/openssl/doc/man3/ |
H A D | X509V3_set_ctx.pod | 18 X509V3_set_ctx() fills in the basic fields of I<ctx> of type B<X509V3_CTX>, 20 These may make use of fields of the certificate I<subject>, the certification 21 request I<req>, or the certificate revocation list I<crl>. 24 hash value of its public key, the public key is taken from I<subject> or I<req>. 26 contained in a subject DN, the subject DN is taken from I<subject> or I<req>. 27 If I<subject> or I<crl> is provided, I<issuer> should point to its issuer, for 29 I<issuer> may be the same pointer value as I<subject> (which usually is an 30 indication that the I<subject> certificate is self-issued or even self-signed). 33 I<flags> may be 0 41 the subject certificate that has been provided in I<ctx>. [all …]
|
H A D | X509v3_get_ext_by_NID.pod | 66 X509v3_get_ext() retrieves extension I<loc> from I<x>. The index I<loc> 72 with I<nid> or I<obj> from extension STACK I<x>. The search starts from the 73 extension after I<lastpos> or from the beginning if I<lastpos> is -1. If 77 looks for an extension of criticality I<crit>. A zero value for I<crit> 81 X509v3_delete_ext() deletes the extension with index I<loc> from I<x>. 83 If I<loc> is an invalid index value, NULL is returned. 85 X509v3_add_ext() inserts extension I<ex> to STACK I<*x> at position I<loc>. 86 If I<loc> is -1, the new extension is added to the end. 87 A new STACK is allocated if I<*x> is NULL. 90 X509v3_add_extensions() adds the list of extensions I<exts> to STACK I<*target>. [all …]
|
H A D | PKCS8_encrypt.pod | 32 PKCS8_encrypt() and PKCS8_encrypt_ex() perform encryption of an object I<p8> using 33 the password I<pass> of length I<passlen>, salt I<salt> of length I<saltlen> 34 and iteration count I<iter>. 39 I<p8> using the password I<pass> of length I<passlen> along with algorithm 40 parameters obtained from the I<p8>. 42 PKCS8_set0_pbe() and PKCS8_set0_pbe_ex() perform encryption of the I<p8inf> 43 using the password I<pass> of length I<passlen> and parameters I<pbe>. 45 Functions ending in _ex() allow for a library context I<ctx> and property query 46 I<propq> to be used to select algorithm implementations.
|
H A D | BN_cmp.pod | 25 BN_cmp() compares the numbers I<a> and I<b>. BN_ucmp() compares their 29 I<a> equals 0, 1, I<w>, or E<verbar>I<w>E<verbar> respectively. 30 BN_is_odd() tests if I<a> is odd. 38 BN_cmp() returns -1 if I<a> E<lt> I<b>, 0 if I<a> == I<b> and 1 if 39 I<a> E<gt> I<b>. BN_ucmp() is the same using the absolute values 40 of I<a> and I<b>.
|
H A D | OSSL_HTTP_parse_url.pod | 35 OSSL_HTTP_adapt_proxy() takes an optional proxy hostname I<proxy> 37 I<server>, I<use_ssl>, and the applicable environment variable, as follows. 38 If I<proxy> is NULL, take any default value from the C<http_proxy> 39 environment variable, or from C<https_proxy> if I<use_ssl> is nonzero. 42 environment variable, or from C<HTTPS_PROXY> if I<use_ssl> is nonzero. 47 contains I<server>. 52 OSSL_parse_url() parses its input string I<url> as a URL of the form 61 Each non-NULL result pointer argument I<pscheme>, I<puser>, I<phost>, I<pport>, 62 I<ppath>, I<pquery>, and I<pfrag>, is assigned the respective url component. 63 Any IPv6 address in I<*phost> is enclosed in C<[> and C<]>. [all …]
|
H A D | OSSL_HTTP_REQ_CTX.pod | 69 I<wbio>), and the maximum expected response header line length I<buf_size>. 77 The I<rbio> is not free'd, I<wbio> will be free'd if I<free_wbio> is set. 83 I<server> and I<port> may be set to give the server and the optional port that 89 In this case the I<server> and I<port> arguments must be NULL. 138 Unless I<req> is NULL, the function adds the DER encoding of I<req> using 141 I<content_type> must be NULL if I<req> is NULL. 147 and to gather the response via HTTP, using the I<wbio> and I<rbio> 155 using the ASN.1 template I<it> and places the result in I<*pval>. 171 I<Use with caution!> 181 response content length for I<rctx> to I<len>. If not set or I<len> is 0 [all …]
|
H A D | X509_PUBKEY_new.pod | 66 specified by I<a>. 68 X509_PUBKEY_free() frees up B<X509_PUBKEY> structure I<a>. If I<a> is NULL 72 in the B<EVP_PKEY> structure I<pkey>. If I<*x> is not NULL any existing 85 query string I<propq> are used. 100 to the I<penclen> bytes contained in buffer I<penc>. 101 Any earlier public-key encoding in I<pub> is freed. 103 Ownership of the I<penc> argument is passed to I<pub>. 107 algorithm parameters is set to I<type> using the structure I<pval>. 109 to the I<penclen> bytes contained in buffer I<penc> and 110 any earlier public-key encoding in I<pub> is freed. [all …]
|
H A D | BIO_read.pod | 7 - BIO I/O functions 24 BIO_read_ex() attempts to read I<dlen> bytes from BIO I<b> and places the data 26 stored in I<*readbytes>. 28 BIO_write_ex() attempts to write I<dlen> bytes from I<data> to BIO I<b>. 30 unless I<written> is NULL. 32 BIO_read() attempts to read I<len> bytes from BIO I<b> and places 33 the data in I<buf>. 46 or the maximum length I<size-1> is reached and places the data in I<buf>. 53 BIO_write() attempts to write I<len> bytes from I<buf> to BIO I<b>. 55 BIO_puts() attempts to write a NUL-terminated string I<buf> to BIO I<b>. [all …]
|
H A D | OSSL_CMP_ATAV_set0.pod | 49 OSSL_CMP_ATAV_set0() sets the I<atav> with an infoType of I<type> and an 50 infoValue of I<value>. 51 The pointers I<type> and I<value> may be NULL, otherwise 53 is transferred to I<atav>. The I<itav> pointer must not be NULL. 56 in the I<atav> unless it is NULL. 59 in the I<atav> as generic B<ASN1_TYPE> pointer unless I<atav> is NULL. 62 B<algId> and fills it in with a copy of the given I<alg>. 66 or NULL if I<atav> is NULL or does not contain an algId. 72 the RSA key length in rsaKeyLen infoValue in the I<atav>, 77 pointed to by I<*sk_p>. It creates a new stack if I<*sk_p> points to NULL. [all …]
|
H A D | CMS_signed_get_attr.pod | 74 I<obj> in the SignerInfo's I<si> signed attribute list. The search starts at the 86 I<si> signed attribute list. I<loc> should be in the range from 0 to 90 the I<si> signed attribute list. An error occurs if the I<si> attribute list 95 required. An error occurs if I<attr> is NULL. 99 I<obj> with type I<type> and data I<bytes> of length I<len> and then pushes it 100 to the I<key> object's attribute list. 111 attributes list that matches the I<obj> starting at index I<lastpos> 117 objects in the signed attribute list that match I<obj>. 132 I<si> is empty OR if I<obj> is not found, otherwise it returns the location of 133 the I<obj> in the SignerInfo's I<si> signed attribute list. [all …]
|
H A D | OSSL_ESS_check_signing_certs.pod | 30 referencing the given I<signcert> and any given further I<certs> 32 If I<set_issuer_serial> is nonzero then also the issuer and serial number 33 of I<signcert> are included in the B<ESS_CERT_ID> as the B<issuerSerial> field. 34 For all members of I<certs> the B<issuerSerial> field is always included. 37 OSSL_ESS_signing_cert_new_init() except that it uses the given I<hash_alg> and 41 the certificates required by the identifiers given in I<ss> and/or I<ssv2>. 42 If I<require_signing_cert> is nonzero, I<ss> or I<ssv2> must not be NULL. 43 If both I<ss> and I<ssv2> are not NULL, they are evaluated independently. 44 The list of certificate identifiers in I<ss> is of type B<ESS_CERT_ID>, 45 while the list contained in I<ssv2> is of type B<ESS_CERT_ID_V2>. [all …]
|
H A D | X509_CRL_get0_by_serial.pod | 33 X509_CRL_get0_by_serial() attempts to find a revoked entry in I<crl> for 34 serial number I<serial>. If it is successful, it sets I<*ret> to the internal 39 looks for a revoked entry using the serial number of certificate I<x>. 42 revoked entries for I<crl>. 45 serial number of I<r>. 48 revocation date of I<r>. 50 X509_REVOKED_set_serialNumber() sets the serial number of I<r> to I<serial>. 51 The supplied I<serial> pointer is not used internally so it should be 54 X509_REVOKED_set_revocationDate() sets the revocation date of I<r> to 55 I<tm>. The supplied I<tm> pointer is not used internally so it should be [all …]
|
H A D | X509_cmp_time.pod | 22 X509_cmp_time() compares the ASN1_TIME in I<asn1_time> with the time 26 I<asn1_time> with the current time, expressed as time_t. 33 I<offset_day> and I<offset_sec> after I<in_tm>. 35 X509_time_adj() sets the ASN1_TIME structure I<asn1_time> to the time 36 I<offset_sec> after I<in_tm>. This method can only handle second 40 In both methods, if I<asn1_time> is NULL, a new ASN1_TIME structure 43 In all methods, if I<in_tm> is NULL, the current time, expressed as 46 I<asn1_time> must satisfy the ASN1_TIME format mandated by RFC 5280, 50 I<offset_sec> after the current time. It is equivalent to calling 60 X509_cmp_time() and X509_cmp_current_time() return -1 if I<asn1_time> [all …]
|
H A D | EC_GROUP_new.pod | 109 The values for I<ctx> and I<propq> may be NULL. 120 The values for I<libctx>, I<propq> and I<bnctx> may be NULL. 124 specified I<params> and 126 I<params>. 128 EC_GROUP_set_curve() sets the curve parameters I<p>, I<a> and I<b>. For a curve 129 over Fp I<p> is the prime for the field. For a curve over F2^m I<p> represents 133 In either case, I<a> and I<b> represents the coefficients a and b from the 155 I<r> array with information about the built-in curves. If I<nitems> is less than 159 populated in I<r> or not). Passing a NULL I<r>, or setting I<nitems> to 0 will 174 L<OSSL_LIB_CTX(3)>) and any property query string in I<propq>. The I<ctx> value [all …]
|
H A D | X509_ACERT_add1_attr.pod | 31 add an attribute of type I<nid> or I<obj> with a value of ASN1 32 type I<type> constructed using I<len> bytes from I<bytes>. 34 X509_ACERT_add1_attr_by_txt() adds an attribute of type I<attrname> with a value of 35 ASN1 type I<type> constructed using I<len> bytes from I<bytes>. 37 X509_ACERT_delete_attr() will delete the I<loc>th attribute from I<x> and 38 return a pointer to it or NULL if there are fewer than I<loc> attributes 39 contained in I<x>.
|
H A D | OSSL_ENCODER.pod | 52 name given by I<name> and the properties given by I<properties>. 60 I<encoder>. 63 I<encoder>, and when the count reaches zero, frees it. 67 I<encoder>. 70 with the given I<encoder>. 73 algorithm that's identifiable with I<name>. 79 I<loader> implementation. 82 I<encoder>, and calls I<fn> with each name and I<data> as arguments. 86 I<libctx>, and for each of the implementations, calls I<fn> with the 87 implementation method and I<arg> as arguments. [all …]
|
H A D | ASN1_STRING_length.pod | 31 ASN1_STRING_length() returns the length of the content of I<x>. I<x> B<MUST NOT> be NULL. 35 modified in any way. I<x> B<MUST NOT> be NULL. 41 ASN1_STRING_dup() returns a copy of the structure I<a>. 43 ASN1_STRING_cmp() compares I<a> and I<b> returning 0 if the two 46 ASN1_STRING_set() sets the data of string I<str> to the buffer 47 I<data> or length I<len>. The supplied data is copied. If I<len> 55 I<out> is returned or a negative error code. The buffer I<*out> 82 ASN1_STRING_length() returns the length of the content of I<x>. 85 the data of I<x>. 91 according to whether I<a> is greater than, equal to, or less than I<b>. [all …]
|
H A D | BN_mod_mul_montgomery.pod | 37 BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m> 40 BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>. 46 BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places 47 the result in I<r>. 49 BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1. 51 BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R. 52 Note that I<a> must be nonnegative and smaller than the modulus. 54 For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
|
H A D | X509_add_cert.pod | 18 X509_add_cert() adds a certificate I<cert> to the given list I<sk>. 20 X509_add_certs() adds a list of certificate I<certs> to the given list I<sk>. 21 The I<certs> argument may be NULL, which implies no effect. 22 It does not modify the list I<certs> but 24 the reference counters of those of its members added to I<sk> are increased. 26 Both these functions have a I<flags> parameter, 35 By default they are appended to I<sk>. 38 If B<X509_ADD_FLAG_NO_DUP> is set then certificates already contained in I<sk>, 52 because otherwise likely not for all members of the I<certs> list 53 the ownership is transferred to the list of certificates I<sk>. [all …]
|
H A D | OBJ_nid2obj.pod | 62 for the object I<o>, the long name I<ln> or the short name I<sn> respectively 65 OBJ_txt2nid() returns NID corresponding to text string I<s>. I<s> can be 74 Unless I<buf> is NULL, 85 OBJ_cmp() compares I<a> to I<b>. If the two are identical 0 is returned. 87 OBJ_dup() returns a copy of I<o>. 90 numerical form of the object, I<sn> the short name and I<ln> the 92 success and NID_undef in case of failure. Any of I<oid>, I<sn> and 93 I<ln> may be NULL, but not all at once. 104 Algorithm", I<dig_id> is the NID for the digest algorithm and I<pkey_id> is the 106 that do not require a digest, NID_undef is a valid I<dig_id>. [all …]
|
H A D | CMS_verify.pod | 26 I<cms> points to the B<CMS_ContentInfo> structure to verify. 27 The optional I<certs> parameter refers to a set of certificates 33 I<store> may be NULL or point to 35 I<detached_data> refers to the signed data if the content is detached from I<cms>. 36 Otherwise I<detached_data> should be NULL and the signed data must be in I<cms>. 37 The content is written to the BIO I<out> unless it is NULL. 41 it operates on B<CMS SignedData> input in the I<sd> argument, 49 The optional parameters library context I<libctx> and property query I<propq> 59 Initially some sanity checks are performed on I<cms>. The type of I<cms> must 61 the content is detached I<detached_data> cannot be NULL. [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_provider_new.pod | 124 object store by I<name>. 126 Typically I<noconfig> should be 0. 137 Typically I<noconfig> should be 0. 168 provider I<prov> is registered in. 172 The parameters are a combination of I<name> and I<value>, and the 192 supplied in the I<props> string. 234 I<actualprov> argument. 283 I<operation_id>. 294 I<*result> to 1 or 0 accordingly. 297 the necessary upcalls for managing child providers. The I<handle> and I<in> [all …]
|
H A D | OPENSSL_SA.pod | 44 array of B<I<TYPE>>. This will mean that a pointer to type B<I<TYPE>> 46 B<SPARSE_ARRAY_OF>(B<I<TYPE>>) and each function name begins with 51 B<ossl_sa_I<TYPE>_num>() returns the number of elements in I<sa> or 0 if I<sa> 54 B<ossl_sa_I<TYPE>_get>() returns element I<idx> in I<sa>, where I<idx> starts 58 B<ossl_sa_I<TYPE>_set>() sets element I<idx> in I<sa> to I<value>, where I<idx> 63 B<ossl_sa_I<TYPE>_free>() frees up the I<sa> structure. It does I<not> free up any 64 elements of I<sa>. After this call I<sa> is no longer valid. 67 elements. After this call I<sa> is no longer valid. 69 B<ossl_sa_I<TYPE>_doall>() calls the function I<leaf> for each element in I<sa> 75 I<sa> in ascending index order. The index position, within the sparse [all …]
|
/openssl/doc/man1/ |
H A D | openssl-spkac.pod.in | 16 [B<-in> I<filename>] 17 [B<-out> I<filename>] 18 [B<-digest> I<digest>] 19 [B<-key> I<filename>|I<uri>] 21 [B<-passin> I<arg>] 22 [B<-challenge> I<string>] 24 [B<-spkac> I<spkacname>] 25 [B<-spksect> I<section>] 44 =item B<-in> I<filename> 59 =item B<-key> I<filename>|I<uri> [all …]
|
H A D | openssl-genpkey.pod.in | 16 [B<-out> I<filename>] 17 [B<-outpubkey> I<filename>] 21 [B<-pass> I<arg>] 22 [B<-I<cipher>>] 23 [B<-paramfile> I<file>] 24 [B<-algorithm> I<alg>] 25 [B<-pkeyopt> I<opt>:I<value>] 70 =item B<-pass> I<arg> 75 =item B<-I<cipher>> 96 =item B<-pkeyopt> I<opt>:I<value> [all …]
|