Home
last modified time | relevance | path

Searched refs:option (Results 1 – 25 of 206) sorted by relevance

123456789

/openssl/doc/man3/
H A DOPENSSL_init_crypto.pod62 OPENSSL_init_crypto() with the option
69 This option is a default option. Once selected subsequent calls to
70 OPENSSL_init_crypto() with the option
76 libcrypto ciphers. This option is a default option. Once selected subsequent
77 calls to OPENSSL_init_crypto() with the option
83 libcrypto digests. This option is a default option. Once selected subsequent
84 calls to OPENSSL_init_crypto() with the option
90 ciphers. This option is not a default option. Once selected subsequent
91 calls to OPENSSL_init_crypto() with the option
97 digests. This option is not a default option. Once selected subsequent
[all …]
H A DOPENSSL_init_ssl.pod40 specific option the following libssl options can also be used:
46 Suppress automatic loading of the libssl error strings. This option is
47 not a default option. Once selected subsequent calls to
48 OPENSSL_init_ssl() with the option
53 Automatic loading of the libssl error strings. This option is a
54 default option. Once selected subsequent calls to
55 OPENSSL_init_ssl() with the option
H A DSSL_CTX_set_options.pod107 this option to enable it.
198 option has no effect if B<SSL_OP_ENABLE_KTLS> is not enabled.
201 option to disable zerocopy and always runs in this mode.
239 setting this option. This is a server-side option only. It is ignored by
245 RFC8879 certificate compression option on TLSv1.3 connections.
253 RFC8879 certificate compression option on TLSv1.3 connections.
270 RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.
278 RFC7627 Extended Master Secret option on TLS and DTLS connection.
296 handshake). This option is not needed for clients.
338 sent. This is a server-side option only.
[all …]
H A DSSL_CONF_cmd.pod12 int SSL_CONF_cmd(SSL_CONF_CTX *ctx, const char *option, const char *value);
13 int SSL_CONF_cmd_value_type(SSL_CONF_CTX *ctx, const char *option);
17 The function SSL_CONF_cmd() performs configuration operation B<option> with
22 SSL_CONF_cmd_value_type() returns the type of value that B<option> refers to.
26 Currently supported B<option> names for command lines (i.e. when the
27 flag B<SSL_CONF_FLAG_CMDLINE> is set) are listed below. Note: all B<option>
145 option has no effect.
265 B<SSL> structure is set. This option is only supported if certificate
340 context. This option is only supported if certificate operations
602 option has no effect if B<KTLS> is not enabled. Equivalent to
[all …]
/openssl/test/helpers/
H A Dssl_test_ctx.c809 option->value, option->name); in parse_client_options()
817 TEST_info("Unknown test option: %s", option->name); in parse_client_options()
842 option->value, option->name); in parse_server_options()
850 TEST_info("Unknown test option: %s", option->name); in parse_server_options()
875 if (strcmp(option->name, "client") == 0) { in SSL_TEST_CTX_create()
878 } else if (strcmp(option->name, "server") == 0) { in SSL_TEST_CTX_create()
881 } else if (strcmp(option->name, "server2") == 0) { in SSL_TEST_CTX_create()
886 option->value)) in SSL_TEST_CTX_create()
890 option->value)) in SSL_TEST_CTX_create()
894 option->value)) in SSL_TEST_CTX_create()
[all …]
/openssl/doc/man1/
H A Dopenssl-dhparam.pod.in54 this option is not specified.
59 Standard output is used if this option is not present.
66 If this option is used, DSA rather than DH parameters are read or created;
70 DH parameter generation with the B<-dsaparam> option is much faster.
89 This option specifies that a parameter set should be generated of size
90 I<numbits>. It must be the last option. If this option is present then
92 this option is not present but a generator (B<-2>, B<-3> or B<-5>) is
102 This option prints out the DH parameters in human readable form.
117 This option suppresses the output of progress messages, which may be
136 The B<-engine> option was deprecated in OpenSSL 3.0.
[all …]
H A Dopenssl-x509.pod.in29 [B<-certopt> I<option>]
182 This option cannot be used in conjunction with the B<-CA> option.
193 This option is an alias of B<-key>.
237 =item B<-certopt> I<option>
402 This overrides the option B<-days>.
428 unless the B<-set_issuer> option is given.
479 If this option is not
493 This option may be given multiple times.
524 This option is normally combined with the B<-req> option referencing a CSR.
548 When creating a certificate with this option and with the B<-CA> option,
[all …]
H A Dopenssl-req.pod.in225 For certificate signing this option is overridden by the B<-CA> option.
237 or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option
298 It is implied by the B<-CA> option.
313 and/or using the B<-addext> option.
357 This overrides the B<-days> option.
405 This option can be given multiple times.
425 =item B<-reqopt> I<option>
471 B<-section> option.
491 This option is used in conjunction with the B<-new> option to generate
500 overridden by the B<-keyout> option.
[all …]
H A Dopenssl-pkcs12.pod.in95 try using the B<-legacy> option and, if needed, the B<-provider-path> option.
122 always assumes these are the same so this option will render such
136 This option inhibits all credentials output,
171 For use with the B<-export> option
226 This option is deprecated since OpenSSL 3.0; use B<-noenc> instead.
266 if the B<-export> option is given.
288 with the B<-export> option and the B<-chain> option is given as well.
377 option.
403 B<-nokeys> option
420 Using the B<-clcerts> option will solve this problem by only
[all …]
H A Dopenssl-ocsp.pod.in108 This option can be used multiple times.
109 This option B<MUST> come before any B<-cert> options.
116 This option can be used multiple times.
117 The issuer certificate is taken from the previous B<-issuer> option,
134 option and the private key specified by the B<-signkey> option.
149 Normally if an OCSP request is input using the B<-reqin> option no
259 Don't check the signature on the OCSP response. Since this option
354 specified in the B<-rsigner> option is used.
392 The port may also be specified using the B<-url> option.
466 with the B<-VAfile> option.
[all …]
H A Dopenssl-cms.pod.in118 [B<-nameopt> I<option>]
311 option is present B<CRLF> is used instead.
343 This option B<must> be present if the B<-secretkey> option is used with
400 option.
434 This option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
486 option they are not included.
615 =item B<-nameopt> I<option>
766 The B<-compress> option.
904 The B<-keyopt> option was added in OpenSSL 1.0.2.
913 The B<-nameopt> option was added in OpenSSL 3.0.0.
[all …]
H A Dopenssl-pkeyutl.pod.in64 if this option is not specified.
75 This option can only be used with B<-sign> and B<-verify>.
76 For EdDSA (the Ed25519 and Ed448 algorithms) this option
90 If this option is present, then the B<-rawin> option
94 so the B<-digest> option cannot be used with EdDSA.
135 With this option a public key is read instead.
165 unless the B<-rawin> option is specified or implied.
178 typically produced using the B<-sign> option.
180 This option is available only for use with RSA keys.
396 the B<-pkeyopt> B<digest> option.
[all …]
H A Dopenssl-dsaparam.pod.in57 this option is not specified. If the I<numbits> parameter is included then
58 this option will be ignored.
63 if this option is not present.
70 This option inhibits the output of the encoded version of the parameters.
74 This option prints out the DSA parameters in human readable form.
78 This option will generate a DSA either using the specified or generated
122 The B<-engine> option was deprecated in OpenSSL 3.0.
124 The B<-C> option was removed in OpenSSL 3.0.
H A Dopenssl-ca.pod.in201 this option should be used with caution.
248 This overrides the B<-days> option.
306 unless the B<-extfile> option is used).
354 This option has been deprecated and has no effect.
527 The same as the B<-enddate> option. Either this option or
555 the B<-selfsign> command line option.
574 A fallback to the B<-extensions> option.
578 A fallback to the B<-crlexts> option.
625 using this option.
764 CRL: however there is no option to do this.
[all …]
H A Dopenssl-kdf.pod.in50 Not all KDFs require a cipher and it is an error to use this option in such
56 Not all KDFs require a digest and it is an error to use this option in such
63 Not all KDFs require a MAC and it is an error to use this option in such
83 Alternative to the B<key:> option where
94 Alternative to the B<pass:> option where
107 Alternative to the B<salt:> option where
121 Alternative to the B<info:> option where
126 This option is identical to the B<-digest> option.
130 This option is identical to the B<-cipher> option.
134 This option is identical to the B<-mac> option.
H A Dopenssl-enc.pod.in101 When the B<-A> option not given,
135 This option enables the use of PBKDF2 algorithm to derive the key.
140 unless otherwise specified by the B<-iter> command line option.
144 Set the salt length to use when using the B<-pbkdf2> option.
147 If the B<-pbkdf2> option is not used, then this option is ignored
159 Use salt (randomly generated or provide with B<-S> option) when
214 or zlib-dynamic option.
239 option can only be used for hardware-assisted implementations of
295 with the B<-list> option (that is C<openssl enc -list>) is
484 The B<-list> option was added in OpenSSL 1.1.1e.
[all …]
H A Dopenssl-pkey.pod.in61 This option checks the correctness of either a public key
73 or standard input if this option is not specified.
93 With this option a public key is read instead.
105 or standard output if this option is not specified.
110 If any cipher option is set but no B<-passout> is given
136 option is specified then the older "traditional" format is used instead.
141 this option restricts the output to the public components.
142 This option is automatically set if the input is a public key.
163 This option only applies to elliptic-curve based keys.
169 B<Note> Due to patent issues the B<compressed> option is disabled
[all …]
H A Dopenssl-rsa.pod.in79 option is not specified. If the key is encrypted a pass phrase will be
91 option is not specified. If any encryption options are set then a pass phrase
101 by not giving any encryption option is given, or to add or change the pass
112 This option prevents output of the encoded version of the key.
116 This option prints out the value of the modulus of the key.
120 This option checks the consistency of an RSA private key.
125 With this option a public key is read instead.
130 By default a private key is output: with this option a public
131 key will be output instead. This option is automatically set if
192 There should be an option that automatically handles F<.key> files,
[all …]
H A Dopenssl-pkcs8.pod.in51 written to the output file. With the B<-topk8> option the situation is
59 If a key is being converted from PKCS#8 form (i.e. the B<-topk8> option is
64 unencrypted private key in PKCS#8 format. If the B<-traditional> option is
83 option is not specified. If the key is encrypted a pass phrase will be
118 This option does not encrypt private keys at all and should only be used
124 This option sets the PKCS#5 v2.0 algorithm.
137 the B<hmacWithSHA1> option to work.
190 Various algorithms can be used with the B<-v1> command line option,
273 There should be an option that prints out the encryption algorithm
286 The B<-iter> option was added in OpenSSL 1.1.0.
[all …]
H A Dopenssl-ecparam.pod.in59 this option is not specified.
64 if this option is not present.
71 This option inhibits the output of the encoded version of the parameters.
75 This option prints out the EC parameters in human readable form.
101 B<Note> Due to patent issues the B<compressed> option is disabled
117 This option inhibits that the 'seed' for the parameter generation
122 This option will generate an EC private key using the specified parameters.
175 The B<-engine> option was deprecated in OpenSSL 3.0.
177 The B<-C> option was removed in OpenSSL 3.0.
H A Dopenssl-genpkey.pod.in91 option) are DH, DSA and EC.
114 They can be supplied using this option. If this option is used the public key
209 The B<paramfile> option is not required if a named group is used here.
332 Use a safe prime generator with the option B<safeprime_generator>
333 The B<algorithm> option must be B<"DH">.
338 The B<algorithm> option must be B<"DHX">.
343 The B<algorithm> option must be B<"DHX">.
347 Can be used with the option B<pbits> to select one of
349 The B<algorithm> option must be B<"DH">.
363 which correspond to setting the option B<type> to
[all …]
H A Dopenssl-verify.pod.in42 This option can be specified more than once to include CRLs from multiple
64 This option can be specified more than once to load certificates from multiple
70 This option can be specified more than once to load certificates from multiple
83 B<-engine> option before any of the
95 Indicates the last option. All arguments following this are assumed to be
137 The B<-show_chain> option was added in OpenSSL 1.1.0.
139 The B<-engine option> was deprecated in OpenSSL 3.0.
H A Dopenssl-s_server.pod.in213 anonymous cipher suite or PSK) this option has no effect.
423 If the B<-WWW> option is used,
429 information like the B<-www> option.
615 option enables various workarounds.
634 This option was introduced in OpenSSL 1.1.0.
734 This option must be provided in order to use a PSK cipher.
744 This option is deprecated.
749 This option is deprecated.
799 This option was introduced in OpenSSL 3.2.0.
999 The -no_alt_chains option was added in OpenSSL 1.1.0.
[all …]
/openssl/doc/internal/man3/
H A DOPTIONS.pod60 The functions on this page provide a common set of option-parsing for
94 The B<OPTIONS> C<typedef> specifies an option: what type of argument
111 The B<valtype> defines what the option's parameter must be. It should
192 Every "option" after after this should contain the parameter and
219 can be used to reset the option parsing loop.
242 The opt_flag() function returns the most recent option name
247 The opt_unknown() function returns the unknown option.
248 In an option list, there can be at most one option with the empty string.
249 This is a "wildcard" or "unknown" option. For example, it allows an
272 such as used with the B<-informat> or similar option, and fills
[all …]
/openssl/doc/man7/
H A DEVP_RAND-JITTER.pod16 option. When available it is listed in B<openssl list
47 The B<enable-jitter> option was added in OpenSSL 3.4.
49 By specifying the B<enable-fips-jitter> configuration option, the FIPS
51 this option will cause the FIPS provider to operate in a non-compliant
56 are additionally conducted. This option was added in OpenSSL 3.5.

Completed in 70 milliseconds

123456789