| /openssl/doc/designs/quic-design/ |
| H A D | debugging.md | 16 implementation which is not directly observable from the network.
20 information in general and do not have information removed. On the other hand,
66 Note that since the qlog specification is not finalised and still evolving,
75 data, application data is generally not logged. (However, this is not a
76 guarantee and must not be relied upon from a privacy perspective.)
90 **Activating the decoder.** If you are using QUIC on a port not known to be
108 are using does not provide a way to enable this functionality, this requires
109 recompiling the application you are using as OpenSSL does not provide a way
113 may be able to obtain a keylog from that other implementation. (It does not
|
| /openssl/doc/man3/ |
| H A D | SSL_CTX_set_verify.pod | 71 then the extension is not sent, otherwise it is. By default the extension is not
89 client, so the client will not send a certificate.
91 B<Client mode:> if not using an anonymous cipher (by default disabled), the
116 B<Server mode:> if the client did not return a certificate, the TLS/SSL
125 connection. Do not ask for a client certificate again during
134 B<Server mode:> the server will not send a client certificate request
176 the certificate in question was passed (preverify_ok=1) or not
226 In client mode, it is not checked whether the SSL_VERIFY_PEER flag
233 The SSL*_set_verify*() functions do not provide diagnostic information.
291 * We must do it here, because the CHAIN_TOO_LONG error would not
[all …]
|
| H A D | RAND_cleanup.pod | 20 the PRNG. As of version 1.1.0, it does nothing and should not be called,
34 RAND_cleanup() was deprecated in OpenSSL 1.1.0; do not use it.
41 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | EC_KEY_get_enc_flags.pod | 18 i2d_ECPrivateKey() (such as whether it is stored in a compressed form or not) is
33 the curve are not encoded along with the private key. If EC_PKEY_NO_PUBKEY is
34 set then the public key is not encoded along with the private key.
54 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | X509_get0_distinguishing_id.pod | 42 B<x> by returning an B<ASN1_OCTET_STRING> object which should not be freed by
47 object, and therefore the value that has been passed in should not be freed by
57 X509_set0_distinguishing_id() and X509_REQ_set0_distinguishing_id() do not
68 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | BIO_f_readbuffer.pod | 18 This BIO filter can be inserted on top of BIO's that do not support BIO_tell()
25 Writing data to a read buffering BIO is not supported.
27 Calling BIO_reset() on a read buffering BIO does not clear any buffered data.
56 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | EVP_PKEY_get_default_digest_nid.pod | 27 do not use a digest during signing. In this case I<pnid> will be set
41 can be used) and 2 if it is mandatory (other digests can not be used).
43 value of -2 indicates the operation is not supported by the public key
62 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_CTX_flush_sessions.pod | 24 SSL_CTX_flush_sessions() is an older variant of the function that is not
31 As sessions will not be reused ones they are expired, they should be
48 SSL_CTX_flush_sessions_ex() does not return a value.
61 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SCT_validate.pod | 48 (see RFC 6962). If it is required but not provided, the validation status will
55 If the SCT was issued by a log that is not in this CTLOG_STORE, the validation
71 A return value of 0 from SCT_LIST_validate() should not be interpreted as a
84 If SCT_validate() or SCT_LIST_validate() have not been passed that SCT, the
99 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_accept.pod | 27 when the underlying BIO could not satisfy the needs of SSL_accept()
46 The TLS/SSL handshake was not successful but was shut down controlled and
57 The TLS/SSL handshake was not successful because a fatal error occurred either
59 not clean. It can also occur if action is needed to continue the operation
77 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | BIO_s_fd.pod | 24 BIO_puts() is supported but BIO_gets() is not.
41 BIO_get_fd() places the file descriptor of BIO B<b> in B<c> if it is not NULL.
54 File descriptor BIOs should not be used for socket I/O. Use socket BIOs
65 BIO_get_fd() returns the file descriptor or -1 if the BIO has not
93 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_clear.pod | 24 if L<SSL_shutdown(3)> was not called for the connection
37 This function is not supported on QUIC SSL objects and returns failure if called
54 if session reuse is not desired).
64 The SSL_clear() operation could not be performed. Check the error stack to
82 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_CTX_set_cert_verify_callback.pod | 25 If the application does not explicitly specify a verification callback function,
45 typically done in case the certificate verification was not yet able
71 SSL_CTX_set_cert_verify_callback() does not return a value.
75 Do not mix the verification callback described in this function with the
87 SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
101 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | EVP_VerifyInit.pod | 73 Note that not all providers support continuation, in case the selected
74 provider does not allow to duplicate contexts EVP_VerifyFinal() will
81 EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
85 combination) will not be indicated until after potentially large amounts of
88 It is not possible to change the signing parameters using these function.
109 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | RAND_bytes.pod | 34 instance so that a compromise of the "public" PRNG instance will not
57 If the entropy source fails or is not available, the CSPRNG will enter an
60 not take randomness for granted.
62 On other platforms, there might not be a trusted entropy source available
71 return 1 on success, -1 if not supported by the current
106 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_get_ciphers.pod | 45 a gap in the list of supported protocols, and some ciphers may not be
46 usable by a server if there is not a suitable certificate configured.
51 available, or B<ssl> is not operating in server mode, NULL is returned.
70 error. If the supplied buffer is not large enough to contain the complete list
73 by both the client and the server it does not mean that it is enabled (see the
75 available shared ciphersuites whether or not they are enabled. This is a server
112 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_get_session.pod | 18 B<ssl>. The reference count of the B<SSL_SESSION> is not incremented, so
37 SSL_SESSION object can be used for resumption or not.
55 non-resumable if the connection is not closed down cleanly, e.g. if a fatal
56 error occurs on the connection or L<SSL_shutdown(3)> is not called prior to
63 reference counter is not incremented, the pointer is only valid while
71 count, so that the session will not be implicitly removed by other operations
108 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | EVP_SignInit.pod | 39 I<s> is an OUT parameter, and not used as an IN parameter.
77 Note that not all providers support continuation, in case the selected
78 provider does not allow to duplicate contexts EVP_SignFinal() will
85 EVP_SignUpdate() could not be made after calling EVP_SignFinal().
89 combination) will not be indicated until after potentially large amounts of
92 It is not possible to change the signing parameters using these function.
114 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_CTX_use_psk_identity_hint.pod | 53 It is also possible for the callback to succeed but not supply a PSK. In this
58 Identity hints are not relevant for TLSv1.3. A server application wishing to use
65 In the case where PSK identity hint is B<NULL>, the server does not send the
88 callback, and are not possible with the B<SSL_psk_server_cb_func> callback.
105 PSK identity was not found. An "unknown_psk_identity" alert message
115 If the PSK identity was not found but the callback instructs the
133 ensure safety from cross-protocol related output by not reusing PSKs between
151 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| /openssl/doc/man1/ |
| H A D | openssl-fipsinstall.pod.in | 84 If the value is '0' then the module error state will not be entered.
87 the operation if the module error state is not entered.
94 If the value is '0' the checks are not performed and FIPS compliance must
215 Configure the module to not allow short MAC outputs.
220 Configure the module to not allow small keys sizes when using HMAC.
225 Configure the module to not allow small keys sizes when using KMAC.
281 Configure the module to not allow Triple-DES encryption.
363 Do not write the two fields related to the "test status indicator" and
381 Do not output pass/fail messages. Implies B<-noout>.
405 are not specified, or if either of the options B<-corrupt_desc> or
[all …]
|
| H A D | openssl-genpkey.pod.in | 47 Output the private key to the specified file. If this argument is not
52 Output the public key to the specified file. If this argument is not
53 specified then the public key is not output.
68 Do not output "status dots" while generating keys.
147 The number of bits in the generated key. If not specified 2048 is used.
151 The number of primes in the generated key. If not specified 2 is used.
209 The B<paramfile> option is not required if a named group is used here.
262 If this value is not set then g is not verifiable. The default value is -1.
268 values for the generated parameters OR it will fail if the seed did not
387 If this value is not set then g is not verifiable. The default value is -1.
[all …]
|
| H A D | openssl-pkeyparam.pod.in | 39 this option is not specified.
44 this option is not specified.
52 Do not output the encoded version of the parameters.
93 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| /openssl/doc/life-cycles/ |
| H A D | cipher.dot | 19 initialised -> initialised [label="EVP_CipherInit\n(not required but allowed)",
28 d_initialised -> d_initialised [label="EVP_DecryptInit\n(not required but allowed)",
34 e_initialised -> e_initialised [label="EVP_EncryptInit\n(not required but allowed)",
58 initialised -> initialised [label="EVP_CipherInit\n(not required but allowed)",
|
| /openssl/doc/man7/ |
| H A D | OSSL_STORE-winstore.pod | 27 As a matter of fact, this must be used. It is not possible to enumerate all
55 I<Such constraints are not checked by this OSSL_STORE implementation, and
56 thereby not honoured>.
81 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| /openssl/test/ |
| H A D | CAtsa.cnf | 79 # TSA server cert is not a CA cert.
92 # This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
97 # timeStamping is not supported by this certificate
135 default_policy = tsa_policy1 # Policy if request did not specify it
161 default_policy = tsa_policy1 # Policy if request did not specify it
|
