From d4fcd82bb7f6d603bd61e19a81ba97337b89dfca Mon Sep 17 00:00:00 2001 From: markus <> Date: Mon, 12 May 2003 02:18:40 +0000 Subject: merge 0.9.7b with local changes; crank majors for libssl/libcrypto --- src/lib/libcrypto/doc/DH_generate_parameters.pod | 3 +- src/lib/libcrypto/doc/DSA_SIG_new.pod | 3 +- src/lib/libcrypto/doc/DSA_generate_key.pod | 3 +- src/lib/libcrypto/doc/ERR_get_error.pod | 2 +- src/lib/libcrypto/doc/EVP_EncryptInit.pod | 2 +- src/lib/libcrypto/doc/EVP_SealInit.pod | 26 +++++++++------ src/lib/libcrypto/doc/RAND_bytes.pod | 3 +- src/lib/libcrypto/doc/RSA_generate_key.pod | 3 +- src/lib/libcrypto/doc/RSA_print.pod | 6 ++-- src/lib/libcrypto/doc/RSA_private_encrypt.pod | 4 +-- src/lib/libcrypto/doc/RSA_public_encrypt.pod | 3 +- src/lib/libcrypto/doc/RSA_set_method.pod | 13 +++++--- .../libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod | 4 +-- src/lib/libcrypto/doc/d2i_DHparams.pod | 14 ++++---- src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | 39 ++++++++++++++++++---- 15 files changed, 86 insertions(+), 42 deletions(-) (limited to 'src/lib/libcrypto/doc') diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod index 4a2d653758..9081e9ea7c 100644 --- a/src/lib/libcrypto/doc/DH_generate_parameters.pod +++ b/src/lib/libcrypto/doc/DH_generate_parameters.pod @@ -59,7 +59,8 @@ a usable generator. =head1 SEE ALSO -L, L, L, L +L, L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/DSA_SIG_new.pod b/src/lib/libcrypto/doc/DSA_SIG_new.pod index 45df4c0661..3ac6140038 100644 --- a/src/lib/libcrypto/doc/DSA_SIG_new.pod +++ b/src/lib/libcrypto/doc/DSA_SIG_new.pod @@ -30,7 +30,8 @@ DSA_SIG_free() returns no value. =head1 SEE ALSO -L, L, L +L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/DSA_generate_key.pod b/src/lib/libcrypto/doc/DSA_generate_key.pod index 9906a2d7e0..af83ccfaa1 100644 --- a/src/lib/libcrypto/doc/DSA_generate_key.pod +++ b/src/lib/libcrypto/doc/DSA_generate_key.pod @@ -24,7 +24,8 @@ The error codes can be obtained by L. =head1 SEE ALSO -L, L, L, L +L, L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod index 9fdedbcb91..34443045fc 100644 --- a/src/lib/libcrypto/doc/ERR_get_error.pod +++ b/src/lib/libcrypto/doc/ERR_get_error.pod @@ -5,7 +5,7 @@ ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, -ERR_peek_error_line_data - obtain error code and data +ERR_peek_last_error_line_data - obtain error code and data =head1 SYNOPSIS diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod index 75cceb1ca2..daf57e5895 100644 --- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod +++ b/src/lib/libcrypto/doc/EVP_EncryptInit.pod @@ -419,7 +419,7 @@ Encrypt a string using blowfish: EVP_CIPHER_CTX ctx; FILE *out; EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, NULL, EVP_bf_cbc(), key, iv); + EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv); if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) { diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod index 25ef07f7c7..b5e477e294 100644 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ b/src/lib/libcrypto/doc/EVP_SealInit.pod @@ -18,22 +18,28 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption =head1 DESCRIPTION The EVP envelope routines are a high level interface to envelope -encryption. They generate a random key and then "envelope" it by -using public key encryption. Data can then be encrypted using this -key. +encryption. They generate a random key and IV (if required) then +"envelope" it by using public key encryption. Data can then be +encrypted using this key. EVP_SealInit() initializes a cipher context B for encryption -with cipher B using a random secret key and IV supplied in -the B parameter. B is normally supplied by a function such -as EVP_des_cbc(). The secret key is encrypted using one or more public -keys, this allows the same encrypted data to be decrypted using any -of the corresponding private keys. B is an array of buffers where -the public key encrypted secret key will be written, each buffer must -contain enough room for the corresponding encrypted key: that is +with cipher B using a random secret key and IV. B is normally +supplied by a function such as EVP_des_cbc(). The secret key is encrypted +using one or more public keys, this allows the same encrypted data to be +decrypted using any of the corresponding private keys. B is an array of +buffers where the public key encrypted secret key will be written, each buffer +must contain enough room for the corresponding encrypted key: that is B must have room for B bytes. The actual size of each encrypted secret key is written to the array B. B is an array of B public keys. +The B parameter is a buffer where the generated IV is written to. It must +contain enough room for the corresponding cipher's IV, as determined by (for +example) EVP_CIPHER_iv_length(type). + +If the cipher does not require an IV then the B parameter is ignored +and can be B. + EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the L manual diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod index b03748b918..ce6329ce54 100644 --- a/src/lib/libcrypto/doc/RAND_bytes.pod +++ b/src/lib/libcrypto/doc/RAND_bytes.pod @@ -35,7 +35,8 @@ method. =head1 SEE ALSO -L, L, L +L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod index 11bc0b3459..52dbb14a53 100644 --- a/src/lib/libcrypto/doc/RSA_generate_key.pod +++ b/src/lib/libcrypto/doc/RSA_generate_key.pod @@ -59,7 +59,8 @@ RSA_generate_key() goes into an infinite loop for illegal input values. =head1 SEE ALSO -L, L, L, L +L, L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/RSA_print.pod b/src/lib/libcrypto/doc/RSA_print.pod index ff2d353d1a..c971e91f4d 100644 --- a/src/lib/libcrypto/doc/RSA_print.pod +++ b/src/lib/libcrypto/doc/RSA_print.pod @@ -2,9 +2,9 @@ =head1 NAME -RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print, -DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic -parameters +RSA_print, RSA_print_fp, +DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, +DHparams_print, DHparams_print_fp - print cryptographic parameters =head1 SYNOPSIS diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod index 0d1b2bd541..746a80c79e 100644 --- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod +++ b/src/lib/libcrypto/doc/RSA_private_encrypt.pod @@ -59,8 +59,8 @@ obtained by L. =head1 SEE ALSO -L, L, L, -L +L, L, +L, L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/RSA_public_encrypt.pod b/src/lib/libcrypto/doc/RSA_public_encrypt.pod index 8022a23f99..d53e19d2b7 100644 --- a/src/lib/libcrypto/doc/RSA_public_encrypt.pod +++ b/src/lib/libcrypto/doc/RSA_public_encrypt.pod @@ -72,7 +72,8 @@ SSL, PKCS #1 v2.0 =head1 SEE ALSO -L, L, L, L +L, L, L, +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod index 0687c2242a..0a305f6b14 100644 --- a/src/lib/libcrypto/doc/RSA_set_method.pod +++ b/src/lib/libcrypto/doc/RSA_set_method.pod @@ -3,13 +3,12 @@ =head1 NAME RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_SSLeay, -RSA_null_method, RSA_flags, RSA_new_method - select RSA method +RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, +RSA_new_method - select RSA method =head1 SYNOPSIS #include - #include void RSA_set_default_method(const RSA_METHOD *meth); @@ -25,7 +24,7 @@ RSA_null_method, RSA_flags, RSA_new_method - select RSA method int RSA_flags(const RSA *rsa); - RSA *RSA_new_method(ENGINE *engine); + RSA *RSA_new_method(RSA_METHOD *method); =head1 DESCRIPTION @@ -70,6 +69,12 @@ B will be used for the RSA operations. If B is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used. +RSA_flags() returns the B that are set for B's current method. + +RSA_new_method() allocates and initializes an B structure so that +B will be used for the RSA operations. If B is B, +the default method is used. + =head1 THE RSA_METHOD STRUCTURE typedef struct rsa_meth_st diff --git a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod index b8c7bbb7e3..e70380bbfc 100644 --- a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod +++ b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod @@ -47,8 +47,8 @@ These functions serve no recognizable purpose. =head1 SEE ALSO -L, L, L, -L, L, +L, L, +L, L, L, L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/d2i_DHparams.pod b/src/lib/libcrypto/doc/d2i_DHparams.pod index a6d1743d39..1e98aebeca 100644 --- a/src/lib/libcrypto/doc/d2i_DHparams.pod +++ b/src/lib/libcrypto/doc/d2i_DHparams.pod @@ -2,7 +2,7 @@ =head1 NAME -d2i_DHparams, i2d_DHparams - ... +d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions. =head1 SYNOPSIS @@ -13,18 +13,18 @@ d2i_DHparams, i2d_DHparams - ... =head1 DESCRIPTION -... +These functions decode and encode PKCS#3 DH parameters using the +DHparameter structure described in PKCS#3. -=head1 RETURN VALUES - -... +Othewise these behave in a similar way to d2i_X509() and i2d_X509() +described in the L manual page. =head1 SEE ALSO -... +L =head1 HISTORY -... +TBA =cut diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod index ff4d0d57db..7c71bcbf3d 100644 --- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod +++ b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod @@ -2,7 +2,9 @@ =head1 NAME -d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ... +d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, +d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA, +d2i_Netscape_RSA - RSA public and private key encoding functions. =head1 SYNOPSIS @@ -12,6 +14,10 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne int i2d_RSAPublicKey(RSA *a, unsigned char **pp); + RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length); + + int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); + RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); @@ -22,18 +28,39 @@ d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Ne =head1 DESCRIPTION -... +d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey +structure. + +d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a +SubjectPublicKeyInfo (certificate public key) structure. + +d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey +structure. + +d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in +NET format. + +The usage of all of these functions is similar to the d2i_X509() and +i2d_X509() described in the L manual page. + +=head1 NOTES + +The B structure passed to the private key encoding functions should have +all the PKCS#1 private key components present. -=head1 RETURN VALUES +The data encoded by the private key functions is unencrypted and therefore +offers no private key security. -... +The NET format functions are present to provide compatibility with certain very +old software. This format has some severe security weaknesses and should be +avoided if possible. =head1 SEE ALSO -... +L =head1 HISTORY -... +TBA =cut -- cgit v1.2.3-55-g6feb