| /openssl/Configurations/ |
| H A D | INTERNALS.Configure | 9 This is a collection of notes that are hopefully of interest to those
10 who decide to dive into Configure and what it does. This is a living
11 document and anyone is encouraged to add to it and submit changes.
21 Processing conditions in build.info files is done with the help of a
33 Ground rule is that non-condition lines are skipped over if the
34 stack top is > 0. Condition lines (IF, ELSIF, ELSE and ENDIF
39 the skip stack should look like after each line is processed:
44 | ... whatever ... | | this line is processed |
46 | ... whatever ... | | this line is processed |
48 | ... whatever ... | | this line is skipped over |
[all …]
|
| /openssl/doc/man3/ |
| H A D | ASN1_STRING_print_ex.pod | 35 ASN1_STRING_print() is a deprecated function which should be avoided; use
41 The complete set of supported options for I<flags> is listed below.
51 If the character being escaped is a 16 bit character then the form "\UXXXX" is used
54 will only be used if UTF8 conversion is not set (see below).
57 B<ASN1_STRFLGS_ESC_QUOTE> is set then the whole string is instead surrounded by
66 If B<ASN1_STRFLGS_IGNORE_TYPE> is set then the string type is not interpreted at
67 all: everything is assumed to be one byte per character. This is primarily for
70 If B<ASN1_STRFLGS_SHOW_TYPE> is set then the string type itself is printed out
77 If B<ASN1_STRFLGS_DUMP_ALL> is set then any type is dumped.
83 When a type is dumped normally just the content octets are printed, if
[all …]
|
| H A D | CMS_compress.pod | 16 is the compression algorithm to use or B<NID_undef> to use the default
17 algorithm (zlib compression). B<in> is the content to be compressed.
18 B<flags> is an optional set of flags.
20 The only currently supported compression algorithm is zlib using the NID
26 If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
32 otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
33 B<CMS_TEXT> is ignored.
35 If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
39 B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
40 practice and is not supported by SMIME_write_CMS().
[all …]
|
| H A D | CMS_encrypt.pod | 20 AuthEnvelopedData structure. I<certs> is a list of recipient certificates.
21 I<in> is the content to be encrypted. I<cipher> is the symmetric cipher to use.
34 containing MAC is used. Otherwise an EnvelopedData structure is used. Currently
44 If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
51 B<CMS_TEXT> is ignored.
58 If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
61 If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
66 B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
67 practice and is not supported by SMIME_write_CMS().
69 If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
[all …]
|
| H A D | CMS_verify.pod | 29 It is also used
37 The content is written to the BIO I<out> unless it is NULL.
72 If CRL checking is enabled in I<store> and B<CMS_NOCRL> is not set,
75 If I<store> is not NULL and any chain verify fails an error code is returned.
77 Finally the signed content is read (and written to I<out> unless it is NULL)
89 If B<CMS_NOCRL> is set and CRL checking is enabled in I<store> then any
93 from the content. If the content is not of type C<text/plain> then an error is
99 If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
102 If B<CMS_CADES> is set, each signer certificate is checked against the
106 If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
[all …]
|
| H A D | PKCS7_verify.pod | 22 It is also used
30 The content is written to the BIO I<out> unless it is NULL.
43 the content is detached I<indata> cannot be NULL. If the content is
59 is set.
60 If CRL checking is enabled in I<store> and B<PKCS7_NOCRL> is not set,
63 If I<store> is not NULL and any chain verify fails an error code is returned.
65 Finally the signed content is read (and written to I<out> unless it is NULL)
66 and the signature is checked.
78 If B<PKCS7_NOCRL> is set and CRL checking is enabled in I<store> then any
82 from the content. If the content is not of type C<text/plain> then an error is
[all …]
|
| H A D | PKCS7_sign.pod | 21 I<signcert> is the certificate to sign with, I<pkey> is the corresponding
27 The data to be signed is read from BIO I<data>.
29 I<flags> is an optional set of flags.
45 B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
62 these algorithms is disabled then it will not be included.
64 If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
70 If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
73 If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
83 algorithm. This is B<SHA1> for both RSA and DSA keys.
92 PKCS#7 structure is output.
[all …]
|
| H A D | TS_VERIFY_CTX.pod | 46 The Time-Stamp Protocol (TSP) is defined by RFC 3161. TSP is a protocol used to
50 requesting entity is referred to as the client.
65 verification context to be freed. If I<ctx> is NULL, the call is ignored.
74 the data. A previously assigned B<BIO> is freed.
83 verifying a TST. I<certs> is a stack of B<X509> certificates.
87 created in advance. If I<ctx> is NULL, the call is ignored.
95 A previously assigned BIO is B<not freed> by this call. I<b> is the B<BIO>
99 assigned imprint B<is freed> by this call. I<hexstr> is the string with the
103 assigned store is B<not freed> by this call. I<s> is the store to assign.
106 A previously assigned stack is B<not freed> by this call. I<certs> is a stack
[all …]
|
| H A D | OSSL_HTTP_transfer.pod | 65 If I<bio> is given and I<rbio> is NULL then this I<bio> is used instead.
80 Otherwise, the format is
84 The default proxy port number is 80, or 443 in case "https:" is given.
93 If I<use_ssl> is nonzero a TLS connection is requested
96 The parameter I<bio_update_fn>, which is optional if I<use_ssl> is 0,
108 I<detail> being 1 if I<use_ssl> is nonzero (i.e., HTTPS is requested), else 0.
196 is allowed to take.
200 If I<keep_alive> is 0 the connection is not kept open
202 If the value is 1 or 2 then a persistent connection is requested.
203 If the value is 2 then a persistent connection is required,
[all …]
|
| H A D | SSL_get_handshake_rtt.pod | 18 This metric is represented in microseconds (us) as a uint64_t data type.
22 This metric is created by taking two timestamps during the handshake and
25 When acting as the server, one timestamp is taken when the server is finished
26 writing to the client. This is during the ServerFinished in TLS 1.3 and
27 ServerHelloDone in TLS 1.2. The other timestamp is taken when the server is
28 done reading the client's response. This is after the client has responded
31 When acting as the client, one timestamp is taken when the client is finished
32 writing the ClientHello and early data (if any). The other is taken when
33 client is done reading the server's response. This is after ServerFinished in
38 protocol-level messages and the TLS protocol is not designed to measure
[all …]
|
| H A D | EVP_BytesToKey.pod | 18 EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
21 an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
22 B<datal> bytes which is used to derive the keying data. B<count> is the
35 If the total key and IV length is less than the digest length and
36 B<MD5> is used then the derivation algorithm is compatible with PKCS#5 v1.5
37 otherwise a non standard extension is used to derive the extra data.
44 The key and IV is derived by concatenating D_1, D_2, etc until
45 enough data is available for the key and IV. D_i is defined as:
49 where || denotes concatenation, D_0 is empty, HASH is the digest
50 algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
[all …]
|
| H A D | BIO_s_mem.pod | 29 written to a memory BIO is stored in a BUF_MEM structure which is extended
32 BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used
52 Unless the memory BIO is read only any data read from it is deleted from
61 If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying
70 BIO_eof() is true if no data is in the BIO.
75 empty. If the B<v> is zero then an empty memory BIO will return EOF (that is
78 flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal
89 It is a macro.
95 if B<len> is -1 then the B<buf> is assumed to be nul terminated and its
96 length is determined by B<strlen>. The BIO is set to a read only state and
[all …]
|
| H A D | CMS_sign.pod | 21 I<signcert> is the certificate to sign with, I<pkey> is the corresponding
28 The data to be signed is read from BIO B<data>.
30 B<flags> is an optional set of flags.
32 CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL
51 B<CMS_DETACHED> is set in which case it is omitted. This is used for
80 signing is however B<not> performed and the data to be signed is not read from
84 If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
88 If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
99 algorithm. This is B<SHA1> for both RSA and DSA keys.
110 structure if streaming is not enabled.
[all …]
|
| H A D | BIO_s_accept.pod | 57 the BIO is freed.
68 where "host" is the interface to use and "port" is the port.
81 If the given port is C<0> then a random available port is chosen.
89 (the default) if B<n> is 0 or non blocking mode if B<n> is 1.
92 if B<n> is 1 or disables TCP Fast Open if B<n> is 0 (the default).
98 connection is received. This is useful if, for example, a
107 The default is B<BIO_FAMILY_IPANY>.
115 and the port is not in use then a second attempt is made
133 When a connection is established a new socket BIO is created for
134 the connection and appended to the chain. That is the chain is now
[all …]
|
| H A D | OSSL_HTTP_parse_url.pod | 57 The port component is optional and defaults to C<0>.
60 The path component is also optional and defaults to C</>.
63 Any IPv6 address in I<*phost> is enclosed in C<[> and C<]>.
66 If I<pquery> is NULL, any given query component is handled as part of the path.
69 an empty string is provided.
71 OSSL_HTTP_parse_url() is a special form of OSSL_parse_url()
73 If I<pssl> is not NULL, I<*pssl> is assigned 1 in case parsing was successful
74 and the scheme is C<https>, else 0.
75 The port component is optional and defaults to C<443> if the scheme is C<https>,
78 otherwise the first path element is interpreted as the host.
[all …]
|
| H A D | SMIME_read_CMS.pod | 19 B<in> is a BIO to read the message from.
21 If cleartext signing is used then the content is saved in a memory bio which is
22 written to B<*bcont>, otherwise B<*bcont> is set to NULL.
24 The parsed CMS_ContentInfo structure is returned or NULL if an
27 SMIME_read_CMS_ex() is similar to SMIME_read_CMS() but optionally a previously
31 in binary format and is not translated to canonical form.
32 If in addition B<SMIME_ASCIICRLF> is set then the binary input is assumed
34 If I<flags> is 0 and I<cms> is NULL then it is identical to SMIME_read_CMS().
38 If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
44 To support future functionality if B<bcont> is not NULL B<*bcont> should be
[all …]
|
| H A D | CMS_get1_ReceiptRequest.pod | 31 or it is set to 32 bytes of pseudo random data if I<id> is NULL.
32 If I<receiptList> is NULL the allOrFirstTier option in I<receiptsFrom> is used
34 NULL the I<receiptList> option in I<receiptsFrom> is used. The I<receiptsTo>
36 is used to find the public random generator.
38 CMS_ReceiptRequest_create0() is similar to
46 any is found it is decoded and written to B<prr>.
49 The signedContentIdentifier is copied to B<pcid>. If the B<allOrFirstTier>
50 option of B<receiptsFrom> is used its value is copied to B<pallorfirst>
52 parameter is copied to B<prto>.
69 CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and
[all …]
|
| H A D | BIO_set_callback.pod | 62 argument is set it is interpreted as a BIO to send the information
63 to, otherwise stderr is used. The BIO_debug_callback() function is the
69 is described below:
75 The BIO the callback is attached to is passed in B<b>.
117 function that is called.
139 is called before the read and
158 is called before the write and
214 is called before the call and
224 Note: B<cmd> == B<BIO_CTRL_SET_CALLBACK> is special, because B<parg> is not the
236 is called before the call and
[all …]
|
| H A D | DH_generate_parameters.pod | 65 This is a lightweight check, if a more thorough check is needed, use
81 The generator B<g> is not suitable.
87 The modulus is too small.
91 The modulus is too large.
96 value of B<*codes> is updated with any problems found. If B<*codes> is zero then
103 The parameter B<p> is not prime.
107 The parameter B<p> is not a safe prime and no B<q> value is present.
119 The parameter B<q> is not prime.
123 The parameter B<q> is invalid.
127 The parameter B<j> is invalid.
[all …]
|
| H A D | SSL_CONF_cmd.pod | 30 prefix for command line commands is B<-> and that is reflected below.
265 B<SSL> structure is set. This option is only supported if certificate
272 if no B<-key> option is set then a private key is not loaded unless the
294 full handshake is forced if a session ticket is used a second or subsequent
334 structure is set. This option is only supported if certificate operations
414 For clients it is
475 If a protocol is preceded by B<-> that version is disabled.
500 If a flag string is preceded B<-> it is disabled.
504 Each option is listed below. Where an operation is enabled by default
508 B<SSL_OP_NO_TICKET>: that is B<-SessionTicket> is the same as setting
[all …]
|
| H A D | SMIME_write_ASN1.pod | 26 I<out> is the BIO to write the data to. I<value> is the appropriate ASN1_VALUE
27 structure (either CMS_ContentInfo or PKCS7). If streaming is enabled then the
29 I<flags> is an optional set of flags. I<ctype_nid> is the NID of the content
30 type, I<econt_nid> is the NID of the embedded content type and I<mdalgs> is a
43 If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
44 makes sense for SignedData where B<CMS_DETACHED> is also set when the sign()
45 method is called.
48 the content, this only makes sense if B<CMS_DETACHED> is also set.
50 If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
58 If streaming is performed the content is output in BER format using indefinite
[all …]
|
| H A D | SMIME_write_CMS.pod | 18 B<out> is the BIO to write the data to. B<cms> is the appropriate
19 B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
20 supplied in the B<data> argument. B<flags> is an optional set of flags.
26 If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
27 makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
30 If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
31 the content, this only makes sense if B<CMS_DETACHED> is also set.
33 If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
37 If cleartext signing is being used and B<CMS_STREAM> not set then the data must
41 If streaming is performed the content is output in BER format using indefinite
[all …]
|
| /openssl/external/perl/Text-Template-1.56/t/ |
| H A D | safe2.t | 34 is $text, 'package is main';
38 is $text, 'package is Q';
43 is $text, 'package is safe root';
50 is $text, 'package is Q';
60 is $text, 'hash is good5';
67 is $text, 'hash is good6';
73 is $text, 'hash is good7';
82 is $text, 'hash is good8';
91 is $Q::H, 'good7';
94 is $Q2::H, 'good8';
|
| H A D | hash.t | 26 is $text, $result2;
29 is $v, 'oops (main)';
34 is $text, $result4;
39 is $text, $result5;
42 is $Q::v, 'good';
47 is $text, $result7;
64 is $text, $result8;
77 is $text, $result8;
91 is $text, $result;
|
| /openssl/doc/designs/quic-design/ |
| H A D | quic-fc.md | 10 which the relevant flow control limit is expressed as the maximum number of
32 Connection-level flow control is controlled by the `MAX_DATA` frame;
41 However, their implementation is not critical.
63 payload, the first time it is sent (retransmissions do not count).
100 - If the available credit is zero, the TX side is blocked due to a lack of
122 there is no need to pass the event in this case.
190 `numBytes` is the number of controlled bytes we received. (This event is
202 bumped). `numBytes` is the new CWM value, and is monotonic with regard to all
221 - There is no On RX Controlled Bytes event.
242 reason this event is used instead of a `On RX (numBytes)` style event is that
[all …]
|
