/openssl/doc/man3/ |
H A D | CMS_sign.pod | 44 If B<CMS_NOCERTS> is set the signer's certificate will not be included in the 69 If any of these algorithms is not available then it will not be included: 70 for example the GOST algorithms will not be included if the GOST ENGINE is 71 not loaded. 75 identifier value instead. An error occurs if the signing certificate does not 80 signing is however B<not> performed and the data to be signed is not read from 89 B<not> complete and outputting its contents via a function that does not 110 structure if streaming is not enabled. 114 Some attributes such as counter signatures are not supported. 140 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | EVP_PKEY_CTX_get0_pkey.pod | 31 EVP_PKEY_CTX or NULL if it is not set. 34 EVP_PKEY_CTX or NULL if it is not set. 37 and therefore should not explicitly be freed by the caller. 39 These functions do not affect the EVP_PKEY reference count. 52 You may not use this file except in compliance with the License.
|
H A D | BIO_read.pod | 39 return the digest and other BIOs may not support BIO_gets() at all. 62 Requesting to write 0 bytes is not considered an error. 64 BIO_write() returns -2 if the "write" operation is not implemented by the BIO 69 BIO_gets() returns -2 if the "gets" operation is not implemented by the BIO 75 is not included in the length returned. 80 the operation is not implemented in the specific BIO type. 84 A 0 or -1 return is not necessarily an indication of an error. In 93 read the data) should B<not> be used because a single call to BIO_read() 103 It is also possible to make BIO_gets() usable even if the "gets" method is not 112 BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO did not [all …]
|
H A D | RAND_add.pod | 33 (L<RAND_OpenSSL(3)>) is not necessary (but allowed), since it does (re-)seed 38 RAND_status() indicates whether or not the random generator has been sufficiently 39 seeded. If not, functions such as L<RAND_bytes(3)> will fail. 48 This function will not normally be needed, as mentioned above. 58 NOTE: In FIPS mode, random data provided by the application is not considered to 60 additional data only and this does not count as a full reseed. 87 The other functions do not return values. 100 not be used. 106 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_cmp_time.pod | 29 included in the verification parameters I<vpm> if they are not NULL and contain 64 X509_cmp_timeframe() returns 0 if I<vpm> is not NULL and the verification 65 parameters do not contain B<X509_V_FLAG_USE_CHECK_TIME> 67 1 if the end time is not NULL and the reference time (which has determined as 68 stated above) is past the end time, -1 if the start time is not NULL and the 70 (implying that the end time is not before the start time if both are present). 83 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SRP_VBASE_new.pod | 37 If B<seed_key> is not NULL a copy is stored and used to generate dummy parameters 38 for users that are not found by SRP_VBASE_get1_by_user(). This allows the server 42 the random data should not contain NUL bytes!). 58 The library takes ownership of B<user_pwd>, it should not be freed by the caller. 69 If no matching user is found and the seed_key is not set, NULL is returned. 77 The error codes are B<SRP_ERR_OPEN_FILE> if the file could not be opened, 78 B<SRP_ERR_VBASE_INCOMPLETE_FILE> if the file could not be parsed, 103 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_get_stream_id.pod | 49 was initiated by the remote peer; thus, it can be read from, but not written to. 55 was initiated by the local application; thus, it can be written to, but not read 66 QUIC stream IDs in future versions of QUIC are not required to have the same 67 semantics. Do not determine stream properties using these bits. Instead, use 72 identity, and does not indicate whether an operation can currently be 77 returned by SSL_get_stream_type() does not vary over the lifespan of a stream. 82 SSL object which is not a QUIC SSL object, or if called on a QUIC connection SSL 105 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_get_error.pod | 26 attempted, or SSL_get_error() will not work reliably. 30 Some TLS implementations do not send a close_notify alert on shutdown. 55 Note that B<SSL_ERROR_ZERO_RETURN> does not necessarily 63 The operation did not complete and can be retried later. 67 It means that not enough data was available at this time to complete the 120 The operation did not complete; the same TLS/SSL I/O function should be 131 The operation did not complete because an application callback set by 138 The operation did not complete because an asynchronous engine is still 160 The operation did not complete because an application callback set by 170 be performed on the connection and SSL_shutdown() must not be called. [all …]
|
H A D | SSL_get_value_uint.pod | 97 may represent connection parameters which do not participate in explicit 107 requesting during feature negotiation. Such a request will not necessarily be 122 peer during feature negotiation. Such a request has not necessarily been 185 available to be created (but not yet created). 203 available to be created (but not yet created). 239 generated, and pending timeout events are not processed. This allows an 260 handling model will not cause event handling to occur before making that 264 API call on the SSL object it is set on. However, event processing is not 319 The given value is not supported by the SSL object on which it was called. 323 The given operation (get or set) is not supported by the specified [all …]
|
H A D | SSL_free.pod | 25 Do not explicitly free these indirectly freed up items before or after 32 L<SSL_shutdown(3)> was not called for the connection 33 and L<SSL_set_shutdown(3)> was not used to set the 46 locally-initiated unidirectional stream) and that part has not been concluded 55 remotely-initiated unidirectional stream), and the peer has not yet concluded 71 SSL_free() does not provide diagnostic information. 81 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | PKCS7_sign.pod | 39 will not be included in the PKCS7 structure. 62 these algorithms is disabled then it will not be included. 66 B<not> performed and the data to be signed is not read from the I<data> 73 If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not> 74 complete and outputting its contents via a function that does not properly 88 called to finalize the structure if streaming is not enabled. Alternative 95 not be NULL. 103 Some advanced attributes such as counter signatures are not supported. 127 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_key_update.pod | 37 update will not take place until the next time an IO operation such as 42 operation has been scheduled but not yet performed. The type of the pending key 54 renegotiation. If so, then it will be initiated immediately. OpenSSL will not 66 appropriate, the request is sent. The client may or may not respond with a new 67 handshake and it may or may not attempt to resume an existing session. If 74 new handshake. For historical reasons, DTLS clients will not attempt to resume 78 renegotiation request has been scheduled but not yet acted on, or 0 otherwise. 91 can be performed. SSL_key_update() will fail if these requirements are not met. 106 has been scheduled but not yet acted on, or 0 otherwise. 123 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_CTX_set_ct_validation_callback.pod | 54 handshake continues, and the verification status is not modified, regardless of 58 Note that with session resumption there will not be any SCTs presented during 62 session is not resumed. 69 The TLS handshake is aborted if the verification mode is not B<SSL_VERIFY_NONE> 77 If no callback is set, SCTs will not be requested and Certificate Transparency 78 validation will not occur. 84 Callbacks are also not invoked when the peer certificate chain is invalid or 87 Clients that require SCTs are expected to not have enabled any aNULL ciphers 121 SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result. 140 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | ASN1_TYPE_get.pod | 30 function uses the pointer I<value> internally so it must B<not> be freed 45 B<ASN1_TYPE> is returned. If I<t> and I<*t> are not NULL the encoded type 46 is written to I<t> overwriting any existing data. If I<t> is not NULL 55 then the boolean is set to TRUE if I<value> is not NULL. If I<type> is 64 ASN1_TYPE_cmp() may not return zero if two types are equivalent but have 73 unparsable type which returns NULL) for types which do B<not> match. So 80 ASN1_TYPE_set() does not return a value. 96 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_get_shared_sigalgs.pod | 42 and will not need to call them. 48 B<rhash> can be set to B<NULL> if the value is not required. By setting 69 If a signature algorithm is not recognised the corresponding NIDs 70 will be set to B<NID_undef>. This may be because the value is not supported, 71 is not an appropriate combination (for example MD5 and DSA) or the 72 signature algorithm does not use a hash (for example Ed25519). 83 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | CMS_get0_SignerInfos.pod | 39 if not. 48 of CMS_verify() is not appropriate. 59 there are no signers this is not a problem in practice because the only 60 error which can occur is if the B<cms> structure is not of type signedData 73 CMS_SignerInfo_set1_signer_cert() does not return a value. 85 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/doc/designs/ |
H A D | thread-api.md | 34 * If the argument is 0, thread pooling is disabled. OpenSSL will not create any 38 * thread pooling is not supported (for example, if it is not supported on the 39 * current platform, or because OpenSSL is not built with the necessary 46 * thread pool. If thread pooling is disabled or not available, returns 0. 51 The maximum thread count is a limit, not a target. Threads will not be spawned 72 * is not supported, another model must be used. Note that there is currently
|
/openssl/doc/man7/ |
H A D | openssl-threads.pod | 17 In particular, being configured for threads support does not imply that 19 To emphasize: I<most objects are not safe for simultaneous use>. 24 Many objects within OpenSSL are reference-counted, so resources are not 38 A C<set1> or C<get1> function does not change the ownership, but instead 46 met and shared objects are not modified. 47 Set methods, or modifying shared objects, are generally not thread-safe 54 Note that a C<const> declaration does not mean immutable; for example 63 In all cases, however, it is generally not safe for one thread to 84 not safe to modify the factory object after it has been used to create 100 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | RAND.pod | 27 As a normal application developer, you do not have to worry about any details, 30 return value of L<RAND_bytes(3)> and do not take randomness for granted. 40 This method does not provide 'better' randomness, it uses the same type of 46 CSPRNG instance will not affect the secrecy of these private values. 48 In the rare case where the default implementation does not satisfy your special 53 only in exceptional cases and is not recommended, unless you have a profound 77 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/test/recipes/30-test_evp_data/ |
H A D | evpciph_des3_common.txt | 4 # Licensed under the Apache License 2.0 (the "License"). You may not use 43 # Test that DES3 CBC mode encryption fails because it is not FIPS approved 53 # Test that DES3 EBC mode encryption fails because it is not FIPS approved 64 # Test that DES3 CBC mode encryption is not FIPS approved 76 # Test that DES3 ECB mode encryption is not FIPS approved
|
/openssl/doc/designs/quic-design/ |
H A D | quic-io-arch.md | 86 configured in blocking mode or not. 89 mode, this is not an advisable usage mode. If a socket is in blocking mode, 111 Moreover, our QUIC implementation will not drive the Berkeley sockets API 121 system call (or any system call), so this does not work either. Therefore, 138 `BIO_write` calls do not take an excessive amount of time. 152 - Several threads are spawned which the application is not in control of. 184 tear down the connection. However, the BIO interface does not provide 293 coordinated but this is not for MVP.) Thus this also is not a concern. 310 - Does not rely on creating threads and can support blocking I/O at the 387 unification is not necessarily significant. [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_cmp_msg_check_update.pod | 46 In case no protection is present and B<cb> is not NULL then this callback 52 It should not put an error on the error stack since this could be misleading. 58 peer does not need to send them again (at least not in the same transaction). 59 Note that it does not help validating the message before storing the extraCerts 60 because they are not part of the protected portion of the message anyway. 90 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/test/ |
H A D | README.ssltest.md | 21 First, give your test a name. The names do not have to be unique. 73 alert will not be correctly matched, if followed by a `close_notify` or 79 * SessionTicketExpected - whether or not a session ticket is expected 80 - Ignore - do not check for a session ticket (default) 82 - No - a session ticket is not expected 84 * SessionIdExpected - whether or not a session id is expected 85 - Ignore - do not check for a session id (default) 87 - No - a session id is not expected 164 - None - do not use SNI (default) 182 does not initialize crypto. [all …]
|
/openssl/test/ssl-tests/ |
H A D | 08-npn.cnf | 16 test-11 = 11-npn-selected-sni-server-does-not-support-npn 26 test-21 = 21-npn-used-if-alpn-not-supported-resumption 410 [11-npn-selected-sni-server-does-not-support-npn] 413 [11-npn-selected-sni-server-does-not-support-npn-ssl] 418 [11-npn-selected-sni-server-does-not-support-npn-server] 423 [11-npn-selected-sni-server-does-not-support-npn-server2] 428 [11-npn-selected-sni-server-does-not-support-npn-client] 838 [21-npn-used-if-alpn-not-supported-resumption] 841 [21-npn-used-if-alpn-not-supported-resumption-ssl] 847 [21-npn-used-if-alpn-not-supported-resumption-server] [all …]
|
/openssl/engines/ |
H A D | e_afalg.txt | 3 # Licensed under the Apache License 2.0 (the "License"). You may not use 13 AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG:101:kernel does not support afalg 15 kernel does not support async afalg
|