Home
last modified time | relevance | path

Searched refs:a (Results 176 – 200 of 1851) sorted by relevance

12345678910>>...75

/openssl/doc/man3/
H A DSSL_set_default_stream_mode.pod7 SSL_DEFAULT_STREAM_MODE_AUTO_UNI - manage the default stream for a QUIC
22 A QUIC connection SSL object may have a default stream attached to it. A default
23 stream is a QUIC stream to which calls to L<SSL_read(3)> and L<SSL_write(3)>
24 made on a QUIC connection SSL object are redirected. Default stream handling
25 allows legacy applications to use QUIC similarly to a traditional TLS
28 When not disabled, a default stream is automatically created on an outgoing
35 L<SSL_write(3)>) after establishing a connection, OpenSSL will wait for the
41 By default, the default stream created is bidirectional. If a unidirectional
73 determine the type of a stream after a call to L<SSL_read(3)>, use
106 These functions fail if called on a QUIC stream SSL object or on a non-QUIC SSL
[all …]
H A DASN1_aux_cb.pod84 offset into the B<ASN1_VALUE> structure where a B<CRYPTO_RWLOCK> may be
144 immediately before a "d2i" operation for the B<ASN1_VALUE>.
149 immediately after a "d2i" operation for the B<ASN1_VALUE>.
154 immediately before a "i2d" operation for the B<ASN1_VALUE>.
159 immediately after a "i2d" operation for the B<ASN1_VALUE>.
176 length encoding. The I<exarg> argument will be a pointer to a B<ASN1_STREAM_ARG>
182 length encoding. The I<exarg> argument will be a pointer to a B<ASN1_STREAM_ARG>
188 value (as used in CMS and PKCS7). The I<exarg> argument will be a pointer to a
194 value (as used in CMS and PKCS7). The I<exarg> argument will be a pointer to a
211 a value exists.
[all …]
H A DOSSL_trace_enabled.pod48 /* check whether a trace category is enabled */
69 Tracing for a specific category is enabled at run-time if a so-called
70 I<trace channel> is attached to it. A trace channel is simply a
78 We call them a I<simple trace channel> and a I<callback trace channel>,
85 calls surrounding the trace output create a group, which acts as a
101 channel for the given I<category> in form of a BIO.
104 OSSL_trace_end() is used to end a tracing section.
123 used as follows to wrap a trace section:
188 outputs I<data> of length I<size> as a string
197 only if a specific trace category is enabled.
[all …]
H A DSSL_read_early_data.pod84 determine if a session established with a server can be used to send early data.
102 called on a new connection, i.e. it must occur before any calls to
131 called on a connection, i.e. it must occur before any calls to
145 same way as a 0 return value from L<SSL_read_ex(3)>.
192 When a session is created between a server and a client the server will specify
234 callback which is called at a point in the handshake immediately before a
276 In rare circumstances, it may be possible for a client to have a session that
279 changed to accept a lower max early data value such as by calling
287 retry with a lower maximum protocol version.
299 if a client does not send any early data.
[all …]
H A DSSL_CTX_set_num_tickets.pod33 0 then no tickets will be issued for either a normal connection or a resumption.
35 Tickets are also issued on receipt of a post-handshake certificate from the
36 client following a request by the server using
40 was used for the initial handshake. If the initial handshake was a full
46 SSL_new_session_ticket() is used by a server application to request that a new
50 delayed until the server is starting a new write operation, so that it is
52 record boundary. If the connection was at a record boundary when
58 SSL_do_handshake(). Note that a successful return from
61 ticket itself is sent, a new-session callback can be registered with
66 tickets set by a previous call to SSL_CTX_set_num_tickets() or
[all …]
H A DBIO_get_rpoll_descriptor.pod5 BIO_get_rpoll_descriptor, BIO_get_wpoll_descriptor - obtain a structure which
6 can be used to determine when a BIO object can next be read or written
27 I<*desc> with a poll descriptor. A poll descriptor is a tagged union structure
33 outputs a descriptor which can be used to determine when the BIO can
40 resource which might be represented by a poll descriptor is an OS file
49 Represents the absence of a valid poll descriptor. It may be used by
61 The resource is whatever kind of handle is used by a given OS to represent
67 successfully complete a BIO_read() operation; likewise, where a poll descriptor
70 complete a BIO_write() operation.
80 Because poll descriptors are a tagged union structure, they can represent
[all …]
H A Dd2i_X509.pod400 TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
401 TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
406 int i2d_TYPE_fp(FILE *fp, TYPE *a);
408 int i2d_TYPE_bio(BIO *bp, TYPE *a);
420 network, writing to a file, and so on.
424 the byte following the parsed data. If I<a> is not NULL then a pointer
430 On a successful return, if I<*a> is not NULL then it is assumed that I<*a>
521 Represents a PKCS#10 certificate request.
533 been used with a valid structure being passed in via I<a>, then the object is
554 Attempt to decode a buffer:
[all …]
H A DEVP_PKEY_gettable_params.pod9 - retrieve key parameters from a key
37 EVP_PKEY_gettable_params() returns a constant list of I<params> indicating
49 EVP_PKEY_get_int_param() retrieves a key I<pkey> integer value I<*out>
50 associated with a name of I<key_name> if it fits into C<int> type. For
53 EVP_PKEY_get_size_t_param() retrieves a key I<pkey> size_t value I<*out>
57 EVP_PKEY_get_bn_param() retrieves a key I<pkey> BIGNUM value I<**bn>
58 associated with a name of I<key_name>. If I<*bn> is NULL then the BIGNUM
61 EVP_PKEY_get_utf8_string_param() get a key I<pkey> UTF8 string value into a
62 buffer I<str> of maximum size I<max_buf_sz> associated with a name of
64 value including a terminating NUL byte, or this function will fail.
[all …]
H A DX509_verify_cert.pod21 X509_build_chain() builds a certificate chain starting from I<target>
24 Else the chain must reach a trust anchor contained in I<store>.
29 On success it returns a pointer to a new stack of (up_ref'ed) certificates
35 The X509_verify_cert() function attempts to discover and validate a
39 It usually includes a target certificate to be verified,
40 a set of certificates serving as trust anchors,
60 in I<ctx> unless a target certificate is set explicitly.
62 When the verification target is a raw public key, rather than a certificate,
75 return 1 if a complete chain can be built and validated,
77 failure and internal errors) they can also return a negative code.
[all …]
H A DBN_mod_mul_montgomery.pod19 int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
22 int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
25 int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
35 BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure.
38 by precomputing its inverse and a value R.
46 BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places
49 BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1.
51 BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R.
52 Note that I<a> must be nonnegative and smaller than the modulus.
54 For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
[all …]
H A DSSL_free.pod37 When used to free a QUIC stream SSL object, the respective sending and receiving
45 If the stream has a sending part (in other words, if it is bidirectional or a
47 via a call to L<SSL_stream_conclude(3)> or L<SSL_stream_reset(3)> on the QUIC
49 the stream as though L<SSL_stream_reset(3)> were called with a QUIC application
54 If the stream has a receiving part (in other words, if it is bidirectional or a
56 that part of the stream normally (such as via a call to
57 L<SSL_stream_conclude(3)> on its own end), a call to SSL_free() automatically
59 frame with a QUIC application error code of 0. Note that as per the QUIC
65 A QUIC stream SSL object maintains a reference to a QUIC connection SSL object
66 internally, therefore a QUIC stream SSL object and its parent QUIC connection
[all …]
H A DASN1_TYPE_get.pod12 int ASN1_TYPE_get(const ASN1_TYPE *a);
13 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
14 int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
15 int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
25 such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.
27 ASN1_TYPE_get() returns the type of I<a> or 0 if it fails.
29 ASN1_TYPE_set() sets the value of I<a> to I<type> and I<value>. This
33 ASN1_TYPE_set1() sets the value of I<a> to I<type> a copy of I<value>.
35 ASN1_TYPE_cmp() compares ASN.1 types I<a> and I<b> and returns 0 if
59 octets of the type. If I<type> corresponds to a constructed type or
[all …]
/openssl/doc/man7/
H A Dossl-guide-introduction.pod10 OpenSSL is a robust, commercial-grade, full-featured toolkit for general-purpose
11 cryptography and secure communication. Its features are made available via a
15 cryptography based capabilities and to securely communicate across a network.
16 Finally, it also has a set of providers that supply implementations of a broad
34 platforms). The OpenSSL project maintains a list of these third parties at
40 into an appropriate directory. Inside that archive you will find a file named
50 Sometimes you may want to build and install OpenSSL from source on a system
51 which already has a pre-built version of OpenSSL installed on it via the
52 Operating System package management system (for example if you want to use a
56 pre-built version with a different version as this may break your system.
[all …]
/openssl/crypto/ct/
H A Dct_oct.c270 if (a == NULL || *a == NULL) { in STACK_OF()
278 sk = *a; in STACK_OF()
307 if (a != NULL && *a == NULL) in STACK_OF()
308 *a = sk; in STACK_OF()
312 if (a == NULL || *a == NULL) in STACK_OF()
317 int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp) in i2o_SCT_LIST() argument
325 if ((len = i2o_SCT_LIST(a, NULL)) == -1) { in i2o_SCT_LIST()
337 for (i = 0; i < sk_SCT_num(a); i++) { in i2o_SCT_LIST()
382 if ((sk = o2i_SCT_LIST(a, &p, oct->length)) != NULL) in STACK_OF()
389 int i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **out) in i2d_SCT_LIST() argument
[all …]
/openssl/crypto/objects/
H A Dobjects.pl131 foreach (sort { $a <=> $b } keys %nidn)
169 foreach (sort { $a <=> $b } keys %ordern)
187 local(@a,$oid_pref);
189 @a = split(/\s+/,$myoid);
192 if (!($a[0] =~ /^[0-9]+$/))
194 $a[0] =~ s/-/_/g;
195 if (!defined($obj{$a[0]}))
196 { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
197 $pref_oid = "OBJ_" . $a[0];
199 shift @a;
[all …]
/openssl/crypto/ripemd/asm/
H A Drmd-586.pl105 &add($a, $e);
122 &add($a, $e);
146 &lea($a, &DWP($K,$a,$tmp2,1));
166 &lea($a, &DWP($K,$a,$tmp1,1));
173 &lea($a, &DWP($K,$a,$tmp2,1));
197 &lea($a, &DWP($K,$a,$tmp2,1));
213 &lea($a, &DWP($K,$a,$tmp1,1));
237 &lea($a, &DWP($K,$a,$tmp2));
254 &lea($a, &DWP($K,$a,$tmp2));
285 &lea($a, &DWP($K,$a,$tmp2,1));
[all …]
/openssl/doc/man1/
H A Dopenssl-mac.pod.in32 Print a usage message.
36 Input filename to calculate a MAC for, or standard input by default.
51 For CMAC it should be a CBC mode cipher e.g. AES-128-CBC.
52 For GMAC it should be a GCM mode cipher e.g. AES-128-GCM.
99 Used by KMAC128 or KMAC256 to specify a customization string.
116 Specifies the name of a supported MAC algorithm which will be used.
125 To create a hex-encoded HMAC-SHA1 MAC of a file and write to stdout:
131 To create a SipHash MAC from a file with a binary file output:
136 To create a hex-encoded CMAC-AES-128-CBC MAC from a file:
142 To create a hex-encoded KMAC128 MAC from a file with a Customisation String
[all …]
/openssl/crypto/chacha/asm/
H A Dchacha-x86.pl67 $a="eax";
103 &xor ($d,$a);
114 &add ($a,$b);
115 &xor ($d,$a);
309 &lea ($a,&DWP(4*16,$a));
661 &pxor ($d,$a);
672 &pxor ($d,$a);
1045 &vpaddd ($a,$a,$b);
1053 &vpaddd ($a,$a,$b);
1102 &vpaddd ($a,$a,&QWP(16*0,"esp"));
[all …]
/openssl/crypto/bn/
H A Dbn_print.c17 int BN_print_fp(FILE *fp, const BIGNUM *a) in BN_print_fp() argument
25 ret = BN_print(b, a); in BN_print_fp()
31 int BN_print(BIO *bp, const BIGNUM *a) in BN_print() argument
36 if ((a->neg) && BIO_write(bp, "-", 1) != 1) in BN_print()
38 if (BN_is_zero(a) && BIO_write(bp, "0", 1) != 1) in BN_print()
40 for (i = a->top - 1; i >= 0; i--) { in BN_print()
43 v = (int)((a->d[i] >> j) & 0x0f); in BN_print()
H A Dbn_nist.c372 if (BN_is_negative(a) || BN_ucmp(a, &ossl_bignum_nist_p_192_sqr) >= 0) in BN_nist_mod_192()
380 return (r == a) ? 1 : (BN_copy(r, a) != NULL); in BN_nist_mod_192()
382 if (r != a) { in BN_nist_mod_192()
517 return (r == a) ? 1 : (BN_copy(r, a) != NULL); in BN_nist_mod_224()
519 if (r != a) { in BN_nist_mod_224()
689 return (r == a) ? 1 : (BN_copy(r, a) != NULL); in BN_nist_mod_256()
691 if (r != a) { in BN_nist_mod_256()
926 return (r == a) ? 1 : (BN_copy(r, a) != NULL); in BN_nist_mod_384()
928 if (r != a) { in BN_nist_mod_384()
1178 return (r == a) ? 1 : (BN_copy(r, a) != NULL); in BN_nist_mod_521()
[all …]
/openssl/doc/designs/
H A Dxof.md7 An extendable output function (XOF) is defined as a variable-length hash
8 function on a message in which the output can be extended to any desired length.
10 At a minimum an XOF needs to support the following pseudo-code
52 a reset, but that code was removed as it was deemed to be incorrect.
57 multiple calls are allowed. This could just be a new gettable flag (having a
73 - Final seems like a strange name to call multiple times.
77 Keep EVP_DigestFinalXOF() as a one shot function and create a new API to handle
86 - Seems like a better name.
102 Create a completely new type e.g. EVP_XOF_MD to implement XOF digests
117 Choosing a name for the API that allows multiple output calls
[all …]
/openssl/doc/internal/man3/
H A Dossl_ht_new.pod54 This API provides a library-internal implementation of a hashtable that provides
67 I<ht_free_fn> The function to call to free a value, may be NULL.
68 I<ht_hash_fn> The function to generate a hash value for a key, may be NULL.
97 These function are not required for use in the event a table is to be used in a
149 element which is taken from the list by a caller, they must call
160 defines the structure name, and presets a common key header.
193 HT_KEY_RESET() Resets a key's data to all zeros.
197 HT_SET_KEY_FIELD() Sets a field in a key (as defined by HT_DEF_KEY_FIELD()) to a
202 HT_SET_KEY_STRING() Performs a strncpy() of a source string to the destination
207 HT_SET_KEY_BLOB() Performs a memcpy() of a source uint8_t buffer to a
[all …]
/openssl/crypto/ec/
H A Dec2_smpl.c31 group->a = BN_new(); in ossl_ec_GF2m_simple_group_init()
36 BN_free(group->a); in ossl_ec_GF2m_simple_group_init()
50 BN_free(group->a); in ossl_ec_GF2m_simple_group_finish()
61 BN_clear_free(group->a); in ossl_ec_GF2m_simple_group_clear_finish()
79 if (!BN_copy(dest->a, src->a)) in ossl_ec_GF2m_simple_group_copy()
117 if (!BN_GF2m_mod_arr(group->a, a, group->poly)) in ossl_ec_GF2m_simple_group_set_curve()
151 if (a != NULL) { in ossl_ec_GF2m_simple_group_get_curve()
152 if (!BN_copy(a, group->a)) in ossl_ec_GF2m_simple_group_get_curve()
397 if (a->Z_is_one) { in ossl_ec_GF2m_simple_add()
480 return ossl_ec_GF2m_simple_add(group, r, a, a, ctx); in ossl_ec_GF2m_simple_dbl()
[all …]
/openssl/crypto/ec/curve448/arch_32/
H A Df_impl32.c26 const uint32_t *a = as->limb, *b = bs->limb;
34 aa[i] = a[i] + a[i + 8];
41 accum2 += widemul(a[j - i], b[i]);
43 accum0 += widemul(a[8 + j - i], b[8 + i]);
49 accum0 -= widemul(a[8 + j - i], b[i]);
51 accum1 += widemul(a[16 + j - i], b[8 + i]);
75 const uint32_t *a = as->limb;
84 accum0 += widemul(b, a[i]);
85 accum8 += widemul(b, a[i + 8]);
/openssl/doc/designs/quic-design/
H A Dtx-packetiser.md171 allowed to send in a packet.
241 has a minimum size of a certain number of bytes. This does not need to be
385 - `PING`: The `PING` frame is encoded as a single byte. It is used to make a packet
520 probably due to a clear downside: if a packet is lost and it contains data for
524 if a packet is lost, typically only a single stream is held up.
551 not a major concern for discussion here. Such a parameter can easily be made
554 Thus, we choose what active stream to select to fill in a packet on a
560 When we fill a packet with a stream, we start with any applicable `RESET_STREAM`
566 in a fixed priority order; i.e., first there could be a `STOP_SENDING` frame
609 requested a probe be sent. These MUST be made ACK-eliciting (using a PING
[all …]

Completed in 52 milliseconds

12345678910>>...75