o Memory leak detection now allows applications to add extra information
via a per-thread stack
o PRNG robustness improved
+ o Enhanced support for Alpha Linux
+ o Experimental MacOS support
Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
-L<dh(1)|dh(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
+L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
L<enc(1)|enc(1)>, L<gendh(1)|gendh(1)>, L<gendsa(1)|gendsa(1)>,
L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
=head1 HISTORY
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
+DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
available since OpenSSL 0.9.5.
=cut
=head1 SEE ALSO
-L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
+L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
+L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
L<DSA_sign(3)|DSA_sign(3)>
=head1 HISTORY
#include <openssl/dsa.h>
- DH * DSA_dup_DH(DSA *r);
+ DH * DSA_dup_DH(DSA *r);
=head1 DESCRIPTION
DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+=head1 NOTE
+
+Be careful to avoid small subgroup attacks when using this.
+
=head1 SEE ALSO
L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>
#include <openssl/dsa.h>
- DSA * DSA_generate_parameters(int bits, unsigned char *seed,
+ DSA *DSA_generate_parameters(int bits, unsigned char *seed,
int seed_len, int *counter_ret, unsigned long *h_ret,
void (*callback)(), void *cb_arg);
=head1 HISTORY
-DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
+DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
available since OpenSSL 0.9.5.
=cut
struct
{
/* name of the implementation */
- const char *name;
+ const char *name;
/* sign */
DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
BN_CTX *ctx, BN_MONT_CTX *in_mont);
/* compute r = a ^ p mod m. May be NULL */
- int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
+ int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
+ const BIGNUM *p, const BIGNUM *m,
+ BN_CTX *ctx, BN_MONT_CTX *m_ctx);
/* called at DSA_new */
int (*init)(DSA *DSA);
The B<type> parameter is ignored.
+The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
+is called.
+
=head1 RETURN VALUES
DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
=head1 SEE ALSO
-L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<DSA_do_sign(3)|DSA_do_sign(3)>
+L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
+L<DSA_do_sign(3)|DSA_do_sign(3)>
=head1 HISTORY
#include <openssl/rand.h>
- char *RAND_file_name(char *buf, int num);
+ const char *RAND_file_name(char *buf, int num);
int RAND_load_file(const char *filename, long max_bytes);
#include <openssl/dsa.h>
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
int DSA_print(BIO *bp, DSA *x, int offset);
int DSA_print_fp(FILE *fp, DSA *x, int offset);
=head1 DESCRIPTION
A human-readable hexadecimal output of the components of the RSA
-key, DSA key or DH parameters is printed to B<bp> or B<fp>.
+key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
The output lines are indented by B<offset> spaces.
RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
DH_print_fp() are available in all versions of SSLeay and OpenSSL.
+DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8.
=cut
+++ /dev/null
-=pod
-
-=head1 NAME
-
-SHA1 - Compute SHA1 hash
-
-=head1 SYNOPSIS
-
- #include <openssl/sha.h>
-
- unsigned char *SHA1(const unsigned char *d, unsigned long n,
- unsigned char *md);
-
-=head1 DESCRIPTION
-
-SHA1() computes the SHA-1 message digest of the B<n> bytes at B<d> and
-places it in B<md> (which must have space for SHA_DIGEST_LENGTH == 20
-bytes of output). If B<md> is NULL, the digest is placed in a static
-array.
-
-L<SHA1_Init(3)|SHA1_Init(3)> may be used if the message is not completely
-stored in memory.
-
-=head1 RETURN VALUE
-
-SHA1() returns a pointer to the hash value.
-
-=head1 HISTORY
-
-SHA1() is available in all versions of SSLeay and OpenSSL.
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<SHA1_Init(3)|SHA1_Init(3)>
-
-=cut
+++ /dev/null
-=pod
-
-=head1 NAME
-
-SHA1_Init, SHA1_Update_SHA1_Final - Compute SHA1 hash
-
-=head1 SYNOPSIS
-
- #include <openssl/sha.h>
-
- void SHA1_Init(SHA_CTX *c);
- void SHA1_Update(SHA_CTX *c, const unsigned char *data,
- unsigned long len);
- void SHA1_Final(unsigned char *md, SHA_CTX *c);
-
-=head1 DESCRIPTION
-
-SHA1_Init() initializes a B<SHA_CTX> structure.
-
-SHA1_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-SHA1_Final() places the message digest in B<md>, which must have space
-for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the B<SHA_CTX>.
-
-When the entire message is available at one time, L<SHA1(3)|SHA1(3)>
-can be used.
-
-=head1 RETURN VALUES
-
-SHA1_Init(), SHA1_Update() and SHA1_Final() do not return values.
-
-=head1 HISTORY
-
-SHA1_Init(), SHA1_Update() and SHA1_Final()are available in all
-versions of SSLeay and OpenSSL.
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<SHA1(3)|SHA1(3)>
-
-=cut
--- /dev/null
+=pod
+
+=head1 NAME
+
+BUF_MEM_new, BUF_MEM_free, BUF_MEM_grow, BUF_strdup - Simple
+character arrays structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/buffer.h>
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+
+ char * BUF_strdup(const char *str);
+
+=head1 DESCRIPTION
+
+The buffer library handles simple character arrays. Buffers are used for
+various purposes in the library, most notably memory BIOs.
+
+The library uses the BUF_MEM structure defined in buffer.h:
+
+ typedef struct buf_mem_st
+ {
+ int length; /* current number of bytes */
+ char *data;
+ int max; /* size of buffer */
+ } BUF_MEM;
+
+B<length> is the current size of the buffer in bytes, B<max> is the amount of
+memory allocated to the buffer. There are three functions which handle these
+and one "miscellaneous" function.
+
+BUF_MEM_new() allocates a new buffer of zero size.
+
+BUF_MEM_free() frees up an already existing buffer. The data is zeroed
+before freeing up in case the buffer contains sensitive data.
+
+BUF_MEM_grow() changes the size of an already existing buffer to
+B<len>. Any data already in the buffer is preserved if it increases in
+size.
+
+BUF_strdup() copies a null terminated string into a block of allocated
+memory and returns a pointer to the allocated block.
+Unlike the standard C library strdup() this function uses Malloc() and so
+should be used in preference to the standard library strdup() because it can
+be used for memory leak checking or replacing the malloc() function.
+
+The memory allocated from BUF_strdup() should be freed up using the Free()
+function.
+
+=head1 RETURN VALUES
+
+BUF_MEM_new() returns the buffer or NULL on error.
+
+BUF_MEM_free() has no return value.
+
+BUF_MEM_grow() returns zero on error or the new size (i.e. B<len>).
+
+=head1 SEE ALSO
+
+L<bio(3)|bio(3)>
+
+=head1 HISTORY
+
+BUF_MEM_new(), BUF_MEM_free() and BUF_MEM_grow() are available in all
+versions of SSLeay and OpenSSL. BUF_strdup() was addded in SSLeay 0.8.
+
+=cut
=head1 SEE ALSO
L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>
+L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<DSA_new(3)|DSA_new(3)>,
+L<DSA_size(3)|DSA_size(3)>,
+L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
+L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
+L<DSA_generate_key(3)|DSA_generate_key(3)>,
+L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
+L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
+L<RSA_print(3)|RSA_print(3)>
=cut
--- /dev/null
+=pod
+
+=head1 NAME
+
+lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
+lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
+
+=head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+ void lh_stats(LHASH *table, FILE *out);
+ void lh_node_stats(LHASH *table, FILE *out);
+ void lh_node_usage_stats(LHASH *table, FILE *out);
+
+ void lh_stats_bio(LHASH *table, BIO *out);
+ void lh_node_stats_bio(LHASH *table, BIO *out);
+ void lh_node_usage_stats_bio(LHASH *table, BIO *out);
+
+=head1 DESCRIPTION
+
+The B<LHASH> structure records statistics about most aspects of
+accessing the hash table. This is mostly a legacy of Eric Young
+writing this library for the reasons of implementing what looked like
+a nice algorithm rather than for a particular software product.
+
+lh_stats() prints out statistics on the size of the hash table, how
+many entries are in it, and the number and result of calls to the
+routines in this library.
+
+lh_node_stats() prints the number of entries for each 'bucket' in the
+hash table.
+
+lh_node_usage_stats() prints out a short summary of the state of the
+hash table. It prints the 'load' and the 'actual load'. The load is
+the average number of data items per 'bucket' in the hash table. The
+'actual load' is the average number of items per 'bucket', but only
+for buckets which contain entries. So the 'actual load' is the
+average number of searches that will need to find an item in the hash
+table, while the 'load' is the average number that will be done to
+record a miss.
+
+lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
+are the same as the above, except that the output goes to a B<BIO>.
+
+=head1 RETURN VALUES
+
+These functions do not return values.
+
+=head1 SEE ALSO
+
+L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
+
+=head1 HISTORY
+
+These functions are available in all versions of SSLeay and OpenSSL.
+
+This manpage is derived from the SSLeay documentation.
+
+=cut
--- /dev/null
+=pod
+
+=head1 NAME
+
+lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall,
+lh_doall_arg, lh_error - Dynamic hash table
+
+=head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+ LHASH *lh_new(unsigned long (*hash)(/*void *a*/),
+ int (*compare)(/*void *a,void *b*/));
+ void lh_free(LHASH *table);
+
+ void *lh_insert(LHASH *table, void *data);
+ void *lh_delete(LHASH *table, void *data);
+ void *lh_retrieve(LHASH *table, void *data);
+
+ void lh_doall(LHASH *table, void (*func)(/*void *b*/));
+ void lh_doall_arg(LHASH *table, void (*func)(/*void *a,void *b*/),
+ void *arg);
+
+ int lh_error(LHASH *table);
+
+=head1 DESCRIPTION
+
+This library implements dynamic hash tables. The hash table entries
+can be arbitrary structures. Usually they consist of key and value
+fields.
+
+lh_new() creates a new B<LHASH> structure. B<hash> takes a pointer to
+the structure and returns an unsigned long hash value of its key
+field. The hash value is normally truncated to a power of 2, so make
+sure that your hash function returns well mixed low order
+bits. B<compare> takes two arguments, and returns 0 if their keys are
+equal, non-zero otherwise.
+
+lh_free() frees the B<LHASH> structure B<table>. Allocated hash table
+entries will not be freed; consider using lh_doall() to deallocate any
+remaining entries in the hash table.
+
+lh_insert() inserts the structure pointed to by B<data> into B<table>.
+If there already is an entry with the same key, the old value is
+replaced. Note that lh_insert() stores pointers, the data are not
+copied.
+
+lh_delete() deletes an entry from B<table>.
+
+lh_retrieve() looks up an entry in B<table>. Normally, B<data> is
+a structure with the key field(s) set; the function will return a
+pointer to a fully populated structure.
+
+lh_doall() will, for every entry in the hash table, call B<func> with
+the data item as parameters.
+This function can be quite useful when used as follows:
+ void cleanup(STUFF *a)
+ { STUFF_free(a); }
+ lh_doall(hash,cleanup);
+ lh_free(hash);
+This can be used to free all the entries. lh_free() then cleans up the
+'buckets' that point to nothing. When doing this, be careful if you
+delete entries from the hash table in B<func>: the table may decrease
+in size, moving item that you are currently on down lower in the hash
+table. This could cause some entries to be skipped. The best
+solution to this problem is to set hash-E<gt>down_load=0 before you
+start. This will stop the hash table ever being decreased in size.
+
+lh_doall_arg() is the same as lh_doall() except that B<func> will
+be called with B<arg> as the second argument.
+
+lh_error() can be used to determine if an error occured in the last
+operation. lh_error() is a macro.
+
+=head1 RETURN VALUES
+
+lh_new() returns B<NULL> on error, otherwise a pointer to the new
+B<LHASH> structure.
+
+When a hash table entry is replaced, lh_insert() returns the value
+being replaced. B<NULL> is returned on normal operation and on error.
+
+lh_delete() returns the entry being deleted. B<NULL> is returned if
+there is no such value in the hash table.
+
+lh_retrieve() returns the hash table entry if it has been found,
+B<NULL> otherwise.
+
+lh_error() returns 1 if an error occurred in the last operation, 0
+otherwise.
+
+lh_free(), lh_doall() and lh_doall_arg() return no values.
+
+=head1 BUGS
+
+lh_insert() returns B<NULL> both for success and error.
+
+=head1 INTERNALS
+
+The following description is based on the SSLeay documentation:
+
+The B<lhash> library implements a hash table described in the
+I<Communications of the ACM> in 1991. What makes this hash table
+different is that as the table fills, the hash table is increased (or
+decreased) in size via Realloc(). When a 'resize' is done, instead of
+all hashes being redistributed over twice as many 'buckets', one
+bucket is split. So when an 'expand' is done, there is only a minimal
+cost to redistribute some values. Subsequent inserts will cause more
+single 'bucket' redistributions but there will never be a sudden large
+cost due to redistributing all the 'buckets'.
+
+The state for a particular hash table is kept in the B<LHASH> structure.
+The decision to increase or decrease the hash table size is made
+depending on the 'load' of the hash table. The load is the number of
+items in the hash table divided by the size of the hash table. The
+default values are as follows. If (hash->up_load E<lt> load) =E<gt>
+expand. if (hash-E<gt>down_load E<gt> load) =E<gt> contract. The
+B<up_load> has a default value of 1 and B<down_load> has a default value
+of 2. These numbers can be modified by the application by just
+playing with the B<up_load> and B<down_load> variables. The 'load' is
+kept in a form which is multiplied by 256. So
+hash-E<gt>up_load=8*256; will cause a load of 8 to be set.
+
+If you are interested in performance the field to watch is
+num_comp_calls. The hash library keeps track of the 'hash' value for
+each item so when a lookup is done, the 'hashes' are compared, if
+there is a match, then a full compare is done, and
+hash-E<gt>num_comp_calls is incremented. If num_comp_calls is not equal
+to num_delete plus num_retrieve it means that your hash function is
+generating hashes that are the same for different values. It is
+probably worth changing your hash function if this is the case because
+even if your hash table has 10 items in a 'bucket', it can be searched
+with 10 B<unsigned long> compares and 10 linked list traverses. This
+will be much less expensive that 10 calls to you compare function.
+
+lh_strhash() is a demo string hashing function:
+
+ unsigned long lh_strhash(const char *c);
+
+Since the B<LHASH> routines would normally be passed structures, this
+routine would not normally be passed to lh_new(), rather it would be
+used in the function passed to lh_new().
+
+=head1 SEE ALSO
+
+L<lh_stats(3)|lh_stats(3)>
+
+=head1 HISTORY
+
+The B<lhash> library is available in all versions of SSLeay and OpenSSL.
+lh_error() was added in SSLeay 0.9.1b.
+
+This manpage is derived from the SSLeay documentation.
+
+=cut
int RAND_load_file(const char *file,long max_bytes);
int RAND_write_file(const char *file);
- char *RAND_file_name(char *file,int num);
+ const char *RAND_file_name(char *file,int num);
void RAND_set_rand_method(RAND_METHOD *meth);
RAND_METHOD *RAND_get_rand_method(void);
=head1 NAME
-sha - Secure Hash Algorithm
+SHA1, SHA1_Init, SHA1_Update, SHA1_Final - Secure Hash Algorithm
=head1 SYNOPSIS
#include <openssl/sha.h>
unsigned char *SHA1(const unsigned char *d, unsigned long n,
- unsigned char *md);
+ unsigned char *md);
void SHA1_Init(SHA_CTX *c);
void SHA1_Update(SHA_CTX *c, const unsigned char *data,
SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
160 bit output.
+SHA1() computes the SHA-1 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+SHA1_Init() initializes a B<SHA_CTX> structure.
+
+SHA1_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+SHA1_Final() places the message digest in B<md>, which must have space
+for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the B<SHA_CTX>.
+
The predecessor of SHA-1, SHA, is also implemented, but it should be
used only when backward compatibility is required.
+=head1 RETURN VALUES
+
+SHA1() returns a pointer to the hash value.
+
+SHA1_Init(), SHA1_Update() and SHA1_Final() do not return values.
+
=head1 CONFORMING TO
US Federal Information Processing Standard FIPS 180 (Secure Hash
=head1 SEE ALSO
-L<ripemd(3)|ripemd(3)>, L<SHA1(3)|SHA1(3)>, L<SHA1_Init(3)|SHA1_Init(3)>
+L<ripemd(3)|ripemd(3)>
+
+=head1 HISTORY
+
+SHA1(), SHA1_Init(), SHA1_Update() and SHA1_Final() are available in all
+versions of SSLeay and OpenSSL.
=cut
This is some preliminary documentation for OpenSSL.
-==============================================================================
- BUFFER Library
-==============================================================================
-
-The buffer library handles simple character arrays. Buffers are used for
-various purposes in the library, most notably memory BIOs.
-
-The library uses the BUF_MEM structure defined in buffer.h:
-
-typedef struct buf_mem_st
-{
- int length; /* current number of bytes */
- char *data;
- int max; /* size of buffer */
-} BUF_MEM;
-
-'length' is the current size of the buffer in bytes, 'max' is the amount of
-memory allocated to the buffer. There are three functions which handle these
-and one "miscellaneous" function.
-
-BUF_MEM *BUF_MEM_new()
-
-This allocates a new buffer of zero size. Returns the buffer or NULL on error.
-
-void BUF_MEM_free(BUF_MEM *a)
-
-This frees up an already existing buffer. The data is zeroed before freeing
-up in case the buffer contains sensitive data.
-
-int BUF_MEM_grow(BUF_MEM *str, int len)
-
-This changes the size of an already existing buffer. It returns zero on error
-or the new size (i.e. 'len'). Any data already in the buffer is preserved if
-it increases in size.
-
-char * BUF_strdup(char *str)
-
-This is the previously mentioned strdup function: like the standard library
-strdup() it copies a null terminated string into a block of allocated memory
-and returns a pointer to the allocated block.
-
-Unlike the standard C library strdup() this function uses Malloc() and so
-should be used in preference to the standard library strdup() because it can
-be used for memory leak checking or replacing the malloc() function.
-
-The memory allocated from BUF_strdup() should be freed up using the Free()
-function.
-
==============================================================================
OpenSSL X509V3 extension configuration
==============================================================================