void DES_set_odd_parity(DES_cblock *key);
int DES_is_weak_key(const_DES_cblock *key);
- void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks, int enc);
- void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
- void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, int enc);
- void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc);
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
int numbits, long length, DES_key_schedule *schedule,
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
int numbits, long length, DES_key_schedule *schedule,
DES_cblock *ivec);
- void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc);
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
int *num);
- void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
const_DES_cblock *inw, const_DES_cblock *outw, int enc);
void DES_ede2_cbc_encrypt(const unsigned char *input,
unsigned char *output, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
int enc);
- void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
+ void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
int enc);
- void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
- void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
DES_cblock *ivec, int *num);
- DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
- long length, DES_key_schedule *schedule,
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
const_DES_cblock *ivec);
- DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
long length, int out_count, DES_cblock *seed);
void DES_string_to_key(const char *str, DES_cblock *key);
void DES_string_to_2keys(const char *str, DES_cblock *key1,
seeded prior to calling DH_generate_parameters().
B<prime_len> is the length in bits of the safe prime to be generated.
-B<generator> is a small number E<gt> 1, typically 2 or 5.
+B<generator> is a small number E<gt> 1, typically 2 or 5.
A callback function may be used to provide feedback about the progress
of the key generation. If B<callback> is not B<NULL>, it will be
DSA_get_default_method() returns a pointer to the current default
DSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
+whether the ENGINE API is being used, so this function is no longer
recommended.
DSA_set_method() selects B<meth> to perform all operations using the key
ERR_get_last_error_line_data() store additional data and flags
associated with the error code in *B<data>
and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING> is true.
+if *B<flags>&B<ERR_TXT_STRING> is true.
An application B<MUST NOT> free the *B<data> pointer (or any other pointers
returned by these functions) with OPENSSL_free() as freeing is handled
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s);
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
#define EVP_MAX_MD_SIZE 64 /* SHA512 */
int EVP_MD_type(const EVP_MD *md);
- int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
-and RIPEMD160 digest algorithms respectively.
+and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm. Note: there is
+algorithms but using DSS (DSA) for the signature algorithm. Note: there is
no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
however retained for compatibility.
preference to the low level interfaces. This is because the code then becomes
transparent to the digest used and much more flexible.
-New applications should use the SHA2 digest algorithms such as SHA256.
+New applications should use the SHA2 digest algorithms such as SHA256.
The other digest algorithms are still in common use.
For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
-The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
+The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
obsolete but are retained to maintain compatibility with existing code. New
-applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
+applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
instead of initializing and cleaning it up on each call and allow non default
implementations of digests to be specified.
In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
-memory leaks will occur.
+memory leaks will occur.
Stack allocation of EVP_MD_CTX structures is common, for example:
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+or the operation will fail.
The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_DigestSignUpdate() and
=head1 HISTORY
-EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were first added to OpenSSL 1.0.0.
=cut
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+or the operation will fail.
The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
=head1 HISTORY
-EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were first added to OpenSSL 1.0.0.
=cut
If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more
data and it will return an error if any data remains in a partial block:
-that is if the total data length is not a multiple of the block size.
+that is if the total data length is not a multiple of the block size.
EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the
corresponding decryption operations. EVP_DecryptFinal() will return an
EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
similar way to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and
-EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up
+EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up
after the call.
EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
-EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
+EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
success or zero for failure.
=head1 CIPHER LISTING
=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
-DES in CBC, ECB, CFB and OFB modes respectively.
+DES in CBC, ECB, CFB and OFB modes respectively.
=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)
preference to the low level interfaces. This is because the code then becomes
transparent to the cipher used and much more flexible.
-PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
+PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
length of the encrypted data a multiple of the block size. Padding is always
added so if the data is already a multiple of the block size B<n> will equal
the block size. For example if the block size is 8 and 11 bytes are to be
EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
default key lengths. If custom ciphers exceed these values the results are
-unpredictable. This is because it has become standard practice to define a
+unpredictable. This is because it has become standard practice to define a
generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
The ciphertext from the above example can be decrypted using the B<openssl>
utility with the command line:
-
+
S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
General encryption, decryption function example using FILE I/O and RC2 with an
/* We finished modifying parameters so now we can set key and IV */
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
- for(;;)
+ for(;;)
{
inlen = fread(inbuf, 1, 1024, in);
if(inlen <= 0) break;
The IV is supplied in the B<iv> parameter.
EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
+as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
page.
The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
-RSA_X931_PADDING for X9.31 padding (signature operations only) and
+RSA_X931_PADDING for X9.31 padding (signature operations only) and
RSA_PKCS1_PSS_PADDING (sign and verify only).
Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
for RSA key generation to B<pubexp> currently it should be an odd integer. The
-B<pubexp> pointer is used internally by this function so it should not be
+B<pubexp> pointer is used internally by this function so it should not be
modified or free after the call. If this macro is not called then 65537 is used.
The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=head1 HISTORY
=head1 SEE ALSO
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=cut
EVP_PKEY_CTX *ctx;
unsigned char *out, *in;
- size_t outlen, inlen;
+ size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes key in, inlen are already set up
* and that key is an RSA private key
if (!out)
/* malloc failure */
-
+
if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
/* Error */
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
if (!skey)
/* malloc failure */
-
+
if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
/* Error */
EVP_PKEY_CTX *ctx;
unsigned char *out, *in;
- size_t outlen, inlen;
+ size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes key in, inlen are already set up
* and that key is an RSA public key
if (!out)
/* malloc failure */
-
+
if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
/* Error */
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
The EVP_PKEY_keygen_init() function initializes a public key algorithm
context using key B<pkey> for a key genration operation.
-The EVP_PKEY_keygen() function performs a key generation operation, the
+The EVP_PKEY_keygen() function performs a key generation operation, the
generated key is written to B<ppkey>.
The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
=head1 DESCRIPTION
-The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
+The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
structure which is used by OpenSSL to store private keys.
EVP_PKEY_free() frees up the private key B<key>.
=head1 NOTES
-Currently no public key algorithms include any options in the B<pctx> parameter
+Currently no public key algorithms include any options in the B<pctx> parameter
parameter.
If the key does not include all the components indicated by the function then
=head1 SEE ALSO
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=head1 HISTORY
EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
+EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
an error occurred.
EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
EVP_PKEY_CTX *ctx;
unsigned char *md, *sig;
- size_t mdlen, siglen;
+ size_t mdlen, siglen;
EVP_PKEY *signing_key;
/* NB: assumes signing_key, md and mdlen are already set up
* and that signing_key is an RSA private key
if (!sig)
/* malloc failure */
-
+
if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
/* Error */
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
EVP_PKEY_CTX *ctx;
unsigned char *md, *sig;
- size_t mdlen, siglen;
+ size_t mdlen, siglen;
EVP_PKEY *verify_key;
/* NB: assumes verify_key, sig, siglen md and mdlen are already set up
* and that verify_key is an RSA public key
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
=head1 NOTES
Normally an application is only interested in whether a signature verification
-operation is successful in those cases the EVP_verify() function should be
+operation is successful in those cases the EVP_verify() function should be
used.
Sometimes however it is useful to obtain the data originally signed using a
EVP_PKEY_CTX *ctx;
unsigned char *rout, *sig;
- size_t routlen, siglen;
+ size_t routlen, siglen;
EVP_PKEY *verify_key;
/* NB: assumes verify_key, sig and siglen are already set up
* and that verify_key is an RSA public key
if (!rout)
/* malloc failure */
-
+
if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
/* Error */
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
and can be B<NULL>.
EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
+as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
+page.
=head1 RETURN VALUES
EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
places the signature in B<sig>. The number of bytes of data written (i.e. the
length of the signature) will be written to the integer at B<s>, at most
-EVP_PKEY_size(pkey) bytes will be written.
+EVP_PKEY_size(pkey) bytes will be written.
EVP_SignInit() initializes a signing context B<ctx> to use the default
implementation of digest B<type>.
Due to the link between message digests and public key algorithms the correct
digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
+algorithms and associated public key algorithms appears in
L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
When signing with DSA private keys the random number generator must be seeded
=head1 BUGS
-Older versions of this documentation wrongly stated that calls to
+Older versions of this documentation wrongly stated that calls to
EVP_SignUpdate() could not be made after calling EVP_SignFinal().
Since the private key is passed in the call to EVP_SignFinal() any error
Due to the link between message digests and public key algorithms the correct
digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
+algorithms and associated public key algorithms appears in
L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
=head1 BUGS
-Older versions of this documentation wrongly stated that calls to
+Older versions of this documentation wrongly stated that calls to
EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
Since the public key is passed in the call to EVP_SignFinal() any error
=head1 RETURN VALUES
-MD2(), MD4(), and MD5() return pointers to the hash value.
+MD2(), MD4(), and MD5() return pointers to the hash value.
MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
The ASN1 object utility functions process ASN1_OBJECT structures which are
a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
+OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
an ASN1_OBJECT structure, its long name and its short name respectively,
or B<NULL> is an error occurred.
OBJ_dup() returns a copy of B<o>.
-OBJ_create() adds a new object to the internal table. B<oid> is the
+OBJ_create() adds a new object to the internal table. B<oid> is the
numerical form of the object, B<sn> the short name and B<ln> the
long name. A new NID is returned for the created object.
new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
obj = OBJ_nid2obj(new_nid);
-
+
Create a new object directly:
obj = OBJ_txt2obj("1.2.3.4", 1);
=head1 BUGS
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
+OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
convention of other OpenSSL functions where the buffer can be set
to B<NULL> to determine the amount of data that should be written.
Instead B<buf> must point to a valid buffer and B<buf_len> should
The environment variable B<OPENSSL_CONF> can be set to specify the location
of the configuration file.
-
+
Currently ASN1 OBJECTs and ENGINE configuration can be performed future
versions of OpenSSL will add new configuration options.
=head1 NOTES
-If the simple configuration function OPENSSL_config() is called then
+If the simple configuration function OPENSSL_config() is called then
OPENSSL_load_builtin_modules() is called automatically.
Applications which use the configuration functions directly will need to
-call OPENSSL_load_builtin_modules() themselves I<before> any other
+call OPENSSL_load_builtin_modules() themselves I<before> any other
configuration code.
Applications should call OPENSSL_load_builtin_modules() to load all
-configuration modules instead of adding modules selectively: otherwise
+configuration modules instead of adding modules selectively: otherwise
functionality may be missing from the application if an when new
modules are added.
any trust settings are discarded.
The B<X509_AUX> functions process a trusted X509 certificate using
-an X509 structure.
+an X509 structure.
The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
certificate request using an X509_REQ structure. The B<X509_REQ>
This old B<PrivateKey> routines use a non standard technique for encryption.
-The private key (or other data) takes the following form:
+The private key (or other data) takes the following form:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
PEM_read_bio_X509(bp, &x, 0, NULL);
-where B<x> already contains a valid certificate, may not work, whereas:
+where B<x> already contains a valid certificate, may not work, whereas:
X509_free(x);
x = PEM_read_bio_X509(bp, NULL, 0, NULL);
a fatal error is returned.
B<nid_key> or B<nid_cert> can be set to -1 indicating that no encryption
-should be used.
+should be used.
B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
respectively.
The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
-its parameters.
+its parameters.
Many browsers implement a "sign and encrypt" option which is simply an S/MIME
envelopedData containing an S/MIME signed message. This can be readily produced
If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
complete and outputting its contents via a function that does not
-properly finalize the B<PKCS7> structure will give unpredictable
+properly finalize the B<PKCS7> structure will give unpredictable
results.
Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
the certificate to sign with, B<pkey> is the corresponsding private key.
B<certs> is an optional additional set of certificates to include in the PKCS#7
-structure (for example any intermediate CAs in the chain).
+structure (for example any intermediate CAs in the chain).
The data to be signed is read from BIO B<data>.
An error occurs if a matching digest value cannot be found to copy. The
returned PKCS7 structure will be valid and finalized when this flag is set.
-If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
needed to finalize it.
PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
-structure just added, this can be used to set additional attributes
+structure just added, this can be used to set additional attributes
before it is finalized.
=head1 RETURN VALUES
to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
meaningful to PKCS7_get0_signers().
-If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
+If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
searched when locating the signer's certificate. This means that all the signers
certificates must be in the B<certs> parameter.
signer cannot be found.
Care should be taken when modifying the default verify behaviour, for example
-setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
+setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
and any signed message will be considered valid. This combination is however
useful if one merely wishes to write the content to B<out> and its validity
is not considered important.
seeding process whenever the application is started.
L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-PRNG.
+PRNG.
=head1 INTERNALS
L<RAND_load_file(3)|RAND_load_file(3)>,
L<RAND_bytes(3)|RAND_bytes(3)>,
L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<RAND_cleanup(3)|RAND_cleanup(3)>
=cut
=head1 RETURN VALUES
-RIPEMD160() returns a pointer to the hash value.
+RIPEMD160() returns a pointer to the hash value.
RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
success, 0 otherwise.
int RSA_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
+ int RSA_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
=head1 DESCRIPTION
RSA_get_default_method() returns a pointer to the current default
RSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
+whether the ENGINE API is being used, so this function is no longer
recommended.
RSA_set_method() selects B<meth> to perform all operations using the key
L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
+L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
=head1 HISTORY
=head1 RETURN VALUES
-SHA1() returns a pointer to the hash value.
+SHA1() returns a pointer to the hash value.
SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise.
B<type> and value determined by B<bytes> and B<len>.
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
+and X509_NAME_ENTRY_create_by_OBJ() create and return an
B<X509_NAME_ENTRY> structure.
=head1 NOTES
X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
-used to examine an B<X509_NAME_ENTRY> function as returned by
+used to examine an B<X509_NAME_ENTRY> function as returned by
X509_NAME_get_entry() for example.
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
+and X509_NAME_ENTRY_create_by_OBJ() create and return an
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
RelativeDistinguishedName (RDN).
B<loc> actually determines the index where the new entry is inserted:
-if it is -1 it is appended.
+if it is -1 it is appended.
B<set> determines how the new type is added. If it is zero a
new RDN is created.
will be written and the text written to B<buf> will be null
terminated. The length of the output string written is returned
excluding the terminating null. If B<buf> is <NULL> then the amount
-of space needed in B<buf> (excluding the final null) is returned.
+of space needed in B<buf> (excluding the final null) is returned.
=head1 NOTES
bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
and returned, otherwise B<buf> is returned.
-X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
+X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
characters. Multiple lines are used if the output (including indent) exceeds
80 characters.
If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
is only of use for multiline format.
-Additionally all the options supported by ASN1_STRING_print_ex() can be used to
+Additionally all the options supported by ASN1_STRING_print_ex() can be used to
control how each field value is displayed.
In addition a number options can be set for commonly used formats.
This mechanism is used internally by the B<ssl> library to store the B<SSL>
structure associated with a verification operation in an B<X509_STORE_CTX>
-structure.
+structure.
=head1 SEE ALSO
all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
-to B<sk>. This is an alternative way of specifying trusted certificates
+to B<sk>. This is an alternative way of specifying trusted certificates
instead of using an B<X509_STORE>.
X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
Full featured logging callback. In this case the B<bio_err> is assumed to be
a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
B<ex_data>.
-
+
int verify_callback(int ok, X509_STORE_CTX *ctx)
{
X509 *err_cert;
=head1 NOTES
-The verification callback from an B<X509_STORE> is inherited by
+The verification callback from an B<X509_STORE> is inherited by
the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
-be used to set the verification callback when the B<X509_STORE_CTX> is
+be used to set the verification callback when the B<X509_STORE_CTX> is
otherwise inaccessible (for example during S/MIME verification).
=head1 BUGS
-The macro version of this function was the only one available before
+The macro version of this function was the only one available before
OpenSSL 1.0.0.
=head1 RETURN VALUES
=head1 NAME
-X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters
=head1 SYNOPSIS
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
- int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
STACK_OF(ASN1_OBJECT) *policies);
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
=head1 DESCRIPTION
These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
-a certificate verification operation.
+a certificate verification operation.
The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
to B<purpose>. This determines the acceptable purpose of the certificate
chain, for example SSL client or SSL server.
-X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
B<trust>.
X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
=head1 RETURN VALUES
-X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
-for success and 0 for failure.
+for success and 0 for failure.
X509_VERIFY_PARAM_get_flags() returns the current verification flags.
ored together.
B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
-certificate. An error occurs if a suitable CRL cannot be found.
+certificate. An error occurs if a suitable CRL cannot be found.
B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
chain.
B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
-no policy checking is peformed. Additional information is sent to the
+no policy checking is peformed. Additional information is sent to the
verification callback relating to policy checking.
B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
=head1 BUGS
Delta CRL checking is currently primitive. Only a single delta can be used and
-(partly due to limitations of B<X509_STORE>) constructed CRLs are not
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not
maintained.
If CRLs checking is enable CRLs are expected to be available in the
=head1 EXAMPLE
-Enable CRL checking when performing certificate verification during SSL
+Enable CRL checking when performing certificate verification during SSL
connections associated with an B<SSL_CTX> structure B<ctx>:
X509_VERIFY_PARAM *param;
The B<DSA> structure passed to the private key encoding functions should have
all the private key components present.
-The data encoded by the private key functions is unencrypted and therefore
+The data encoded by the private key functions is unencrypted and therefore
offers no private key security.
The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
The B<RSA> structure passed to the private key encoding functions should have
all the PKCS#1 private key components present.
-The data encoded by the private key functions is unencrypted and therefore
-offers no private key security.
+The data encoded by the private key functions is unencrypted and therefore
+offers no private key security.
The NET format functions are present to provide compatibility with certain very
old software. This format has some severe security weaknesses and should be
The X509 encode and decode routines encode and parse an
B<X509> structure, which represents an X509 certificate.
-d2i_X509() attempts to decode B<len> bytes at B<*in>. If
+d2i_X509() attempts to decode B<len> bytes at B<*in>. If
successful a pointer to the B<X509> structure is returned. If an error
occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
returned structure is written to B<*px>. If B<*px> is not B<NULL>
If B<out> is not B<NULL> is writes the DER encoded data to the buffer
at B<*out>, and increments it to point after the data just written.
If the return value is negative an error occurred, otherwise it
-returns the length of the encoded data.
+returns the length of the encoded data.
For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
allocated for a buffer and the encoded data written to it. In this
=head1 BUGS
-In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
+In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
B<*px> is valid is broken and some parts of the reused structure may
persist if they are not present in the new one. As a result the use
of this "reuse" behaviour is strongly discouraged.
d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)|ERR_get_error(3)>.
i2d_X509() returns the number of bytes successfully encoded or a negative
value if an error occurs. The error code can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)|ERR_get_error(3)>.
-i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
-occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
+occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
=head1 SEE ALSO
L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)>
+L<RSA_print(3)|RSA_print(3)>
=cut
Although low level algorithm specific functions exist for many algorithms
their use is discouraged. They cannot be used with an ENGINE and ENGINE
versions of new algorithms cannot be accessed using the low level functions.
-Also makes code harder to adapt to new algorithms and some options are not
+Also makes code harder to adapt to new algorithms and some options are not
cleanly supported at the low level and some operations are more efficient
using the high level interface.
unsigned char *to, RSA *rsa, int padding);
int RSA_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
+ int RSA_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
int RSA_sign(int type, unsigned char *m, unsigned int m_len,
L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
+L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
=cut
ASN1_STRING_print() is a legacy function which should be avoided in new applications.
-Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is
+Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is
suitable, or on UTF8 terminals B<ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB>.
The complete set of supported options for B<flags> is listed below.
one byte per character, if B<ASN1_STRFLGS_DUMP_UNKNOWN> is set then they will
be dumped instead.
-When a type is dumped normally just the content octets are printed, if
+When a type is dumped normally just the content octets are printed, if
B<ASN1_STRFLGS_DUMP_DER> is set then the complete encoding is dumped
instead (including tag and length octets).
This encodes a boolean type. The B<value> string is mandatory and
should be B<TRUE> or B<FALSE>. Additionally B<TRUE>, B<true>, B<Y>,
B<y>, B<YES>, B<yes>, B<FALSE>, B<false>, B<N>, B<n>, B<NO> and B<no>
-are acceptable.
+are acceptable.
=item B<NULL>
=item B<UTCTIME>, B<UTC>
Encodes an ASN1 B<UTCTime> structure, the value should be in
-the format B<YYMMDDHHMMSSZ>.
+the format B<YYMMDDHHMMSSZ>.
=item B<GENERALIZEDTIME>, B<GENTIME>
Encodes an ASN1 B<GeneralizedTime> structure, the value should be in
-the format B<YYYYMMDDHHMMSSZ>.
+the format B<YYYYMMDDHHMMSSZ>.
=item B<OCTETSTRING>, B<OCT>
The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt()
all operate on variable length data. They all take an initialization vector
-B<ivec> which needs to be passed along into the next call of the same function
+B<ivec> which needs to be passed along into the next call of the same function
for the same message. B<ivec> may be initialized with anything, but the
recipient needs to know what it was initialized with, or it won't be able
to decrypt. Some programs and protocols simplify this, like SSH, where
=head1 NOTES
BIO_flush(), because it can write data may return 0 or -1 indicating
-that the call should be retried later in a similar manner to BIO_write().
+that the call should be retried later in a similar manner to BIO_write().
The BIO_should_retry() call should be used and appropriate action taken
is the call fails.
Some of the return values are ambiguous and care should be taken. In
particular a return value of 0 can be returned if an operation is not
supported, if an error occurred, if EOF has not been reached and in
-the case of BIO_seek() on a file BIO for a successful operation.
+the case of BIO_seek() on a file BIO for a successful operation.
=head1 SEE ALSO
BIO that base64 encodes any data written through it and decodes
any data read through it.
-Base64 BIOs do not support BIO_gets() or BIO_puts().
+Base64 BIOs do not support BIO_gets() or BIO_puts().
BIO_flush() on a base64 BIO that is being written through is
used to signal that no more data is to be encoded: this is used
bio = BIO_new_fp(stdin, BIO_NOCLOSE);
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
- while((inlen = BIO_read(bio, inbuf, 512)) > 0)
+ while((inlen = BIO_read(bio, inbuf, 512)) > 0)
BIO_write(bio_out, inbuf, inlen);
BIO_free_all(bio);
read from it. It is a BIO wrapper for the cipher routines
EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
-Cipher BIOs do not support BIO_gets() or BIO_puts().
+Cipher BIOs do not support BIO_gets() or BIO_puts().
BIO_flush() on an encryption BIO that is being written through is
used to signal that no more data is to be encrypted: this is used
BIO_set_accept_bios() can be used to set a chain of BIOs which
will be duplicated and prepended to the chain when an incoming
-connection is received. This is useful if, for example, a
+connection is received. This is useful if, for example, a
buffering or SSL BIO is required for each connection. The
chain of BIOs must not be freed after this call, they will
be automatically freed when the accept BIO is freed.
if(BIO_do_accept(abio) <= 0) {
fprintf(stderr, "Error setting up accept\n");
ERR_print_errors_fp(stderr);
- exit(0);
+ exit(0);
}
/* Wait for incoming connection */
if(BIO_do_accept(abio) <= 0) {
fprintf(stderr, "Error accepting connection\n");
ERR_print_errors_fp(stderr);
- exit(0);
+ exit(0);
}
fprintf(stderr, "Connection 1 established\n");
/* Retrieve BIO for connection */
if(BIO_do_accept(abio) <= 0) {
fprintf(stderr, "Error accepting connection\n");
ERR_print_errors_fp(stderr);
- exit(0);
+ exit(0);
}
fprintf(stderr, "Connection 2 established\n");
/* Close accept BIO to refuse further connections */
=head1 NAME
-BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
+BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
BIO_shutdown_wr() is used to close down a BIO B<b>. After this call no further
writes on BIO B<b> are allowed (they will return an error). Reads on the other
half of the pair will return any pending data or EOF when all pending data has
-been read.
+been read.
BIO_set_write_buf_size() sets the write buffer size of BIO B<b> to B<size>.
If the size is not initialized a default value is used. This is currently
BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
is set. Blocking I/O is the default. The call to BIO_set_nbio()
-should be made before the connection is established because
+should be made before the connection is established because
non blocking I/O is set during the connect process.
BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
/* whatever ... */
}
BIO_puts(cbio, "GET / HTTP/1.0\n\n");
- for(;;) {
+ for(;;) {
len = BIO_read(cbio, tmpbuf, 1024);
if(len <= 0) break;
BIO_write(out, tmpbuf, len);
=head1 NOTES
The behaviour of BIO_read() and BIO_write() depends on the behavior of the
-platforms read() and write() calls on the descriptor. If the underlying
+platforms read() and write() calls on the descriptor. If the underlying
file descriptor is in a non blocking mode then the BIO will behave in the
manner described in the L<BIO_read(3)|BIO_read(3)> and L<BIO_should_retry(3)|BIO_should_retry(3)>
manual pages.
=head1 DESCRIPTION
-BIO_s_mem() return the memory BIO method function.
+BIO_s_mem() return the memory BIO method function.
A memory BIO is a source/sink BIO which uses memory for its I/O. Data
written to a memory BIO is stored in a BUF_MEM structure which is extended
Create a memory BIO and write some data to it:
BIO *mem = BIO_new(BIO_s_mem());
- BIO_puts(mem, "Hello World\n");
+ BIO_puts(mem, "Hello World\n");
Create a read only memory BIO:
BIO_get_mem_ptr(mem, &bptr);
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
BIO_free(mem);
-
+
=head1 SEE ALSO
these.
BIO_get_retry_BIO() determines the precise reason for the special
-condition, it returns the BIO that caused this condition and if
+condition, it returns the BIO that caused this condition and if
B<reason> is not NULL it contains the reason code. The meaning of
the reason code and the action that should be taken depends on
the type of BIO that resulted in this condition.
conditions of several non blocking BIOs in a single select() call
it is possible to service several BIOs in a single thread, though
the performance may be poor if SSL BIOs are present because long delays
-can occur during the initial handshake process.
+can occur during the initial handshake process.
It is possible for a BIO to block indefinitely if the underlying I/O
structure cannot process or return any data. This depends on the behaviour of
=head1 NAME
-BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert,
-BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex,
+BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert,
+BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex,
BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_get_flags,
BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM
functions.
BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags
(a B<unsigned long> value).
-BN_BLINDING_create_param() returns the newly created B<BN_BLINDING>
+BN_BLINDING_create_param() returns the newly created B<BN_BLINDING>
parameters or NULL on error.
=head1 SEE ALSO
BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
- int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
+ int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
void *), BN_CTX *ctx, void *cb_arg);
int BN_is_prime_fasttest(const BIGNUM *a, int checks,
=head1 DESCRIPTION
CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
-must be of type signed data or enveloped data.
+must be of type signed data or enveloped data.
CMS_get1_certs() returns all certificates in B<cms>.
=head1 RETURN VALUES
CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
-1 for success and 0 for failure.
+1 for success and 0 for failure.
CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
or NULL if there are none or an error occurs. The only error which will occur
because most clients will support it.
The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
-its parameters.
+its parameters.
Many browsers implement a "sign and encrypt" option which is simply an S/MIME
envelopedData containing an S/MIME signed message. This can be readily produced
CMS_final() finalises the structure B<cms>. It's purpose is to perform any
operations necessary on B<cms> (digest computation for example) and set the
-appropriate fields. The parameter B<data> contains the content to be
+appropriate fields. The parameter B<data> contains the content to be
processed. The B<dcont> parameter contains a BIO to write content to after
processing: this is only used with detached data and will usually be set to
NULL.
CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient
identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
-B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
+B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
=head1 RETURN VALUES
-CMS_ReceiptRequest_create0() returns a signed receipt request structure or
+CMS_ReceiptRequest_create0() returns a signed receipt request structure or
NULL if an error occurred.
CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred.
B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
function CMS_sign_add1_signer(), non default digests can be used and custom
attributes added. B<CMS_final()> must then be called to finalize the
-structure if streaming is not enabled.
+structure if streaming is not enabled.
=head1 BUGS
The returned CMS_ContentInfo structure will be valid and finalized when this
flag is set.
-If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
+If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
CMS_SignerInfo structure will not be finalized so additional attributes
can be added. In this case an explicit call to CMS_SignerInfo_sign() is
needed to finalize it.
not loaded.
CMS_sign_add1_signer() returns an internal pointer to the CMS_SignerInfo
-structure just added, this can be used to set additional attributes
+structure just added, this can be used to set additional attributes
before it is finalized.
=head1 RETURN VALUES
If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
verified.
-If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
+If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
verified.
If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
signer cannot be found.
In some cases the standard techniques for looking up and validating
-certificates are not appropriate: for example an application may wish to
+certificates are not appropriate: for example an application may wish to
lookup certificates in a database or perform customised verification. This
-can be achieved by setting and verifying the signers certificates manually
+can be achieved by setting and verifying the signers certificates manually
using the signed data utility functions.
Care should be taken when modifying the default verify behaviour, for example
-setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
+setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
and any modified content will be considered valid. This combination is however
useful if one merely wishes to write the content to B<out> and its validity
is not considered important.
receipt to verify. B<ocms> is the original SignedData structure containing the
receipt request. B<certs> is a set of certificates in which to search for the
signing certificate. B<store> is a trusted certificate store (used for chain
-verification).
+verification).
B<flags> is an optional set of flags, which can be used to modify the verify
operation.
The behaviour can be cutomized using B<flags>.
CONF_modules_load() is idential to CONF_modules_load_file() except it
-read configuration information from B<cnf>.
+read configuration information from B<cnf>.
=head1 NOTES
threadid_func.
locking_function(int mode, int n, const char *file, int line) is
-needed to perform locking on shared data structures.
+needed to perform locking on shared data structures.
(Note that OpenSSL uses a number of global data structures that
will be implicitly shared whenever multiple threads use OpenSSL.)
Multi-threaded applications will crash at random if it is not set.
void DES_set_odd_parity(DES_cblock *key);
int DES_is_weak_key(const_DES_cblock *key);
- void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks, int enc);
- void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
- void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, int enc);
- void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc);
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
int numbits, long length, DES_key_schedule *schedule,
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
int numbits, long length, DES_key_schedule *schedule,
DES_cblock *ivec);
- void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc);
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
int *num);
- void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
const_DES_cblock *inw, const_DES_cblock *outw, int enc);
void DES_ede2_cbc_encrypt(const unsigned char *input,
unsigned char *output, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
int enc);
- void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
+ void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
int enc);
- void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
- void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
DES_cblock *ivec, int *num);
- DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
- long length, DES_key_schedule *schedule,
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
const_DES_cblock *ivec);
- DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
long length, int out_count, DES_cblock *seed);
void DES_string_to_key(const char *str, DES_cblock *key);
void DES_string_to_2keys(const char *str, DES_cblock *key1,
seeded prior to calling DH_generate_parameters().
B<prime_len> is the length in bits of the safe prime to be generated.
-B<generator> is a small number E<gt> 1, typically 2 or 5.
+B<generator> is a small number E<gt> 1, typically 2 or 5.
A callback function may be used to provide feedback about the progress
of the key generation. If B<callback> is not B<NULL>, it will be
DSA_get_default_method() returns a pointer to the current default
DSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
+whether the ENGINE API is being used, so this function is no longer
recommended.
DSA_set_method() selects B<meth> to perform all operations using the key
ERR_get_last_error_line_data() store additional data and flags
associated with the error code in *B<data>
and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING> is true.
+if *B<flags>&B<ERR_TXT_STRING> is true.
An application B<MUST NOT> free the *B<data> pointer (or any other pointers
returned by these functions) with OPENSSL_free() as freeing is handled
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s);
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
#define EVP_MAX_MD_SIZE 64 /* SHA512 */
int EVP_MD_type(const EVP_MD *md);
- int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
-and RIPEMD160 digest algorithms respectively.
+and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm. Note: there is
+algorithms but using DSS (DSA) for the signature algorithm. Note: there is
no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
however retained for compatibility.
preference to the low level interfaces. This is because the code then becomes
transparent to the digest used and much more flexible.
-New applications should use the SHA2 digest algorithms such as SHA256.
+New applications should use the SHA2 digest algorithms such as SHA256.
The other digest algorithms are still in common use.
For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
-The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
+The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
obsolete but are retained to maintain compatibility with existing code. New
-applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
+applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
instead of initializing and cleaning it up on each call and allow non default
implementations of digests to be specified.
In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
-memory leaks will occur.
+memory leaks will occur.
Stack allocation of EVP_MD_CTX structures is common, for example:
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+or the operation will fail.
The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_DigestSignUpdate() and
=head1 HISTORY
-EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were first added to OpenSSL 1.0.0.
=cut
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+or the operation will fail.
The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
=head1 HISTORY
-EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were first added to OpenSSL 1.0.0.
=cut
If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more
data and it will return an error if any data remains in a partial block:
-that is if the total data length is not a multiple of the block size.
+that is if the total data length is not a multiple of the block size.
EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the
corresponding decryption operations. EVP_DecryptFinal() will return an
EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
similar way to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and
-EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up
+EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up
after the call.
EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
-EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
+EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
success or zero for failure.
=head1 CIPHER LISTING
=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
-DES in CBC, ECB, CFB and OFB modes respectively.
+DES in CBC, ECB, CFB and OFB modes respectively.
=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)
preference to the low level interfaces. This is because the code then becomes
transparent to the cipher used and much more flexible.
-PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
+PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
length of the encrypted data a multiple of the block size. Padding is always
added so if the data is already a multiple of the block size B<n> will equal
the block size. For example if the block size is 8 and 11 bytes are to be
EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
default key lengths. If custom ciphers exceed these values the results are
-unpredictable. This is because it has become standard practice to define a
+unpredictable. This is because it has become standard practice to define a
generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
The ciphertext from the above example can be decrypted using the B<openssl>
utility with the command line:
-
+
S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
General encryption, decryption function example using FILE I/O and RC2 with an
/* We finished modifying parameters so now we can set key and IV */
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
- for(;;)
+ for(;;)
{
inlen = fread(inbuf, 1, 1024, in);
if(inlen <= 0) break;
The IV is supplied in the B<iv> parameter.
EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
+as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
page.
The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
-RSA_X931_PADDING for X9.31 padding (signature operations only) and
+RSA_X931_PADDING for X9.31 padding (signature operations only) and
RSA_PKCS1_PSS_PADDING (sign and verify only).
Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
for RSA key generation to B<pubexp> currently it should be an odd integer. The
-B<pubexp> pointer is used internally by this function so it should not be
+B<pubexp> pointer is used internally by this function so it should not be
modified or free after the call. If this macro is not called then 65537 is used.
The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=head1 HISTORY
=head1 SEE ALSO
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=cut
EVP_PKEY_CTX *ctx;
unsigned char *out, *in;
- size_t outlen, inlen;
+ size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes key in, inlen are already set up
* and that key is an RSA private key
if (!out)
/* malloc failure */
-
+
if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
/* Error */
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
if (!skey)
/* malloc failure */
-
+
if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
/* Error */
EVP_PKEY_CTX *ctx;
unsigned char *out, *in;
- size_t outlen, inlen;
+ size_t outlen, inlen;
EVP_PKEY *key;
/* NB: assumes key in, inlen are already set up
* and that key is an RSA public key
if (!out)
/* malloc failure */
-
+
if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
/* Error */
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
The EVP_PKEY_keygen_init() function initializes a public key algorithm
context using key B<pkey> for a key genration operation.
-The EVP_PKEY_keygen() function performs a key generation operation, the
+The EVP_PKEY_keygen() function performs a key generation operation, the
generated key is written to B<ppkey>.
The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
=head1 DESCRIPTION
-The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
+The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
structure which is used by OpenSSL to store private keys.
EVP_PKEY_free() frees up the private key B<key>.
=head1 NOTES
-Currently no public key algorithms include any options in the B<pctx> parameter
+Currently no public key algorithms include any options in the B<pctx> parameter
parameter.
If the key does not include all the components indicated by the function then
=head1 SEE ALSO
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
=head1 HISTORY
EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
+EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
an error occurred.
EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
EVP_PKEY_CTX *ctx;
unsigned char *md, *sig;
- size_t mdlen, siglen;
+ size_t mdlen, siglen;
EVP_PKEY *signing_key;
/* NB: assumes signing_key, md and mdlen are already set up
* and that signing_key is an RSA private key
if (!sig)
/* malloc failure */
-
+
if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
/* Error */
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
EVP_PKEY_CTX *ctx;
unsigned char *md, *sig;
- size_t mdlen, siglen;
+ size_t mdlen, siglen;
EVP_PKEY *verify_key;
/* NB: assumes verify_key, sig, siglen md and mdlen are already set up
* and that verify_key is an RSA public key
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
=head1 NOTES
Normally an application is only interested in whether a signature verification
-operation is successful in those cases the EVP_verify() function should be
+operation is successful in those cases the EVP_verify() function should be
used.
Sometimes however it is useful to obtain the data originally signed using a
EVP_PKEY_CTX *ctx;
unsigned char *rout, *sig;
- size_t routlen, siglen;
+ size_t routlen, siglen;
EVP_PKEY *verify_key;
/* NB: assumes verify_key, sig and siglen are already set up
* and that verify_key is an RSA public key
if (!rout)
/* malloc failure */
-
+
if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
/* Error */
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
and can be B<NULL>.
EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
+as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
+page.
=head1 RETURN VALUES
EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
places the signature in B<sig>. The number of bytes of data written (i.e. the
length of the signature) will be written to the integer at B<s>, at most
-EVP_PKEY_size(pkey) bytes will be written.
+EVP_PKEY_size(pkey) bytes will be written.
EVP_SignInit() initializes a signing context B<ctx> to use the default
implementation of digest B<type>.
Due to the link between message digests and public key algorithms the correct
digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
+algorithms and associated public key algorithms appears in
L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
When signing with DSA private keys the random number generator must be seeded
=head1 BUGS
-Older versions of this documentation wrongly stated that calls to
+Older versions of this documentation wrongly stated that calls to
EVP_SignUpdate() could not be made after calling EVP_SignFinal().
Since the private key is passed in the call to EVP_SignFinal() any error
Due to the link between message digests and public key algorithms the correct
digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
+algorithms and associated public key algorithms appears in
L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
=head1 BUGS
-Older versions of this documentation wrongly stated that calls to
+Older versions of this documentation wrongly stated that calls to
EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
Since the public key is passed in the call to EVP_SignFinal() any error
=head1 RETURN VALUES
-MD2(), MD4(), and MD5() return pointers to the hash value.
+MD2(), MD4(), and MD5() return pointers to the hash value.
MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
The ASN1 object utility functions process ASN1_OBJECT structures which are
a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
+OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
an ASN1_OBJECT structure, its long name and its short name respectively,
or B<NULL> is an error occurred.
OBJ_dup() returns a copy of B<o>.
-OBJ_create() adds a new object to the internal table. B<oid> is the
+OBJ_create() adds a new object to the internal table. B<oid> is the
numerical form of the object, B<sn> the short name and B<ln> the
long name. A new NID is returned for the created object.
new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
obj = OBJ_nid2obj(new_nid);
-
+
Create a new object directly:
obj = OBJ_txt2obj("1.2.3.4", 1);
=head1 BUGS
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
+OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
convention of other OpenSSL functions where the buffer can be set
to B<NULL> to determine the amount of data that should be written.
Instead B<buf> must point to a valid buffer and B<buf_len> should
The environment variable B<OPENSSL_CONF> can be set to specify the location
of the configuration file.
-
+
Currently ASN1 OBJECTs and ENGINE configuration can be performed future
versions of OpenSSL will add new configuration options.
=head1 NOTES
-If the simple configuration function OPENSSL_config() is called then
+If the simple configuration function OPENSSL_config() is called then
OPENSSL_load_builtin_modules() is called automatically.
Applications which use the configuration functions directly will need to
-call OPENSSL_load_builtin_modules() themselves I<before> any other
+call OPENSSL_load_builtin_modules() themselves I<before> any other
configuration code.
Applications should call OPENSSL_load_builtin_modules() to load all
-configuration modules instead of adding modules selectively: otherwise
+configuration modules instead of adding modules selectively: otherwise
functionality may be missing from the application if an when new
modules are added.
any trust settings are discarded.
The B<X509_AUX> functions process a trusted X509 certificate using
-an X509 structure.
+an X509 structure.
The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
certificate request using an X509_REQ structure. The B<X509_REQ>
This old B<PrivateKey> routines use a non standard technique for encryption.
-The private key (or other data) takes the following form:
+The private key (or other data) takes the following form:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
PEM_read_bio_X509(bp, &x, 0, NULL);
-where B<x> already contains a valid certificate, may not work, whereas:
+where B<x> already contains a valid certificate, may not work, whereas:
X509_free(x);
x = PEM_read_bio_X509(bp, NULL, 0, NULL);
a fatal error is returned.
B<nid_key> or B<nid_cert> can be set to -1 indicating that no encryption
-should be used.
+should be used.
B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
respectively.
The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
-its parameters.
+its parameters.
Many browsers implement a "sign and encrypt" option which is simply an S/MIME
envelopedData containing an S/MIME signed message. This can be readily produced
If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
complete and outputting its contents via a function that does not
-properly finalize the B<PKCS7> structure will give unpredictable
+properly finalize the B<PKCS7> structure will give unpredictable
results.
Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
the certificate to sign with, B<pkey> is the corresponsding private key.
B<certs> is an optional additional set of certificates to include in the PKCS#7
-structure (for example any intermediate CAs in the chain).
+structure (for example any intermediate CAs in the chain).
The data to be signed is read from BIO B<data>.
An error occurs if a matching digest value cannot be found to copy. The
returned PKCS7 structure will be valid and finalized when this flag is set.
-If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
needed to finalize it.
PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
-structure just added, this can be used to set additional attributes
+structure just added, this can be used to set additional attributes
before it is finalized.
=head1 RETURN VALUES
to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
meaningful to PKCS7_get0_signers().
-If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
+If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
searched when locating the signer's certificate. This means that all the signers
certificates must be in the B<certs> parameter.
signer cannot be found.
Care should be taken when modifying the default verify behaviour, for example
-setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
+setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
and any signed message will be considered valid. This combination is however
useful if one merely wishes to write the content to B<out> and its validity
is not considered important.
seeding process whenever the application is started.
L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-PRNG.
+PRNG.
=head1 INTERNALS
L<RAND_load_file(3)|RAND_load_file(3)>,
L<RAND_bytes(3)|RAND_bytes(3)>,
L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<RAND_cleanup(3)|RAND_cleanup(3)>
=cut
=head1 RETURN VALUES
-RIPEMD160() returns a pointer to the hash value.
+RIPEMD160() returns a pointer to the hash value.
RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
success, 0 otherwise.
int RSA_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
+ int RSA_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
=head1 DESCRIPTION
RSA_get_default_method() returns a pointer to the current default
RSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
+whether the ENGINE API is being used, so this function is no longer
recommended.
RSA_set_method() selects B<meth> to perform all operations using the key
L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
+L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
=head1 HISTORY
=head1 RETURN VALUES
-SHA1() returns a pointer to the hash value.
+SHA1() returns a pointer to the hash value.
SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise.
B<type> and value determined by B<bytes> and B<len>.
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
+and X509_NAME_ENTRY_create_by_OBJ() create and return an
B<X509_NAME_ENTRY> structure.
=head1 NOTES
X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
-used to examine an B<X509_NAME_ENTRY> function as returned by
+used to examine an B<X509_NAME_ENTRY> function as returned by
X509_NAME_get_entry() for example.
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
+and X509_NAME_ENTRY_create_by_OBJ() create and return an
X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
RelativeDistinguishedName (RDN).
B<loc> actually determines the index where the new entry is inserted:
-if it is -1 it is appended.
+if it is -1 it is appended.
B<set> determines how the new type is added. If it is zero a
new RDN is created.
will be written and the text written to B<buf> will be null
terminated. The length of the output string written is returned
excluding the terminating null. If B<buf> is <NULL> then the amount
-of space needed in B<buf> (excluding the final null) is returned.
+of space needed in B<buf> (excluding the final null) is returned.
=head1 NOTES
bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
and returned, otherwise B<buf> is returned.
-X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
+X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
characters. Multiple lines are used if the output (including indent) exceeds
80 characters.
If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
is only of use for multiline format.
-Additionally all the options supported by ASN1_STRING_print_ex() can be used to
+Additionally all the options supported by ASN1_STRING_print_ex() can be used to
control how each field value is displayed.
In addition a number options can be set for commonly used formats.
This mechanism is used internally by the B<ssl> library to store the B<SSL>
structure associated with a verification operation in an B<X509_STORE_CTX>
-structure.
+structure.
=head1 SEE ALSO
all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
-to B<sk>. This is an alternative way of specifying trusted certificates
+to B<sk>. This is an alternative way of specifying trusted certificates
instead of using an B<X509_STORE>.
X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
Full featured logging callback. In this case the B<bio_err> is assumed to be
a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
B<ex_data>.
-
+
int verify_callback(int ok, X509_STORE_CTX *ctx)
{
X509 *err_cert;
=head1 NOTES
-The verification callback from an B<X509_STORE> is inherited by
+The verification callback from an B<X509_STORE> is inherited by
the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
-be used to set the verification callback when the B<X509_STORE_CTX> is
+be used to set the verification callback when the B<X509_STORE_CTX> is
otherwise inaccessible (for example during S/MIME verification).
=head1 BUGS
-The macro version of this function was the only one available before
+The macro version of this function was the only one available before
OpenSSL 1.0.0.
=head1 RETURN VALUES
=head1 NAME
-X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters
=head1 SYNOPSIS
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
- int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
STACK_OF(ASN1_OBJECT) *policies);
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
=head1 DESCRIPTION
These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
-a certificate verification operation.
+a certificate verification operation.
The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
to B<purpose>. This determines the acceptable purpose of the certificate
chain, for example SSL client or SSL server.
-X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
B<trust>.
X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
=head1 RETURN VALUES
-X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
-for success and 0 for failure.
+for success and 0 for failure.
X509_VERIFY_PARAM_get_flags() returns the current verification flags.
ored together.
B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
-certificate. An error occurs if a suitable CRL cannot be found.
+certificate. An error occurs if a suitable CRL cannot be found.
B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
chain.
B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
-no policy checking is peformed. Additional information is sent to the
+no policy checking is peformed. Additional information is sent to the
verification callback relating to policy checking.
B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
=head1 BUGS
Delta CRL checking is currently primitive. Only a single delta can be used and
-(partly due to limitations of B<X509_STORE>) constructed CRLs are not
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not
maintained.
If CRLs checking is enable CRLs are expected to be available in the
=head1 EXAMPLE
-Enable CRL checking when performing certificate verification during SSL
+Enable CRL checking when performing certificate verification during SSL
connections associated with an B<SSL_CTX> structure B<ctx>:
X509_VERIFY_PARAM *param;
bn.top=1. B<neg> is 1 if the number is negative. When a B<BIGNUM> is
B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
-B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
-flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and
+B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
+flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and
BN_get_flags(b,n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
structure B<b>.
=item SYMMETRIC CIPHERS
L<blowfish(3)|blowfish(3)>, L<cast(3)|cast(3)>, L<des(3)|des(3)>,
-L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)>
+L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)>
=item PUBLIC KEY CRYPTOGRAPHY AND KEY AGREEMENT
=item INPUT/OUTPUT, DATA ENCODING
L<asn1(3)|asn1(3)>, L<bio(3)|bio(3)>, L<evp(3)|evp(3)>, L<pem(3)|pem(3)>,
-L<pkcs7(3)|pkcs7(3)>, L<pkcs12(3)|pkcs12(3)>
+L<pkcs7(3)|pkcs7(3)>, L<pkcs12(3)|pkcs12(3)>
=item INTERNAL FUNCTIONS
L<bn(3)|bn(3)>, L<buffer(3)|buffer(3)>, L<lhash(3)|lhash(3)>,
L<objects(3)|objects(3)>, L<stack(3)|stack(3)>,
-L<txt_db(3)|txt_db(3)>
+L<txt_db(3)|txt_db(3)>
=back
The B<DSA> structure passed to the private key encoding functions should have
all the private key components present.
-The data encoded by the private key functions is unencrypted and therefore
+The data encoded by the private key functions is unencrypted and therefore
offers no private key security.
The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
Before using these functions L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
should be called to initialize the internal algorithm lookup tables otherwise errors about
-unknown algorithms will occur if an attempt is made to decrypt a private key.
+unknown algorithms will occur if an attempt is made to decrypt a private key.
These functions are currently the only way to store encrypted private keys using DER format.
The B<RSA> structure passed to the private key encoding functions should have
all the PKCS#1 private key components present.
-The data encoded by the private key functions is unencrypted and therefore
-offers no private key security.
+The data encoded by the private key functions is unencrypted and therefore
+offers no private key security.
The NET format functions are present to provide compatibility with certain very
old software. This format has some severe security weaknesses and should be
The X509 encode and decode routines encode and parse an
B<X509> structure, which represents an X509 certificate.
-d2i_X509() attempts to decode B<len> bytes at B<*in>. If
+d2i_X509() attempts to decode B<len> bytes at B<*in>. If
successful a pointer to the B<X509> structure is returned. If an error
occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
returned structure is written to B<*px>. If B<*px> is not B<NULL>
If B<out> is not B<NULL> is writes the DER encoded data to the buffer
at B<*out>, and increments it to point after the data just written.
If the return value is negative an error occurred, otherwise it
-returns the length of the encoded data.
+returns the length of the encoded data.
For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
allocated for a buffer and the encoded data written to it. In this
=head1 BUGS
-In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
+In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
B<*px> is valid is broken and some parts of the reused structure may
persist if they are not present in the new one. As a result the use
of this "reuse" behaviour is strongly discouraged.
d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)|ERR_get_error(3)>.
i2d_X509() returns the number of bytes successfully encoded or a negative
value if an error occurs. The error code can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)|ERR_get_error(3)>.
-i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
-occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
+occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
=head1 SEE ALSO
L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)>
+L<RSA_print(3)|RSA_print(3)>
=cut
ECDSA_SIG* ECDSA_SIG_new(void);
void ECDSA_SIG_free(ECDSA_SIG *sig);
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
- ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp,
+ ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp,
long len);
ECDSA_SIG* ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *eckey);
- ECDSA_SIG* ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+ ECDSA_SIG* ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kinv, const BIGNUM *rp,
EC_KEY *eckey);
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
unsigned int *siglen, EC_KEY *eckey);
int ECDSA_sign_ex(int type, const unsigned char *dgst,
int dgstlen, unsigned char *sig,
- unsigned int *siglen, const BIGNUM *kinv,
+ unsigned int *siglen, const BIGNUM *kinv,
const BIGNUM *rp, EC_KEY *eckey);
int ECDSA_verify(int type, const unsigned char *dgst,
int dgstlen, const unsigned char *sig,
i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature
B<sig> and writes the encoded signature to B<*pp> (note: if B<pp>
-is NULL B<i2d_ECDSA_SIG> returns the expected length in bytes of
+is NULL B<i2d_ECDSA_SIG> returns the expected length in bytes of
the DER encoded signature). B<i2d_ECDSA_SIG> returns the length
of the DER encoded signature (or 0 on error).
/* error */
}
-Second step: compute the ECDSA signature of a SHA-1 hash value
-using B<ECDSA_do_sign>
+Second step: compute the ECDSA signature of a SHA-1 hash value
+using B<ECDSA_do_sign>
sig = ECDSA_do_sign(digest, 20, eckey);
if (sig == NULL)
Although low level algorithm specific functions exist for many algorithms
their use is discouraged. They cannot be used with an ENGINE and ENGINE
versions of new algorithms cannot be accessed using the low level functions.
-Also makes code harder to adapt to new algorithms and some options are not
+Also makes code harder to adapt to new algorithms and some options are not
cleanly supported at the low level and some operations are more efficient
using the high level interface.
/* Print out the entire hashtable to a particular BIO */
lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO,
logging_bio);
-
+
lh_<type>_error() can be used to determine if an error occurred in the last
operation. lh_<type>_error() is a macro.
In OpenSSL 0.9.7, all lhash functions that were passed function pointers
were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
-LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE
+LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE
became available.
In OpenSSL 1.0.0, the lhash interface was revamped for even better
unsigned char *to, RSA *rsa, int padding);
int RSA_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
+ int RSA_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
int RSA_sign(int type, unsigned char *m, unsigned int m_len,
L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
+L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
=cut
projects / openbsd / commitdiff