From adc2a0a37a306f738da40a5a46f14e7fc9f1f571 Mon Sep 17 00:00:00 2001 From: jim <> Date: Sun, 4 May 2014 21:46:36 +0000 Subject: Remove trailing whitespace. fine jmc@ --- src/lib/libcrypto/doc/DES_set_key.pod | 40 +++++++++++----------- src/lib/libcrypto/doc/DH_generate_parameters.pod | 2 +- src/lib/libcrypto/doc/DSA_set_method.pod | 2 +- src/lib/libcrypto/doc/ERR_get_error.pod | 2 +- src/lib/libcrypto/doc/EVP_DigestInit.pod | 18 +++++----- src/lib/libcrypto/doc/EVP_DigestSignInit.pod | 4 +-- src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod | 4 +-- src/lib/libcrypto/doc/EVP_EncryptInit.pod | 16 ++++----- src/lib/libcrypto/doc/EVP_OpenInit.pod | 2 +- src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod | 8 ++--- src/lib/libcrypto/doc/EVP_PKEY_cmp.pod | 2 +- src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod | 6 ++-- src/lib/libcrypto/doc/EVP_PKEY_derive.pod | 2 +- src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod | 6 ++-- src/lib/libcrypto/doc/EVP_PKEY_keygen.pod | 4 +-- src/lib/libcrypto/doc/EVP_PKEY_new.pod | 2 +- src/lib/libcrypto/doc/EVP_PKEY_print_private.pod | 4 +-- src/lib/libcrypto/doc/EVP_PKEY_set1_RSA.pod | 2 +- src/lib/libcrypto/doc/EVP_PKEY_sign.pod | 6 ++-- src/lib/libcrypto/doc/EVP_PKEY_verify.pod | 4 +-- src/lib/libcrypto/doc/EVP_PKEY_verify_recover.pod | 8 ++--- src/lib/libcrypto/doc/EVP_SealInit.pod | 4 +-- src/lib/libcrypto/doc/EVP_SignInit.pod | 6 ++-- src/lib/libcrypto/doc/EVP_VerifyInit.pod | 4 +-- src/lib/libcrypto/doc/MD5.pod | 2 +- src/lib/libcrypto/doc/OBJ_nid2obj.pod | 8 ++--- src/lib/libcrypto/doc/OPENSSL_config.pod | 2 +- .../libcrypto/doc/OPENSSL_load_builtin_modules.pod | 6 ++-- src/lib/libcrypto/doc/PEM_read_bio_PrivateKey.pod | 6 ++-- src/lib/libcrypto/doc/PKCS12_create.pod | 2 +- src/lib/libcrypto/doc/PKCS7_encrypt.pod | 4 +-- src/lib/libcrypto/doc/PKCS7_sign.pod | 2 +- src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod | 4 +-- src/lib/libcrypto/doc/PKCS7_verify.pod | 4 +-- src/lib/libcrypto/doc/RAND.pod | 4 +-- src/lib/libcrypto/doc/RIPEMD160.pod | 2 +- src/lib/libcrypto/doc/RSA_private_encrypt.pod | 2 +- src/lib/libcrypto/doc/RSA_set_method.pod | 2 +- src/lib/libcrypto/doc/RSA_sign.pod | 2 +- src/lib/libcrypto/doc/SHA1.pod | 2 +- .../libcrypto/doc/X509_NAME_ENTRY_get_object.pod | 6 ++-- .../libcrypto/doc/X509_NAME_add_entry_by_txt.pod | 2 +- .../libcrypto/doc/X509_NAME_get_index_by_NID.pod | 2 +- src/lib/libcrypto/doc/X509_NAME_print_ex.pod | 4 +-- .../doc/X509_STORE_CTX_get_ex_new_index.pod | 2 +- src/lib/libcrypto/doc/X509_STORE_CTX_new.pod | 2 +- .../libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod | 2 +- .../doc/X509_STORE_set_verify_cb_func.pod | 6 ++-- .../libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod | 20 +++++------ src/lib/libcrypto/doc/d2i_DSAPublicKey.pod | 2 +- src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | 4 +-- src/lib/libcrypto/doc/d2i_X509.pod | 14 ++++---- src/lib/libcrypto/doc/dh.pod | 2 +- src/lib/libcrypto/doc/evp.pod | 2 +- src/lib/libcrypto/doc/rsa.pod | 4 +-- 55 files changed, 143 insertions(+), 143 deletions(-) (limited to 'src/lib/libcrypto') diff --git a/src/lib/libcrypto/doc/DES_set_key.pod b/src/lib/libcrypto/doc/DES_set_key.pod index 6f0cf1cc5e..b49545877a 100644 --- a/src/lib/libcrypto/doc/DES_set_key.pod +++ b/src/lib/libcrypto/doc/DES_set_key.pod @@ -28,16 +28,16 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption void DES_set_odd_parity(DES_cblock *key); int DES_is_weak_key(const_DES_cblock *key); - void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, + void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int enc); - void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, + void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1, DES_key_schedule *ks2, int enc); - void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks1, DES_key_schedule *ks2, + void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, + DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, int enc); - void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc); void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, long length, DES_key_schedule *schedule, @@ -45,8 +45,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits, long length, DES_key_schedule *schedule, DES_cblock *ivec); - void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc); void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *schedule, DES_cblock *ivec, @@ -55,8 +55,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption long length, DES_key_schedule *schedule, DES_cblock *ivec, int *num); - void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, const_DES_cblock *inw, const_DES_cblock *outw, int enc); void DES_ede2_cbc_encrypt(const unsigned char *input, @@ -73,22 +73,22 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption unsigned char *output, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int enc); - void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, + void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, + long length, DES_key_schedule *ks1, DES_key_schedule *ks2, + DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, int enc); - void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, + void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc); - void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, + void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, DES_key_schedule *ks1, + DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int *num); - DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, - long length, DES_key_schedule *schedule, + DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, + long length, DES_key_schedule *schedule, const_DES_cblock *ivec); - DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], + DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], long length, int out_count, DES_cblock *seed); void DES_string_to_key(const char *str, DES_cblock *key); void DES_string_to_2keys(const char *str, DES_cblock *key1, diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod index 9081e9ea7c..862aa0c39a 100644 --- a/src/lib/libcrypto/doc/DH_generate_parameters.pod +++ b/src/lib/libcrypto/doc/DH_generate_parameters.pod @@ -21,7 +21,7 @@ allocated B structure. The pseudo-random number generator must be seeded prior to calling DH_generate_parameters(). B is the length in bits of the safe prime to be generated. -B is a small number E 1, typically 2 or 5. +B is a small number E 1, typically 2 or 5. A callback function may be used to provide feedback about the progress of the key generation. If B is not B, it will be diff --git a/src/lib/libcrypto/doc/DSA_set_method.pod b/src/lib/libcrypto/doc/DSA_set_method.pod index 9c1434bd8d..5ad7362f58 100644 --- a/src/lib/libcrypto/doc/DSA_set_method.pod +++ b/src/lib/libcrypto/doc/DSA_set_method.pod @@ -37,7 +37,7 @@ been set as a default for DSA, so this function is no longer recommended. DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on -whether the ENGINE API is being used, so this function is no longer +whether the ENGINE API is being used, so this function is no longer recommended. DSA_set_method() selects B to perform all operations using the key diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod index 828ecf529b..1a765f7aff 100644 --- a/src/lib/libcrypto/doc/ERR_get_error.pod +++ b/src/lib/libcrypto/doc/ERR_get_error.pod @@ -52,7 +52,7 @@ ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_get_last_error_line_data() store additional data and flags associated with the error code in *B and *B, unless these are B. *B contains a string -if *B&B is true. +if *B&B is true. An application B free the *B pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod index 367691cc7a..dcc5d73f69 100644 --- a/src/lib/libcrypto/doc/EVP_DigestInit.pod +++ b/src/lib/libcrypto/doc/EVP_DigestInit.pod @@ -26,18 +26,18 @@ EVP digest routines int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); - int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); + int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); - int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); + int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); #define EVP_MAX_MD_SIZE 64 /* SHA512 */ int EVP_MD_type(const EVP_MD *md); - int EVP_MD_pkey_type(const EVP_MD *md); + int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); @@ -136,10 +136,10 @@ reasons. EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 -and RIPEMD160 digest algorithms respectively. +and RIPEMD160 digest algorithms respectively. EVP_dss() and EVP_dss1() return B structures for SHA and SHA1 digest -algorithms but using DSS (DSA) for the signature algorithm. Note: there is +algorithms but using DSS (DSA) for the signature algorithm. Note: there is no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are however retained for compatibility. @@ -178,21 +178,21 @@ The B interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible. -New applications should use the SHA2 digest algorithms such as SHA256. +New applications should use the SHA2 digest algorithms such as SHA256. The other digest algorithms are still in common use. For most applications the B parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation. -The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are +The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New -applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and +applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified. In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use -memory leaks will occur. +memory leaks will occur. Stack allocation of EVP_MD_CTX structures is common, for example: diff --git a/src/lib/libcrypto/doc/EVP_DigestSignInit.pod b/src/lib/libcrypto/doc/EVP_DigestSignInit.pod index 37d960e3b2..11e8f6f937 100644 --- a/src/lib/libcrypto/doc/EVP_DigestSignInit.pod +++ b/src/lib/libcrypto/doc/EVP_DigestSignInit.pod @@ -56,7 +56,7 @@ needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged. For some key types and parameters the random number generator must be seeded -or the operation will fail. +or the operation will fail. The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and @@ -81,7 +81,7 @@ L, L =head1 HISTORY -EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() +EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were first added to OpenSSL 1.0.0. =cut diff --git a/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod b/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod index f224488978..819e0d4b9f 100644 --- a/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod +++ b/src/lib/libcrypto/doc/EVP_DigestVerifyInit.pod @@ -56,7 +56,7 @@ needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged. For some key types and parameters the random number generator must be seeded -or the operation will fail. +or the operation will fail. The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can @@ -76,7 +76,7 @@ L, L =head1 HISTORY -EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() +EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were first added to OpenSSL 1.0.0. =cut diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod index 1c4bf184a1..84875e0fe0 100644 --- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod +++ b/src/lib/libcrypto/doc/EVP_EncryptInit.pod @@ -128,7 +128,7 @@ calls to EVP_EncryptUpdate() should be made. If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: -that is if the total data length is not a multiple of the block size. +that is if the total data length is not a multiple of the block size. EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an @@ -157,7 +157,7 @@ initialized and they always use the default cipher implementation. EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a similar way to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and -EVP_CipherFinal_ex() except B is automatically cleaned up +EVP_CipherFinal_ex() except B is automatically cleaned up after the call. EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() @@ -268,7 +268,7 @@ OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER. EVP_CIPHER_CTX_cipher() returns an B structure. -EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for +EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for success or zero for failure. =head1 CIPHER LISTING @@ -283,7 +283,7 @@ Null cipher: does nothing. =item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void) -DES in CBC, ECB, CFB and OFB modes respectively. +DES in CBC, ECB, CFB and OFB modes respectively. =item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void) @@ -346,7 +346,7 @@ Where possible the B interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. -PKCS padding works by adding B padding bytes of value B to make the total +PKCS padding works by adding B padding bytes of value B to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size B will equal the block size. For example if the block size is 8 and 11 bytes are to be @@ -376,7 +376,7 @@ a limitation of the current RC5 code rather than the EVP interface. EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are -unpredictable. This is because it has become standard practice to define a +unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes. The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested @@ -449,7 +449,7 @@ Encrypt a string using blowfish: The ciphertext from the above example can be decrypted using the B utility with the command line: - + S General encryption, decryption function example using FILE I/O and RC2 with an @@ -472,7 +472,7 @@ General encryption, decryption function example using FILE I/O and RC2 with an /* We finished modifying parameters so now we can set key and IV */ EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt); - for(;;) + for(;;) { inlen = fread(inbuf, 1, 1024, in); if(inlen <= 0) break; diff --git a/src/lib/libcrypto/doc/EVP_OpenInit.pod b/src/lib/libcrypto/doc/EVP_OpenInit.pod index 2e710da945..1aa2a9cd6e 100644 --- a/src/lib/libcrypto/doc/EVP_OpenInit.pod +++ b/src/lib/libcrypto/doc/EVP_OpenInit.pod @@ -27,7 +27,7 @@ B bytes passed in the B parameter using the private key B. The IV is supplied in the B parameter. EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties -as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as +as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as documented on the L manual page. diff --git a/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod b/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod index 13b91f1e6e..e8d1ddda75 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_CTX_ctrl.pod @@ -62,7 +62,7 @@ The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B. The B parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding, RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding, RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only), -RSA_X931_PADDING for X9.31 padding (signature operations only) and +RSA_X931_PADDING for X9.31 padding (signature operations only) and RSA_PKCS1_PSS_PADDING (sign and verify only). Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() @@ -87,7 +87,7 @@ RSA key genration to B. If not specified 1024 bits is used. The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to B currently it should be an odd integer. The -B pointer is used internally by this function so it should not be +B pointer is used internally by this function so it should not be modified or free after the call. If this macro is not called then 65537 is used. The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used @@ -118,8 +118,8 @@ L, L, L, L, -L -L +L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod b/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod index 4f8185e36c..4145245299 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_cmp.pod @@ -56,6 +56,6 @@ keys match, 0 if they don't match, -1 if the key types are different and =head1 SEE ALSO L, -L +L =cut diff --git a/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod b/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod index 847983237b..197878eff7 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_decrypt.pod @@ -50,7 +50,7 @@ Decrypt data using OAEP (for RSA keys): EVP_PKEY_CTX *ctx; unsigned char *out, *in; - size_t outlen, inlen; + size_t outlen, inlen; EVP_PKEY *key; /* NB: assumes key in, inlen are already set up * and that key is an RSA private key @@ -71,7 +71,7 @@ Decrypt data using OAEP (for RSA keys): if (!out) /* malloc failure */ - + if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0) /* Error */ @@ -84,7 +84,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_derive.pod b/src/lib/libcrypto/doc/EVP_PKEY_derive.pod index 27464be571..de877ead1a 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_derive.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_derive.pod @@ -71,7 +71,7 @@ Derive shared secret (for example DH or EC keys): if (!skey) /* malloc failure */ - + if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0) /* Error */ diff --git a/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod b/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod index e495a81242..f7969c296f 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_encrypt.pod @@ -50,7 +50,7 @@ Encrypt data using OAEP (for RSA keys): EVP_PKEY_CTX *ctx; unsigned char *out, *in; - size_t outlen, inlen; + size_t outlen, inlen; EVP_PKEY *key; /* NB: assumes key in, inlen are already set up * and that key is an RSA public key @@ -71,7 +71,7 @@ Encrypt data using OAEP (for RSA keys): if (!out) /* malloc failure */ - + if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) /* Error */ @@ -84,7 +84,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod b/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod index fd431ace6d..b6102da036 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_keygen.pod @@ -28,7 +28,7 @@ EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key B for a key genration operation. -The EVP_PKEY_keygen() function performs a key generation operation, the +The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to B. The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar @@ -152,7 +152,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_new.pod b/src/lib/libcrypto/doc/EVP_PKEY_new.pod index 10687e458d..11512249e4 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_new.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_new.pod @@ -14,7 +14,7 @@ EVP_PKEY_new, EVP_PKEY_free - private key allocation functions. =head1 DESCRIPTION -The EVP_PKEY_new() function allocates an empty B +The EVP_PKEY_new() function allocates an empty B structure which is used by OpenSSL to store private keys. EVP_PKEY_free() frees up the private key B. diff --git a/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod b/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod index ce9d70d7a7..c9b7a89821 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_print_private.pod @@ -28,7 +28,7 @@ be used. =head1 NOTES -Currently no public key algorithms include any options in the B parameter +Currently no public key algorithms include any options in the B parameter parameter. If the key does not include all the components indicated by the function then @@ -44,7 +44,7 @@ the public key algorithm. =head1 SEE ALSO L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_set1_RSA.pod b/src/lib/libcrypto/doc/EVP_PKEY_set1_RSA.pod index 2db692e271..8afb1b22e1 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_set1_RSA.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_set1_RSA.pod @@ -63,7 +63,7 @@ EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure. EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and -EVP_PKEY_get1_EC_KEY() return the referenced key or B if +EVP_PKEY_get1_EC_KEY() return the referenced key or B if an error occurred. EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH() diff --git a/src/lib/libcrypto/doc/EVP_PKEY_sign.pod b/src/lib/libcrypto/doc/EVP_PKEY_sign.pod index a044f2c131..fb8e61cf29 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_sign.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_sign.pod @@ -50,7 +50,7 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest: EVP_PKEY_CTX *ctx; unsigned char *md, *sig; - size_t mdlen, siglen; + size_t mdlen, siglen; EVP_PKEY *signing_key; /* NB: assumes signing_key, md and mdlen are already set up * and that signing_key is an RSA private key @@ -73,7 +73,7 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest: if (!sig) /* malloc failure */ - + if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0) /* Error */ @@ -87,7 +87,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_verify.pod b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod index 90612ba2f0..f7ae4f9ebe 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_verify.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_verify.pod @@ -53,7 +53,7 @@ Verify signature using PKCS#1 and SHA256 digest: EVP_PKEY_CTX *ctx; unsigned char *md, *sig; - size_t mdlen, siglen; + size_t mdlen, siglen; EVP_PKEY *verify_key; /* NB: assumes verify_key, sig, siglen md and mdlen are already set up * and that verify_key is an RSA public key @@ -82,7 +82,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_PKEY_verify_recover.pod b/src/lib/libcrypto/doc/EVP_PKEY_verify_recover.pod index 23a28a9c43..00d53db783 100644 --- a/src/lib/libcrypto/doc/EVP_PKEY_verify_recover.pod +++ b/src/lib/libcrypto/doc/EVP_PKEY_verify_recover.pod @@ -29,7 +29,7 @@ B and the amount of data written to B. =head1 NOTES Normally an application is only interested in whether a signature verification -operation is successful in those cases the EVP_verify() function should be +operation is successful in those cases the EVP_verify() function should be used. Sometimes however it is useful to obtain the data originally signed using a @@ -58,7 +58,7 @@ Recover digest originally signed using PKCS#1 and SHA256 digest: EVP_PKEY_CTX *ctx; unsigned char *rout, *sig; - size_t routlen, siglen; + size_t routlen, siglen; EVP_PKEY *verify_key; /* NB: assumes verify_key, sig and siglen are already set up * and that verify_key is an RSA public key @@ -81,7 +81,7 @@ Recover digest originally signed using PKCS#1 and SHA256 digest: if (!rout) /* malloc failure */ - + if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0) /* Error */ @@ -94,7 +94,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod index 7d793e19ef..172f210c64 100644 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ b/src/lib/libcrypto/doc/EVP_SealInit.pod @@ -42,9 +42,9 @@ If the cipher does not require an IV then the B parameter is ignored and can be B. EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties -as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as +as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the L manual -page. +page. =head1 RETURN VALUES diff --git a/src/lib/libcrypto/doc/EVP_SignInit.pod b/src/lib/libcrypto/doc/EVP_SignInit.pod index 620a623ab6..682724b157 100644 --- a/src/lib/libcrypto/doc/EVP_SignInit.pod +++ b/src/lib/libcrypto/doc/EVP_SignInit.pod @@ -32,7 +32,7 @@ same B to include additional data. EVP_SignFinal() signs the data in B using the private key B and places the signature in B. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at B, at most -EVP_PKEY_size(pkey) bytes will be written. +EVP_PKEY_size(pkey) bytes will be written. EVP_SignInit() initializes a signing context B to use the default implementation of digest B. @@ -57,7 +57,7 @@ transparent to the algorithm used and much more flexible. Due to the link between message digests and public key algorithms the correct digest algorithm must be used with the correct public key type. A list of -algorithms and associated public key algorithms appears in +algorithms and associated public key algorithms appears in L. When signing with DSA private keys the random number generator must be seeded @@ -74,7 +74,7 @@ will occur. =head1 BUGS -Older versions of this documentation wrongly stated that calls to +Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal(). Since the private key is passed in the call to EVP_SignFinal() any error diff --git a/src/lib/libcrypto/doc/EVP_VerifyInit.pod b/src/lib/libcrypto/doc/EVP_VerifyInit.pod index 9097f09410..0ffb0a8077 100644 --- a/src/lib/libcrypto/doc/EVP_VerifyInit.pod +++ b/src/lib/libcrypto/doc/EVP_VerifyInit.pod @@ -51,7 +51,7 @@ transparent to the algorithm used and much more flexible. Due to the link between message digests and public key algorithms the correct digest algorithm must be used with the correct public key type. A list of -algorithms and associated public key algorithms appears in +algorithms and associated public key algorithms appears in L. The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. @@ -64,7 +64,7 @@ will occur. =head1 BUGS -Older versions of this documentation wrongly stated that calls to +Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal(). Since the public key is passed in the call to EVP_SignFinal() any error diff --git a/src/lib/libcrypto/doc/MD5.pod b/src/lib/libcrypto/doc/MD5.pod index d11d5c32cb..b0edd5416f 100644 --- a/src/lib/libcrypto/doc/MD5.pod +++ b/src/lib/libcrypto/doc/MD5.pod @@ -75,7 +75,7 @@ preferred. =head1 RETURN VALUES -MD2(), MD4(), and MD5() return pointers to the hash value. +MD2(), MD4(), and MD5() return pointers to the hash value. MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for diff --git a/src/lib/libcrypto/doc/OBJ_nid2obj.pod b/src/lib/libcrypto/doc/OBJ_nid2obj.pod index 1e45dd40f6..458ef025f0 100644 --- a/src/lib/libcrypto/doc/OBJ_nid2obj.pod +++ b/src/lib/libcrypto/doc/OBJ_nid2obj.pod @@ -34,7 +34,7 @@ functions The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. -OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B to +OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B to an ASN1_OBJECT structure, its long name and its short name respectively, or B is an error occurred. @@ -62,7 +62,7 @@ OBJ_cmp() compares B to B. If the two are identical 0 is returned. OBJ_dup() returns a copy of B. -OBJ_create() adds a new object to the internal table. B is the +OBJ_create() adds a new object to the internal table. B is the numerical form of the object, B the short name and B the long name. A new NID is returned for the created object. @@ -115,14 +115,14 @@ Create a new NID and initialize an object from it: new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier"); obj = OBJ_nid2obj(new_nid); - + Create a new object directly: obj = OBJ_txt2obj("1.2.3.4", 1); =head1 BUGS -OBJ_obj2txt() is awkward and messy to use: it doesn't follow the +OBJ_obj2txt() is awkward and messy to use: it doesn't follow the convention of other OpenSSL functions where the buffer can be set to B to determine the amount of data that should be written. Instead B must point to a valid buffer and B should diff --git a/src/lib/libcrypto/doc/OPENSSL_config.pod b/src/lib/libcrypto/doc/OPENSSL_config.pod index e7bba2aaca..552ed956ab 100644 --- a/src/lib/libcrypto/doc/OPENSSL_config.pod +++ b/src/lib/libcrypto/doc/OPENSSL_config.pod @@ -37,7 +37,7 @@ can be added without source changes. The environment variable B can be set to specify the location of the configuration file. - + Currently ASN1 OBJECTs and ENGINE configuration can be performed future versions of OpenSSL will add new configuration options. diff --git a/src/lib/libcrypto/doc/OPENSSL_load_builtin_modules.pod b/src/lib/libcrypto/doc/OPENSSL_load_builtin_modules.pod index f14dfaf005..6c99170197 100644 --- a/src/lib/libcrypto/doc/OPENSSL_load_builtin_modules.pod +++ b/src/lib/libcrypto/doc/OPENSSL_load_builtin_modules.pod @@ -24,15 +24,15 @@ ENGINE_add_conf_module() adds just the ENGINE configuration module. =head1 NOTES -If the simple configuration function OPENSSL_config() is called then +If the simple configuration function OPENSSL_config() is called then OPENSSL_load_builtin_modules() is called automatically. Applications which use the configuration functions directly will need to -call OPENSSL_load_builtin_modules() themselves I any other +call OPENSSL_load_builtin_modules() themselves I any other configuration code. Applications should call OPENSSL_load_builtin_modules() to load all -configuration modules instead of adding modules selectively: otherwise +configuration modules instead of adding modules selectively: otherwise functionality may be missing from the application if an when new modules are added. diff --git a/src/lib/libcrypto/doc/PEM_read_bio_PrivateKey.pod b/src/lib/libcrypto/doc/PEM_read_bio_PrivateKey.pod index 54414a3f6f..e196bf1498 100644 --- a/src/lib/libcrypto/doc/PEM_read_bio_PrivateKey.pod +++ b/src/lib/libcrypto/doc/PEM_read_bio_PrivateKey.pod @@ -250,7 +250,7 @@ structure. They will also process a trusted X509 certificate but any trust settings are discarded. The B functions process a trusted X509 certificate using -an X509 structure. +an X509 structure. The B and B functions process a PKCS#10 certificate request using an X509_REQ structure. The B @@ -435,7 +435,7 @@ which is an uninitialised pointer. This old B routines use a non standard technique for encryption. -The private key (or other data) takes the following form: +The private key (or other data) takes the following form: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED @@ -461,7 +461,7 @@ an existing structure. Therefore the following: PEM_read_bio_X509(bp, &x, 0, NULL); -where B already contains a valid certificate, may not work, whereas: +where B already contains a valid certificate, may not work, whereas: X509_free(x); x = PEM_read_bio_X509(bp, NULL, 0, NULL); diff --git a/src/lib/libcrypto/doc/PKCS12_create.pod b/src/lib/libcrypto/doc/PKCS12_create.pod index de7cab2bdf..0a1e460cf1 100644 --- a/src/lib/libcrypto/doc/PKCS12_create.pod +++ b/src/lib/libcrypto/doc/PKCS12_create.pod @@ -60,7 +60,7 @@ certficate is required. In previous versions both had to be present or a fatal error is returned. B or B can be set to -1 indicating that no encryption -should be used. +should be used. B can be set to -1 and the MAC will then be omitted entirely. diff --git a/src/lib/libcrypto/doc/PKCS7_encrypt.pod b/src/lib/libcrypto/doc/PKCS7_encrypt.pod index 2cd925a7e0..e206684384 100644 --- a/src/lib/libcrypto/doc/PKCS7_encrypt.pod +++ b/src/lib/libcrypto/doc/PKCS7_encrypt.pod @@ -30,7 +30,7 @@ bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively. The algorithm passed in the B parameter must support ASN1 encoding of -its parameters. +its parameters. Many browsers implement a "sign and encrypt" option which is simply an S/MIME envelopedData containing an S/MIME signed message. This can be readily produced @@ -55,7 +55,7 @@ suitable for streaming I/O: no data is read from the BIO B. If the flag B is set the returned B structure is B complete and outputting its contents via a function that does not -properly finalize the B structure will give unpredictable +properly finalize the B structure will give unpredictable results. Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(), diff --git a/src/lib/libcrypto/doc/PKCS7_sign.pod b/src/lib/libcrypto/doc/PKCS7_sign.pod index 64a35144f8..9a4f5b173e 100644 --- a/src/lib/libcrypto/doc/PKCS7_sign.pod +++ b/src/lib/libcrypto/doc/PKCS7_sign.pod @@ -15,7 +15,7 @@ PKCS7_sign - create a PKCS#7 signedData structure PKCS7_sign() creates and returns a PKCS#7 signedData structure. B is the certificate to sign with, B is the corresponsding private key. B is an optional additional set of certificates to include in the PKCS#7 -structure (for example any intermediate CAs in the chain). +structure (for example any intermediate CAs in the chain). The data to be signed is read from BIO B. diff --git a/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod b/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod index ebec4d57de..afe8ad97cd 100644 --- a/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod +++ b/src/lib/libcrypto/doc/PKCS7_sign_add_signer.pod @@ -44,7 +44,7 @@ digest value from the PKCS7 struture: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The returned PKCS7 structure will be valid and finalized when this flag is set. -If B is set in addition to B then the +If B is set in addition to B then the B structure will not be finalized so additional attributes can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is needed to finalize it. @@ -67,7 +67,7 @@ these algorithms is disabled then it will not be included. PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO -structure just added, this can be used to set additional attributes +structure just added, this can be used to set additional attributes before it is finalized. =head1 RETURN VALUES diff --git a/src/lib/libcrypto/doc/PKCS7_verify.pod b/src/lib/libcrypto/doc/PKCS7_verify.pod index 7c10a4cc3c..51ada03f2d 100644 --- a/src/lib/libcrypto/doc/PKCS7_verify.pod +++ b/src/lib/libcrypto/doc/PKCS7_verify.pod @@ -54,7 +54,7 @@ Any of the following flags (ored together) can be passed in the B paramet to change the default verify behaviour. Only the flag B is meaningful to PKCS7_get0_signers(). -If B is set the certificates in the message itself are not +If B is set the certificates in the message itself are not searched when locating the signer's certificate. This means that all the signers certificates must be in the B parameter. @@ -79,7 +79,7 @@ certificates supplied in B then the verify will fail because the signer cannot be found. Care should be taken when modifying the default verify behaviour, for example -setting B will totally disable all verification +setting B will totally disable all verification and any signed message will be considered valid. This combination is however useful if one merely wishes to write the content to B and its validity is not considered important. diff --git a/src/lib/libcrypto/doc/RAND.pod b/src/lib/libcrypto/doc/RAND.pod index e460c1653e..8f803f33eb 100644 --- a/src/lib/libcrypto/doc/RAND.pod +++ b/src/lib/libcrypto/doc/RAND.pod @@ -54,7 +54,7 @@ described in L. Its state can be saved in a seed file seeding process whenever the application is started. L describes how to obtain random data from the -PRNG. +PRNG. =head1 INTERNALS @@ -67,6 +67,6 @@ L, L, L, L, L, -L +L =cut diff --git a/src/lib/libcrypto/doc/RIPEMD160.pod b/src/lib/libcrypto/doc/RIPEMD160.pod index 264bb99ae7..f66fb02ed2 100644 --- a/src/lib/libcrypto/doc/RIPEMD160.pod +++ b/src/lib/libcrypto/doc/RIPEMD160.pod @@ -45,7 +45,7 @@ hash functions directly. =head1 RETURN VALUES -RIPEMD160() returns a pointer to the hash value. +RIPEMD160() returns a pointer to the hash value. RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for success, 0 otherwise. diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod index 746a80c79e..4c4d131172 100644 --- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod +++ b/src/lib/libcrypto/doc/RSA_private_encrypt.pod @@ -11,7 +11,7 @@ RSA_private_encrypt, RSA_public_decrypt - low level signature operations int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); - int RSA_public_decrypt(int flen, unsigned char *from, + int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); =head1 DESCRIPTION diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod index 2c963d7e5b..eb0913c106 100644 --- a/src/lib/libcrypto/doc/RSA_set_method.pod +++ b/src/lib/libcrypto/doc/RSA_set_method.pod @@ -43,7 +43,7 @@ been set as a default for RSA, so this function is no longer recommended. RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on -whether the ENGINE API is being used, so this function is no longer +whether the ENGINE API is being used, so this function is no longer recommended. RSA_set_method() selects B to perform all operations using the key diff --git a/src/lib/libcrypto/doc/RSA_sign.pod b/src/lib/libcrypto/doc/RSA_sign.pod index 8553be8e99..061c0e2437 100644 --- a/src/lib/libcrypto/doc/RSA_sign.pod +++ b/src/lib/libcrypto/doc/RSA_sign.pod @@ -52,7 +52,7 @@ SSL, PKCS #1 v2.0 L, L, L, L, -L +L =head1 HISTORY diff --git a/src/lib/libcrypto/doc/SHA1.pod b/src/lib/libcrypto/doc/SHA1.pod index 94ab7bc724..232af9227e 100644 --- a/src/lib/libcrypto/doc/SHA1.pod +++ b/src/lib/libcrypto/doc/SHA1.pod @@ -46,7 +46,7 @@ used only when backward compatibility is required. =head1 RETURN VALUES -SHA1() returns a pointer to the hash value. +SHA1() returns a pointer to the hash value. SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise. diff --git a/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod b/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod index 41902c0d45..ad0d796535 100644 --- a/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod +++ b/src/lib/libcrypto/doc/X509_NAME_ENTRY_get_object.pod @@ -35,17 +35,17 @@ X509_NAME_ENTRY_set_data() sets the field value of B to string type B and value determined by B and B. X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() -and X509_NAME_ENTRY_create_by_OBJ() create and return an +and X509_NAME_ENTRY_create_by_OBJ() create and return an B structure. =head1 NOTES X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be -used to examine an B function as returned by +used to examine an B function as returned by X509_NAME_get_entry() for example. X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(), -and X509_NAME_ENTRY_create_by_OBJ() create and return an +and X509_NAME_ENTRY_create_by_OBJ() create and return an X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() diff --git a/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod b/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod index 1afd008cb3..5b9e81b922 100644 --- a/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod +++ b/src/lib/libcrypto/doc/X509_NAME_add_entry_by_txt.pod @@ -61,7 +61,7 @@ to 0. This adds a new entry to the end of B as a single valued RelativeDistinguishedName (RDN). B actually determines the index where the new entry is inserted: -if it is -1 it is appended. +if it is -1 it is appended. B determines how the new type is added. If it is zero a new RDN is created. diff --git a/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod b/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod index 3b1f9ff43b..7da92617fb 100644 --- a/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod +++ b/src/lib/libcrypto/doc/X509_NAME_get_index_by_NID.pod @@ -43,7 +43,7 @@ B, if no such entry exists -1 is returned. At most B bytes will be written and the text written to B will be null terminated. The length of the output string written is returned excluding the terminating null. If B is then the amount -of space needed in B (excluding the final null) is returned. +of space needed in B (excluding the final null) is returned. =head1 NOTES diff --git a/src/lib/libcrypto/doc/X509_NAME_print_ex.pod b/src/lib/libcrypto/doc/X509_NAME_print_ex.pod index 2579a5dc9d..b2d86d4ddb 100644 --- a/src/lib/libcrypto/doc/X509_NAME_print_ex.pod +++ b/src/lib/libcrypto/doc/X509_NAME_print_ex.pod @@ -27,7 +27,7 @@ X509_NAME_oneline() prints an ASCII version of B to B. At most B bytes will be written. If B is B then a buffer is dynamically allocated and returned, otherwise B is returned. -X509_NAME_print() prints out B to B indenting each line by B +X509_NAME_print() prints out B to B indenting each line by B characters. Multiple lines are used if the output (including indent) exceeds 80 characters. @@ -76,7 +76,7 @@ printed instead of the values. If B is set then field names are padded to 20 characters: this is only of use for multiline format. -Additionally all the options supported by ASN1_STRING_print_ex() can be used to +Additionally all the options supported by ASN1_STRING_print_ex() can be used to control how each field value is displayed. In addition a number options can be set for commonly used formats. diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod index 8d6b9dda47..1b75967ccd 100644 --- a/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod +++ b/src/lib/libcrypto/doc/X509_STORE_CTX_get_ex_new_index.pod @@ -27,7 +27,7 @@ and RSA_get_ex_data() as described in L. This mechanism is used internally by the B library to store the B structure associated with a verification operation in an B -structure. +structure. =head1 SEE ALSO diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod index b17888f149..1c55236aa2 100644 --- a/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod +++ b/src/lib/libcrypto/doc/X509_STORE_CTX_new.pod @@ -45,7 +45,7 @@ will be untrusted but may be used to build the chain) in B. Any or all of the B, B and B parameters can be B. X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B -to B. This is an alternative way of specifying trusted certificates +to B. This is an alternative way of specifying trusted certificates instead of using an B. X509_STORE_CTX_set_cert() sets the certificate to be vertified in B to diff --git a/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod b/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod index b9787a6ca6..86d988eee0 100644 --- a/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod +++ b/src/lib/libcrypto/doc/X509_STORE_CTX_set_verify_cb.pod @@ -94,7 +94,7 @@ expired just one specific case: Full featured logging callback. In this case the B is assumed to be a global logging B, an alternative would to store a BIO in B using B. - + int verify_callback(int ok, X509_STORE_CTX *ctx) { X509 *err_cert; diff --git a/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod b/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod index 29e3bbe3bc..012f2d2c75 100644 --- a/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod +++ b/src/lib/libcrypto/doc/X509_STORE_set_verify_cb_func.pod @@ -24,14 +24,14 @@ is implemented as a macro. =head1 NOTES -The verification callback from an B is inherited by +The verification callback from an B is inherited by the corresponding B structure when it is initialized. This can -be used to set the verification callback when the B is +be used to set the verification callback when the B is otherwise inaccessible (for example during S/MIME verification). =head1 BUGS -The macro version of this function was the only one available before +The macro version of this function was the only one available before OpenSSL 1.0.0. =head1 RETURN VALUES diff --git a/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod b/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod index 46cac2bea2..e5da5bec08 100644 --- a/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod +++ b/src/lib/libcrypto/doc/X509_VERIFY_PARAM_set_flags.pod @@ -2,7 +2,7 @@ =head1 NAME -X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters +X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters =head1 SYNOPSIS @@ -20,7 +20,7 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy); - int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, + int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies); void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); @@ -29,7 +29,7 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge =head1 DESCRIPTION These functions manipulate the B structure associated with -a certificate verification operation. +a certificate verification operation. The X509_VERIFY_PARAM_set_flags() function sets the flags in B by oring it with B. See the B section for a complete @@ -43,7 +43,7 @@ X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B to B. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server. -X509_VERIFY_PARAM_set_trust() sets the trust setting in B to +X509_VERIFY_PARAM_set_trust() sets the trust setting in B to B. X509_VERIFY_PARAM_set_time() sets the verification time in B to @@ -63,10 +63,10 @@ chain. =head1 RETURN VALUES -X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), +X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1 -for success and 0 for failure. +for success and 0 for failure. X509_VERIFY_PARAM_get_flags() returns the current verification flags. @@ -81,7 +81,7 @@ The verification flags consists of zero or more of the following flags ored together. B enables CRL checking for the certificate chain leaf -certificate. An error occurs if a suitable CRL cannot be found. +certificate. An error occurs if a suitable CRL cannot be found. B enables CRL checking for the entire certificate chain. @@ -99,7 +99,7 @@ certificates and makes the verification strictly apply B rules. B enables proxy certificate verification. B enables certificate policy checking, by default -no policy checking is peformed. Additional information is sent to the +no policy checking is peformed. Additional information is sent to the verification callback relating to policy checking. B, B and @@ -142,7 +142,7 @@ X509_STORE_CTX_set_flags(). =head1 BUGS Delta CRL checking is currently primitive. Only a single delta can be used and -(partly due to limitations of B) constructed CRLs are not +(partly due to limitations of B) constructed CRLs are not maintained. If CRLs checking is enable CRLs are expected to be available in the @@ -151,7 +151,7 @@ CRLs from the CRL distribution points extension. =head1 EXAMPLE -Enable CRL checking when performing certificate verification during SSL +Enable CRL checking when performing certificate verification during SSL connections associated with an B structure B: X509_VERIFY_PARAM *param; diff --git a/src/lib/libcrypto/doc/d2i_DSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_DSAPublicKey.pod index 22c1b50f22..c80e311d04 100644 --- a/src/lib/libcrypto/doc/d2i_DSAPublicKey.pod +++ b/src/lib/libcrypto/doc/d2i_DSAPublicKey.pod @@ -56,7 +56,7 @@ i2d_X509() described in the L manual page. The B structure passed to the private key encoding functions should have all the private key components present. -The data encoded by the private key functions is unencrypted and therefore +The data encoded by the private key functions is unencrypted and therefore offers no private key security. The B functions should be used in preference to the B diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod index aa6078bcf6..1711dc038f 100644 --- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod +++ b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod @@ -49,8 +49,8 @@ i2d_X509() described in the L manual page. The B structure passed to the private key encoding functions should have all the PKCS#1 private key components present. -The data encoded by the private key functions is unencrypted and therefore -offers no private key security. +The data encoded by the private key functions is unencrypted and therefore +offers no private key security. The NET format functions are present to provide compatibility with certain very old software. This format has some severe security weaknesses and should be diff --git a/src/lib/libcrypto/doc/d2i_X509.pod b/src/lib/libcrypto/doc/d2i_X509.pod index 298ec54a4c..e212014ac8 100644 --- a/src/lib/libcrypto/doc/d2i_X509.pod +++ b/src/lib/libcrypto/doc/d2i_X509.pod @@ -23,7 +23,7 @@ i2d_X509_fp - X509 encode and decode functions The X509 encode and decode routines encode and parse an B structure, which represents an X509 certificate. -d2i_X509() attempts to decode B bytes at B<*in>. If +d2i_X509() attempts to decode B bytes at B<*in>. If successful a pointer to the B structure is returned. If an error occurred then B is returned. If B is not B then the returned structure is written to B<*px>. If B<*px> is not B @@ -36,7 +36,7 @@ i2d_X509() encodes the structure pointed to by B into DER format. If B is not B is writes the DER encoded data to the buffer at B<*out>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it -returns the length of the encoded data. +returns the length of the encoded data. For OpenSSL 0.9.7 and later if B<*out> is B memory will be allocated for a buffer and the encoded data written to it. In this @@ -194,7 +194,7 @@ happen. =head1 BUGS -In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when +In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when B<*px> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this "reuse" behaviour is strongly discouraged. @@ -210,14 +210,14 @@ always succeed. d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B structure or B if an error occurs. The error code that can be obtained by -L. +L. i2d_X509() returns the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by -L. +L. -i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error -occurs The error code can be obtained by L. +i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error +occurs The error code can be obtained by L. =head1 SEE ALSO diff --git a/src/lib/libcrypto/doc/dh.pod b/src/lib/libcrypto/doc/dh.pod index c3ccd06207..97aaa75731 100644 --- a/src/lib/libcrypto/doc/dh.pod +++ b/src/lib/libcrypto/doc/dh.pod @@ -73,6 +73,6 @@ L, L, L, L, L, L, -L +L =cut diff --git a/src/lib/libcrypto/doc/evp.pod b/src/lib/libcrypto/doc/evp.pod index 9faa349243..33ce7cb6d6 100644 --- a/src/lib/libcrypto/doc/evp.pod +++ b/src/lib/libcrypto/doc/evp.pod @@ -37,7 +37,7 @@ implementations. For more information, consult the engine(3) man page. Although low level algorithm specific functions exist for many algorithms their use is discouraged. They cannot be used with an ENGINE and ENGINE versions of new algorithms cannot be accessed using the low level functions. -Also makes code harder to adapt to new algorithms and some options are not +Also makes code harder to adapt to new algorithms and some options are not cleanly supported at the low level and some operations are more efficient using the high level interface. diff --git a/src/lib/libcrypto/doc/rsa.pod b/src/lib/libcrypto/doc/rsa.pod index 45ac53ffc1..829ce24701 100644 --- a/src/lib/libcrypto/doc/rsa.pod +++ b/src/lib/libcrypto/doc/rsa.pod @@ -18,7 +18,7 @@ rsa - RSA public key cryptosystem unsigned char *to, RSA *rsa, int padding); int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa,int padding); - int RSA_public_decrypt(int flen, unsigned char *from, + int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa,int padding); int RSA_sign(int type, unsigned char *m, unsigned int m_len, @@ -118,6 +118,6 @@ L, L, L, L, L, -L +L =cut -- cgit v1.2.3-55-g6feb