+++ /dev/null
-.\" $OpenBSD: EVP_MD_meth_new.3,v 1.5 2023/09/12 16:26:30 schwarze Exp $
-.\" selective merge up to:
-.\" OpenSSL man3/EVP_MD_meth_new 0388d212 Dec 14 12:47:07 2018 -0800
-.\"
-.\" This file is a derived work.
-.\" The changes are covered by the following Copyright and license:
-.\"
-.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" The original file was written by Richard Levitte <levitte@openssl.org>
-.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in
-.\" the documentation and/or other materials provided with the
-.\" distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\" software must display the following acknowledgment:
-.\" "This product includes software developed by the OpenSSL Project
-.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\" endorse or promote products derived from this software without
-.\" prior written permission. For written permission, please contact
-.\" openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\" nor may "OpenSSL" appear in their names without prior written
-.\" permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\" acknowledgment:
-.\" "This product includes software developed by the OpenSSL Project
-.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: September 12 2023 $
-.Dt EVP_MD_METH_NEW 3
-.Os
-.Sh NAME
-.Nm EVP_MD_meth_dup ,
-.Nm EVP_MD_meth_new ,
-.Nm EVP_MD_meth_free ,
-.Nm EVP_MD_meth_set_input_blocksize ,
-.Nm EVP_MD_meth_set_result_size ,
-.Nm EVP_MD_meth_set_app_datasize ,
-.Nm EVP_MD_meth_set_flags ,
-.Nm EVP_MD_meth_set_init ,
-.Nm EVP_MD_meth_set_update ,
-.Nm EVP_MD_meth_set_final ,
-.Nm EVP_MD_meth_set_copy ,
-.Nm EVP_MD_meth_set_cleanup ,
-.Nm EVP_MD_meth_set_ctrl
-.Nd Routines to build up EVP_MD methods
-.Sh SYNOPSIS
-.In openssl/evp.h
-.Ft EVP_MD *
-.Fo EVP_MD_meth_new
-.Fa "int md_type"
-.Fa "int pkey_type"
-.Fc
-.Ft void
-.Fo EVP_MD_meth_free
-.Fa "EVP_MD *md"
-.Fc
-.Ft EVP_MD *
-.Fo EVP_MD_meth_dup
-.Fa "const EVP_MD *md"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_input_blocksize
-.Fa "EVP_MD *md"
-.Fa "int blocksize"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_result_size
-.Fa "EVP_MD *md"
-.Fa "int resultsize"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_app_datasize
-.Fa "EVP_MD *md"
-.Fa "int datasize"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_flags
-.Fa "EVP_MD *md"
-.Fa "unsigned long flags"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_init
-.Fa "EVP_MD *md"
-.Fa "int (*init)(EVP_MD_CTX *ctx)"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_update
-.Fa "EVP_MD *md"
-.Fa "int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count)"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_final
-.Fa "EVP_MD *md"
-.Fa "int (*final)(EVP_MD_CTX *ctx, unsigned char *md)"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_copy
-.Fa "EVP_MD *md"
-.Fa "int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from)"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_cleanup
-.Fa "EVP_MD *md"
-.Fa "int (*cleanup)(EVP_MD_CTX *ctx)"
-.Fc
-.Ft int
-.Fo EVP_MD_meth_set_ctrl
-.Fa "EVP_MD *md"
-.Fa "int (*control)(EVP_MD_CTX *ctx, int command, int p1, void *p2)"
-.Fc
-.Sh DESCRIPTION
-The
-.Vt EVP_MD
-type is a structure for digest method implementation.
-It can also have associated public/private key signing and verifying
-routines.
-.Pp
-.Fn EVP_MD_meth_new
-creates a new
-.Vt EVP_MD
-structure.
-.Pp
-.Fn EVP_MD_meth_dup
-creates a copy of
-.Fa md .
-.Pp
-.Fn EVP_MD_meth_free
-destroys a
-.Vt EVP_MD
-structure.
-.Pp
-.Fn EVP_MD_meth_set_input_blocksize
-sets the internal input block size for the method
-.Fa md
-to
-.Fa blocksize
-bytes.
-.Pp
-.Fn EVP_MD_meth_set_result_size
-sets the size of the result that the digest method in
-.Fa md
-is expected to produce to
-.Fa resultsize
-bytes.
-.Pp
-The digest method may have its own private data, which OpenSSL will
-allocate for it.
-.Fn EVP_MD_meth_set_app_datasize
-should be used to set the size for it to
-.Fa datasize .
-.Pp
-.Fn EVP_MD_meth_set_flags
-sets the flags to describe optional behaviours in the particular
-.Fa md .
-Several flags can be or'd together.
-The available flags are:
-.Bl -tag -width Ds
-.It Dv EVP_MD_FLAG_DIGALGID_NULL
-When setting up a
-.Vt DigestAlgorithmIdentifier
-with
-.Xr X509_ALGOR_set_md 3 ,
-set the parameter type to
-.Dv V_ASN1_NULL
-and the parameter value to
-.Dv NULL .
-This is the default, which means that it takes effect for
-.Vt EVP_MD
-objects that do not have
-.Dv EVP_MD_FLAG_DIGALGID_ABSENT
-set.
-Use this for PKCS#1.
-.It Dv EVP_MD_FLAG_DIGALGID_ABSENT
-When setting up a
-.Vt DigestAlgorithmIdentifier
-with
-.Xr X509_ALGOR_set_md 3 ,
-set the parameter type to
-.Dv V_ASN1_UNDEF
-and the parameter value to
-.Dv NULL .
-This is used by the
-.Vt EVP_MD
-objects documented in the manual page
-.Xr EVP_sha3_224 3
-and by the objects returned from
-.Xr EVP_sha512 3 ,
-.Xr EVP_sha512_256 3 ,
-.Xr EVP_sha512_224 3 ,
-.Xr EVP_sha384 3 ,
-.Xr EVP_sha256 3 ,
-.Xr EVP_sha224 3 ,
-.Xr EVP_sha1 3 ,
-and
-.Xr EVP_sm3 3 .
-.It Dv EVP_MD_FLAG_DIGALGID_CUSTOM
-This flag is reserved for user-defined
-.Vt EVP_MD
-objects supporting custom
-.Vt DigestAlgorithmIdentifier
-handling via
-.Xr EVP_MD_CTX_ctrl 3 ,
-but actually, it is ignored by both LibreSSL and OpenSSL
-and such user-defined behaviour is not supported by the libraries.
-.It Dv EVP_MD_FLAG_FIPS
-Mark the digest method as suitable for FIPS mode.
-This flag is ignored by both LibreSSL and OpenSSL.
-.It Dv EVP_MD_FLAG_ONESHOT
-Intended to indicate that the digest method can only handle one block
-of input, but actually, this flag is ignored by both LibreSSL and OpenSSL.
-.El
-.Pp
-.Fn EVP_MD_meth_set_init
-sets the digest init function for
-.Fa md .
-The digest init function is called by
-.Xr EVP_Digest 3 ,
-.Xr EVP_DigestInit 3 ,
-.Xr EVP_DigestInit_ex 3 ,
-EVP_SignInit,
-.Xr EVP_SignInit_ex 3 ,
-.Xr EVP_VerifyInit 3
-and
-.Xr EVP_VerifyInit_ex 3 .
-.Pp
-.Fn EVP_MD_meth_set_update
-sets the digest update function for
-.Fa md .
-The digest update function is called by
-.Xr EVP_Digest 3 ,
-.Xr EVP_DigestUpdate 3
-and
-.Xr EVP_SignUpdate 3 .
-.Pp
-.Fn EVP_MD_meth_set_final
-sets the digest final function for
-.Fa md .
-The digest final function is called by
-.Xr EVP_Digest 3 ,
-.Xr EVP_DigestFinal 3 ,
-.Xr EVP_DigestFinal_ex 3 ,
-.Xr EVP_SignFinal 3
-and
-.Xr EVP_VerifyFinal 3 .
-.Pp
-.Fn EVP_MD_meth_set_copy
-sets the function for
-.Fa md
-to do extra computations after the method's private data structure has
-been copied from one
-.Vt EVP_MD_CTX
-object to another.
-If all that's needed is to copy the data, there is no need for this copy
-function.
-The copy function is passed two
-.Vt EVP_MD_CTX
-objects, the private data structure is then available with
-.Xr EVP_MD_CTX_md_data 3 .
-This copy function is called by
-.Xr EVP_MD_CTX_copy 3
-and
-.Xr EVP_MD_CTX_copy_ex 3 .
-.Pp
-.Fn EVP_MD_meth_set_cleanup
-sets the function for
-.Fa md
-to do extra cleanup before the method's private data structure is
-cleaned out and freed.
-The cleanup function is passed an
-.Vt EVP_MD_CTX
-object, the private data structure is then available with
-.Xr EVP_MD_CTX_md_data 3 .
-This cleanup function is called by
-.Xr EVP_MD_CTX_reset 3
-and
-.Xr EVP_MD_CTX_free 3 .
-.Pp
-.Fn EVP_MD_meth_set_ctrl
-sets the
-.Fa control
-function for
-.Fa md .
-The
-.Fa control
-function supplied by the application program has to return 1 to indicate
-success, 0 to indicate failure, or \-1 if the
-.Fa command
-is not supported for this digest method.
-See
-.Xr EVP_MD_CTX_ctrl 3
-for the available
-.Fa command
-arguments.
-.Sh RETURN VALUES
-.Fn EVP_MD_meth_new
-and
-.Fn EVP_MD_meth_dup
-return a pointer to a newly created
-.Vt EVP_MD ,
-or NULL on failure.
-All
-.Fn EVP_MD_meth_set_*
-functions return 1.
-.Sh SEE ALSO
-.Xr EVP_DigestInit 3 ,
-.Xr EVP_SignInit 3 ,
-.Xr EVP_VerifyInit 3
-.Sh HISTORY
-All these functions
-first appeared in OpenSSL 1.1.0 and have been available since
-.Ox 7.1 .
-.\" $OpenBSD: EVP_MD_nid.3,v 1.3 2023/09/07 16:32:41 schwarze Exp $
+.\" $OpenBSD: EVP_MD_nid.3,v 1.4 2024/03/05 17:21:40 tb Exp $
.\" full merge up to: OpenSSL man3/EVP_DigestInit.pod
.\" 24a535ea Sep 22 13:14:20 2020 +0100
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: September 7 2023 $
+.Dd $Mdocdate: March 5 2024 $
.Dt EVP_MD_NID 3
.Os
.Sh NAME
.Fn EVP_MD_flags
returns the message digest flags used by
.Fa md .
-The meaning of the flags is described in the
-.Xr EVP_MD_meth_set_flags 3
-manual page.
Be careful to not confuse these flags with the unrelated
message digest context flags that can be inspected with
.Xr EVP_MD_CTX_test_flags 3 .
+The available flags are:
+.Bl -tag -width Ds
+.It Dv EVP_MD_FLAG_DIGALGID_NULL
+The parameters in a
+.Vt DigestAlgorithmIdentifier
+are encoded using an explicit ASN.1
+.Dv NULL
+rather than omitting them.
+This is the default, which means that it takes effect for
+.Vt EVP_MD
+objects that do not have
+.Dv EVP_MD_FLAG_DIGALGID_ABSENT
+set.
+.It Dv EVP_MD_FLAG_DIGALGID_ABSENT
+The parameters in a
+.Vt DigestAlgorithmIdentifier
+are omitted from the ASN.1 encoding.
+This is used by the
+.Vt EVP_MD
+objects documented in the manual page
+.Xr EVP_sha3_224 3
+and by the objects returned from
+.Xr EVP_sha512 3 ,
+.Xr EVP_sha512_256 3 ,
+.Xr EVP_sha512_224 3 ,
+.Xr EVP_sha384 3 ,
+.Xr EVP_sha256 3 ,
+.Xr EVP_sha224 3 ,
+.Xr EVP_sha1 3 ,
+and
+.Xr EVP_sm3 3 .
+.It Dv EVP_MD_FLAG_DIGALGID_CUSTOM
+This flag is reserved for user-defined
+.Vt EVP_MD
+objects supporting custom
+.Vt DigestAlgorithmIdentifier
+handling via
+.Xr EVP_MD_CTX_ctrl 3 ,
+but actually, it is ignored by both LibreSSL and OpenSSL
+and such user-defined behaviour is not supported by the libraries.
+.It Dv EVP_MD_FLAG_FIPS
+Mark the digest method as suitable for FIPS mode.
+This flag is ignored by both LibreSSL and OpenSSL.
+.It Dv EVP_MD_FLAG_ONESHOT
+Intended to indicate that the digest method can only handle one block
+of input, but actually, this flag is ignored by both LibreSSL and OpenSSL.
+.El
.Pp
.Fn EVP_MD_pkey_type
returns the NID of the public key signing algorithm associated with this
.Xr EVP_DigestInit 3 ,
.Xr EVP_MD_CTX_ctrl 3 ,
.Xr OBJ_nid2obj 3
+.Sh STANDARDS
+RFC 5754: Using SHA2 Algorithms with Cryptographic Message Syntax
+.Bl -dash -compact -offset indent
+.It
+section 2: Message Digest Algorithms
+.El
.Sh HISTORY
.Fn EVP_MD_size
first appeared in SSLeay 0.6.6,
projects / openbsd / commitdiff