| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
and X509_STORE_set_verify(3) and document X509_STORE_get_verify(3)
which tb@ all provided with x509_vfy.h revisions 1.48 and 1.49
|
| |
|
|
| |
which tb@ provided with x509_vfy.h revisions 1.48 and 1.49
|
| |
|
|
|
|
|
|
|
|
|
| |
It appears to be intended for internal use by DSA_do_verify(3) and using
codesearch.debian.net, i found nothing outside OpenSSL/LibreSSL using it.
In April 2018, jsing@ questioned whether the five related functions
BN_mod_exp_mont() and friends should even be exposed by <openssl/bn.h>,
so we decided to not document them. Now tb@ agrees that there is no
reason to document BN_mod_exp2_mont() as long as we don't want to
document BN_mod_exp_mont().
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Explain up front what "ASN1_TIME" is (suggested by beck@, wording by me).
2. For opaque structs, use the generic term "object",
like we already do it in many other LibreSSL manual pages.
3. Drop some redundant phrases.
4. Improve the EXAMPLES section (by beck@, with fixes by me).
6. Add a STANDARDS section.
...and some other minor polishing.
OK beck@
|
| |
|
|
|
|
|
|
|
| |
ASN1_TIME_normalize(3), ASN1_TIME_to_tm(3), ASN1_TIME_cmp_time_t(3),
and ASN1_TIME_compare(3).
Merge documentation from the OpenSSL 1.1.1 branch, which is still
under a free license, with tweaks by me in several respects to match
our implementation, and also using some feedback from beck@.
OK beck@.
|
| |
|
|
|
|
|
|
|
|
| |
BoringSSL uses the common trick of storing malloc metadata in a prefix
and then returning a pointer with an offset. Therefore callers must not
call free() but OPENSSL_free().
Reported by dropk1ck via tobhe
ok beck jsing
|
| | |
|
| |
|
|
|
| |
This is no longer public API. Also remove some comments about i2c and c2i
functions being intentionally undocumented since they are no longer public.
|
| | |
|
| |
|
|
| |
ok jmc@ miod@
|
| |
|
|
| |
ok ok miod@ ack ack jmc@
|
| |
|
|
| |
ok miod@ jmc@
|
| |
|
|
|
| |
Noticed by jsg
Feedback OK jsg
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In bio.h r1.54, the signature of BIO_callback_ctrl() was changed from
bio_info_cb to BIO_info_cb. Adjust manual to reflect this change.
At the moment, bio_info_cb and BIO_info_cb are still distinct types with
our BIO_info_cb matching OpenSSL's definition. Historically, bio_info_cb
had a different type, but that leads to issues with casting function
pointers. The ecosystem has moved on to embrace the new type and several
ports confuse the two types because OpenSSL decided to "solve" the issues
with "typedef BIO_info_cb bio_info_cb; /* backward compatibilty */". We
will align with this in the next bump.
ok jsing
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Document it from scratch.
While here, merge a few details from the OpenSSL 1.1.1 branch, which
is still under a free license, into the documentation of DSA_size(3).
|
| |
|
|
|
|
| |
and X509_VERIFY_PARAM_set_auth_level(3). Document them.
For the latter, i included a few sentences from the OpenSSL 1.1.1
branch, which is still under a free license.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
EVP_PKEY_param_check(3), and EVP_PKEY_security_bits(3) from scratch.
Move the documentation of EVP_PKEY_size(3) and EVP_PKEY_bits(3)
to the new manual page EVP_PKEY_size(3).
Merge the documentation of the related function pointers
from the OpenSSL 1.1.1 branch, which is still under a free license.
OK tb@ on the new page EVP_PKEY_size(3).
|
| |
|
|
|
| |
tb@ recently added these functions to libcrypto
and also provided feedback on my first draft of this page.
|
| |
|
|
|
|
|
|
|
| |
provided the new public function DH_check_pub_key(3) in <openssl/dh.h>.
Sorry for being a bit tardy in documenting the new function.
Then again, OpenSSL doesn't document it either, yet.
While here, drop a HISTORY entry about a constant that
was renamed in OpenSSL 0.9.5. That's no longer relevant.
|
| |
|
|
|
|
|
| |
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
| |
|
|
|
|
| |
and DSA_meth_set1_name(3).
Merge the documentation from the OpenSSL 1.1.1 branch, which
is still under a free license, significantly tweaked by me.
|
| |
|
|
|
|
|
|
|
|
|
| |
ASN1_INTEGER_set_uint64(3), ASN1_INTEGER_set_int64(3),
ASN1_ENUMERATED_get_int64(3), and ASN1_ENUMERATED_set_int64(3)
recently provided by tb@.
Even though Dr. Steven Henson also documented these functions in OpenSSL,
the text over there is excessively verbose, repetitive, very badly ordered,
and incomplete, so i chose to instead write this patch from scratch,
also adding some precision in a few places.
|
| |
|
|
| |
Consumers should include openssl/objects.h instead.
|
| | |
|
| |
|
|
|
|
| |
indicating a workaround.
input/ok jsing
|
| |
|
|
|
| |
be caught by the error check of EVP_PKEY_derive_init() is a dubious
pattern.
|
| | |
|
| |
|
|
|
|
| |
Manual from OpenSSL 1.1.1o with minimal tweaks.
input/ok schwarze
|
| |
|
|
| |
so there's no longer a need to document that they are undocumented.
|
| | |
|
| |
|
|
|
|
|
| |
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
| |
|
|
|
|
|
| |
we no longer have, focus on what our implementation now does, but
keep short warnings in how far other implementations might be more
fragile. Some improvements to wordings and clarity while here.
OK tb@
|
| | |
|
| |
|
|
| |
OK tb@
|
| | |
|
| | |
|
| |
|
|
| |
ok inoguchi@ tb@
|
| | |
|
| |
|
|
| |
ok gnezdo@ miod@ jmc@
|
| |
|
|
| |
ok jmc@
|
| | |
|
| |
|
|
| |
CRL's signature is invalid, not the certificate's.
|
| |
|
|
| |
spotted by/ok jmc
|
