| /openssl/doc/man3/ |
| H A D | X509_check_purpose.pod | 47 =item E<32>0 if the certificate was not created to perform the purpose represented by I<id>
57 =item E<32>0 not a CA or does not have the purpose represented by I<id>
62 New versions will not return this value. May be a CA
75 Licensed under the Apache License 2.0 (the "License"). You may not use this
|
| H A D | OBJ_nid2obj.pod | 93 I<ln> may be NULL, but not all at once.
98 The returned pointer is an internal pointer which B<must not> be freed.
106 that do not require a digest, NID_undef is a valid I<dig_id>.
130 Objects which are not in the table have the NID value NID_undef.
132 Objects do not need to be in the internal tables to be processed,
136 Some objects are used to represent algorithms which do not have a
146 These functions were not thread safe in OpenSSL 3.0 and before.
163 not NULL and I<buf_len> is big enough, otherwise the total string length.
164 Note that this does not count the trailing NUL character.
193 and should not be used.
[all …]
|
| H A D | BIO_s_socket.pod | 21 BIO_puts() is supported but BIO_gets() is not.
34 platforms sockets are not file descriptors and use distinct I/O routines,
35 Windows is one such platform. Any code mixing the two will not work on
49 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_SESSION_get0_id_context.pod | 25 B<*len> if B<len> is not NULL.
28 should not be released.
32 is given by B<sid_ctx_len> which must not exceed SSL_MAX_SID_CTX_LENGTH bytes.
51 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | X509_REQ_get_extensions.pod | 26 which must not be NULL, using the default B<NID_ext_req>.
27 This function must not be called more than once on the same I<req>.
31 This function must not be called more than once with the same I<req> and I<nid>.
45 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | X509_get0_uids.pod | 21 identifiers of certificate B<x> or NULL if the fields are not present.
24 attribute certificate B<x> or NULL if the field is not present.
33 X509_get0_uids() does not return a value.
68 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | X509_get0_notBefore.pod | 41 returned is an internal pointer which must not be freed up after
51 parameter I<tm> is not transferred by these functions so it must
56 returned is an internal pointer which must not be freed up after
61 parameter B<tm> is not transferred by these functions so it must
66 returned is an internal pointer which must not be freed up after
72 I<tm> is not transferred by these functions so it must be freed up after the
125 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_CTX_set_cipher_list.pod | 31 B<ssl> objects created from B<ctx>. This function does not impact TLSv1.3
74 usable and not depend on details of the library configuration (ciphers compiled
75 in). Thus no syntax checking takes place. Items that are not recognized, because
76 the corresponding ciphers are not compiled in or because they are mistyped,
95 When these conditions are not met for any cipher in the list (e.g. a
97 of 512 bits and the server is not configured to use temporary RSA
128 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | OSSL_HTTP_REQ_CTX.pod | 77 The I<rbio> is not free'd, I<wbio> will be free'd if I<free_wbio> is set.
102 If the I<content_type> argument is not NULL,
130 i.e., an error occurs in case the server does not grant it.
162 This memory BIO does not support streaming.
175 The returned BIO pointer must not be freed by the caller.
188 given by I<rctx> is still alive, i.e., has not been closed.
209 request URL do not match.
252 do not return values.
263 The returned BIO must not be freed by the caller.
266 or 0 if not available or an error occurred.
[all …]
|
| H A D | SSL_read_early_data.pod | 64 to send data from the server to the client when the client has not yet completed
76 authentication messages have not yet been received, i.e. the client is
81 or not by calling L<SSL_is_init_finished(3)>.
105 the server, but the total number of bytes written must not exceed the value
194 connection attempt. By default the server does not accept early data; a
267 containing the ClientHello. This means the early data is not actually
292 the same early data was not replayed across multiple connections. As a
299 if a client does not send any early data.
308 does not exist then the resumption is not allowed and a full handshake will
332 early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.
[all …]
|
| H A D | SMIME_read_CMS.pod | 31 in binary format and is not translated to canonical form.
38 If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
44 To support future functionality if B<bcont> is not NULL B<*bcont> should be
55 handle most S/MIME messages more complex compound formats may not work.
58 and will not handle the case where it is in binary format or uses quoted
87 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | EVP_PKEY_set1_RSA.pod | 71 alternative non-standard NIDs is now rare so B<EVP_PKEY_RSA2> et al are not
95 key is not of the correct type. The returned key must be freed after use.
105 key is not of the correct type. The reference count of the returned key is
106 B<not> incremented and so the key must not be freed after use. These functions
112 legacy key or NULL if the key is not legacy.
114 Note that if an EVP_PKEY was not constructed using one of the deprecated
135 If I<engine> does not include an B<EVP_PKEY_METHOD> for I<pkey> an
156 Updates to these keys will not be reflected back in the provider side key. The
158 EVP_PKEY_get1_EC_KEY() functions were not changed to have a "const" return type
177 EVP_PKEY_get_base_id() and will not care about the actual type:
[all …]
|
| H A D | SSL_write.pod | 62 Setting this flag does not cause a stream's send part to be concluded if not all
67 A call to SSL_write_ex2() fails if a flag is passed which is not supported or
77 If necessary, a write function will negotiate a TLS/SSL session, if not already
92 when the underlying BIO could not satisfy the needs of the function to continue
114 this processing is performed regularly. If an application is not using thread
129 You should not call SSL_write() with num=0, it will return an error.
139 not all the requested bytes have been written yet (if
145 retryable or not.
158 The write operation was not successful, because either the connection was
180 The write operation was not successful, because either the connection was
[all …]
|
| H A D | EVP_PKEY_CTX_ctrl.pod | 311 If not specified 65537 is used.
318 RSA key generation to I<primes>. If not specified 2 is used.
375 by the library and should not be freed by the caller.
409 parameter generation to B<nbits>. If not specified, 2048 is used.
430 since it is not part of a persisted key.
455 parameter generation. If not specified 2 is used.
489 since it is not part of a persisted key.
543 should not be freed by the caller.
567 by the library and should not be freed by the caller.
634 should not free the original memory pointed to by I<ukm>.
[all …]
|
| H A D | OSSL_LIB_CTX.pod | 59 In addition providers that are not loaded in the parent library context can be
61 library context. Providers loaded independently in this way will not be mirrored
62 in the parent library context and will not be affected if the parent library
70 reference count. L<OSSL_PROVIDER_unload(3)> must not be called for a provider in
71 the child library context that did not have an earlier L<OSSL_PROVIDER_load(3)>
81 B<OSSL_provider_init> function the currently initialising provider is not yet
82 available in the application's library context and therefore will similarly not
90 from a configuration. This function must not be called concurrently from
112 in the mean time. This means that the calling thread must not free the
119 and so applications should not typically call this function.
[all …]
|
| H A D | OSSL_HTTP_transfer.pod | 55 OSSL_HTTP_open() initiates an HTTP session using the I<bio> argument if not
76 If TLS is not used this defaults to the environment variable C<http_proxy>
112 or NULL to indicate failure, in which case it should not modify the BIO.
138 The optional callback function argument I<arg> is not consumed,
139 so must be freed by the caller when not needed any more.
178 If the I<expected_content_type> argument is not NULL,
198 If I<keep_alive> is 0 the connection is not kept open
202 i.e., an error occurs in case the server does not grant it.
209 is not NULL the latter pointer is used to provide any new location that
216 and for not exceeding any given maximum response length.
[all …]
|
| H A D | SSL_poll.pod | 140 This flag indicates that internal state machine processing should not be
159 event type bit in future SSL_poll() calls if it does not wish to receive
160 repeated notifications and has not caused the underlying readiness condition
175 for B<SSL_POLL_EVENT_R>), as not doing so is unlikely to be a sound design.
197 This event type may be raised even if it was not requested in I<events>;
205 This event is never raised on objects which are not connections.
214 This event is never raised on objects which are not connections.
330 not return more than one B<SSL_POLL_EVENT_F> event at once.
332 "Normal" events representing exceptional I/O conditions which do not
333 constitute a failure of the SSL_poll() mechanism itself are not considered
[all …]
|
| H A D | SSL_CTX_set_tlsext_status_cb.pod | 46 previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.
51 acceptable or not. The callback will be passed as an argument the value
53 callback will not be called in the event of a handshake where session resumption
70 call to the d2i_OCSP_RESPONSE() function. If the server has not provided any
86 error; 0 if the response is not acceptable (in which case the handshake will
91 returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be
100 SSL_CTX_set_tlsext_status_type(), or -1 if not set.
122 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SRP_create_verifier.pod | 51 the verifier and (if a salt was not provided) I<*salt> will be populated with a
52 newly allocated BIGNUM containing a random salt. If I<*salt> is not NULL then
81 "*" if I<N> is not NULL, the selected group id otherwise. This value should
82 not be freed.
85 (i.e. the prime bit size) or NULL if the arguments are not valid SRP group parameters.
86 This value should not be freed.
88 SRP_get_default_gN() returns NULL if I<id> is not a valid group size,
134 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | X509_check_private_key.pod | 28 the keys match each other, and 0 if not.
36 do not check if I<pkey> itself is indeed a private key or not.
49 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_set_session_secret_cb.pod | 27 RFC4851. Therefore this callback should not be used except when implementing
32 available in I<*secret_len> and may be updated by the callback (but must not be
41 the B<SSL_SESSION> - but it does not affect the ciphersuite selected by the
52 secret. A return value of 0 indicates that the secret has not been set. On the
64 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| H A D | SSL_CTX_set_generate_session_id.pod | 37 The length of the session id is between 1 and 32 bytes. The session id is not
39 transmitted in the clear when reusing the session so it must not contain
64 If an id conflict is not resolved, the handshake will fail.
68 no confidential information is leaked this way). If the application can not
70 fill in the bytes not used to code special information with random data
74 not the external one. Since the session id is generated before the
75 handshake is completed, it is not immediately added to the cache. If
79 the external cache is not tested with SSL_has_matching_session_id()
133 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| /openssl/doc/man7/ |
| H A D | EVP_SIGNATURE-ED25519.pod | 25 require access to the complete message (not a digest of the message).
29 not require access to the complete message; they operate on a hash of
37 instance, a nonempty context-string is not permitted.
63 If the instance name is not specified, then the default "Ed25519" or
66 If a context-string is not specified, then an empty context-string is
91 The PureEdDSA instances do not support the streaming mechanism of
96 The HashEdDSA instances do not yet support the streaming mechanisms
137 /* The input "params" is not needed if default options are acceptable.
161 Licensed under the Apache License 2.0 (the "License"). You may not use
|
| /openssl/ |
| H A D | NOTES-POSIX.md | 7 There are exceptions, though, for platforms that do not have a POSIX
11 types are not present (such as `ssize_t`).
13 Platforms that do have a POSIX library may still not have them accessible
|
| /openssl/doc/designs/ddd/ |
| H A D | WINDOWS.md | 7 In general, Windows does not provide a poll(2) call. WSAPoll(2) was introduced
17 because sockets are NT kernel handles on Windows and thus are not allocated
22 Windows does not provide anything like epoll or kqueue. For high performance
28 interface on top of polling, but it is not really possible to build a
46 - ddd-01-conn-blocking: Blocking example, use of IOCP is not applicable.
48 - ddd-02-conn-nonblocking: Socket is managed by OpenSSL, and IOCP is not
51 - ddd-03-fd-blocking: Blocking example, use of IOCP is not applicable.
78 My conclusion here is that since libssl does not support IOCP in the first
|
