/openssl/doc/man3/ |
H A D | PKCS7_verify.pod | 19 It verifies a PKCS#7 signedData structure given in I<p7>. 20 The optional I<certs> parameter refers to a set of certificates 22 I<p7> may contain extra untrusted CA certificates that may be used for 24 I<store> may be NULL or point to 26 I<indata> refers to the signed data if the content is detached from I<p7>. 27 Otherwise I<indata> should be NULL, and then the signed data must be in I<p7>. 28 The content is written to the BIO I<out> unless it is NULL. 39 Initially some sanity checks are performed on I<p7>. The type of I<p7> must 42 not detached and I<indata> is not NULL then the structure has both 54 using the trusted certificate store I<store> if supplied. [all …]
|
H A D | HMAC.pod | 61 I<data> using the hash function I<evp_md> and the key I<key> which is 62 I<key_len> bytes long. The I<key> may also be NULL with I<key_len> being 0. 68 value for I<md> to use the static array is not thread safe. 96 function I<evp_md> and key I<key>. If both are NULL, or if I<key> is NULL 97 and I<evp_md> is the same as the previous call, then the 102 If HMAC_Init_ex() is called with I<key> NULL and I<evp_md> is not the 103 same as the previous digest used by I<ctx> then an error is returned 107 function I<evp_md> and the key I<key> which is I<key_len> bytes 111 be authenticated (I<len> bytes at I<data>). 113 HMAC_Final() places the message authentication code in I<md>, which [all …]
|
H A D | ASN1_item_sign.pod | 43 I<data>, the ASN.1 structure I<it>, private key I<pkey> and message digest I<md>. 45 converting it to der format using the ASN.1 structure I<it>. 49 parameters that have been set up. If one of I<algor1> or I<algor2> points to the 57 The generated signature is set into I<signature>. 60 I<algor2> are ignored if they are NULL. 63 NULL for the I<id>, I<libctx> and I<propq>. 66 contained in digest context I<ctx>. 69 data I<data> using the public key I<pkey> and algorithm identifier I<alg>. 71 converting it to der format using the ASN.1 structure I<it>. 78 NULL for the I<id>, I<libctx> and I<propq>. [all …]
|
H A D | X509v3_get_ext_by_NID.pod | 61 X509v3_get_ext_count() retrieves the number of extensions in I<x>. 63 X509v3_get_ext() retrieves extension I<loc> from I<x>. The index I<loc> 69 with I<nid> or I<obj> from extension STACK I<x>. The search starts from the 70 extension after I<lastpos> or from the beginning if I<lastpos> is -1. If 74 looks for an extension of criticality I<crit>. A zero value for I<crit> 78 X509v3_delete_ext() deletes the extension with index I<loc> from I<x>. 80 If I<loc> is an invalid index value, NULL is returned. 82 X509v3_add_ext() adds extension I<ex> to STACK I<*x> at position I<loc>. If 83 I<loc> is -1, the new extension is added to the end. If I<*x> is NULL, 95 CRL I<x>. They are otherwise identical to the X509v3 functions. [all …]
|
H A D | X509_STORE_set_verify_cb_func.pod | 126 I<verify_cb> overwriting the previous callback. 132 I<xs> to I<verify>. 142 component of I<ctx> that has a subject name matching the issuer name of I<x> 143 and is accepted by the I<check_issued> function in I<ctx>. 152 to I<*issuer> and then return 1. 158 certificate I<x> is issued by the issuer certificate I<issuer>. 160 been issued with I<issuer>) and 1 on success. 173 certificate I<x>. 180 the given I<crl>. 186 status of the given certificate I<x> against the given I<crl>. [all …]
|
H A D | EVP_PKEY_CTX_ctrl.pod | 198 type used must match I<keytype> if it is not -1. The parameter I<optype> is a 201 I<p1> and I<p2>. 217 I<pkeyutl>, I<genpkey> and I<req> commands. 220 I<ctx>. The message digest is specified by its name I<md>. 367 I<label> and its length in bytes to I<len>. If I<label> is NULL or I<len> is 0, 421 parameter generation using I<md_name> and I<md_properties> to retrieve the 424 SHA-256 depending on the bit length of I<q> above. I<md_properties> is a 499 prime I<p>. 503 I<nid> as defined in RFC7919 or RFC3526. The I<nid> parameter must be 529 the I<kdf_oid>, I<kdf_md> and I<kdf_outlen> parameters must also be specified. [all …]
|
H A D | OSSL_DECODER.pod | 52 name given by I<name> and the properties given by I<properties>. 60 I<decoder>. 63 I<decoder>, and when the count reaches zero, frees it. 67 I<decoder>. 70 with the given I<decoder>. 73 of an algorithm that's identifiable with I<name>. 79 of the I<decoder> implementation. 82 I<decoder>, and calls I<fn> with each name and I<data> as arguments. 86 I<libctx>, and for each of the implementations, calls I<fn> with the 87 implementation method and I<arg> as arguments. [all …]
|
H A D | EVP_VerifyInit.pod | 28 EVP_VerifyInit_ex() sets up verification context I<ctx> to use digest 29 I<type> from ENGINE I<impl>. I<ctx> must be created by calling 32 EVP_VerifyUpdate() hashes I<cnt> bytes of data at I<d> into the 34 same I<ctx> to include additional data. 36 EVP_VerifyFinal_ex() verifies the data in I<ctx> using the public key 37 I<pkey> and I<siglen> bytes in I<sigbuf>. 38 The library context I<libctx> and property query I<propq> are used when creating 39 a context to use with the key I<pkey>. 42 values of NULL for the library context I<libctx> and the property query I<propq>. 44 EVP_VerifyInit() initializes verification context I<ctx> to use the default [all …]
|
H A D | OSSL_STORE_LOADER.pod | 124 I<loader>. 131 I<loader>. 149 I<loader>, and calls I<fn> with each name and I<data>. 183 context I<libctx> and property query I<propq>. 267 It takes an B<ENGINE> I<e> and a string I<scheme>. 268 I<scheme> must I<always> be set. 276 I<store_loader>. 282 I<store_loader>. 285 I<store_loader>. 288 I<store_loader>. [all …]
|
H A D | PKCS12_item_decrypt_d2i.pod | 35 string containing an ASN.1 encoded object using the algorithm I<algor> and 36 password I<pass> of length I<passlen>. If I<zbuf> is nonzero then the output 40 object I<it> using the algorithm I<algor> and password I<pass> of length 41 I<passlen>, returning an encoded object in I<obj>. If I<zbuf> is nonzero then 44 Functions ending in _ex() allow for a library context I<ctx> and property query 45 I<propq> to be used to select algorithm implementations.
|
H A D | OSSL_PARAM_dup.pod | 22 OSSL_PARAM_dup() duplicates the parameter array I<params>. This function does a 25 OSSL_PARAM_merge() merges the parameter arrays I<params> and I<params1> into a 26 new parameter array. If I<params> and I<params1> contain values with the same 27 'key' then the value from I<params1> will replace the I<param> value. This 28 function does a shallow copy of the parameters. Either I<params> or I<params1> 29 may be NULL. The behaviour of the merge is unpredictable if I<params> and 30 I<params1> contain the same key, and there are multiple entries within either 33 OSSL_PARAM_free() frees the parameter array I<params> that was created using
|
H A D | CRYPTO_THREAD_run_once.pod | 93 CRYPTO_atomic_add() atomically adds I<amount> to I<*val> and returns the 94 result of the operation in I<*ret>. I<lock> will be locked, unless atomic 102 CRYPTO_atomic_add64() atomically adds I<op> to I<*val> and returns the 103 result of the operation in I<*ret>. I<lock> will be locked, unless atomic 111 CRYPTO_atomic_and() performs an atomic bitwise and of I<op> and I<*val> and stores 113 I<*ret>. I<lock> will be locked, unless atomic operations are supported on the 121 CRYPTO_atomic_or() performs an atomic bitwise or of I<op> and I<*val> and stores 123 I<*ret>. I<lock> will be locked, unless atomic operations are supported on the 131 CRYPTO_atomic_load() atomically loads the contents of I<*val> into I<*ret>. 140 CRYPTO_atomic_store() atomically stores the contents of I<val> into I<*dst>. [all …]
|
H A D | OSSL_CRMF_pbmp_new.pod | 26 parameters I<pbmp>, message I<msg>, and secret I<sec>, along with the respective 27 lengths I<msglen> and I<seclen>. 28 The optional library context I<libctx> and I<propq> parameters may be used 29 to influence the selection of the MAC algorithm referenced in the I<pbmp>; 32 allocated MAC via the I<mac> reference parameter and writes the length via the 33 I<maclen> reference parameter unless it its NULL. 36 with a new random salt of given length I<saltlen>, 37 OWF (one-way function) NID I<owfnid>, OWF iteration count I<itercnt>, 38 and MAC NID I<macnid>. 39 The library context I<libctx> parameter may be used to select the provider
|
H A D | SRP_create_verifier.pod | 43 context I<libctx> and property query string I<propq>. Any cryptographic 44 algorithms that need to be fetched will use the I<libctx> and I<propq>. See 52 newly allocated BIGNUM containing a random salt. If I<*salt> is not NULL then 54 The caller is responsible for freeing the allocated I<*salt> and I<*verifier> 61 It is possible to pass NULL as I<N> and an SRP group id as I<g> instead to 63 If both I<N> and I<g> are NULL the 8192-bit SRP group parameters are used. 64 The caller is responsible for freeing the allocated I<*salt> and I<*verifier> 67 The SRP_check_known_gN_param() function checks that I<g> and I<N> are valid 81 "*" if I<N> is not NULL, the selected group id otherwise. This value should 88 SRP_get_default_gN() returns NULL if I<id> is not a valid group size, [all …]
|
H A D | EVP_SignInit.pod | 27 EVP_SignInit_ex() sets up signing context I<ctx> to use digest 28 I<type> from B<ENGINE> I<impl>. I<ctx> must be created with 31 EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the 33 same I<ctx> to include additional data. 35 EVP_SignFinal_ex() signs the data in I<ctx> using the private key 36 I<pkey> and places the signature in I<sig>. The library context I<libctx> and 38 I<pkey>. I<sig> must be at least C<EVP_PKEY_get_size(pkey)> bytes in size. 39 I<s> is an OUT parameter, and not used as an IN parameter. 45 values of NULL for the library context I<libctx> and the property query I<propq>. 47 EVP_SignInit() initializes a signing context I<ctx> to use the default [all …]
|
H A D | OSSL_CMP_MSG_get0_header.pod | 51 from various information provided in the CMP context argument I<ctx> 63 =item the subject field of any PKCS#10 CSR set in I<ctx> 66 =item the subject field of any reference certificate given in I<ctx> 67 (see L<OSSL_CMP_CTX_set1_oldCert(3)>), but only if I<for_KUR> is nonzero 68 or the I<ctx> does not include a Subject Alternative Name. 78 =item the public key of any PKCS#10 CSR given in I<ctx>, 80 =item the public key of any reference certificate given in I<ctx> 96 The SANs are further overridden by any SANs included in I<ctx> via 105 OSSL_CMP_MSG_read() loads a DER-encoded OSSL_CMP_MSG from I<file>. 110 It assigns a pointer to the new structure to I<*msg> if I<msg> is not NULL. [all …]
|
/openssl/doc/man1/ |
H A D | openssl-dgst.pod.in | 11 [B<-I<digest>>] 22 [B<-sign> I<filename>|I<uri>] 24 [B<-passin> I<arg>] 28 [B<-sigopt> I<nm>:I<v>] 29 [B<-hmac> I<key>] 30 [B<-mac> I<alg>] 31 [B<-macopt> I<nm>:I<v>] 38 [I<file> ...] 115 =item B<-sign> I<filename>|I<uri> 126 =item B<-sigopt> I<nm>:I<v> [all …]
|
H A D | openssl-s_server.pod.in | 12 [B<-port> I<+int>] 13 [B<-accept> I<val>] 14 [B<-unix> I<val>] 27 [B<-key> I<filename>|I<uri>] 28 [B<-key2> I<filename>|I<uri>] 34 [B<-dkey> I<filename>|I<uri>] 204 =item B<-verify> I<int>, B<-Verify> I<int> 252 =item B<-key> I<filename>|I<uri> 257 =item B<-key2> I<filename>|I<uri> 272 =item B<-dcert> I<infile>, B<-dkey> I<filename>|I<uri> [all …]
|
H A D | openssl-s_client.pod.in | 15 [B<-port> I<port>] 20 [B<-unix> I<path>] 39 [B<-key> I<filename>|I<uri>] 41 [B<-pass> I<arg>] 61 [B<-mtu> I<size>] 74 [B<-psk> I<key>] 140 [I<host>:I<port>] 165 =item B<-connect> I<host>:I<port> 281 =item B<-key> I<filename>|I<uri> 862 =item I<host>:I<port> [all …]
|
H A D | openssl-passphrase-options.pod | 10 I<command> 11 [ I<options> ... ] 12 [ I<parameters> ... ] 35 =item B<pass:>I<password> 37 The actual password is I<password>. Since the password is visible 41 =item B<env:>I<var> 43 Obtain the password from the environment variable I<var>. Since 47 =item B<file:>I<pathname> 49 The first line of I<pathname> is the password. If the same I<pathname> 55 =item B<fd:>I<number> [all …]
|
/openssl/doc/man7/ |
H A D | provider-cipher.pod | 120 the I<cctx> parameter. 130 The key to be used is given in I<key> which is I<keylen> bytes long. 131 The IV to be used is given in I<iv> which is I<ivlen> bytes long. 143 pointed to by I<in>. 145 I<*outl> which should not exceed I<outsize> bytes. 151 The pointers I<out> and I<in> may point to the same location, in which 164 amount of data written to I<*outl> which should not exceed I<outsize> bytes. 176 The data to be encrypted/decrypted will be in I<in>, and it will be I<inl> bytes 180 I<outsize> bytes. 191 provider side cipher context I<cctx> to I<params>. [all …]
|
H A D | provider-rand.pod | 85 The parameter I<parent_calls> points to the dispatch table for I<parent>. 89 the I<mctx> parameter. 100 Additional input I<addin> of length I<addin_len> bytes can optionally 112 from a live entropy source. Additional input I<addin> of length I<addin_len> 118 length from I<min_noncelen> to I<max_noncelen>. If the output buffer I<out> is 123 security level of I<entropy> bits and there will be between I<min_len> 124 and I<max_len> inclusive bytes in total. If I<prediction_resistance> is 126 input I<addin> of length I<addin_len> bytes can optionally be provided. 130 OSSL_FUNC_rand_clear_seed() frees a seed I<buffer> of length I<b_len> bytes 161 provider side rand context I<ctx> to I<params>. [all …]
|
H A D | provider-kem.pod | 122 kem context in the I<ctx> parameter. 133 the I<name> of the algorithm. 142 key I<provauthkey> which cannot be NULL. 152 I<*secretlen>. 156 written to I<*secretlen>. 163 a I<name> of the algorithm. 175 The data to be decapsulated is pointed to by the I<in> parameter which is I<inlen> 178 pointed to by the I<out> parameter. 181 written to I<*outlen>. 191 I<params>. [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_method_construct.pod | 55 providers for a dispatch table given an I<operation_id>, and then 57 method creator through I<mcm> and the data in I<mcm_data> (which is 59 If I<prov> is not NULL, only that provider is considered, which is 88 The store may be given with I<store>. 108 The store may be given with I<store>. 113 The method should be associated with the given provider I<prov>, 114 I<name> and property definition I<propdef> as well as any 115 identification data given through I<data> (which is the I<mcm_data> 122 Constructs a subsystem method for the given I<name> and the given 123 dispatch table I<fns>. [all …]
|
H A D | ossl_rand_get_entropy.pod | 40 stored in a buffer which contains at least I<min_len> and at most I<max_len> 41 bytes. The buffer address is stored in I<*pout> and the buffer length is 50 ossl_rand_get_entropy(). The entropy buffer is pointed to by I<buf> 51 and is of length I<len> bytes. 54 ossl_rand_get_user_entropy(). The entropy buffer is pointed to by I<buf> 55 and is of length I<len> bytes. 58 of length I<salt_len> and operating system specific information. 59 The I<salt> should contain uniquely identifying information and this is 62 most I<max_len> bytes. The buffer address is stored in I<*pout> and the 72 is pointed to by I<buf> and is of length I<len> bytes. [all …]
|