From 6427274d05cb999373caa29bf859ca1a2f3b322e Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 26 May 2024 09:54:16 +0000 Subject: [PATCH] Remove documentation of optional md in one-step hashes This functionality will be removed, so stop documenting it. Instead mention that another implementation still supports this. --- lib/libcrypto/man/HMAC.3 | 17 ++++++++++------- lib/libcrypto/man/MD5.3 | 19 ++++++++++++------- lib/libcrypto/man/RIPEMD160.3 | 17 ++++++++++------- lib/libcrypto/man/SHA1.3 | 22 +++++++++++++++------- 4 files changed, 47 insertions(+), 28 deletions(-) diff --git a/lib/libcrypto/man/HMAC.3 b/lib/libcrypto/man/HMAC.3 index a0af270c4d7..fa853bb4a14 100644 --- a/lib/libcrypto/man/HMAC.3 +++ b/lib/libcrypto/man/HMAC.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: HMAC.3,v 1.20 2022/01/25 17:55:39 tb Exp $ +.\" $OpenBSD: HMAC.3,v 1.21 2024/05/26 09:54:16 tb Exp $ .\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400 .\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400 .\" @@ -52,7 +52,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: January 25 2022 $ +.Dd $Mdocdate: May 26 2024 $ .Dt HMAC 3 .Os .Sh NAME @@ -160,11 +160,6 @@ which must have space for the output of the hash function, which is no more than .Dv EVP_MAX_MD_SIZE bytes. -If -.Fa md -is -.Dv NULL , -the digest is placed in a static array, which is not thread safe. The size of the output is placed in .Fa md_len , unless it is @@ -329,3 +324,11 @@ and .Fn HMAC_CTX_get_md first appeared in OpenSSL 1.1.0 and have been available since .Ox 6.3 . +.Sh CAVEATS +Other implementations allow +.Fa md +in +.Fn HMAC +to be +.Dv NULL +and return a static array, which is not thread safe. diff --git a/lib/libcrypto/man/MD5.3 b/lib/libcrypto/man/MD5.3 index 1e4a628591f..01e715f4066 100644 --- a/lib/libcrypto/man/MD5.3 +++ b/lib/libcrypto/man/MD5.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: MD5.3,v 1.8 2018/03/27 17:35:50 schwarze Exp $ +.\" $OpenBSD: MD5.3,v 1.9 2024/05/26 09:54:16 tb Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Ulf Moeller and @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 27 2018 $ +.Dd $Mdocdate: May 26 2024 $ .Dt MD5 3 .Os .Sh NAME @@ -123,11 +123,6 @@ and place it in which must have space for .Dv MD4_DIGEST_LENGTH No == Dv MD5_DIGEST_LENGTH No == 16 bytes of output. -If -.Fa md -is -.Dv NULL , -the digest is placed in a static array. .Pp The following functions may be used if the message is not completely stored in memory: @@ -194,3 +189,13 @@ and .Fn MD4_Final first appeared in OpenSSL 0.9.6 and have been available since .Ox 2.9 . +.Sh CAVEATS +Other implementations allow +.Fa md +in +.Fn MD4 +and +.Fn MD5 +to be +.Dv NULL +and return a static array, which is not thread safe. diff --git a/lib/libcrypto/man/RIPEMD160.3 b/lib/libcrypto/man/RIPEMD160.3 index 6fadb56cef9..43c6694036b 100644 --- a/lib/libcrypto/man/RIPEMD160.3 +++ b/lib/libcrypto/man/RIPEMD160.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: RIPEMD160.3,v 1.7 2019/08/25 15:17:19 schwarze Exp $ +.\" $OpenBSD: RIPEMD160.3,v 1.8 2024/05/26 09:54:16 tb Exp $ .\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000 .\" .\" This file was written by Ulf Moeller . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 25 2019 $ +.Dd $Mdocdate: May 26 2024 $ .Dt RIPEMD160 3 .Os .Sh NAME @@ -93,11 +93,6 @@ and places it in which must have space for .Dv RIPEMD160_DIGEST_LENGTH == 20 bytes of output. -If -.Fa md -is -.Dv NULL , -the digest is placed in a static array. .Pp The following functions may be used if the message is not completely stored in memory: @@ -149,3 +144,11 @@ and .Fn RIPEMD160_Final first appeared in SSLeay 0.9.0 and have been available since .Ox 2.4 . +.Sh CAVEATS +Other implementations allow +.Fa md +in +.Fn RIPEMD160 +to be +.Dv NULL +and return a static array, which is not thread safe. diff --git a/lib/libcrypto/man/SHA1.3 b/lib/libcrypto/man/SHA1.3 index f5061e56e62..722c10b145b 100644 --- a/lib/libcrypto/man/SHA1.3 +++ b/lib/libcrypto/man/SHA1.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: SHA1.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $ +.\" $OpenBSD: SHA1.3,v 1.8 2024/05/26 09:54:16 tb Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Ulf Moeller and @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 27 2018 $ +.Dd $Mdocdate: May 26 2024 $ .Dt SHA1 3 .Os .Sh NAME @@ -195,11 +195,6 @@ and places it in which must have space for .Dv SHA_DIGEST_LENGTH == 20 bytes of output. -If -.Fa md -is -.Dv NULL , -the digest is placed in a static array, which is not thread safe. .Pp The following functions may be used if the message is not completely stored in memory: @@ -274,3 +269,16 @@ first appeared in SSLeay 0.5.1 and have been available since The other functions first appeared in OpenSSL 0.9.8 and have been available since .Ox 4.5 . +.Sh CAVEATS +Other implementations allow +.Fa md +in +.Fn SHA1 , +.Fn SHA224 , +.Fn SHA256 , +.Fn SHA384 , +and +.Fn SHA512 +to be +.Dv NULL +and return a static array, which is not thread safe. -- 2.20.1