EVP: Change the output size type of EVP_Q_digest() and EVP_Q_mac()

This makes them more consistent with other new interfaces.

Fixes #15839

Reviewed-by: David von Oheimb <da

EVP: Change the output size type of EVP_Q_digest() and EVP_Q_mac()

This makes them more consistent with other new interfaces.

Fixes #15839

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15861)

show more ...

doc: make XXX_get_number() internal

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_,

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)

show more ...

doc: document the MAC block size getter

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl

doc: document the MAC block size getter

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)

show more ...

mac: improve MAC documentation (Poly 1305 key reuse, nomenclature)

Fixes #12441

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/

mac: improve MAC documentation (Poly 1305 key reuse, nomenclature)

Fixes #12441

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15237)

show more ...

Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions

This helps compensating for deprecated functions such as HMAC()
and reduces clutter in the crypto lib,

Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions

This helps compensating for deprecated functions such as HMAC()
and reduces clutter in the crypto lib, apps, and tests.
Also fixes memory leaks in generate_cookie_callback() of apps/lib/s_cb.c.
and replaces 'B<...>' by 'I<...>' where appropriate in HMAC.pod

Partially fixes #14628.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14664)

show more ...

doc: document EVP_MAC_finalXOF()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15061)

DOC: Clarify EVP_MAC_init() params vs. EVP_MAC_CTX_set_params()

Fixes #14855

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged f

DOC: Clarify EVP_MAC_init() params vs. EVP_MAC_CTX_set_params()

Fixes #14855

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14937)

show more ...

Update the algorithm fetching documentation links

The documentation on algorithm fetching has moved. There were a lot of
references to the old location so we update all of those location

Update the algorithm fetching documentation links

The documentation on algorithm fetching has moved. There were a lot of
references to the old location so we update all of those locations.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1487)

show more ...

EVP: Add EVP_<TYPE>_description()

The following operation types are covered:

EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
EVP_ASYM_CIPHER, EVP_KEM, EVP_KEY

EVP: Add EVP_<TYPE>_description()

The following operation types are covered:

EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF. Also EVP_PKEY.

For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for
legacy implementations.

For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a
fallback for legacy implementations.

Fixes #14514

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656)

show more ...

doc: note that MAC lifecycle transitions will be enforced at some point

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14522)

doc: note the additional parameters to EVP_MAC_init()

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

doc: changes to match the updated context gettable/settable calls for MACs

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)

Don't hold a lock when calling a callback in ossl_namemap_doall_names

We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk

Don't hold a lock when calling a callback in ossl_namemap_doall_names

We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.

Fixes #14225

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

Replace MAC flags OSSL_MAC_PARAM_FLAGS with separate param fields.

Fixes #12992

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1

Replace MAC flags OSSL_MAC_PARAM_FLAGS with separate param fields.

Fixes #12992

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)

show more ...

Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size().

Fixes #11320

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13116)

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)

show more ...

kdf/mac: add name query calls for KDFs and MACs

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931)

Fixed EVP_MAC_final argument count in example

EVP_MAC_final had only three arguments / the buffer/tag size was missing.
Fixes #12424

Note, that I didn't try to compile the examp

Fixed EVP_MAC_final argument count in example

EVP_MAC_final had only three arguments / the buffer/tag size was missing.
Fixes #12424

Note, that I didn't try to compile the example to look for other problems.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12429)

show more ...

Update the EVP_PKEY MAC documentation

Include more information about the new HMAC parameter. Also fill in some
missing documentation about the EVP_PKEY MAC bridge.

Reviewed-by:

Update the EVP_PKEY MAC documentation

Include more information about the new HMAC parameter. Also fill in some
missing documentation about the EVP_PKEY MAC bridge.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12732)

show more ...

Revert "The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*"

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the pr

Revert "The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*"

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.

This reverts commit d9c2fd51e2e278bc3f7793a104ff7b4879f6d63a.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)

show more ...

Fix some man page typos

A few miscellaneous man page typos reported by Hal Murray on
openssl-users.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://g

Fix some man page typos

A few miscellaneous man page typos reported by Hal Murray on
openssl-users.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12185)

show more ...

The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*
functions are now EVP_MAC functions, usually with ctx in their names.

Before 3.0 is released, the names are mu

The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*
functions are now EVP_MAC functions, usually with ctx in their names.

Before 3.0 is released, the names are mutable and this prevents more
inconsistencies being introduced.

There are no functional or code changes.
Just the renaming and a little reformatting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11997)

show more ...

Update core_names.h fields and document most fields.

Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related

Update core_names.h fields and document most fields.

Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related to RSA keys.
Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file.
Updated Keyexchange and signature code and docs.
Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod.
Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it.

Added some usage examples. As a result of the usage examples the following change was also made:
ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11610)

show more ...