.Fa evp_md
		74	and the key
		75	.Fa key
		76	which is
		77	.Fa key_len
		78	bytes long.
		79	.Pp
		80	It places the result in
		81	.Fa md ,
		82	which must have space for the output of the hash function, which is no
		83	more than
		84	.Dv EVP_MAX_MD_SIZE
		85	bytes.
		86	If
		87	.Fa md
		88	is
		89	.Dv NULL ,
		90	the digest is placed in a static array.
		91	The size of the output is placed in
		92	.Fa md_len ,
		93	unless it is
		94	.Dv NULL .
		95	.Pp
		96	.Fa evp_md
		97	can be
		98	.Xr EVP_sha1 3 ,
		99	.Xr EVP_ripemd160 3 ,
		100	etc.
		101	.Pp
		102	.Fn HMAC_CTX_init
		103	initialises a
		104	.Vt HMAC_CTX
		105	before first use.
		106	It must be called.
		107	.Pp
		108	.Fn HMAC_CTX_cleanup
		109	erases the key and other data from the
		110	.Vt HMAC_CTX
		111	and releases any associated resources.
		112	It must be called when an
		113	.Vt HMAC_CTX
		114	is no longer required.
		115	.Pp
		116	.Fn HMAC_cleanup
		117	is an alias for
		118	.Fn HMAC_CTX_cleanup
		119	included for backward compatibility with 0.9.6b.
		120	It is deprecated.
		121	.Pp
		122	The following functions may be used if the message is not completely
		123	stored in memory:
		124	.Pp
		125	.Fn HMAC_Init
		126	initializes a
		127	.Vt HMAC_CTX
		128	structure to use the hash function
		129	.Fa evp_md
		130	and the key
		131	.Fa key
		132	which is
		133	.Fa key_len
		134	bytes long.
		135	It is deprecated and only included for backward compatibility with
		136	OpenSSL 0.9.6b.
		137	.Pp
		138	.Fn HMAC_Init_ex
		139	initializes or reuses a
		140	.Vt HMAC_CTX
		141	structure to use the function
		142	.Fa evp_md
		143	and key
		144	.Fa key .
		145	Either can be
		146	.Dv NULL ,
		147	in which case the existing one will be reused.
		148	.Fn HMAC_CTX_init
		149	must have been called before the first use of an
		150	.Vt HMAC_CTX
		151	in this function.
		152	.Sy N.B.
		153	.Fn HMAC_Init
		154	had this undocumented behaviour in previous versions of OpenSSL -
		155	failure to switch to
		156	.Fn HMAC_Init_ex
		157	in programs that expect it will cause them to stop working.
		158	.Pp
		159	.Fn HMAC_Update
		160	can be called repeatedly with chunks of the message to be authenticated
		161	.Pq Fa len No bytes at Fa data .
		162	.Pp
		163	.Fn HMAC_Final
		164	places the message authentication code in
		165	.Fa md ,
		166	which must have space for the hash function output.
		167	.Sh RETURN VALUES
		168	.Fn HMAC
		169	returns a pointer to the message authentication code or
		170	.Dv NULL
		171	if an error occurred.
		172	.Pp
		173	.Fn HMAC_Init_ex ,
		174	.Fn HMAC_Update ,
		175	and
		176	.Fn HMAC_Final
		177	return 1 for success or 0 if an error occurred.
		178	.Pp
		179	.Fn HMAC_CTX_init
		180	and
		181	.Fn HMAC_CTX_cleanup
		182	do not return values.
		183	.Sh SEE ALSO
		184	.Xr evp 3
		185	.Sh STANDARDS
		186	RFC 2104
		187	.Sh HISTORY
		188	.Fn HMAC ,
		189	.Fn HMAC_Init ,
		190	.Fn HMAC_Update ,
		191	.Fn HMAC_Final ,
		192	and
		193	.Fn HMAC_cleanup
		194	are available since SSLeay 0.9.0.
		195	.Pp
		196	.Fn HMAC_CTX_init ,
		197	.Fn HMAC_Init_ex ,
		198	and
		199	.Fn HMAC_CTX_cleanup
		200	are available since OpenSSL 0.9.7.
		201	.Pp
		202	.Fn HMAC_Init_ex ,
		203	.Fn HMAC_Update ,
		204	and
		205	.Fn HMAC_Final
		206	did not return values in versions of OpenSSL before 1.0.0.


diff --git a/src/lib/libcrypto/man/MD5.3 b/src/lib/libcrypto/man/MD5.3 new file mode 100644 index 0000000000..b0053c1acd --- /dev/null +++ b/src/lib/libcrypto/man/MD5.3
@@ -0,0 +1,184 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt MD5 3
		3	.Os
		4	.Sh NAME
		5	.Nm MD2 ,
		6	.Nm MD4 ,
		7	.Nm MD5 ,
		8	.Nm MD2_Init ,
		9	.Nm MD2_Update ,
		10	.Nm MD2_Final ,
		11	.Nm MD4_Init ,
		12	.Nm MD4_Update ,
		13	.Nm MD4_Final ,
		14	.Nm MD5_Init ,
		15	.Nm MD5_Update ,
		16	.Nm MD5_Final
		17	.Nd MD2, MD4, and MD5 hash functions
		18	.Sh SYNOPSIS
		19	.In openssl/md2.h
		20	.Ft unsigned char *
		21	.Fo MD2
		22	.Fa "const unsigned char *d"
		23	.Fa "unsigned long n"
		24	.Fa "unsigned char *md"
		25	.Fc
		26	.Ft int
		27	.Fo MD2_Init
		28	.Fa "MD2_CTX *c"
		29	.Fc
		30	.Ft int
		31	.Fo MD2_Update
		32	.Fa "MD2_CTX *c"
		33	.Fa "const unsigned char *data"
		34	.Fa "unsigned long len"
		35	.Fc
		36	.Ft int
		37	.Fo MD2_Final
		38	.Fa "unsigned char *md"
		39	.Fa "MD2_CTX *c"
		40	.Fc
		41	.In openssl/md4.h
		42	.Ft unsigned char *
		43	.Fo MD4
		44	.Fa "const unsigned char *d"
		45	.Fa "unsigned long n"
		46	.Fa "unsigned char *md"
		47	.Fc
		48	.Ft int
		49	.Fo MD4_Init
		50	.Fa "MD4_CTX *c"
		51	.Fc
		52	.Ft int
		53	.Fo MD4_Update
		54	.Fa "MD4_CTX *c"
		55	.Fa "const void *data"
		56	.Fa "unsigned long len"
		57	.Fc
		58	.Ft int
		59	.Fo MD4_Final
		60	.Fa "unsigned char *md"
		61	.Fa "MD4_CTX *c"
		62	.Fc
		63	.In openssl/md5.h
		64	.Ft unsigned char *
		65	.Fo MD5
		66	.Fa "const unsigned char *d"
		67	.Fa "unsigned long n"
		68	.Fa "unsigned char *md"
		69	.Fc
		70	.Ft int
		71	.Fo MD5_Init
		72	.Fa "MD5_CTX *c"
		73	.Fc
		74	.Ft int
		75	.Fo MD5_Update
		76	.Fa "MD5_CTX *c"
		77	.Fa "const void *data"
		78	.Fa "unsigned long len"
		79	.Fc
		80	.Ft int
		81	.Fo MD5_Final
		82	.Fa "unsigned char *md"
		83	.Fa "MD5_CTX *c"
		84	.Fc
		85	.Sh DESCRIPTION
		86	MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit
		87	output.
		88	.Pp
		89	.Fn MD2 ,
		90	.Fn MD4 ,
		91	and
		92	.Fn MD5
		93	compute the MD2, MD4, and MD5 message digest of the
		94	.Fa n
		95	bytes at
		96	.Fa d
		97	and place it in
		98	.Fa md ,
		99	which must have space for
		100	.Dv MD2_DIGEST_LENGTH No ==
		101	.Dv MD4_DIGEST_LENGTH No ==
		102	.Dv MD5_DIGEST_LENGTH No == 16
		103	bytes of output.
		104	If
		105	.Fa md
		106	is
		107	.Dv NULL ,
		108	the digest is placed in a static array.
		109	.Pp
		110	The following functions may be used if the message is not completely
		111	stored in memory:
		112	.Pp
		113	.Fn MD2_Init
		114	initializes a
		115	.Vt MD2_CTX
		116	structure.
		117	.Pp
		118	.Fn MD2_Update
		119	can be called repeatedly with chunks of the message to be hashed
		120	.Pq Fa len No bytes at Fa data .
		121	.Pp
		122	.Fn MD2_Final
		123	places the message digest in
		124	.Fa md ,
		125	which must have space for
		126	.Dv MD2_DIGEST_LENGTH No == 16
		127	bytes of output, and erases the
		128	.Vt MD2_CTX .
		129	.Pp
		130	.Fn MD4_Init ,
		131	.Fn MD4_Update ,
		132	.Fn MD4_Final ,
		133	.Fn MD5_Init ,
		134	.Fn MD5_Update ,
		135	and
		136	.Fn MD5_Final
		137	are analogous using an
		138	.Vt MD4_CTX
		139	and
		140	.Vt MD5_CTX
		141	structure.
		142	.Pp
		143	Applications should use the higher level functions
		144	.Xr EVP_DigestInit 3
		145	etc. instead of calling these hash functions directly.
		146	.Sh RETURN VALUES
		147	.Fn MD2 ,
		148	.Fn MD4 ,
		149	and
		150	.Fn MD5
		151	return pointers to the hash value.
		152	.Pp
		153	.Fn MD2_Init ,
		154	.Fn MD2_Update ,
		155	.Fn MD2_Final ,
		156	.Fn MD4_Init ,
		157	.Fn MD4_Update ,
		158	.Fn MD4_Final ,
		159	.Fn MD5_Init ,
		160	.Fn MD5_Update ,
		161	and
		162	.Fn MD5_Final
		163	return 1 for success or 0 otherwise.
		164	.Sh SEE ALSO
		165	.Xr EVP_DigestInit 3
		166	.Sh STANDARDS
		167	RFC 1319, RFC 1320, RFC 1321
		168	.Sh HISTORY
		169	.Fn MD2 ,
		170	.Fn MD2_Init ,
		171	.Fn MD2_Update ,
		172	.Fn MD2_Final ,
		173	.Fn MD5 ,
		174	.Fn MD5_Init ,
		175	.Fn MD5_Update ,
		176	and
		177	.Fn MD5_Final
		178	are available in all versions of SSLeay and OpenSSL.
		179	.Pp
		180	.Fn MD4 ,
		181	.Fn MD4_Init ,
		182	and
		183	.Fn MD4_Update
		184	are available in OpenSSL 0.9.6 and above.


diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index f4fd152ff7..1989a25092 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.38 2016/11/03 09:35:34 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.39 2016/11/03 10:02:57 schwarze Exp $
2		2
3	.include <bsd.own.mk> # for NOMAN	3	.include <bsd.own.mk> # for NOMAN
4		4
@@ -115,6 +115,8 @@ MAN= \
115	EVP_SealInit.3 \	115	EVP_SealInit.3 \
116	EVP_SignInit.3 \	116	EVP_SignInit.3 \
117	EVP_VerifyInit.3 \	117	EVP_VerifyInit.3 \
		118	HMAC.3 \
		119	MD5.3 \
118	UI_new.3 \	120	UI_new.3 \
119	bn_dump.3 \	121	bn_dump.3 \
120	crypto.3 \	122	crypto.3 \
@@ -124,8 +126,6 @@ MAN= \
124	lh_new.3 \	126	lh_new.3 \
125		127
126	GENMAN= \	128	GENMAN= \
127	HMAC.3 \
128	MD5.3 \
129	OBJ_nid2obj.3 \	129	OBJ_nid2obj.3 \
130	OPENSSL_VERSION_NUMBER.3 \	130	OPENSSL_VERSION_NUMBER.3 \
131	OPENSSL_config.3 \	131	OPENSSL_config.3 \