| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
ASN1_PKEY_ALIAS, ASN1_PKEY_DYNAMIC, and ASN1_PKEY_SIGPARAM_NULL
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
including the constants ED25519_KEYLEN and X25519_KEYLEN
|
| | |
|
| |
|
|
| |
making some adjacent wordings slightly more precise.
|
| | |
|
| |
|
|
| |
Compare explicitly against NULL and use ret instead of i.
|
| |
|
|
|
|
|
|
|
| |
Convert to using one-shot signing and verification. This is simpler than
doing Init/Update/Final and necessary for Ed25519 support (RFC 8419). Use
a single exit idiom, don't reuse the same buffer for decoding and signing
and simplify a few other things.
ok jsing
|
| | |
|
| |
|
|
| |
requested by jsing@
|
| |
|
|
|
|
|
| |
Avoids a bit of code duplication and reduces the probability of a fix being
applied to only one of get0 and get1 (which happend in p_lib.c r1.35).
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before EVP_CIPHER_CTX was opaque, callers could pass an uninitialized
ctx into EVP_CipherInit() and calling EVP_CIPHER_CTX_cleanup() on such
a ctx would end in tears.
The only way to initialize a ctx is by way of EVP_CIPHER_CTX_new(), on
which we can call EVP_CIPHER_CTX_cleanup() and avoid silly leaks on ctx
reuse. This also allows some simplifications in the documentation.
There are more changes of this kind that should be done all over libcrypto.
They will be tackled in subsequent commits.
"makes a lot of sense" schwarze
ok jsing
|
| |
|
|
|
|
|
| |
some software still calls them. Put them here because despite the
function and header names, they are really specific to RSA. Besides,
this avoids a distraction in the more important EVP_PKEY_encrypt(3)
and EVP_PKEY_decrypt(3) manual pages.
|
| |
|
|
|
|
|
|
| |
surprisingly large numbers of software packages still call it.
Mark the unused aliases OPENSSL_add_all_algorithms_conf(3),
OPENSSL_add_all_algorithms_noconf(3), SSLeay_add_all_ciphers(3),
and SSLeay_add_all_digests(3) as intentionally undicumented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
EVP_get_pw_prompt(3) because some software out there still uses them.
While here, also improve the description of EVP_read_pw_string(3).
Delete documentation for des_read_pw(3) and des_read_pw_string(3).
They couldn't be used in LibreSSL since at least 2016 because they
were never in Symbols.list, and in 2022, jsing@ also removed them
from <openssl/ui_compat.h>.
Delete the misleading AUTHORS section. Richard Levitte did not
write the original implementation of these functions, and the
compatibility wrapper around the UI_process(3) API that he did
write is not notable enough to be mentioned so prominently.
|
| |
|
|
|
|
|
| |
undocumented because they do not describe properties of the Base64
encoding but add arbitrary constant lengths, hence being implementation
details of BIO_f_base64(3). Besides, they are practically unused
outside evp/bio_b64.c.
|
| | |
|
| | |
|
| |
|
|
| |
also documenting EVP_PKEY_CTX_get0_pkey(3)
|
| | |
|
| |
|
|
|
|
| |
While here, also add the missing RETURN VALUES entries
for EVP_PKEY_gen_cb(3), EVP_PKEY_CTX_get_cb(3),
and EVP_PKEY_CTX_get_keygen_info(3).
|
| |
|
|
| |
While here, also make the descriptions of the other functions more precise.
|
| |
|
|
| |
ok otto.
|
| |
|
|
|
|
| |
because nothing uses it according to codesearch.debian.net
and it only affects X509_PUBKEY_set(3) for DSA and GOST2001 keys,
resulting in incomplete output without the public key parameters.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* mention that EVP_MD_CTX_md(3) also returns NULL
if no message digest is configured yet; and
* omplete the list of functions returning const EVP_MD *,
also making the wording more precise.
Delete EVP_MAX_MD_SIZE from the NAME, SYNOPSIS, and HISTORY sections
because we do not usually document preprocessor macro constants in
this way. There is nothing special about this constant justifying
an exception.
|
| |
|
|
| |
to the RETURN VALUES section
|
| | |
|
| | |
|
| |
|
|
| |
out of the large EVP_DigestInit(3). No text change.
|
| |
|
|
|
|
|
|
| |
undocumented because they are unused outside libcrypto according
to codesearch.debian.net and should probably not be public: they seem
hardly useful even for implementing custom EVP_CIPHER algorithms.
tb@ came to similar conclusions regarding these two functions.
|
| |
|
|
| |
OK tb@
|
| |
|
|
|
|
|
| |
Reported by Viktor Szakats in
https://github.com/libressl/portable/issues/910
ok job
|
| |
|
|
|
|
|
|
| |
The text was misleading before and after the improvement
in obj_dat.c rev. 1.61. The way i'm fixing the documentation
here takes that improvement into account.
Also add a CAVEATS section about adding incomplete objects.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no need for a helper function to obfuscate lh_ADDED_OBJ_new().
Just call the real thing directly.
Adding an object with a NID of NID_undef basically amounts to disabling
a built-in OID. It does so in an incoherent fashion and the caller can't
easily tell success from failure of the operation. Arguably the result is
a corrupted objects table.
Let's not allow adding such an object in an attempt at keeping things
slightly more coherent.
Issue noted and initial diff by schwarze while writing documentation
ok schwarze
|
| | |
|
| | |
|
| |
|
|
| |
in particular saying which API functions each flag affects
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Integrate the leftovers of the former NOTES section into the main text,
resulting in a more logical order of information.
* Make many descriptions more precise and tweak many wordings.
For example, the description of OBJ_cmp(3) was totally misleading.
Add a CAVEATS section explaining the scary ownership contracts
of the functions returning ASN1_OBJECT pointers.
Move the discussion of NID_undef to the BUGS section because the
statement "objects which are not in the table have the NID value
NID_undef" was misleading in more than one way.
Considering that an API as fundamental as this one contains such a
gigantic amount of quirks and traps and gaps makes me shudder.
|
| | |
|
| |
|
|
|
|
| |
/usr/src/lib/libcrypto/whrlpool/wp_local.h:5:1: error: unknown type name '__BEGIN_HIDDEN_DECLS'
ok tb@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* more precision what the CIPHER_CTX functions do
* more precision what an NID is
* avoid talking about RC2, use AES-256 for an example instead
* clarify that block sizes are measured in bytes
* mention additional restrictions regarding valid block sizes
* add the missing description of the *_flags(3) functions
* mention the public mask constant EVP_CIPH_MODE
* add three missing modes that can occur as return values
* add the missing entries for *_flags(3) and *_mode(3) below RETURN VALUES
* tweak various wordings for precision and conciseness
|
| |
|
|
|
|
| |
It currently returns NULL. This is OpenSSL 4088b926 + De Morgan.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
and EVP_CIPHER_CTX_set_flags(3) out of the excessively large and
unwieldy EVP_EncryptInit(3). This causes a number of inaccuracies
and gaps to stand out, but i'm not mixing text changes or content
additions into this split.
Using very useful feedback from tb@ regarding what belongs together
and how important the various functions are. I refrained from bothering
him with the complete patch, but he likes the general direction.
|
