=item B<EXPORT56>
-56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
-56 bit export ciphers is empty unless OpenSSL has been explicitly configured
-with support for experimental ciphers.
+56 bit export encryption algorithms. This list is empty.
=item B<eNULL>, B<NULL>
=head1 HISTORY
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
-for cipherlist strings were added in OpenSSL 0.9.7.
The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
=cut
=head1 OPENSSL LIBRARY CONFIGURATION
-In OpenSSL 0.9.7 and later applications can automatically configure certain
+Applications can automatically configure certain
aspects of OpenSSL using the master OpenSSL configuration file, or optionally
an alternative configuration file. The B<openssl> utility includes this
functionality: any sub command uses the master OpenSSL configuration file
some_new_oid = 1.2.3.4
some_other_oid = 1.2.3.5
-In OpenSSL 0.9.8 it is also possible to set the value to the long name followed
+It is also possible to set the value to the long name followed
by a comma and the numerical OID form. For example:
shortName = some object long name, 1.2.3.4
L<dsaparam(1)>
-=head1 HISTORY
-
-The B<dhparam> command was added in OpenSSL 0.9.5.
-The B<-dsaparam> option was added in OpenSSL 0.9.6.
-
=cut
L<ecparam(1)>, L<dsa(1)>, L<rsa(1)>
-=head1 HISTORY
-
-The ec command was first introduced in OpenSSL 0.9.8.
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org).
-
=cut
L<ec(1)>, L<dsaparam(1)>
-=head1 HISTORY
-
-The ecparam command was first introduced in OpenSSL 0.9.8.
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org)
-
=cut
=head1 EC PARAMETER GENERATION OPTIONS
-In OpenSSL 1.0.2 and later the EC parameter generation options below can also
+The EC parameter generation options below can also
be supplied as EC key generation options. This can (for example) generate a
key from a named curve without the need to use an explicit parameter file.
=item B<ec_paramgen_curve:curve>
-the EC curve to use. OpenSSL 1.0.2 and later supports NIST curve names
-such as "P-256".
+the EC curve to use. OpenSSL supports NIST curve names such as "P-256".
=item B<ec_param_enc:encoding>
openssl genpkey -paramfile ecp.pem -out eckey.pem
-Generate EC key directly (OpenSSL 1.0.2+ only):
+Generate EC key directly:
openssl genpkey -algorithm EC -out eckey.pem \
-pkeyopt ec_paramgen_curve:P-384 \
-pkeyopt ec_param_enc:named_curve
+=head1 HISTORY
+
+The ability to use NIST curve names, and to generate an EC key directly,
+were added in OpenSSL 1.0.2.
+
=cut
=head1 HISTORY
-The openssl(1) document appeared in OpenSSL 0.9.2.
-The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
-the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
For notes on the availability of other commands, see their individual
manual pages.
openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
-certfile othercerts.pem
-=head1 BUGS
-
-Some would argue that the PKCS#12 standard is one big bug :-)
-
-Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key generation
-routines. Under rare circumstances this could produce a PKCS#12 file encrypted
-with an invalid key. As a result some PKCS#12 files which triggered this bug
-from other implementations (MSIE or Netscape) could not be decrypted
-by OpenSSL and similarly OpenSSL could produce PKCS#12 files which could
-not be decrypted by other implementations. The chances of producing such
-a file are relatively small: less than 1 in 256.
-
-A side effect of fixing this bug is that any old invalidly encrypted PKCS#12
-files cannot no longer be parsed by the fixed version. Under such circumstances
-the B<pkcs12> utility will report that the MAC is OK but fail with a decryption
-error when extracting private keys.
-
-This problem can be resolved by extracting the private keys and certificates
-from the PKCS#12 file using an older version of OpenSSL and recreating the PKCS#12
-file from the keys and certificates using a newer version of OpenSSL. For example:
-
- old-openssl -in bad.p12 -out keycerts.pem
- openssl -in keycerts.pem -export -name "My PKCS#12 file" -out fixed.p12
-
=head1 SEE ALSO
L<pkcs8(1)>
=cut
-=head1 AUTHOR
-
-Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
-
=head1 SEE ALSO
L<tsget(1)>, L<openssl(1)>, L<req(1)>,
export TSGET
tsget file1.tsq
-=head1 AUTHOR
-
-Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
-
=head1 SEE ALSO
L<openssl(1)>, L<ts(1)>, L<curl(1)>,
to be the root CA.
The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
+of steps.
+Ater all certificates
whose subject name matches the issuer name of the current certificate are
subject to further tests. The relevant authority key identifier components
of the current certificate (if present) must match the subject key identifier
The output of B<openssl version -a> would typically be used when sending
in a bug report.
-=head1 HISTORY
-
-The B<-d> option was added in OpenSSL 0.9.7.
-
=cut
There should be options to explicitly set such things as start and end
dates rather than an offset from the current time.
-The code to implement the verify behaviour described in the B<TRUST SETTINGS>
-is currently being developed. It thus describes the intended behaviour rather
-than the current behaviour. It is hoped that it will represent reality in
-OpenSSL 0.9.5 and later.
-
=head1 SEE ALSO
L<req(1)>, L<ca(1)>, L<genrsa(1)>,
=head1 HISTORY
-Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
-
The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
email.1=steve@here
email.2=steve@there
-=head1 HISTORY
-
-The X509v3 extension code was first added to OpenSSL 0.9.2.
-
-Policy mappings, inhibit any policy and name constraints support was added in
-OpenSSL 0.9.8
-
-The B<directoryName> and B<otherName> option as well as the B<ASN1> option
-for arbitrary extensions was added in OpenSSL 0.9.8
-
=head1 SEE ALSO
L<req(1)>, L<ca(1)>, L<x509(1)>,
L<ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)>
-=head1 HISTORY
-
-ASN1_OBJECT_new() and ASN1_OBJECT_free() are available in all versions of SSLeay and OpenSSL.
-
=cut
L<ERR_get_error(3)>
-=head1 HISTORY
-
-ASN1_generate_nconf() and ASN1_generate_v3() were added to OpenSSL 0.9.8
-
=cut
a chain containing digest BIOs then this can be done by prepending
a buffering BIO.
-Before OpenSSL 1.0.0 the call to BIO_get_md_ctx() would only work if the BIO
-had been initialized for example by calling BIO_set_md() ). In OpenSSL
-1.0.0 and later the context is always returned and the BIO is state is set
-to initialized. This allows applications to initialize the context externally
+Calling BIO_get_md_ctx() will return the context and initialize the BIO
+state. This allows applications to initialize the context externally
if the standard calls such as BIO_set_md() are not sufficiently flexible.
=head1 RETURN VALUES
the data passed through and that digests should be retrieved using a
separate BIO_ctrl() call.
+=head1 HISTORY
+
+Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the
+BIO was initialized first.
+
=head1 SEE ALSO
TBA
+
+=cut
renegotiation takes place during a BIO_read() operation, one
case where this happens is when step up occurs.
-In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be
+The SSL flag SSL_AUTO_RETRY can be
set to disable this behaviour. That is when this flag is set
an SSL BIO using a blocking transport will never request a
retry.
BIO_method_type() returns the type of the BIO B<b>.
-=head1 NOTES
-
-BIO_next() was added to OpenSSL 0.9.6 to provide a 'clean' way to traverse a BIO
-chain or find multiple matches using BIO_find_type(). Previous versions had to
-use:
-
- next = bio->next_bio;
-
-=head1 BUGS
-
-BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a
-NULL pointer for the B<b> argument.
-
=head1 EXAMPLE
Traverse a chain looking for digest BIOs:
=head1 HISTORY
-BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it
-deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id.
-
-BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id,
-BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags
-and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org).
+BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it
+deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().
=cut
=head1 HISTORY
-BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay
-and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b and removed in OpenSSL
-1.1.0.
+BN_CTX_init() was removed in OpenSSL 1.1.0.
=cut
L<BN_CTX_new(3)>
-=head1 HISTORY
-
-BN_CTX_start(), BN_CTX_get() and BN_CTX_end() were added in OpenSSL 0.9.5.
-
=cut
L<bn(3)>, L<ERR_get_error(3)>, L<BN_CTX_new(3)>,
L<BN_add_word(3)>, L<BN_set_bit(3)>
-=head1 HISTORY
-
-BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(),
-BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and
-OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay
-0.9.1b. BN_exp() appeared in SSLeay 0.9.0.
-BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in
-OpenSSL 0.9.7.
-
=cut
L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
-=head1 HISTORY
-
-BN_add_word() and BN_mod_word() are available in all versions of
-SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and
-BN_sub_word() and BN_mul_word() in SSLeay 0.9.0.
-
-Before 0.9.8a the return value for BN_div_word() and BN_mod_word()
-in case of an error was 0.
-
=cut
L<ASN1_INTEGER_to_BN(3)>,
L<BN_num_bytes(3)>
-=head1 HISTORY
-
-BN_bn2bin(), BN_bin2bn(), BN_print_fp() and BN_print() are available
-in all versions of SSLeay and OpenSSL.
-
-BN_bn2hex(), BN_bn2dec(), BN_hex2bn(), BN_dec2bn(), BN_bn2mpi() and
-BN_mpi2bn() were added in SSLeay 0.9.0.
-
=cut
L<bn(3)>
-=head1 HISTORY
-
-BN_cmp(), BN_ucmp(), BN_is_zero(), BN_is_one() and BN_is_word() are
-available in all versions of SSLeay and OpenSSL.
-BN_is_odd() was added in SSLeay 0.8.
-
=cut
L<bn(3)>, L<ERR_get_error(3)>
-=head1 HISTORY
-
-BN_copy() and BN_dup() are available in all versions of SSLeay and OpenSSL.
-
=cut
=head1 HISTORY
-The B<cb_arg> arguments to BN_generate_prime() and to BN_is_prime()
-were added in SSLeay 0.9.0. The B<ret> argument to BN_generate_prime()
-was added in SSLeay 0.9.1.
-BN_is_prime_fasttest() was added in OpenSSL 0.9.5. BN_GENCB_new, BN_GENCB_free
-and BN_GENCB_get_arg were added in OpenSSL 1.1.0
+BN_GENCB_new(), BN_GENCB_free(),
+and BN_GENCB_get_arg() were added in OpenSSL 1.1.0
=cut
L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
-=head1 HISTORY
-
-BN_mod_inverse() is available in all versions of SSLeay and OpenSSL.
-
=cut
=head1 HISTORY
-BN_MONT_CTX_new(), BN_MONT_CTX_free(), BN_MONT_CTX_set(),
-BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery()
-are available in all versions of SSLeay and OpenSSL.
-
-BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b.
-BN_MONT_CTX_init was removed in OpenSSL 1.1.0
+BN_MONT_CTX_init() was removed in OpenSSL 1.1.0
=cut
=head1 HISTORY
-B<BN_RECP_CTX> was added in SSLeay 0.9.0. Before that, the function
-BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal()
-arguments were different. BN_RECP_CTX_init was removed in OpenSSL 1.1.0
+BN_RECP_CTX_init was removed in OpenSSL 1.1.0
=cut
=head1 HISTORY
-BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in
-all versions on SSLeay and OpenSSL. BN_init() was added in SSLeay
-0.9.1b and removed in OpenSSL 1.1.0.
+BN_init() was removed in OpenSSL 1.1.0.
=cut
L<bn(3)>, L<DH_size(3)>, L<DSA_size(3)>,
L<RSA_size(3)>
-=head1 HISTORY
-
-BN_num_bytes(), BN_num_bits() and BN_num_bits_word() are available in
-all versions of SSLeay and OpenSSL.
-
=cut
L<bn(3)>, L<ERR_get_error(3)>, L<rand(3)>,
L<RAND_add(3)>, L<RAND_bytes(3)>
-=head1 HISTORY
-
-BN_rand() is available in all versions of SSLeay and OpenSSL.
-BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case
-and the function BN_rand_range() were added in OpenSSL 0.9.6a.
-BN_pseudo_rand_range() was added in OpenSSL 0.9.6c.
-
=cut
L<bn(3)>, L<BN_num_bytes(3)>, L<BN_add(3)>
-=head1 HISTORY
-
-BN_set_bit(), BN_clear_bit(), BN_is_bit_set(), BN_mask_bits(),
-BN_lshift(), BN_lshift1(), BN_rshift(), and BN_rshift1() are available
-in all versions of SSLeay and OpenSSL.
-
=cut
L<bn(3)>
-=head1 HISTORY
-
-BN_swap was added in OpenSSL 0.9.7.
-
=cut
L<bn(3)>, L<BN_bn2bin(3)>
-=head1 HISTORY
-
-BN_zero(), BN_one() and BN_set_word() are available in all versions of
-SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in
-SSLeay 0.8.
-
-BN_value_one() was changed to return a true const BIGNUM * in OpenSSL
-0.9.7.
-
=cut
L<CMS_sign(3)>,
L<CMS_encrypt(3)>
-=head1 HISTORY
-
-CMS_add0_cert(), CMS_add1_cert(), CMS_get1_certs(), CMS_add0_crl()
-and CMS_get1_crls() were all first added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_decrypt(3)>,
L<CMS_final(3)>,
-=head1 HISTORY
-
-CMS_add1_recipient_cert() and CMS_add0_recipient_key() were added to OpenSSL
-0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_sign(3)>,
L<CMS_final(3)>,
-=head1 HISTORY
-
-CMS_add1_signer() was added to OpenSSL 0.9.8
-
=cut
=head1 HISTORY
-CMS_compress() was added to OpenSSL 0.9.8
-The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+The B<CMS_STREAM> flag was added in OpenSSL 1.0.0.
=cut
L<ERR_get_error(3)>, L<CMS_encrypt(3)>
-=head1 HISTORY
-
-CMS_decrypt() was added to OpenSSL 0.9.8
-
=cut
=head1 HISTORY
-CMS_decrypt() was added to OpenSSL 0.9.8
The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
=cut
L<ERR_get_error(3)>, L<CMS_sign(3)>,
L<CMS_encrypt(3)>
-=head1 HISTORY
-
-CMS_final() was added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_decrypt(3)>
-=head1 HISTORY
-
-These functions were first was added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_verify(3)>
-=head1 HISTORY
-
-These functions were first was added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>
-=head1 HISTORY
-
-CMS_get0_type(), CMS_set1_eContentType() and CMS_get0_eContentType() were all
-first added to OpenSSL 0.9.8
-
=cut
L<CMS_sign_receipt(3)>, L<CMS_verify(3)>
L<CMS_verify_receipt(3)>
-=head1 HISTORY
-
-CMS_ReceiptRequest_create0(), CMS_add1_ReceiptRequest(),
-CMS_get1_ReceiptRequest() and CMS_ReceiptRequest_get0_values() were added to
-OpenSSL 0.9.8
-
=cut
=head1 HISTORY
-CMS_sign() was added to OpenSSL 0.9.8
-
The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
it is supported for embedded data in OpenSSL 1.0.0 and later.
L<CMS_verify_receipt(3)>,
L<CMS_sign(3)>
-=head1 HISTORY
-
-CMS_sign_receipt() was added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_compress(3)>
-=head1 HISTORY
-
-CMS_uncompress() was added to OpenSSL 0.9.8
-
=cut
L<ERR_get_error(3)>, L<CMS_sign(3)>
-=head1 HISTORY
-
-CMS_verify() was added to OpenSSL 0.9.8
-
=cut
L<CMS_sign_receipt(3)>,
L<CMS_verify(3)>,
-=head1 HISTORY
-
-CMS_verify_receipt() was added to OpenSSL 0.9.8
-
=cut
L<conf(5)>, L<OPENSSL_config(3)>,
L<CONF_modules_load_file(3)>
-=head1 HISTORY
-
-CONF_modules_free(), CONF_modules_unload(), and CONF_modules_finish()
-first appeared in OpenSSL 0.9.7.
-
=cut
L<conf(5)>, L<OPENSSL_config(3)>,
L<CONF_free(3)>, L<err(3)>
-=head1 HISTORY
-
-CONF_modules_load_file and CONF_modules_load first appeared in OpenSSL 0.9.7.
-
=cut
L<DSA_get_ex_new_index(3)>,
L<DH_get_ex_new_index(3)>
-=head1 HISTORY
-
-CRYPTO_set_ex_data() and CRYPTO_get_ex_data() have been available since SSLeay 0.9.0.
-
=cut
L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>, L<DH_size(3)>
-=head1 HISTORY
-
-DH_generate_key() and DH_compute_key() are available in all versions
-of SSLeay and OpenSSL.
-
=cut
L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>,
L<DH_free(3)>
-=head1 HISTORY
-
-DH_check() is available in all versions of SSLeay and OpenSSL.
-The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
-
-In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
-instead of DH_CHECK_P_NOT_SAFE_PRIME.
-
=cut
L<RSA_get_ex_new_index(3)>, L<dh(3)>
-=head1 HISTORY
-
-DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
-available since OpenSSL 0.9.5.
-
=cut
L<DH_generate_parameters(3)>,
L<DH_generate_key(3)>
-=head1 HISTORY
-
-DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
-
=cut
L<ERR_get_error(3)> if the allocation fails. Otherwise it
returns a pointer to the newly allocated structure.
-=head1 NOTES
-
-As of version 0.9.7, DH_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DH functionality using an ENGINE API function,
-that will override any DH defaults set using the DH API (ie.
-DH_set_default_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in DH and other cryptographic
-algorithms.
-
=head1 SEE ALSO
L<dh(3)>, L<DH_new(3)>
-=head1 HISTORY
-
-DH_set_default_method(), DH_get_default_method(), DH_set_method(),
-DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
-
-DH_set_default_openssl_method() and DH_get_default_openssl_method() replaced
-DH_set_default_method() and DH_get_default_method() respectively, and
-DH_set_method() and DH_new_method() were altered to use B<ENGINE>s rather than
-B<DH_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DH API without
-requiring changing these function prototypes.
-
=cut
=head1 HISTORY
-DH_size() is available in all versions of SSLeay and OpenSSL.
DH_bits() was added in OpenSSL 1.1.0.
=cut
L<dsa(3)>, L<ERR_get_error(3)>,
L<DSA_do_sign(3)>
-=head1 HISTORY
-
-DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
-
=cut
L<DSA_SIG_new(3)>,
L<DSA_sign(3)>
-=head1 HISTORY
-
-DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
-
=cut
L<dh(3)>, L<dsa(3)>, L<ERR_get_error(3)>
-=head1 HISTORY
-
-DSA_dup_DH() was added in OpenSSL 0.9.4.
-
=cut
L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
L<DSA_generate_parameters(3)>
-=head1 HISTORY
-
-DSA_generate_key() is available since SSLeay 0.8.
-
=cut
L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
L<DSA_free(3)>, L<BN_generate_prime(3)>
-=head1 HISTORY
-
-DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
-argument was added in SSLeay 0.9.0.
-In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
-in the inner loop of the Miller-Rabin test whenever it reached the
-squaring step (the parameters to B<callback> did not reveal how many
-witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
-is called as in BN_is_prime(3), i.e. once for each witness.
=cut
L<RSA_get_ex_new_index(3)>, L<dsa(3)>
-=head1 HISTORY
-
-DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
-available since OpenSSL 0.9.5.
-
=cut
L<DSA_generate_parameters(3)>,
L<DSA_generate_key(3)>
-=head1 HISTORY
-
-DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
-
=cut
obtained by L<ERR_get_error(3)> if the allocation
fails. Otherwise it returns a pointer to the newly allocated structure.
-=head1 NOTES
-
-As of version 0.9.7, DSA_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DSA functionality using an ENGINE API function,
-that will override any DSA defaults set using the DSA API (ie.
-DSA_set_default_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in DSA and other cryptographic
-algorithms.
-
=head1 SEE ALSO
L<dsa(3)>, L<DSA_new(3)>
-=head1 HISTORY
-
-DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
-DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
-
-DSA_set_default_openssl_method() and DSA_get_default_openssl_method() replaced
-DSA_set_default_method() and DSA_get_default_method() respectively, and
-DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s rather than
-B<DSA_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DSA API without
-requiring changing these function prototypes.
-
=cut
L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
L<DSA_do_sign(3)>
-=head1 HISTORY
-
-DSA_sign() and DSA_verify() are available in all versions of SSLeay.
-DSA_sign_setup() was added in SSLeay 0.8.
-
=cut
L<dsa(3)>, L<DSA_sign(3)>
-=head1 HISTORY
-
-DSA_size() is available in all versions of SSLeay and OpenSSL.
-
=cut
=head1 HISTORY
ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
-all versions of SSLeay and OpenSSL.
+all versions of OpenSSL.
=cut
L<err(3)>, L<ERR_get_error(3)>
-=head1 HISTORY
-
-ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
-
=cut
L<SSL_load_error_strings(3)>
L<ERR_print_errors(3)>
-=head1 HISTORY
-
-ERR_error_string() is available in all versions of SSLeay and OpenSSL.
-ERR_error_string_n() was added in OpenSSL 0.9.6.
-
=cut
L<err(3)>, L<ERR_error_string(3)>,
L<ERR_GET_LIB(3)>
-=head1 HISTORY
-
-ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
-ERR_peek_error_line() are available in all versions of SSLeay and
-OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
-were added in SSLeay 0.9.0.
-ERR_peek_last_error(), ERR_peek_last_error_line() and
-ERR_peek_last_error_line_data() were added in OpenSSL 0.9.7.
-
=cut
L<err(3)>, L<ERR_error_string(3)>
-=head1 HISTORY
-
-ERR_load_error_strings(), SSL_load_error_strings() and
-ERR_free_strings() are available in all versions of SSLeay and
-OpenSSL.
-
=cut
L<err(3)>, L<ERR_load_strings(3)>
-=head1 HISTORY
-
-ERR_load_error_strings() and ERR_PACK() are available in all versions
-of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
-SSLeay 0.9.0.
-
=cut
L<ERR_load_crypto_strings(3)>,
L<SSL_load_error_strings(3)>
-=head1 HISTORY
-
-ERR_print_errors() and ERR_print_errors_fp()
-are available in all versions of SSLeay and OpenSSL.
-
=cut
L<err(3)>, L<ERR_load_strings(3)>
-=head1 HISTORY
-
-ERR_put_error() is available in all versions of SSLeay and OpenSSL.
-ERR_add_error_data() was added in SSLeay 0.9.0.
-
=cut
=head1 HISTORY
-ERR_remove_state() is available in all versions of SSLeay and OpenSSL. It
-was deprecated in OpenSSL 1.0.0 when ERR_remove_thread_state was introduced
+ERR_remove_state()
+was deprecated in OpenSSL 1.0.0 when ERR_remove_thread_state() was introduced
and thread IDs were introduced to identify threads instead of 'unsigned long'.
=cut
L<err(3)>
-=head1 HISTORY
-
-ERR_set_mark() and ERR_pop_to_mark() were added in OpenSSL 0.9.8.
-
=cut
instead of initializing and cleaning it up on each call and allow non default
implementations of digests to be specified.
-In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
+If digest contexts are not cleaned up after use
memory leaks will occur.
Stack allocation of EVP_MD_CTX structures is common, for example:
=head1 HISTORY
-EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
-EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
-and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
-EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
-changed to return truly const EVP_MD * in OpenSSL 0.9.7.
-
The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
later, so now EVP_sha1() can be used with RSA and DSA; there is no need to
use EVP_dss1() any more.
-OpenSSL 1.0 and later does not include the MD2 digest algorithm in the
-default configuration due to its security weaknesses.
-
=cut
=head1 HISTORY
-EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(),
-EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(),
-EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
-OpenSSL 0.9.7.
-
-IDEA appeared in OpenSSL 0.9.7 but was often disabled due to
-patent concerns; the last patents expired in 2012.
-
Support for OCB mode was added in OpenSSL 1.1.0
+
=cut
The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
generation to B<nid>. For EC parameter generation this macro must be called
-or an error occurs because there is no default curve. In OpenSSL 1.0.2 and
-later this function can also be called to set the curve explicitly when
+or an error occurs because there is no default curve.
+This function can also be called to set the curve explicitly when
generating an EC key.
The EVP_PKEY_CTX_set_ec_param_enc() sets the EC parameter encoding to
B<OPENSSL_EC_EXPLICIT_CURVE> for explicit parameters (the default in versions
of OpenSSL before 1.1.0) or B<OPENSSL_EC_NAMED_CURVE> to use named curve form.
For maximum compatibility the named curve form should be used. Note: the
-B<OPENSSL_EC_NAMED_CURVE> value was only added to OpenSSL 1.1.0: previous
+B<OPENSSL_EC_NAMED_CURVE> value was only added to OpenSSL 1.1.0; previous
versions should use 0 instead.
=head1 RETURN VALUES
L<EVP_EncryptInit(3)>,
L<EVP_OpenInit(3)>
-=head1 HISTORY
-
-EVP_SealFinal() did not return a value before OpenSSL 0.9.7.
-
=cut
L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
L<sha(3)>, L<dgst(1)>
-=head1 HISTORY
-
-EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_SignInit_ex() was added in OpenSSL 0.9.7.
-
=cut
L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
L<sha(3)>, L<dgst(1)>
-=head1 HISTORY
-
-EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_VerifyInit_ex() was added in OpenSSL 0.9.7
-
=cut
=head1 NAME
-OPENSSL_VERSION_NUMBER, SSLeay, SSLeay_version - get OpenSSL version number
+OPENSSL_VERSION_NUMBER, OpenSSL_version - get OpenSSL version number
=head1 SYNOPSIS
#define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
#include <openssl/crypto.h>
- long SSLeay(void);
- const char *SSLeay_version(int t);
+ const char *OpenSSL_version(int t);
=head1 DESCRIPTION
number was therefore 0x0090581f.
-For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
+For backward compatibility, OPENSSL_VERSION_NUMBER is also defined.
-SSLeay() returns this number. The return value can be compared to the
-macro to make sure that the correct version of the library has been
-loaded, especially when using DLLs on Windows systems.
-
-SSLeay_version() returns different strings depending on B<t>:
+OpenSSL_version() returns different strings depending on B<t>:
=over 4
-=item SSLEAY_VERSION
+=item OPENSSL_VERSION
The text variant of the version number and the release date. For example,
-"OpenSSL 0.9.5a 1 Apr 2000".
+"OpenSSL 1.0.1a 15 Oct 2015".
-=item SSLEAY_CFLAGS
+=item OPENSSL_CFLAGS
The compiler flags set for the compilation process in the form
"compiler: ..." if available or "compiler: information not available"
otherwise.
-=item SSLEAY_BUILT_ON
+=item OPENSSL_BUILT_ON
The date of the build process in the form "built on: ..." if available
or "built on: date not available" otherwise.
-=item SSLEAY_PLATFORM
+=item OPENSSL_PLATFORM
The "Configure" target of the library build in the form "platform: ..."
if available or "platform: information not available" otherwise.
-=item SSLEAY_DIR
+=item OPENSSL_DIR
The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
if available or "OPENSSLDIR: N/A" otherwise.
L<crypto(3)>
-=head1 HISTORY
-
-SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL.
-OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
=cut
initialization (that is before starting any threads).
There are several reasons why calling the OpenSSL configuration routines is
-advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
-In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
-used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
+advisable. For example, to load dynamic ENGINEs from shared libraries (DSOs).
However very few applications currently support the control interface and so
very few can load and use dynamic ENGINEs. Equally in future more sophisticated
ENGINEs will require certain control operations to customize them. If an
L<CONF_modules_load_file(3)>,
L<CONF_modules_free(3)>
-=head1 HISTORY
-
-OPENSSL_config() and OPENSSL_no_config() first appeared in OpenSSL 0.9.7
-
=cut
L<conf(3)>, L<OPENSSL_config(3)>
-=head1 HISTORY
-
-These functions first appeared in OpenSSL 0.9.7.
-
=cut
had restrictions on the permissible sizes of keys which could be used for
encryption.
-=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8
-
-Some additional functionality was added to PKCS12_create() in OpenSSL
-0.9.8. These extensions are detailed below.
-
If a certificate contains an B<alias> or B<keyid> then this will be
used for the corresponding B<friendlyName> or B<localKeyID> in the
PKCS12 structure.
L<d2i_PKCS12(3)>
-=head1 HISTORY
-
-PKCS12_create was added in OpenSSL 0.9.3
-
=cut
L<d2i_PKCS12(3)>
-=head1 HISTORY
-
-PKCS12_parse was added in OpenSSL 0.9.3
-
=cut
L<ERR_get_error(3)>, L<PKCS7_encrypt(3)>
-=head1 HISTORY
-
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-
=cut
=head1 HISTORY
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
+The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
=cut
If a signer is specified it will use the default digest for the signing
algorithm. This is B<SHA1> for both RSA and DSA keys.
-
In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
+
The B<certs>, B<signcert> and B<pkey> parameters can all be
B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
called to finalize the structure if streaming is not enabled. Alternative
signing digests can also be specified using this method.
-I
n OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
+If B<signcert> and B<pkey> are NULL then a certificates only
PKCS#7 structure is output.
In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
=head1 HISTORY
-PKCS7_sign() was added to OpenSSL 0.9.5
-
-The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
+The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
+and B<pkey> parameters to be B<NULL> to be was added in OpenSSL 1.0.0
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
L<ERR_get_error(3)>, L<PKCS7_sign(3)>
-=head1 HISTORY
-
-PKCS7_verify() was added to OpenSSL 0.9.5
-
=cut
L<rand(3)>, L<RAND_egd(3)>,
L<RAND_load_file(3)>, L<RAND_cleanup(3)>
-=head1 HISTORY
-
-RAND_seed() and RAND_screen() are available in all versions of SSLeay
-and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
-0.9.5, RAND_event() in OpenSSL 0.9.5a.
-
=cut
L<rand(3)>, L<ERR_get_error(3)>,
L<RAND_add(3)>
-=head1 HISTORY
-
-RAND_bytes() is available in all versions of SSLeay and OpenSSL. It
-has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
-in OpenSSL 0.9.5.
-
=cut
L<rand(3)>
-=head1 HISTORY
-
-RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
-
=cut
L<rand(3)>, L<RAND_add(3)>,
L<RAND_cleanup(3)>
-=head1 HISTORY
-
-RAND_egd() is available since OpenSSL 0.9.5.
-
-RAND_egd_bytes() is available since OpenSSL 0.9.6.
-
-RAND_query_egd_bytes() is available since OpenSSL 0.9.7.
-
-The automatic query of /var/run/egd-pool et al was added in OpenSSL 0.9.7.
-
=cut
RAND_load_file() reads a number of bytes from file B<filename> and
adds them to the PRNG. If B<max_bytes> is non-negative,
-up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
+up to to B<max_bytes> are read;
if B<max_bytes> is -1, the complete file is read.
RAND_write_file() writes a number of random bytes (currently 1024) to
L<rand(3)>, L<RAND_add(3)>, L<RAND_cleanup(3)>
-=head1 HISTORY
-
-RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
-all versions of SSLeay and OpenSSL.
-
=cut
=head1 NOTES
-As of version 0.9.7, RAND_METHOD implementations are grouped together with other
+RAND_METHOD implementations are grouped together with other
algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
default ENGINE is specified for RAND functionality using an ENGINE API function,
that will override any RAND defaults set using the RAND API (ie.
L<rand(3)>, L<engine(3)>
-=head1 HISTORY
-
-RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
-available in all versions of OpenSSL.
-
-In the engine version of version 0.9.6, RAND_set_rand_method() was altered to
-take an ENGINE pointer as its argument. As of version 0.9.7, that has been
-reverted as the ENGINE API transparently overrides RAND defaults if used,
-otherwise RAND API functions work as before. RAND_set_rand_engine() was also
-introduced in version 0.9.7.
-
=cut
L<rsa(3)>, L<rand(3)>
-=head1 HISTORY
-
-RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
-
=cut
=head1 HISTORY
-RSA_check_key() appeared in OpenSSL 0.9.4.
RSA_check_key_ex() appeared after OpenSSL 1.0.2.
=cut
L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
L<RSA_free(3)>, L<BN_generate_prime(3)>
-=head1 HISTORY
-
-The B<cb_arg> argument was added in SSLeay 0.9.0.
-
=cut
L<rsa(3)>, L<CRYPTO_set_ex_data(3)>
-=head1 HISTORY
-
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
-available since SSLeay 0.9.0.
-
=cut
L<RSA_generate_key(3)>,
L<RSA_new_method(3)>
-=head1 HISTORY
-
-RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
-
=cut
L<RSA_private_decrypt(3)>,
L<RSA_sign(3)>, L<RSA_verify(3)>
-=head1 HISTORY
-
-RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
-RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
-RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
-RSA_padding_add_none() and RSA_padding_check_none() appeared in
-SSLeay 0.9.0.
-
-RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
-added in OpenSSL 0.9.2b.
-
=cut
L<dh(3)>, L<dsa(3)>, L<rsa(3)>, L<BN_bn2bin(3)>
-=head1 HISTORY
-
-RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
-DH_print_fp() are available in all versions of SSLeay and OpenSSL.
-DSAparams_print() and DSAparams_print_fp() were added in SSLeay 0.8.
-
=cut
L<ERR_get_error(3)>, L<rsa(3)>,
L<RSA_sign(3)>, L<RSA_verify(3)>
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0.
-
=cut
L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
L<RSA_size(3)>
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
-
=cut
by L<ERR_get_error(3)> if the allocation fails. Otherwise
it returns a pointer to the newly allocated structure.
-=head1 NOTES
-
-As of version 0.9.7, RSA_METHOD implementations are grouped together with
-other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
-modules. If a default ENGINE is specified for RSA functionality using an
-ENGINE API function, that will override any RSA defaults set using the RSA
-API (ie. RSA_set_default_method()). For this reason, the ENGINE API is the
-recommended way to control default implementations for use in RSA and other
-cryptographic algorithms.
-
=head1 BUGS
The behaviour of RSA_flags() is a mis-feature that is left as-is for now
L<rsa(3)>, L<RSA_new(3)>
-=head1 HISTORY
-
-RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
-RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
-well as the rsa_sign and rsa_verify components of RSA_METHOD were
-added in OpenSSL 0.9.4.
-
-RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
-replaced RSA_set_default_method() and RSA_get_default_method()
-respectively, and RSA_set_method() and RSA_new_method() were altered to use
-B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
-version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
-API was restructured so that this change was reversed, and behaviour of the
-other functions resembled more closely the previous behaviour. The
-behaviour of defaults in the ENGINE API now transparently overrides the
-behaviour of defaults in the RSA API without requiring changing these
-function prototypes.
-
=cut
The error codes can be obtained by L<ERR_get_error(3)>.
-=head1 BUGS
-
-Certain signatures with an improper algorithm identifier are accepted
-for compatibility with SSLeay 0.4.5 :-)
-
=head1 CONFORMING TO
SSL, PKCS #1 v2.0
L<rsa(3)>, L<RSA_private_encrypt(3)>,
L<RSA_public_decrypt(3)>
-=head1 HISTORY
-
-RSA_sign() and RSA_verify() are available in all versions of SSLeay
-and OpenSSL.
-
=cut
L<rand(3)>, L<rsa(3)>, L<RSA_sign(3)>,
L<RSA_verify(3)>
-=head1 HISTORY
-
-RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
-added in SSLeay 0.8.
-
=cut
=head1 HISTORY
-RSA_size() is available in all versions of SSLeay and OpenSSL.
RSA_bits() was added in OpenSSL 1.1.0.
=cut
L<CMS_verify(3)>, L<CMS_encrypt(3)>
L<CMS_decrypt(3)>
-=head1 HISTORY
-
-SMIME_read_CMS() was added to OpenSSL 0.9.8
-
=cut
L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
L<PKCS7_decrypt(3)>
-=head1 HISTORY
-
-SMIME_read_PKCS7() was added to OpenSSL 0.9.5
-
=cut
L<CMS_verify(3)>, L<CMS_encrypt(3)>
L<CMS_decrypt(3)>
-=head1 HISTORY
-
-SMIME_write_CMS() was added to OpenSSL 0.9.8
-
=cut
L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
L<PKCS7_decrypt(3)>
-=head1 HISTORY
-
-SMIME_write_PKCS7() was added to OpenSSL 0.9.5
-
=cut
L<crypto(3)>
-=head1 HISTORY
-
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
=cut
L<RSA_get_ex_new_index(3)>
-=head1 HISTORY
-
-X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
-X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
-
=cut
L<X509_STORE_set_verify_cb_func(3)>
L<X509_STORE_CTX_get_ex_new_index(3)>
-=head1 HISTORY
-
-X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
-OpenSSL.
-
=cut
=head1 HISTORY
-X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
-OpenSSL.
-
X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
=cut
=head1 HISTORY
-X509_get_subject_name(), X509_set_subject_name() and X509_get_issuer_name(),
-X509_set_issuer_name(), X509_REQ_set_subject_name() and
-X509_CRL_set_issuer_name() are avaiable in all versions of OpenSSL.
-
X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in
earlier versions.
=head1 HISTORY
-X509_get_version(), X509_set_version() X509_REQ_get_version(),
-X509_REQ_set_version(), X509_REQ_get_version() and X509_REQ_set_version()
-are available in all versions of OpenSSL.
-
X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are
functions in OpenSSL 1.1.0, in previous versions they were macros.
L<X509V3_get_d2i(3)>,
L<X509_verify_cert(3)>
-=head1 HISTORY
-
-X509_new() and X509_free() are available in all versions of SSLeay and OpenSSL.
-
=cut
L<X509_STORE_CTX_get_error(3)>
-=head1 HISTORY
-
-X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
-
=cut
=head1 HISTORY
-BUF_MEM_new(), BUF_MEM_free() and BUF_MEM_grow() are available in all
-versions of SSLeay and OpenSSL. BUF_strdup() was added in SSLeay 0.8.
-
-BUF_MEM_new_ex() was contributed to OpenSSL by Akamai Technologies
-in May, 2014.
+BUF_MEM_new_ex() was added in OpenSSL 1.1.0.
=cut
L<d2i_X509(3)>
-=head1 HISTORY
-
-These functions were first added to OpenSSL 0.9.8
-
=cut
If the return value is negative an error occurred, otherwise it
returns the length of the encoded data.
-For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
+If B<*out> is B<NULL> memory will be
allocated for a buffer and the encoded data written to it. In this
case B<*out> is not incremented and it points to the start of the
data just written.
Allocate and encode the DER encoding of an X509 structure:
- int len;
- unsigned char *buf, *p;
-
- len = i2d_X509(x, NULL);
-
- buf = OPENSSL_malloc(len);
-
- if (buf == NULL)
- /* error */
-
- p = buf;
-
- i2d_X509(x, &p);
-
-If you are using OpenSSL 0.9.7 or later then this can be
-simplified to:
-
-
int len;
unsigned char *buf;
buf = NULL;
-
len = i2d_X509(x, &buf);
-
if (len < 0)
/* error */
Attempt to decode a buffer:
X509 *x;
-
unsigned char *buf, *p;
-
int len;
/* Something to setup buf and len */
-
p = buf;
-
x = d2i_X509(NULL, &p, len);
if (x == NULL)
Alternative technique:
X509 *x;
-
unsigned char *buf, *p;
-
int len;
/* Something to setup buf and len */
-
p = buf;
-
x = NULL;
- if(!d2i_X509(&x, &p, len))
+ if (!d2i_X509(&x, &p, len))
/* Some error */
unsigned char *buf;
len = i2d_X509(x, NULL);
-
buf = OPENSSL_malloc(len);
-
if (buf == NULL)
/* error */
i2d_X509(x, &buf);
-
/* Other stuff ... */
-
OPENSSL_free(buf);
This code will result in B<buf> apparently containing garbage because
Also B<buf> will no longer contain the pointer allocated by B<OPENSSL_malloc()>
and the subsequent call to B<OPENSSL_free()> may well crash.
-The auto allocation feature (setting buf to NULL) only works on OpenSSL
-0.9.7 and later. Attempts to use it on earlier versions will typically
-cause a segmentation violation.
-
Another trap to avoid is misuse of the B<xp> argument to B<d2i_X509()>:
X509 *x;
L<X509V3_get_d2i(3)>,
L<X509_verify_cert(3)>
-=head1 HISTORY
-
-d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio and i2d_X509_fp
-are available in all versions of SSLeay and OpenSSL.
-
=cut
Single-key DES is insecure due to its short key size. ECB mode is
not suitable for most applications; see L<des_modes(7)>.
-=head1 AUTHOR
-
-Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
-(http://www.openssl.org).
-
=head1 SEE ALSO
L<des_modes(7)>,
L<dsa(3)>, L<rsa(3)>
-=head1 HISTORY
-
-The ecdsa implementation was first introduced in OpenSSL 0.9.8
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org).
-
=cut
and ENGINE could therefore decide whether or not to support this "foo"-specific
extension).
-=head2 Future developments
-
-The ENGINE API and internal architecture is currently being reviewed. Slated for
-possible release in 0.9.8 is support for transparent loading of "dynamic"
-ENGINEs (built as self-contained shared-libraries). This would allow ENGINE
-implementations to be provided independently of OpenSSL libraries and/or
-OpenSSL-based applications, and would also remove any requirement for
-applications to explicitly use the "dynamic" ENGINE to bind to shared-library
-implementations.
-
=head1 SEE ALSO
L<rsa(3)>, L<dsa(3)>, L<dh(3)>, L<rand(3)>
=head1 HISTORY
-HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
-are available since SSLeay 0.9.0.
-
-HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
-since OpenSSL 0.9.7.
-
HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
versions of OpenSSL before 1.0.0.
L<bio(3)>, L<lhash(3)>
-=head1 HISTORY
-
-These functions are available in all versions of SSLeay and OpenSSL.
-
-This manpage is derived from the SSLeay documentation.
-
=cut
lh_<type>_insert() returns B<NULL> both for success and error.
-=head1 INTERNALS
-
-The following description is based on the SSLeay documentation:
-
-The B<lhash> library implements a hash table described in the
-I<Communications of the ACM> in 1991. What makes this hash table
-different is that as the table fills, the hash table is increased (or
-decreased) in size via OPENSSL_realloc(). When a 'resize' is done, instead of
-all hashes being redistributed over twice as many 'buckets', one
-bucket is split. So when an 'expand' is done, there is only a minimal
-cost to redistribute some values. Subsequent inserts will cause more
-single 'bucket' redistributions but there will never be a sudden large
-cost due to redistributing all the 'buckets'.
-
-The state for a particular hash table is kept in the B<LHASH> structure.
-The decision to increase or decrease the hash table size is made
-depending on the 'load' of the hash table. The load is the number of
-items in the hash table divided by the size of the hash table. The
-default values are as follows. If (hash->up_load E<lt> load) =E<gt>
-expand. if (hash-E<gt>down_load E<gt> load) =E<gt> contract. The
-B<up_load> has a default value of 1 and B<down_load> has a default value
-of 2. These numbers can be modified by the application by just
-playing with the B<up_load> and B<down_load> variables. The 'load' is
-kept in a form which is multiplied by 256. So
-hash-E<gt>up_load=8*256; will cause a load of 8 to be set.
-
-If you are interested in performance the field to watch is
-num_comp_calls. The hash library keeps track of the 'hash' value for
-each item so when a lookup is done, the 'hashes' are compared, if
-there is a match, then a full compare is done, and
-hash-E<gt>num_comp_calls is incremented. If num_comp_calls is not equal
-to num_delete plus num_retrieve it means that your hash function is
-generating hashes that are the same for different values. It is
-probably worth changing your hash function if this is the case because
-even if your hash table has 10 items in a 'bucket', it can be searched
-with 10 B<unsigned long> compares and 10 linked list traverses. This
-will be much less expensive that 10 calls to your compare function.
-
-lh_strhash() is a demo string hashing function:
-
- unsigned long lh_strhash(const char *c);
-
-Since the B<LHASH> routines would normally be passed structures, this
-routine would not normally be passed to lh_<type>_new(), rather it would be
-used in the function passed to lh_<type>_new().
-
=head1 SEE ALSO
L<lh_stats(3)>
=head1 HISTORY
-The B<lhash> library is available in all versions of SSLeay and OpenSSL.
-lh_error() was added in SSLeay 0.9.1b.
-
-This manpage is derived from the SSLeay documentation.
-
-In OpenSSL 0.9.7, all lhash functions that were passed function pointers
-were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
-LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE
-became available.
-
-In OpenSSL 1.0.0, the lhash interface was revamped for even better
+In OpenSSL 1.0.0, the lhash interface was revamped for better
type checking.
=cut
void RAND_set_rand_method(const RAND_METHOD *meth);
const RAND_METHOD *RAND_get_rand_method(void);
- RAND_METHOD *RAND_SSLeay(void);
+ RAND_METHOD *RAND_OpenSSL(void);
void RAND_cleanup(void);
L<RAND_bytes(3)> describes how to obtain random data from the
PRNG.
-=head1 INTERNALS
-
-The RAND_SSLeay() method implements a PRNG based on a cryptographic
-hash function.
-
-The following description of its design is based on the SSLeay
-documentation:
-
-First up I will state the things I believe I need for a good RNG.
-
-=over 4
-
-=item 1
-
-A good hashing algorithm to mix things up and to convert the RNG 'state'
-to random numbers.
-
-=item 2
-
-An initial source of random 'state'.
-
-=item 3
-
-The state should be very large. If the RNG is being used to generate
-4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-If your RNG state only has 128 bits, you are obviously limiting the
-search space to 128 bits, not 2048. I'm probably getting a little
-carried away on this last point but it does indicate that it may not be
-a bad idea to keep quite a lot of RNG state. It should be easier to
-break a cipher than guess the RNG seed data.
-
-=item 4
-
-Any RNG seed data should influence all subsequent random numbers
-generated. This implies that any random seed data entered will have
-an influence on all subsequent random numbers generated.
-
-=item 5
-
-When using data to seed the RNG state, the data used should not be
-extractable from the RNG state. I believe this should be a
-requirement because one possible source of 'secret' semi random
-data would be a private key or a password. This data must
-not be disclosed by either subsequent random numbers or a
-'core' dump left by a program crash.
-
-=item 6
-
-Given the same initial 'state', 2 systems should deviate in their RNG state
-(and hence the random numbers generated) over time if at all possible.
-
-=item 7
-
-Given the random number output stream, it should not be possible to determine
-the RNG state or the next random number.
-
-=back
-
-The algorithm is as follows.
-
-There is global state made up of a 1023 byte buffer (the 'state'), a
-working hash value ('md'), and a counter ('count').
-
-Whenever seed data is added, it is inserted into the 'state' as
-follows.
-
-The input is chopped up into units of 20 bytes (or less for
-the last block). Each of these blocks is run through the hash
-function as follows: The data passed to the hash function
-is the current 'md', the same number of bytes from the 'state'
-(the location determined by in incremented looping index) as
-the current 'block', the new key data 'block', and 'count'
-(which is incremented after each use).
-The result of this is kept in 'md' and also xored into the
-'state' at the same locations that were used as input into the
-hash function. I
-believe this system addresses points 1 (hash function; currently
-SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-function and xor).
-
-When bytes are extracted from the RNG, the following process is used.
-For each group of 10 bytes (or less), we do the following:
-
-Input into the hash function the local 'md' (which is initialized from
-the global 'md' before any bytes are generated), the bytes that are to
-be overwritten by the random bytes, and bytes from the 'state'
-(incrementing looping index). From this digest output (which is kept
-in 'md'), the top (up to) 10 bytes are returned to the caller and the
-bottom 10 bytes are xored into the 'state'.
-
-Finally, after we have finished 'num' random bytes for the caller,
-'count' (which is incremented) and the local and global 'md' are fed
-into the hash function and the results are kept in the global 'md'.
-
-I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-into the 'state' the 'old' data from the caller that is about to be
-overwritten) and 7 (by not using the 10 bytes given to the caller to
-update the 'state', but they are used to update 'md').
-
-So of the points raised, only 2 is not addressed (but see
-L<RAND_add(3)>).
-
=head1 SEE ALSO
L<BN_rand(3)>, L<RAND_add(3)>,
It is difficult to securely use stream ciphers. For example, do not perform
multiple encryptions using the same key stream.
-=head1 HISTORY
-
-RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL.
-
=head1 SEE ALSO
L<EVP_EncryptInit(3)>
const RSA_METHOD *RSA_get_default_method(void);
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
const RSA_METHOD *RSA_get_method(const RSA *rsa);
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
RSA_METHOD *RSA_null_method(void);
int RSA_flags(const RSA *rsa);
RSA *RSA_new_method(ENGINE *engine);
=head1 HISTORY
-CRYPTO_set_locking_callback() is
-available in all versions of SSLeay and OpenSSL.
-CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0
to replace (actually, deprecate) the previous CRYPTO_set_id_callback(),
CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed
L<ui_create(3)>, L<ui_compat(3)>
-=head1 HISTORY
-
-The UI section was first introduced in OpenSSL 0.9.7.
-
-=head1 AUTHOR
-
-Richard Levitte (richard@levitte.org) for the OpenSSL project
-(http://www.openssl.org).
-
=cut
=head1 HISTORY
-DTLSv1_listen() was added in OpenSSL 0.9.8. Its return codes were clarified in
-OpenSSL 1.1.0.
+DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0.
=cut
L<SSL_get_verify_result(3)>,
L<SSL_CTX_load_verify_locations(3)>
-=head1 HISTORY
-
-Previous to OpenSSL 0.9.7, the I<arg> argument to B<SSL_CTX_set_cert_verify_callback>
-was ignored, and I<callback> was called simply as
- int (*callback)(X509_STORE_CTX *)
-To compile software written for previous versions of OpenSSL, a dummy
-argument will have to be added to I<callback>.
-
=cut
L<ssl(3)>, L<SSL_get_version(3)>
-=head1 HISTORY
-
-SSL_CTX_set_generate_session_id(), SSL_set_generate_session_id()
-and SSL_has_matching_session_id() have been introduced in
-OpenSSL 0.9.7.
-
=cut
L<ssl(3)>, L<SSL_new(3)>,
L<SSL_CTX_set_verify(3)>
-=head1 HISTORY
-
-SSL*_set/get_max_cert_list() have been introduced in OpenSSL 0.9.7.
-
=cut
L<ssl(3)>, L<SSL_read(3)>, L<SSL_write(3)>
-=head1 HISTORY
-
-SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.
-
=cut
L<ssl(3)>, L<SSL_new(3)>
-=head1 HISTORY
-
-SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(),
-SSL_set_msg_callback() and SSL_get_msg_callback_arg() were added in OpenSSL 0.9.7.
-
=cut
=over 4
-=item SSL_OP_MICROSOFT_SESS_ID_BUG
-
-As of OpenSSL 1.0.0 this option has no effect.
-
-=item SSL_OP_NETSCAPE_CHALLENGE_BUG
-
-As of OpenSSL 1.0.0 this option has no effect.
-
-=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-
-As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
-
=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
...
=head1 SECURE RENEGOTIATION
-OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
+OpenSSL always attempts to use secure renegotiation as
described in RFC5746. This counters the prefix attack described in
CVE-2009-3555 and elsewhere.
If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then
renegotiation B<always> succeeds.
-B<NB:> a bug in OpenSSL clients earlier than 0.9.8m (all of which are
-unpatched) will result in the connection hanging if it receives a
-B<no_renegotiation> alert. OpenSSL versions 0.9.8m and later will regard
-a B<no_renegotiation> alert as fatal and respond with a fatal
-B<handshake_failure> alert. This is because the OpenSSL API currently has
-no provision to indicate to an application that a renegotiation attempt
-was refused.
-
=head2 Patched OpenSSL client and unpatched server.
If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or
=head1 HISTORY
-B<SSL_OP_CIPHER_SERVER_PREFERENCE> and
-B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in
-OpenSSL 0.9.7.
-
-B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
-enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
-and must be explicitly set.
-
-B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
-Versions up to OpenSSL 0.9.6c do not include the countermeasure that
-can be disabled with this option (in OpenSSL 0.9.6d, it was always
-enabled).
-
-SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
-0.9.8m.
-
-B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT>
-and the function SSL_get_secure_renegotiation_support() were first added in
-OpenSSL 0.9.8m.
+The attempt to always try to use secure renegotiation was added in
+Openssl 0.9.8m.
=cut
L<SSL_CTX_set_timeout(3)>,
L<SSL_CTX_flush_sessions(3)>
-=head1 HISTORY
-
-SSL_SESS_CACHE_NO_INTERNAL_STORE and SSL_SESS_CACHE_NO_INTERNAL
-were introduced in OpenSSL 0.9.6h.
-
=cut
L<SSL_CTX_sess_set_get_cb(3)>,
L<SSL_CTX_set_session_id_context(3)>,
-=head1 HISTORY
-
-This function was introduced in OpenSSL 0.9.8h
-
=cut
L<SSL_CTX_set_client_cert_cb(3)>,
L<SSL_CTX_add_extra_chain_cert(3)>
-=head1 HISTORY
-
-Support for DER encoded private keys (SSL_FILETYPE_ASN1) in
-SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() was added
-in 0.9.8 .
-
=cut
L<ssl(3)>, L<err(3)>
-=head1 HISTORY
-
-SSL_get_error() was added in SSLeay 0.8.
-
=cut
SSL_library_init() always returns "1", so it is safe to discard the return
value.
-=head1 NOTES
-
-OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to SSL_library_init().
-Applications which need to use SHA2 in earlier versions of OpenSSL should call
-OpenSSL_add_all_algorithms() as well.
-
=head1 SEE ALSO
L<ssl(3)>, L<SSL_load_error_strings(3)>,
bytes may have been read containing more TLS/SSL records; these are ignored by
SSL_pending().
-Up to OpenSSL 0.9.6, SSL_pending() does not check if the record type
-of pending data is application data.
-
=head1 SEE ALSO
L<SSL_read(3)>,
=head1 HISTORY
-The L<ssl(3)> document appeared in OpenSSL 0.9.2
-
B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
in OpenSSL 1.1.0.
projects / oweals / openssl.git / commitdiff