/openssl/doc/man3/ |
H A D | OSSL_CRMF_MSG_get0_tmpl.pod | 46 OSSL_CRMF_MSG_get0_tmpl() retrieves the certificate template of I<crm>. 49 given certificate template I<tmpl>. 52 given certificate template I<tmpl>. 55 given certificate template I<tmpl>. 58 given certificate template I<tmpl>. 61 of the given certificate template I<tmpl>, or NULL if not present. 64 of the given CertId I<cid>. 67 of the given CertId I<cid>, which must be of ASN.1 type GEN_DIRNAME. 70 encryptedValue I<ecert>, using the private key I<pkey>, library context 71 I<libctx> and property query string I<propq> (see L<OSSL_LIB_CTX(3)>). [all …]
|
H A D | EVP_PKEY_CTX_new.pod | 29 the I<pkey> key type and ENGINE I<e>. 32 using the key type specified by I<id> and ENGINE I<e>. 36 key type specified by I<name> and the property query I<propquery>. None 43 algorithm specified by I<pkey> and the property query I<propquery>. None of the 55 EVP_PKEY_CTX_free() frees up the context I<ctx>. 56 If I<ctx> is NULL, nothing is done. 58 EVP_PKEY_is_a() checks if the key type associated with I<ctx> is I<keytype>. 73 interchangeably. There are algorithms where the I<key type> and the 74 I<algorithm> of the operations that use the keys are not the same, 83 This is the I<id> used with EVP_PKEY_CTX_new_id(). [all …]
|
H A D | BN_rand.pod | 40 number of I<bits> in length and security strength at least I<strength> bits 42 I<ctx>. The function stores the generated data in I<rnd>. The parameter I<ctx> 44 If I<bits> is less than zero, or too small to 45 accommodate the requirements specified by the I<top> and I<bottom> 47 The I<top> parameters specifies 53 numbers will always have 2*I<bits> length. 54 If I<bottom> is B<BN_RAND_BOTTOM_ODD>, the number will be odd; if it 56 If I<bits> is 1 then I<top> cannot also be B<BN_RAND_TOP_TWO>. 62 number I<rnd>, of security strength at least I<strength> bits, 63 in the range 0 E<lt>= I<rnd> E<lt> I<range> using the random number [all …]
|
H A D | DES_random_key.pod | 139 I<DES_cblock>s. 142 decrypts a single 8-byte I<DES_cblock> in I<electronic code book> 144 I<input>, into the output data, pointed to by the I<output> argument. 145 If the I<encrypt> argument is nonzero (DES_ENCRYPT), the I<input> 148 I<DES_set_key>. If I<encrypt> is zero (DES_DECRYPT), the I<input> (now 154 the input with I<ks1>, decrypting with the key schedule I<ks2>, and 157 I<ks2> and I<ks3> are the same, it is equivalent to just encryption 174 I<outw> to 'whiten' the encryption. I<inw> and I<outw> are secret 236 I<output>. 256 DES_enc_write() writes I<len> bytes to file descriptor I<fd> from [all …]
|
H A D | CMS_add0_cert.pod | 23 CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms> 27 As the 0 implies, CMS_add0_cert() adds I<cert> internally to I<cms> 29 In contrast, the caller of CMS_add1_cert() must free I<cert>. 30 I<cms> must be of type signed data or (authenticated) enveloped data. 35 CMS_get1_certs() returns all certificates in I<cms>. 37 CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>. 38 I<cms> must be of type signed data or (authenticated) enveloped data. 44 CMS_get1_crls() returns all CRLs in I<cms>. 51 For signed data, certificates and CRLs are added to the I<certificates> and 52 I<crls> fields of SignedData structure. [all …]
|
H A D | X509_LOOKUP.pod | 77 I<method>. 97 The arguments of the control command are passed via I<argc> and I<argl>, 98 its return value via I<*ret>. The library context I<libctx> and property 107 uses NULL for the library context I<libctx> and property query I<propq>. 117 uses NULL for the library context I<libctx> and property query I<propq>. 132 uses NULL for the library context I<libctx> and property query I<propq>. 136 B<X509_STORE>. The library context I<libctx> and property query I<propq> are used 142 uses NULL for the library context I<libctx> and property query I<propq>. 154 object is stored in I<ret>. 170 The filename is passed in I<argc>, and the type in I<argl>. [all …]
|
H A D | PKCS7_sign.pod | 21 I<signcert> is the certificate to sign with, I<pkey> is the corresponding 22 private key. I<certs> is an optional set of extra certificates to include 24 The library context I<libctx> and property query I<propq> are used when 27 The data to be signed is read from BIO I<data>. 29 I<flags> is an optional set of flags. 85 The I<certs>, I<signcert> and I<pkey> parameters can all be 91 If I<signcert> and I<pkey> are NULL then a certificates only 94 In versions of OpenSSL before 1.0.0 the I<signcert> and I<pkey> parameters must 98 NULL for the library context I<libctx> and the property query I<propq>. 118 The B<PKCS7_PARTIAL> flag, and the ability for I<certs>, I<signcert>, [all …]
|
H A D | RSA_generate_key.pod | 38 B<RSA> structure provided in I<rsa>. 42 the I<primes> parameter. 47 modulus will be I<primes>, and the public exponent will be I<e>. Key sizes 52 I<primes> depends on modulus bit length: 59 progress of the key generation. If I<cb> is not NULL, it 77 suitable for the key, I<BN_GENCB_call(cb, 2, n)> is called. 81 When a random p has been found with p-1 relatively prime to I<e>, 82 it is called as I<BN_GENCB_call(cb, 3, 0)>. 87 with I<BN_GENCB_call(cb, 3, i)> where I<i> indicates the i-th prime. 91 EVP_RSA_gen() returns an I<EVP_PKEY> or NULL on failure. [all …]
|
H A D | EVP_PKEY_encapsulate.pod | 22 context I<ctx> for an encapsulation operation and then sets the I<params> 32 operation using I<ctx>. 33 The symmetric secret generated in I<genkey> can be used as key material. 34 The ciphertext in I<wrappedkey> is its encapsulated form, which can be sent 37 If I<wrappedkey> is NULL then the maximum size of the output buffer 38 is written to the I<*wrappedkeylen> parameter unless I<wrappedkeylen> is NULL 40 unless I<genkeylen> is NULL. 41 If I<wrappedkey> is not NULL and the call is successful then the 42 internally generated key is written to I<genkey> and its size is written to 43 I<*genkeylen>. The encapsulated version of the generated key is written to [all …]
|
H A D | EVP_KEYEXCH_free.pod | 35 I<algorithm> from any provider offering it, within the criteria given 36 by the I<properties>. 49 EVP_KEYEXCH_get0_provider() returns the provider that I<exchange> was 52 EVP_KEYEXCH_is_a() checks if I<exchange> is an implementation of an 53 algorithm that's identifiable with I<name>. 56 implementation for the given I<exchange>. Note that the I<exchange> may have 59 by the I<exchange> object and should not be freed by the caller. 62 calls I<fn> with each name and I<data>. 66 the I<keyexch> implementation. 71 I<data> as arguments. [all …]
|
H A D | OSSL_PARAM_BLD.pod | 49 arrays. The B<I<TYPE>> names are as per L<OSSL_PARAM_int(3)>. 59 I<bld> into an allocated OSSL_PARAM array. 83 that holds the specified BIGNUM I<bn>. 84 When the I<bn> is zero or positive, its OSSL_PARAM type becomes 93 that holds the specified BIGNUM I<bn>. 96 When the I<bn> is zero or positive, its OSSL_PARAM type becomes 105 object that references the UTF8 string specified by I<buf>. 117 object that references the UTF8 string specified by I<buf>. 120 The string I<buf> points to is stored by reference and must remain in 124 object that references the octet string specified by I<buf>. [all …]
|
H A D | CMS_EncryptedData_encrypt.pod | 27 with a type B<NID_pkcs7_encrypted>. I<in> is a BIO containing the data to 28 encrypt using I<cipher> and the encryption key I<key> of size I<keylen> bytes. 29 The library context I<libctx> and the property query I<propq> are used when 30 retrieving algorithms from providers. I<flags> is a set of optional flags. 32 The I<flags> field supports the options B<CMS_DETACHED>, B<CMS_STREAM> and 36 The algorithm passed in the I<cipher> parameter must support ASN1 encoding of 42 but uses default values of NULL for the library context I<libctx> and the 43 property query I<propq>.
|
H A D | EVP_RAND.pod | 100 a library context I<libctx> and a set of I<properties>. 122 EVP_RAND_CTX_free() frees up the context I<ctx>. If I<ctx> is NULL, nothing 126 I<ctx>. 141 additional input I<addin> of length I<addin_len>. The bytes 147 Entropy I<ent> of length I<ent_len> bytes can be supplied as can additional 148 input I<addin> of length I<addin_len> bytes. In the FIPS provider, both are 155 EVP_RAND_nonce() creates a nonce in I<out> of maximum length I<outlen> 168 I<rand>. 182 context, given a context I<ctx>. 236 of the given I<rand>. [all …]
|
H A D | PKCS12_add_safe.pod | 30 =item * If I<safe_nid> is -1, a plain PKCS7 I<data> contentInfo is created. 32 =item * If I<safe_nid> is a valid PBE algorithm NID, a PKCS7 B<encryptedData> 33 contentInfo is created. The algorithm uses I<pass> as the passphrase and I<iter> 34 as the iteration count. If I<iter> is zero then a default value for iteration 37 =item * If I<safe_nid> is 0, a PKCS7 B<encryptedData> contentInfo is created using 43 context I<ctx> and property query I<propq> to be used to select algorithm 47 PKCS7 contentInfos. The I<safes> are enclosed first within a PKCS7 contentInfo 48 of type I<p7_nid>. Currently the only supported type is B<NID_pkcs7_data>. 51 library context I<ctx> and property query I<propq> to be used to select
|
H A D | EVP_MAC.pod | 95 a library context I<libctx> and a set of I<properties>. 124 I<ctx>. 129 of I<data> with length I<datalen> 130 using the MAC algorithm I<name> and the key I<key> with length I<keylen>. 132 string I<propq>. It takes parameters I<subalg> and further I<params>, 142 via the I<key> and I<params> arguments. The MAC I<key> has a length of 159 If I<out> is NULL or I<outsize> is too small, then no computation 162 dynamically, simply call with I<out> being NULL and I<outl> 167 the result in the memory pointed at by I<out> of size I<outsize>. 170 I<mac>. [all …]
|
H A D | SSL_CTX_set_tlsext_ticket_key_cb.pod | 30 session tickets for the ssl context I<sslctx>. Session tickets, defined in 51 Before the callback function is started I<ctx> and I<hctx> have been 59 I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>. 61 The I<name> is 16 characters long and is used as a key identifier. 67 I<ctx> should use the initialisation vector I<iv>. The cipher context can be 73 with I<enc> set to 0 indicating that the I<cb> function should retrieve a set 74 of parameters. In this case I<name> and I<iv> have already been parsed out of 93 This indicates that the I<ctx> and I<hctx> have been set and the session can 101 This indicates that the I<ctx> and I<hctx> have been set and the session can 122 Before this callback function is started I<hctx> will have been [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_algorithm_do_all.pod | 19 library context I<libctx>, an operation identity I<operation_id> and a 20 provider I<provider>. 21 I<libctx> may be NULL to signify that the default library context should 23 I<operation_id> may be zero to signify that all kinds of operations 25 I<provider> may be NULL to signify that all loaded providers will be 28 For each implementation found, the function I<fn> is called with the 29 I<provider> for the implementation, the algorithm descriptor I<algo>, 30 the flag I<no_store> indicating whether the algorithm descriptor may 31 be remembered or not, and the caller I<data> that was passed to
|
H A D | evp_md_get_number.pod | 40 Returns the internal dynamic number assigned to I<cipher>. 49 Keturns the internal dynamic number assigned to I<kdf>. 53 Returns the internal dynamic number assigned to I<kem>. 57 Returns the internal dynamic number assigned to the I<exchange>. 61 Returns the internal dynamic number assigned to the I<keymgmt>. 65 Returns the internal dynamic number assigned to I<mac>. 69 Returns the internal dynamic number assigned to the I<md>. This is 74 Returns the internal dynamic number assigned to I<rand>. 78 Returns the internal dynamic number assigned to I<signature>. 82 Returns the internal dynamic number assigned to the given I<decoder>. [all …]
|
H A D | ossl_cmp_msg_protect.pod | 21 ossl_cmp_calc_protection() calculates the protection for the given I<msg> 23 using the credentials, library context, and property criteria in the I<ctx>. 24 Unless I<msg->header->protectionAlg> is B<PasswordBasedMAC>, 25 its value is completed according to I<ctx->pkey> and I<ctx->digest>, 28 ossl_cmp_msg_protect() (re-)protects the given message I<msg> using an algorithm 29 depending on the available context information given in the I<ctx>. 34 ossl_cmp_msg_add_extraCerts() adds elements to the extraCerts field in I<msg>. 36 ctx->cert and then its chain ctx->chain. If this chain is not present in I<ctx> 39 I<ctx->extraCertsOut>) are added. Note that it will NOT add the root certificate 46 The I<ctx> parameter of ossl_cmp_msg_add_extraCerts() [all …]
|
/openssl/doc/man7/ |
H A D | x509.pod | 33 B<X509_>I<XXX>, B<d2i_X509_>I<XXX>, and B<i2d_X509_>I<XXX> functions 36 B<X509_CRL_>I<XXX>, B<d2i_X509_CRL_>I<XXX>, and B<i2d_X509_CRL_>I<XXX> 39 B<X509_REQ_>I<XXX>, B<d2i_X509_REQ_>I<XXX>, and B<i2d_X509_REQ_>I<XXX> 42 B<X509_NAME_>I<XXX> functions handle certificate names. 44 B<X509_ATTRIBUTE_>I<XXX> functions handle certificate attributes. 46 B<X509_EXTENSION_>I<XXX> functions handle certificate extensions.
|
H A D | EVP_PKEY-FFC.pod | 17 and private keys I<pub> and I<priv> as well as the three main domain parameters 18 I<p>, I<q> and I<g>. 23 This means that optional FFC domain parameter values for I<seed>, I<pcounter> 24 and I<gindex> may need to be stored for validation purposes. 25 For B<DH> the I<seed> and I<pcounter> can be stored in ASN1 data 76 of I<p>, I<q> and canonical I<g>. 82 I<g>. 96 generation of I<g>. Its value is the first integer larger than one that 109 I<validate-pq> and I<validate-g> are both set to 1 to check that p,q and g are 163 associated with the given Key Generation I<ctx>. [all …]
|
H A D | provider-digest.pod | 108 the I<dctx> parameter. 126 by I<in>. 133 I<*outl>. 140 I<inl> bytes at I<in> should be digested and the result should be stored at 141 I<out>. The length of the digest should be stored in I<*outl> which should not 142 exceed I<outsz> bytes. 150 and stores them in I<params>. 153 provider side digest context I<dctx> to I<params>. 158 the given provider side digest context I<dctx> and stores them in I<params>. 232 given provider side digest context I<dctx> to I<params>. [all …]
|
H A D | provider-asym_cipher.pod | 116 cipher context in the I<ctx> parameter. 134 The data to be encrypted is pointed to by the I<in> parameter which is I<inlen> 137 pointed to by the I<out> parameter and it should not exceed I<outsize> bytes in 141 written to I<*outlen>. 157 The data to be decrypted is pointed to by the I<in> parameter which is I<inlen> 160 pointed to by the I<out> parameter and it should not exceed I<outsize> bytes in 164 written to I<*outlen>. 174 I<params>. 175 Passing NULL for I<params> should return true. 178 with the given provider side asymmetric cipher context I<ctx> to I<params>. [all …]
|
/openssl/test/recipes/04-test_pem_reading_data/ |
H A D | cert-onecolumn.pem | 3 I 4 I 150 I 154 I 166 I 233 I 250 I 294 I 314 I 456 I [all …]
|
/openssl/doc/man1/ |
H A D | openssl-verify.pod.in | 12 [B<-CRLfile> I<filename>|I<uri>] 16 [B<-trusted> I<filename>|I<uri>] 17 [B<-untrusted> I<filename>|I<uri>] 18 [B<-vfyopt> I<nm>:I<v>] 24 [I<certificate> ...] 39 =item B<-CRLfile> I<filename>|I<uri> 59 =item B<-trusted> I<filename>|I<uri> 67 =item B<-untrusted> I<filename>|I<uri> 73 =item B<-vfyopt> I<nm>:I<v> 99 =item I<certificate> ...
|