Searched refs:a (Results 201 – 225 of 1851) sorted by relevance

12345678910>>...75

/openssl/crypto/ec/
H A D	ec_local.h	57 int (*group_set_curve) (EC_GROUP *, const BIGNUM *p, const BIGNUM *a, 98 int (*add) (const EC_GROUP *, EC_POINT *r, const EC_POINT *a, 147 int (*field_mul) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, 150 int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, 160 int (*field_encode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, 163 int (*field_decode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, 249 BIGNUM *a, *b; member 368 const BIGNUM *a, const BIGNUM *b, 411 int ossl_ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, 437 const BIGNUM *a, [all …]
/openssl/doc/man3/
H A D	PKCS12_newpass.pod	5 PKCS12_newpass - change the password of a PKCS12 structure 15 PKCS12_newpass() changes the password of a PKCS12 structure. 17 B<p12> is a pointer to a PKCS12 structure. B<oldpass> is the existing password 20 Each of B<oldpass> and B<newpass> is independently interpreted as a string in 31 string "" for B<oldpass>. Using NULL for B<oldpass> will result in a 35 with a MAC verification error. In rare cases the PKCS12 structure does not 36 contain a MAC: in this case it will usually fail with a decryption padding 46 This example loads a PKCS#12 file, changes its password and writes out 47 the result to a new file. 96 Unicode form internally. As a result some passwords cannot be supplied to [all …]
H A D	SSL_set1_initial_peer_addr.pod	5 SSL_set1_initial_peer_addr - set the initial peer address for a QUIC connection 16 for the purposes of establishing a QUIC connection in client mode. This function 17 can be used only on a QUIC connection SSL object, and can be used only before a 18 connection attempt is first made. I<addr> must point to a B<BIO_ADDR> 19 representing a UDP destination address of the server to connect to. 21 Where a QUIC connection object is provided with a write BIO which supports the 24 B<BIO_CTRL_DGRAM_GET_PEER> returns a valid (non-B<AF_UNSPEC>) peer address and 27 SSL_set1_initial_peer_addr() with a valid peer address explicitly. 36 This function makes a copy of the address passed by the caller; the B<BIO_ADDR> 57 this file except in compliance with the License. You can obtain a copy
H A D	SSL_stream_conclude.pod	5 SSL_stream_conclude - conclude the sending part of a QUIC stream 16 part of a QUIC stream. If called on a QUIC connection SSL object with an 19 Any data already queued for transmission via a call to SSL_write() will still be 20 written in a reliable manner before the end-of-stream is signalled, assuming the 21 connection remains healthy. This function can be thought of as appending a 26 When calling this on a stream, the receive part of the stream remains 32 Only the first call to this function has any effect for a given stream; 33 subsequent calls are no-ops. This is considered a success case. 35 This function is not supported on an object other than a QUIC stream SSL object. 41 Returns 0 if called on an SSL object not representing a QUIC stream. [all …]
H A D	SSL_CTX_set_session_ticket_cb.pod	32 with a session, and placed into a session ticket. Either callback function may 55 the application that a session ticket is about to be generated. 64 application that a session ticket has just been decrypted. 84 valid for a client to send an empty ticket. 109 policy. Note that in TLSv1.3 a client may send more than one ticket in a single 115 Do not use a ticket (if one was available). Do not send a renewed ticket to the 120 Do not use a ticket (if one was available). Send a renewed ticket to the client. 129 the callback to return this value if B<status> has a value other than 138 callback to return this value if B<status> has a value other than 156 By default, in TLSv1.2 and below, a new session ticket is not issued on a [all …]
H A D	SSL_key_update.pod	30 updated and the peer will be informed of the change along with a request for the 41 SSL_get_key_update_type() can be used to determine whether a key update 50 When called from the client side, SSL_renegotiate() schedules a completely new 52 such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check 53 will be performed to confirm that it is a suitable time to start a 68 a new handshake is started then this will be handled transparently by calling 71 If an OpenSSL client receives a renegotiation request from a server then again 77 The SSL_renegotiate_pending() function returns 1 if a renegotiation or 84 automatically when needed. Since a locally initiated QUIC key update always 85 causes a peer to also trigger a key update, passing [all …]
H A D	CTLOG_STORE_get0_log_by_id.pod	6 Get a Certificate Transparency log from a CTLOG_STORE 20 Therefore, it is useful to be able to look up more information about a log 23 CTLOG_STORE_get0_log_by_id() provides a way to do this. It will find a CTLOG 24 in a CTLOG_STORE that has a given LogID. 28 B<CTLOG_STORE_get0_log_by_id> returns a CTLOG with the given LogID, if it 45 this file except in compliance with the License. You can obtain a copy
H A D	BIO_push.pod	5 BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain 19 Otherwise it prepends I<b>, which may be a single BIO or a chain of BIOs, 21 It then makes a control call on I<b> and returns I<b>. 25 Otherwise it makes a control call on I<b> and 27 The removed BIO becomes a single BIO with no association with 36 The names of these functions are perhaps a little misleading. BIO_push() 37 joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain, 38 the deleted BIO does not need to be at the end of a chain. 41 consequences (a control call is made to the affected BIOs). 55 I<b64> is a base64 BIO and I<f> is a file BIO. [all …]
H A D	SSL_CTX_set_stateless_cookie_generate_cb.pod	43 provided to clients in the HelloRetryRequest transmitted as a response to a 44 ClientHello with a missing or invalid cookie. gen_stateless_cookie_cb() must 46 of bytes written to B<cookie_len>. If a cookie cannot be generated, a zero 50 L<SSL_stateless(3)> to determine whether the application-controlled portion of a 59 as a response to a ClientHello with a missing or invalid cookie. 61 B<cookie>, and must write the number of bytes written to B<cookie_len>. If a 62 cookie cannot be generated, a zero return value can be used to abort the 66 determine whether the cookie in a ClientHello is valid. The cookie data is 74 Neither function returns a value. 92 this file except in compliance with the License. You can obtain a copy
H A D	SSL_CTX_set_tlsext_ticket_key_cb.pod	7 - set a callback for session ticket processing 42 state is unnecessary and a small set of cryptographic variables needs to be 45 In order to reuse a session, a TLS client must send the session ticket 48 ticket information or it starts a full TLS handshake to create a new session 61 The I<name> is 16 characters long and is used as a key identifier. 76 to retrieve a cryptographic parameters and that the cryptographic context 107 the SSL/TLS session will continue by negotiating a set of cryptographic 111 a new set of parameters. 120 SSL_CTX_set_tlsext_ticket_key_evp_cb() except that it takes a deprecated 133 exactly as if a full negotiation had occurred. [all …]
H A D	X509_NAME_add_entry_by_txt.pod	28 X509_NAME_add_entry_by_NID() add a field whose name is defined 29 by a string B<field>, an object B<obj> or a NID B<nid> respectively. 34 The type of field is determined by B<type> which can either be a 35 definition of the type of B<bytes> (such as B<MBSTRING_ASC>) or a 37 added to a position determined by B<loc> and B<set>. 61 The B<loc> and B<set> parameters determine where a new entry should 63 to 0. This adds a new entry to the end of B<name> as a single valued 70 If it is zero a new RDN is created. 72 If B<set> is -1 or 1 it is added as a new set member 74 This will then become part of a multi-valued RDN (containing a set of AVAs). [all …]
/openssl/demos/
H A D	README.txt	10 bio: Demonstration of a simple TLS client and server 23 EVP_MD_demo.c Compute a digest from multiple buffers 24 EVP_MD_stdin.c Compute a digest with data read from stdin 25 EVP_MD_xof.c Compute a digest using the SHAKE256 XOF 26 EVP_f_md.c Compute a digest using BIO and EVP_f_md 60 pkread.c Print out a description of a PKCS12 file. 61 pkwrite.c Add a password to an existing PKCS12 file. 66 EVP_PKEY_DSA_keygen.c Generate a DSA key. 67 EVP_PKEY_DSA_paramgen.c Generate a DSA param key. 68 EVP_PKEY_DSA_paramvalidate.c Validate a DSA param key. [all …]
/openssl/util/
H A D	check-format-test-negatives.c	56 auto a; in f() local 165 f(a, b); in g() 169 f(a, b); in g() 175 f(a, b); in g() 179 f1234(a, in g() 184 f(a, in g() 189 f(a, b); in g() 195 f(a, b); in g() 199 f(a, in g() 370 a; typedef [all …]
/openssl/doc/designs/quic-design/
H A D	quic-requirements.md	17 * The focus for the next releases is QUIC, with the objective of providing a 18 fully functional QUIC implementation over a series of releases (2-3). 34 implementations (via a provider). 41 * The MVP will not contain a library API for an HTTP/3 implementation (it is a 46 * Once we have a fully functional QUIC implementation (in a subsequent release), 48 record layer interface and it should offer a stable ABI (via a provider). 56 is a non-goal. 81 The OMC additionally published a 109 in a future OpenSSL release will be provided. 175 to the kernel for sending via a system call. [all …]
H A D	record-layer.md	51 in a future release. 58 * Once we have a fully functional QUIC implementation (in a subsequent release), 60 record layer interface and it should offer a stable ABI (via a provider). 72 ### Use a METHOD based approach 97 * Could also be used as the basis for a fetchable solution in a subsequent 123 for a new fetchable operation is more involved than a METHOD based approach. 155 An `OSSL_RECORD_LAYER` object represents a specific instantiation of a 206 never call `write_records` a second time until a previous call to 397 * other than EVP_CIPHER. Also mactype would not be a NID, but a string. For 513 * Release a buffer associated with a record previously read with [all …]
H A D	quic-connID-retire.md	10 for a complete implementation are: 19 MVP does not issue multiple connection CIDs, instead it uses a zero length CID. 34 supported. I.e. do this later in a just in time manner. 39 When a remote asks to retire a connection ID (RETIRE_CONNECTION_ID) we have to: 45 * Should respond with a NEW_CONNECTION_ID frame if we are low on CIDs 46 * Not sure if it is mandatory to send a retirement. 48 When a remote creates a new connection ID: 50 * May respond with a new connection ID frame (it's a good idea) 57 * Send a retirement frame (RETIRE_CONNECTION_ID) 68 be retransmitted, they'll be done so using a new CID on a new route.
H A D	quic-io-arch.md	56 until a socket becomes readable, or writable, or a timeout expires, whichever 102 - The fact that a socket is writeable does not necessarily mean that a datagram 118 guarantee (under a non-buggy OS) that a single syscall will not block, however 120 any given BIO implementation has such a BIO call correspond to only a single 157 At a minimum for a client, there must be two threads per connection. This 270 for example switching from a `BIO_s_socket` to a `BIO_s_dgram`, or from a 318 blocking application-level I/O on top of a on a custom memory-based BIO 380 a related BIO, such as the other end of a pair). 399 As such, an API to expose a synchronisation primitive should be of a tagged 435 Currently only a single descriptor type is defined, which is a FD on \*NIX and a [all …]
/openssl/doc/man7/
H A D	openssl-quic.pod	116 initiating a connection. 167 a L<BIO_s_datagram(3)>. This is equivalent to instantiating a 485 can be used to provide a QUIC application error code when closing a connection. 512 This is a non-specific I/O operation which makes a best effort attempt to 587 signalled by a peer which has performed a non-normal stream termination of the 601 Returns 1 if a SSL object is not a QUIC stream SSL object. 620 Potentially yields a new QUIC stream SSL object representing a new 648 This is a new BIO method which is similar to a conventional BIO pair but 653 This is a new BIO API which allows a BIO to expose a poll descriptor. This API 742 a BIO abstracting a network socket such as L<BIO_s_datagram(3)>, or a BIO [all …]
H A D	ossl_store.pod	17 A STORE is a layer of functionality to retrieve a number of supported 18 objects from a repository of any kind, addressable as a filename or 19 as a URI. 21 The functionality supports the pattern "open a channel to the 22 repository", "loop and retrieve one object at a time", and "finish up 25 The retrieved objects are returned as a wrapper type B<OSSL_STORE_INFO>, 30 Support for a URI scheme is called a STORE "loader", and can be added 31 dynamically from the calling application or from a loadable engine. 88 this file except in compliance with the License. You can obtain a copy
/openssl/test/
H A D	README-dev.md	7 For any test that you want to perform, you write a script located in 9 where `{nn}` is a two digit number and 10 `{name}` is a unique name of your choice. 12 Please note that if a test involves a new testing executable, you will need to 22 digit number and `{name}` is a unique name of your choice. 42 A recipe that just runs a test executable 45 A script that just runs a program looks like this: 61 A recipe that runs a more complex test 96 Whenever a new test involves a new test executable you need to do the 102 * create a three line description of how to build the test, you will have [all …]
/openssl/crypto/x509/
H A D	v3_admis.c	258 STACK_OF(ADMISSIONS) *a) in ADMISSION_SYNTAX_set0_contentsOfAdmissions() 261 as->contentsOfAdmissions = a; in ADMISSION_SYNTAX_set0_contentsOfAdmissions() 266 return a->admissionAuthority; in ADMISSIONS_get0_admissionAuthority() 269 void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa) in ADMISSIONS_set0_admissionAuthority() argument 271 GENERAL_NAME_free(a->admissionAuthority); in ADMISSIONS_set0_admissionAuthority() 272 a->admissionAuthority = aa; in ADMISSIONS_set0_admissionAuthority() 277 return a->namingAuthority; in ADMISSIONS_get0_namingAuthority() 282 NAMING_AUTHORITY_free(a->namingAuthority); in ADMISSIONS_set0_namingAuthority() 283 a->namingAuthority = na; in ADMISSIONS_set0_namingAuthority() 288 return a->professionInfos; in ADMISSIONS_get0_professionInfos() [all …]
H A D	x_all.c	33 int X509_verify(X509 *a, EVP_PKEY *r) in X509_verify() argument 35 if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature) != 0) in X509_verify() 39 &a->signature, &a->cert_info, in X509_verify() 40 a->distinguishing_id, r, a->libctx, a->propq); in X509_verify() 52 a->signature, &a->req_info, a->distinguishing_id, in X509_REQ_verify_ex() 56 int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) in X509_REQ_verify() argument 58 return X509_REQ_verify_ex(a, r, NULL, NULL); in X509_REQ_verify() 61 int X509_ACERT_verify(X509_ACERT *a, EVP_PKEY *r) in X509_ACERT_verify() argument 63 if (X509_ALGOR_cmp(&a->sig_alg, &a->acinfo->signature) != 0) in X509_ACERT_verify() 67 &a->signature, a->acinfo, in X509_ACERT_verify() [all …]
/openssl/crypto/ec/curve448/
H A D	f_generic.c	100 void gf_strong_reduce(gf a) in gf_strong_reduce() argument 132 carry + a->limb[LIMBPERM(i)] + in gf_strong_reduce() 134 a->limb[LIMBPERM(i)] = carry & LIMB_MASK(LIMBPERM(i)); in gf_strong_reduce() 142 void gf_sub(gf d, const gf a, const gf b) in gf_sub() argument 144 gf_sub_RAW(d, a, b); in gf_sub() 150 void gf_add(gf d, const gf a, const gf b) in gf_add() argument 152 gf_add_RAW(d, a, b); in gf_add() 157 mask_t gf_eq(const gf a, const gf b) in gf_eq() argument 163 gf_sub(c, a, b); in gf_eq() 172 mask_t gf_isr(gf a, const gf x) in gf_isr() argument [all …]
/openssl/doc/internal/man7/
H A D	build.info.pod	81 Any time a directory or file is expected in a statement value, Unix 456 DEPEND[libfoo.a]=libmandatory.a 457 DEPEND[libfoo.a]{weak}=libbar.a libcookie.a 461 and C<libbar.a> and C<libcookie.a> is weak. See the description of 599 like this, means that if C<libfoo.a> appears in a linking command 602 DEPEND[libfoo.a]=libmandatory.a 605 like this, means that if I<both> C<libfoo.a> and C<libmandatory.a> 610 DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a 618 DEPEND[program1]=libmandatory.a lib1.a 619 DEPEND[program2]=libmandatory.a lib2.a [all …]
/openssl/crypto/
H A D	README-sparse_array.md	4 The `sparse_array.c` file contains an implementation of a sparse array that 7 The sparse array is represented using a tree structure. Each node in the 8 tree contains a block of pointers to either the user supplied leaf values or 11 There are a number of parameters used to define the block size: 15 SA_BLOCK_MASK Specifies a bit mask to perform modulo block size 29 As a space and performance optimisation, the height of the tree is usually 33 The largest index used to add a value to the array determines the tree height: 47 An empty tree is represented by a NULL root pointer. Inserting a value at 48 index 0 results in the allocation of a top level node full of null pointers 109 along a path from the root of the tree to an added leaf will be allocated. [all …]

Completed in 91 milliseconds

12345678910>>...75

Last Index update Thu Sep 26 00:07:22 UTC 2024

Dedicated to & Maintained by Room-11