summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/man (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix incorrect X509v3_get_ext_by_NID(3) return valuestb2024-05-221-9/+17
| | | | This error comes from upstream, where it is still wrong.
* remove prototypes with no matching functionjsg2024-05-191-12/+2
| | | | feedback and ok tb@
* Improve X509V3_get0_uids() documentationtb2024-05-151-11/+19
| | | | | Use less horrcble variable names and make it explicit that both output arguments are allowed to be NULL.
* Fix last sentence of CAVEATS which I got the wrong way aroundtb2024-05-141-4/+3
|
* Be more specific about X509V3_ADD_APPEND and X509V3_ADD_DELETEtb2024-05-121-3/+6
|
* Tweak wordingtb2024-05-121-1/+4
|
* Remove a 'built-in' that was left in by accidenttb2024-05-121-2/+2
|
* Install X509V3_EXT_get_nid.3tb2024-05-121-1/+2
|
* Add minimal manpage documenting the misnamed X509V3_EXT_get_nid()tb2024-05-122-2/+92
| | | | | | This avoids a dangling reference in i2s_ASN1_ENUMERATED_TABLE. To complete this manual, someone will need to document X509V3_EXT_METHOD, but that's for a much more rainy day than today.
* Avoid .Xr to no longer public X509_LOOKUP_by_subject(3)tb2024-05-121-7/+4
| | | | looks good to jmc
* Sync DSA_METHOD documentation with realitytb2024-05-111-36/+15
| | | | | | | It is dubious whether this opaque struct's internals should be documented in the first place. This also has been incomplete since forever. For now zap the stuff that no longer exists and make an attempt at matching KNF a bit more closely.
* PEM_read_bio_PrivateKey: fix grammartb2024-05-071-3/+3
| | | | This old [...] routines use [...] -> These old [...] routines [...]
* Tweak start of DESCRIPTION of EC_GROUP_new()tb2024-04-271-4/+9
| | | | | Complete precision will lead to complete confusion, however outright lies are also bad.
* Document EC_curve_{nid2nist,nist2nid}()tb2024-04-261-4/+57
|
* remove space at eoljsg2024-04-221-3/+3
|
* Remove a couple of lies about GOST in CMStb2024-04-182-8/+8
|
* More GOST removal adjustmentstb2024-04-181-3/+3
|
* EVP_PKEY_set1_RSA.3 some adjustments after GOST removaltb2024-04-181-4/+4
|
* Remove documentation of no longer available APItb2024-04-141-85/+4
|
* Remove incorrect function countstb2024-04-041-4/+4
| | | | | | | | | Vincent Lee spotted that I failed to update numbers that count how many functions are documented here when removing {CRYPTO,OPENSSL}_realloc. This isn't helpful information and nobody will remember to go look for such numbers next time this page is adjusted, so remove the counts. agreement from jmc
* Sprinkle a few references to RFC 8419tb2024-03-293-6/+15
|
* Remove OPENSSL/CRYPTO_realloc documentationtb2024-03-191-21/+4
|
* Remove X509_ALGOR_set_md() documentationtb2024-03-193-37/+8
| | | | | As far as LibreSSL is concerned, this terrible API is pushing up the daisies.
* Add missing Nm entries for OBJ_NAME_do_all*tb2024-03-141-3/+5
|
* Mark up X509_STORE_get1_objects()tb2024-03-141-3/+3
|
* Add back a .Pptb2024-03-141-2/+3
|
* Clarify ownership in X509_STORE_add_lookup()tb2024-03-061-3/+4
| | | | | Whether an X509_LOOKUP with given method already exists or not, this API returns an internal pointer that must not be freed.
* Remove CRL method API documentationtb2024-03-067-243/+11
|
* lh_<type>_error() is no longer implemented as a macrotb2024-03-051-4/+2
|
* Remove GOST documentationtb2024-03-057-42/+17
|
* Remove ASN1_time_parse documentationtb2024-03-056-157/+9
|
* Remove EVP_MD_meth* documentationtb2024-03-058-378/+70
| | | | | Move the description of the EVP_MD_FLAGs to EVP_MD_nid() and add a reference to the CMS specification.
* Remove EVP_add_{cipher,digest}* docstb2024-03-044-198/+5
|
* lh_new.3: zap a trailing commatb2024-03-041-3/+3
|
* EVP_CIPH_CUSTOM_KEY_LENGTH and EVP_CTRL_SET_KEY_LENGTH are gonetb2024-03-041-14/+2
|
* Remove docs for sk_find_ex()tb2024-03-041-47/+3
|
* Remove documentation of some CRYPTO_THREADID APItb2024-03-041-58/+2
| | | | | CRYPTO_THREADID_{cpm,cpy,current,hash}() are no longer public, so remove their documentation.
* Document X509_STORE_get1_objects and deprecate the get0 versiontb2024-03-041-4/+38
| | | | | This manual is ordered a bit strangely in that some functions are only documented in RETURN VALUES.
* Remove lh statstb2024-03-023-211/+3
| | | | | | | This could have been removed in an earlier bump. Now it's time for it to say goodbye. ok jsing
* Remove CMAC_resume()tb2024-03-021-24/+2
| | | | | | | | | While it is a neat design detail of CMAC that you can resume it after having finalized it, nothing uses this functionality and it adds some gross things such as retaining intermediate secrets in the CMAC ctx. Once this is gone, we can simplify the CMAC code a bit. ok jsing
* Remove BIO_{sn,v,vsn}printf(3)tb2024-03-021-55/+4
| | | | | | | Unsued printing functionality. If something should need this we can readily add it back. ok jsing
* Update ASN1_TIME_set(3)tb2024-02-181-5/+44
| | | | | | | Document OPENSSL_{posix_to_tm,tm_to_posix}() and fix the documentation of OPENSSL_{gmtime,timegm}(). ok jsing
* Make it explicit that the EC_KEY setters don't check thingstb2024-02-161-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While EC_POINT_set_affine_coordinates() checks that the resulting point is on the elliptic curve, this is only necessary, but not sufficient, to ensure that the point can serve as a valid public key. For example, this does not check for normalized coordinates or exclude that it is zero (the point at infinity). Such checks, and more, are performed by the similarly named EC_KEY_set_public_key_affine_coordinates(). This kind of makes sense from the mathematical standpoint as an elliptic curve point isn't a priori a public key, even if you are not going to use libcrypto for actual mathematics (or anything really) unless you like pain. In a cryptographic library such differences are more of a hazard than a help. This is exacerbated by the fact that EC_KEY_set_public_key() does almost no checking (it only checks that the point's EC_POINT method matches the one of group set of the EC_KEY, which is far from enough). The API expects that you call EC_KEY_check_key() on your own. This is kind of confusing since EC_KEY_set_public_key_affine_coordinates() does that for you. Unfortunately, adding sanity checks to EC_KEY_set_public_key() isn't easy since it's going to penalize those who already check. Caching the result of a check is dangerous and fragile if there are a million ways of fiddling with an EC_KEY. While the elliptic curve code is really bad, its documentation is worse (another thing that applies to OpenSSL in general). Try to help that a little bit by making it more explicit that you are supposed to call EC_KEY_check_key() after using lower-level EC_KEY setters. Also make it clearer that the setters copy the data, they don't take ownership (which isn't obvious from the naming). If OpenSSL 3 got one thing kind of right, it was to deprecate the EC_KEY and EC_POINT APIs. But if you are going to deprecate something, you should either be prepared to remove it or have a reasonable replacement... Found by Guido Vranken using cryptofuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66667 ok jsing
* Document a portability caveat about GeneralizedTime and UTCTimejob2024-02-131-2/+9
| | | | OK tb@
* Merge OBJ_NAME_do_all*(3) into EVP_CIPHER_do_all(3)tb2024-01-315-63/+96
| | | | | | | This is the only OBJ_NAME API that will remain after the next major bump. The API is misnamed and really is about EVP, so move it to an EVP manual documenting another API doing essentially the same thing. Remove most cross references to OBJ_NAME_*.
* Make it safe to delete entries from an lhash doall callback.jsing2024-01-241-11/+4
| | | | | | | | | | | | | | | | | | Currently, the callback cannot safely delete entries as it could lead to contraction of the hash table, which in turn could lead to doall skipping entries (and that typically leads to memory leaks). The recommended workaround is to reach in and fiddle with the hash table internals in order to prevent contraction, call the doall function and then restore the internals that were changed. Rather than just improving our documentation, actually make it safe to delete entries from an lhash doall callback by pausing contractions prior to starting the callback loop, then restoring the down load factor and triggering contraction once completed. This means that callers no longer need access to change hash table internals in order to achieve this same behaviour. ok tb@
* Link CMS_signed_add1_attr(3) to tree structure of crypto(3) manuals andtb2024-01-223-5/+8
| | | | add a back reference from CMS_get0_SignerInfos(3).
* Simplify history section to match what other manuals dotb2024-01-221-23/+2
|
* Document various CMS_{signed,unsigned}_* functionsjob2024-01-222-1/+393
| | | | | | These functions change signed & unsigned attributes of a CMS SignerInfo object With & OK tb@
* Remove check{,obj_cleanup}_defer documentationtb2024-01-131-66/+3
| | | | | | | | | Both check_defer() and the global variable obj_cleanup_defer were removed from the public API two years ago. Now they were removed from the internals as well, simplifying the cleanup process greatly. We no longer need them to have a chance to understand the cleanup process. Also remove references to EVP_cleanup() since this has long been deprecated and now it doesn't clean up things anymore.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-08 22:43:12 +0000