| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
More logical ordering of EVP_PKEY_base_id(3) and EVP_PKEY_id(3) while here.
|
| |
|
|
|
|
|
|
|
|
| |
It makes no sense to have method enumerators public, but the function
to retrieve the method of a specific public key undocumented.
Besides, it is confusing to have EVP_PKEY_asn1_get0(3) documented
without mentioning the very different EVP_PKEY_get0_asn1(3).
Remove a duplicate .Xr while here,
and reference the related accessor EVP_PKEY_base_id(3).
Triggered by tb@ adding a const qualifier to the argument.
|
| |
|
|
|
|
|
| |
It is clearly public because it is declared in <openssl/evp.h>,
refenced from EVP_PKEY_asn1_set_public(3), and similar to the
documented functions DH_bits(3) and RSA_bits(3).
Triggered by tb@ adding a const qualifier to its argument.
|
| |
|
|
| |
to the "pass" and "name" arguments of PKCS12_create(3). Adjust the manual.
|
| |
|
|
|
| |
to the "name", "header", and "data" arguments of PEM_write(3) and
PEM_write_bio(3). Adjust the manual.
|
| |
|
|
|
| |
to the "url" argument of OCSP_crlID_new(3) and to the "urls"
argument of OCSP_url_svcloc_new(3). Adjust the manuals.
|
| |
|
|
|
| |
to the argument of X509_get_subject_name(3) and X509_get_issuer_name(3).
Adjust the manual.
|
| |
|
|
| |
to the arguments of OCSP_cert_id_new(3). Adjust the manual.
|
| |
|
|
| |
to the "obj" argument of X509v3_get_ext_by_OBJ(3). Adjust the manual.
|
| |
|
|
| |
to the "sig" argument of EVP_DigestVerifyFinal(3). Adjust the manual.
|
| |
|
|
|
| |
to the argument of BIO_new_accept(3), BIO_new_connect(3), and
BIO_new_mem_buf(3). Update the documentation.
|
| |
|
|
| |
to return value of BIO_s_mem(3). Update the manual page.
|
| |
|
|
|
| |
to the return value of BIO_f_base64(3), BIO_f_cipher(3), and
BIO_f_base64(3). Update the documentation.
|
| |
|
|
| |
to some function arguments. Update the documentation.
|
| |
|
|
| |
to the prototypes of several functions. Update the documentation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
carefully document constant time vs. non-constant time operation
of BN_div(3), BN_mod_exp(3), and BN_mod_inverse(3).
Until the work that is required on the ill-designed BN_exp(3) and
BN_gcd(3) interfaces can be undertaken, also document the imperfections
in their behaviour, for now. Finally, mention BN_mod_exp(3) behaviour
for even moduli.
Delete the vague statement about some functions automatically
setting BN_FLG_CONSTTIME. It created a false sense of security.
Do not rely on it: not all relevant functions do that.
Topic brought up by beck@, significant feedback and OK jsing@.
|
| |
|
|
|
| |
to some parameters of some functions. Update the documentation.
Add a few additional missing const qualifiers while here.
|
| |
|
|
|
| |
While here, include a patch from tb@
adding the missing return type to ENGINE_ctrl() in the SYNOPSIS.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Correct documentation of DH_new(3), DH_free(3), DSA_new(3), DSA_free(3),
RSA_new(3), and RSA_free(3) with respect to reference counting.
* Stop referencing engine(3).
|
| |
|
|
|
|
|
| |
and more concise.
* Correct the description of the return values of DH_set_method(3)
and DSA_set_method(3).
* Stop referencing engine(3).
|
| |
|
|
|
|
|
|
|
|
| |
* Add three missing const qualifiers to function prototypes.
* Correct the argument type of RSA_new_method(3).
* Remove duplicate decsription of RSA_flags(3) and RSA_new_method(3).
* Make the description of method selection simpler, more precise,
and more concise.
* Correct description of the return value of RSA_set_method(3).
* Stop referencing engine(3).
|
| | |
|
| |
|
|
|
|
| |
covering the remaining functions that were documented in engine(3),
except for seven functions that are completely pointless and that
were merely listed but not really documented.
|
| |
|
|
|
| |
covering 60% of the documented functions). The old, abominable
engine(3) manual page shall die soon.
|
| |
|
|
|
|
| |
to accept a NULL argument. Document that.
While here, make the related sentences more precise and less verbose.
Tweaks and OK tb@.
|
| |
|
|
|
| |
triggered by OpenSSL commit a73d990e Feb 27 19:02:24 2018 +0100,
but with different content
|
| | |
|
| |
|
|
|
| |
suppresses any future config file loading.
ok schwarze@ with a nit from jsing@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Tighten up checks for various X509_VERIFY_PARAM functions, and
allow for the verify param to be poisoned (preculding future
successful cert validation) if the setting of host, ip, or email
for certificate validation fails. (since many callers do not
check the return code in the wild and blunder along anyway)
Inspired by some discussions with Adam Langley.
ok jsing@
|
| |
|
|
| |
From Edgar Pettijohn
|
| |
|
|
| |
X509_STORE_get0_param(3); write the documentation from scratch.
|
| |
|
|
|
| |
X509_OBJECT_get_type(3). It is undocumented in OpenSSL,
so write some documentation from scratch.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
arbitrarily different, the array is in general no longer sorted.
This commit copies a small hidden bugfix from the OpenSSL commit
https://github.com/openssl/openssl/commit/fbb7b33b
the rest of which is merely cosmetics.
I discovered the bug independently while documenting sk_find(3).
Keep the library's idea of when an empty stack or a one-element stack
is sorted and when it is not bug-compatible with OpenSSL, even though
in fact, empty and one-element stacks are of course always sorted.
OK beck@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
BoringSSL rather than from OpenSSL and that it is not hooked into evp(3).
So delete all text from OpenSSL including the Copyright and license
and replace it by some text assembled from comments in BoringSSL
code and headers and some text written myself, all under ISC license.
In particular, also describe X25519_keypair(3), add SYNOPSIS, RETURN
VALUES, STANDARDS, and a reference to D. J. Bernsteins instructions
on how to use the algorithm. Delete the text related to EVP_PKEY
describing features we do not support.
|
| |
|
|
|
| |
from Matt Caswell <matt at openssl dot org>
via OpenSSL commit f929439f Mar 15 12:19:16 2018 +0000
|
| |
|
|
|
|
| |
manual page, which is below the threshold of originality, so there is
no need to change the Copyright headers. The rest of that page is less
clear and less precise than what we already have in our various pages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The comment in EVP_DigestInit.pod is:
"EVP_MD_pkey_type() returns the NID of the public key signing algorithm
associated with this digest. For example EVP_sha1() is associated with
RSA so this will return NID_sha1WithRSAEncryption. Since digests and
signature algorithms are no longer linked this function is only retained
for compatibility reasons."
So there is no link anymore.
From <paul dot dale at oracle dot com>
via OpenSSL commit 79b49fb0 Mar 20 10:03:10 2018 +1000
|
| |
|
|
|
| |
from Kurt Roeckx <kurt at roeckx dot be>
via OpenSSL commit b38fa985 Mar 10 16:32:55 2018 +0100
|
| |
|
|
|
|
| |
EC_POINT_get_affine_coordinates_GF2m(3);
from David Benjamin <davidben at google dot com>
via OpenSSL commit ddc1caac Mar 6 14:00:24 2018 -0500
|
| |
|
|
|
| |
from <Bernd dot Edlinger at hotmail dot de>
via OpenSSL commit c911e5da Mar 19 14:20:53 2018 +0100
|
| |
|
|
|
| |
from <Matthias dot St dot Pierre at ncp dash e dot com>
via OpenSSL commit 36359cec Mar 7 14:37:23 2018 +0100
|
| |
|
|
| |
via OpenSSL commit d47eaaf4 Mar 9 07:11:13 2018 -0500
|
| |
|
|
| |
via OpenSSL commit 4a56d2a3 Feb 25 16:49:27 2018 +0300
|
| |
|
|
| |
on the web, so fix up SSLeay HISTORY accordingly
|
| | |
|
