-.\" $OpenBSD: DH_get0_pqg.3,v 1.7 2023/03/06 13:25:46 tb Exp $
+.\" $OpenBSD: DH_get0_pqg.3,v 1.8 2024/07/21 08:36:43 tb Exp $
.\" selective merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100
.\"
.\" This file was written by Matt Caswell <matt@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: March 6 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt DH_GET0_PQG 3
.Os
.Sh NAME
are set.
.Pp
.Fn DH_get0_engine
-returns a pointer to the
-.Vt ENGINE
-used by the
-.Vt DH
-object
-.Fa dh ,
-or
-.Dv NULL
-if no engine was set for this object.
+always returns
+.Dv NULL .
.Sh SEE ALSO
.Xr DH_generate_key 3 ,
.Xr DH_generate_parameters 3 ,
-.\" $OpenBSD: DSA_get0_pqg.3,v 1.10 2023/12/29 22:37:47 tb Exp $
+.\" $OpenBSD: DSA_get0_pqg.3,v 1.11 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL e90fc053 Jul 15 09:39:45 2017 -0400
.\"
.\" This file was written by Matt Caswell <matt@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 29 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt DSA_GET0_PQG 3
.Os
.Sh NAME
are set.
.Pp
.Fn DSA_get0_engine
-returns a pointer to the
-.Vt ENGINE
-used by the
-.Vt DSA
-object
-Fa d ,
-or
-.Dv NULL
-if no engine was set for this object.
+always returns
+.Dv NULL .
.Sh SEE ALSO
.Xr DSA_do_sign 3 ,
.Xr DSA_dup_DH 3 ,
-.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.3 2023/08/29 10:07:42 tb Exp $
+.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.4 2024/07/21 08:36:43 tb Exp $
.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: August 29 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EC_KEY_METHOD_NEW 3
.Os
.Sh NAME
.Fn EC_KEY_new_method
creates and initializes a new
.Vt EC_KEY
-object using the given
-.Fa engine ,
-or the using the
+object using the
.Vt EC_KEY_METHOD
set with
-.Fn EC_KEY_set_default_method
-if
-.Fa engine
-is
-.Dv NULL ,
-or using the default EC_KEY implementation by default.
+.Fn EC_KEY_set_default_method .
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EC_KEY_set_method
dissociates the
-.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.15 2023/09/12 13:58:06 schwarze Exp $
+.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.16 2024/07/21 08:36:43 tb Exp $
.\"
.\" Copyright (c) 2014, Google Inc.
.\" Parts of the text were written by Adam Langley and David Benjamin.
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: September 12 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_AEAD_CTX_INIT 3
.Os
.Sh NAME
.Fa "const unsigned char *key"
.Fa "size_t key_len"
.Fa "size_t tag_len"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft void
.Fo EVP_AEAD_CTX_cleanup
for the given AEAD algorithm
.Fa aead .
The
-.Fa impl
+.Fa engine
argument must be
.Dv NULL
for the default implementation;
-other values are currently not supported.
+other values are not supported.
Authentication tags may be truncated by passing a tag length.
A
.Fa tag_len
-.\" $OpenBSD: EVP_DigestInit.3,v 1.33 2024/03/19 17:34:05 tb Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.34 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: March 19 2024 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_DIGESTINIT 3
.Os
.Sh NAME
.Fo EVP_DigestInit_ex
.Fa "EVP_MD_CTX *ctx"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo EVP_DigestUpdate
.Fa "unsigned char *md"
.Fa "unsigned int *s"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo EVP_MD_CTX_copy_ex
sets up the digest context
.Fa ctx
to use a digest
-.Fa type
-from
-.Vt ENGINE
-.Fa impl .
+.Fa type .
The
.Fa type
will typically be supplied by a function such as
.Fn EVP_sha512 .
-If
-.Fa impl
-is
-.Dv NULL ,
-then the default implementation of digest
-.Fa type
-is used.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_DigestUpdate
hashes
.Fa d
using the digest
.Fa type
-from
-.Vt ENGINE
-.Fa impl
in a one-shot operation and place the digest value into
.Fa md ,
and, unless
and
.Fn EVP_DigestFinal_ex
internally.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_MD_CTX_copy_ex
can be used to copy the message digest state from
.Fn EVP_DigestInit
is a deprecated function behaving like
.Fn EVP_DigestInit_ex
-except that it always uses the default digest implementation
-and that it requires
+except that it requires
.Fn EVP_MD_CTX_reset
before it can be used on a context that was already used.
.Pp
This is because the code then becomes transparent to the digest used and
much more flexible.
.Pp
-For most applications the
-.Fa impl
-parameter to
-.Fn EVP_DigestInit_ex
-will be set to NULL to use the default digest implementation.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
The functions
.Fn EVP_DigestInit ,
and
.Fn EVP_MD_CTX_copy_ex
because they can efficiently reuse a digest context instead of
-initializing and cleaning it up on each call and allow non-default
-implementations of digests to be specified.
+initializing and cleaning it up on each call.
.Pp
If digest contexts are not cleaned up after use, memory leaks will occur.
.Sh RETURN VALUES
-.\" $OpenBSD: EVP_DigestSignInit.3,v 1.12 2022/01/15 09:08:51 tb Exp $
+.\" $OpenBSD: EVP_DigestSignInit.3,v 1.13 2024/07/21 08:36:43 tb Exp $
.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: January 15 2022 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_DIGESTSIGNINIT 3
.Os
.Sh NAME
.Fa "EVP_MD_CTX *ctx"
.Fa "EVP_PKEY_CTX **pctx"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "EVP_PKEY *pkey"
.Fc
.Ft int
.Fa ctx
to use the digest
.Fa type
-from
-.Vt ENGINE
-.Fa e
and private key
.Fa pkey .
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Fa ctx
must be initialized with
.Xr EVP_MD_CTX_init 3
-.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.14 2022/01/15 09:08:51 tb Exp $
+.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.15 2024/07/21 08:36:43 tb Exp $
.\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: January 15 2022 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_DIGESTVERIFYINIT 3
.Os
.Sh NAME
.Fa "EVP_MD_CTX *ctx"
.Fa "EVP_PKEY_CTX **pctx"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "EVP_PKEY *pkey"
.Fc
.Ft int
.Fa ctx
to use digest
.Fa type
-from
-.Vt ENGINE
-.Fa e
and public key
.Fa pkey .
.Fa ctx
It will be freed automatically when the
.Vt EVP_MD_CTX
is freed.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_DigestVerifyUpdate
hashes
-.\" $OpenBSD: EVP_EncryptInit.3,v 1.51 2023/12/26 22:13:00 schwarze Exp $
+.\" $OpenBSD: EVP_EncryptInit.3,v 1.52 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
.\" EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod
.\" 7c6d372a Nov 20 13:20:01 2018 +0000
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 26 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_ENCRYPTINIT 3
.Os
.Sh NAME
.Fo EVP_EncryptInit_ex
.Fa "EVP_CIPHER_CTX *ctx"
.Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *key"
.Fa "const unsigned char *iv"
.Fc
.Fo EVP_DecryptInit_ex
.Fa "EVP_CIPHER_CTX *ctx"
.Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *key"
.Fa "const unsigned char *iv"
.Fc
.Fo EVP_CipherInit_ex
.Fa "EVP_CIPHER_CTX *ctx"
.Fa "const EVP_CIPHER *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *key"
.Fa "const unsigned char *iv"
.Fa "int enc"
The actual number of bytes used for the
key and IV depends on the cipher.
The
-.Fa ENGINE *impl
+.Fa ENGINE *engine
argument is always ignored and passing
.Dv NULL
is recommended.
-.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.13 2023/09/09 14:39:09 schwarze Exp $
+.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.14 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
.\"
.\" This file is a derived work.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: September 9 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_PKEY_CTX_NEW 3
.Os
.Sh NAME
.Ft EVP_PKEY_CTX *
.Fo EVP_PKEY_CTX_new
.Fa "EVP_PKEY *pkey"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fc
.Ft EVP_PKEY_CTX *
.Fo EVP_PKEY_CTX_new_id
.Fa "int id"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fc
.Ft EVP_PKEY_CTX *
.Fo EVP_PKEY_CTX_dup
.Fn EVP_PKEY_CTX_new
function allocates a public key algorithm context using the algorithm
specified in
-.Fa pkey
-and using
-.Fa e
-unless it is
-.Dv NULL .
-If
-.Fa pkey
-is associated with an engine, that engine is used and
-.Fa e
-is ignored.
+.Fa pkey .
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
The
.Fn EVP_PKEY_CTX_new_id
function allocates a public key algorithm context using the algorithm
specified by
-.Fa id
-and using
-.Fa e
-unless it is
-.Dv NULL .
+.Fa id .
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
It is normally used when no
.Vt EVP_PKEY
structure is associated with the operations, for example during
-.\" $OpenBSD: EVP_PKEY_asn1_get_count.3,v 1.8 2023/12/21 21:32:01 tb Exp $
+.\" $OpenBSD: EVP_PKEY_asn1_get_count.3,v 1.9 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000
.\"
.\" This file is a derived work.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 21 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_PKEY_ASN1_GET_COUNT 3
.Os
.Sh NAME
.Fc
.Ft const EVP_PKEY_ASN1_METHOD *
.Fo EVP_PKEY_asn1_find
-.Fa "ENGINE **pe"
+.Fa "ENGINE **engine"
.Fa "int type"
.Fc
.Ft const EVP_PKEY_ASN1_METHOD *
.Fo EVP_PKEY_asn1_find_str
-.Fa "ENGINE **pe"
+.Fa "ENGINE **engine"
.Fa "const char *str"
.Fa "int len"
.Fc
.Xr EVP_PKEY_id 3
may return.
If
-.Fa pe
+.Fa engine
is not
.Dv NULL ,
-it first looks for an engine implementing a method for the NID
-.Fa type .
-If one is found,
-.Pf * Fa pe
-is set to that engine and the method from that engine is returned instead.
+.Pf * Fa engine
+is set to
+.Dv NULL .
.Pp
.Fn EVP_PKEY_asn1_find_str
looks up the method with the PEM type string given by the first
Just like
.Fn EVP_PKEY_asn1_find ,
if
-.Fa pe
+.Fa engine
is not
.Dv NULL ,
-methods from engines are preferred.
+.Pf * Fa engine
+is set to
+.Dv NULL .
.Pp
.Fn EVP_PKEY_asn1_get0_info
retrieves the public key ID as returned by
-.\" $OpenBSD: EVP_PKEY_new.3,v 1.18 2022/12/14 22:37:07 schwarze Exp $
+.\" $OpenBSD: EVP_PKEY_new.3,v 1.19 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL 4dcfdfce May 27 11:50:05 2020 +0100
.\"
.\" This file is a derived work.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 14 2022 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_PKEY_NEW 3
.Os
.Sh NAME
.Ft EVP_PKEY *
.Fo EVP_PKEY_new_raw_private_key
.Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *rawpriv"
.Fa "size_t rawlen"
.Fc
.Ft EVP_PKEY *
.Fo EVP_PKEY_new_raw_public_key
.Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *rawpub"
.Fa "size_t rawlen"
.Fc
.Ft EVP_PKEY *
.Fo EVP_PKEY_new_CMAC_key
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *rawpriv"
.Fa "size_t rawlen"
.Fa "const EVP_CIPHER *cipher"
.Ft EVP_PKEY *
.Fo EVP_PKEY_new_mac_key
.Fa "int type"
-.Fa "ENGINE *e"
+.Fa "ENGINE *engine"
.Fa "const unsigned char *rawpriv"
.Fa "int rawlen"
.Fc
.Fn EVP_PKEY_new_raw_private_key
allocates a new
.Vt EVP_PKEY .
-If
-.Fa e
-is
-.Pf non- Dv NULL ,
-the new structure is associated with the engine
-.Fa e .
The NID of a public key algorithm that supports raw private keys, i.e.\&
.Dv EVP_PKEY_HMAC ,
.Dv EVP_PKEY_X25519 ,
.Fa rawpriv .
The public key data is automatically derived from the given private
key data, if appropriate for the algorithm type.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_PKEY_new_raw_public_key
works in the same way as
-.\" $OpenBSD: EVP_SignInit.3,v 1.17 2023/11/16 20:27:43 schwarze Exp $
+.\" $OpenBSD: EVP_SignInit.3,v 1.18 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 16 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_SIGNINIT 3
.Os
.Sh NAME
.Fo EVP_SignInit_ex
.Fa "EVP_MD_CTX *ctx"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo EVP_SignUpdate
.Fa ctx
to use the digest
.Fa type
-from
-.Vt ENGINE
-.Fa impl .
.Fa ctx
must be initialized with
.Xr EVP_MD_CTX_init 3
before calling this function.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_SignUpdate
hashes
-.\" $OpenBSD: EVP_VerifyInit.3,v 1.11 2023/11/16 20:27:43 schwarze Exp $
+.\" $OpenBSD: EVP_VerifyInit.3,v 1.12 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\" selective merge up to: OpenSSL 79b49fb0 Mar 20 10:03:10 2018 +1000
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 16 2023 $
+.Dd $Mdocdate: July 21 2024 $
.Dt EVP_VERIFYINIT 3
.Os
.Sh NAME
.Fo EVP_VerifyInit_ex
.Fa "EVP_MD_CTX *ctx"
.Fa "const EVP_MD *type"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo EVP_VerifyUpdate
sets up a verification context
.Fa ctx
to use the digest
-.Fa type
-from
-.Vt ENGINE
-.Fa impl .
+.Fa type .
.Fa ctx
must be initialized by calling
.Xr EVP_MD_CTX_init 3
before calling this function.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn EVP_VerifyUpdate
hashes
-.\" $OpenBSD: HMAC.3,v 1.21 2024/05/26 09:54:16 tb Exp $
+.\" $OpenBSD: HMAC.3,v 1.22 2024/07/21 08:36:43 tb Exp $
.\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400
.\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: May 26 2024 $
+.Dd $Mdocdate: July 21 2024 $
.Dt HMAC 3
.Os
.Sh NAME
.Fa "const void *key"
.Fa "int key_len"
.Fa "const EVP_MD *md"
-.Fa "ENGINE *impl"
+.Fa "ENGINE *engine"
.Fc
.Ft int
.Fo HMAC_Init
.Fa ctx ,
then an error is returned because reuse of an existing key with a
different digest is not supported.
+The
+.Fa ENGINE *engine
+argument is always ignored and passing
+.Dv NULL
+is recommended.
.Pp
.Fn HMAC_Init
is a deprecated wrapper around
projects / openbsd / commitdiff