laantungir/nostr_core_lib
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated build.sh to build curl, openssl, and 256k1 if needed

Browse Source
This commit is contained in:
Laan Tungir
2025-08-16 10:26:39 -04:00
parent 00df0cad99
commit 40dd3aa20b
9429 changed files with 407781 additions and 47716 deletions
Download Patch File Download Diff File Expand all files Collapse all files

261
openssl-3.4.2/doc/man/man7/EVP_ASYM_CIPHER-RSA.7 Normal file
View File

@@ -0,0 +1,261 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_ASYM_CIPHER-RSA 7ossl"
.TH EVP_ASYM_CIPHER-RSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_ASYM_CIPHER\-RSA
\&\- RSA Asymmetric Cipher algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Asymmetric Cipher support for the \fB\s-1RSA\s0\fR key type.
.SS "\s-1RSA\s0 Asymmetric Cipher parameters"
.IX Subsection "RSA Asymmetric Cipher parameters"
.ie n .IP """pad-mode"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``pad-mode'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "pad-mode (OSSL_ASYM_CIPHER_PARAM_PAD_MODE) <UTF8 string>"
The default provider understands these \s-1RSA\s0 padding modes in string form:
.RS 4
.ie n .IP """none"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_NONE\s0\fR)" 4
.el .IP "``none'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_NONE\s0\fR)" 4
.IX Item "none (OSSL_PKEY_RSA_PAD_MODE_NONE)"
.PD 0
.ie n .IP """oaep"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_OAEP\s0\fR)" 4
.el .IP "``oaep'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_OAEP\s0\fR)" 4
.IX Item "oaep (OSSL_PKEY_RSA_PAD_MODE_OAEP)"
.ie n .IP """pkcs1"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PKCSV15\s0\fR)" 4
.el .IP "``pkcs1'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PKCSV15\s0\fR)" 4
.IX Item "pkcs1 (OSSL_PKEY_RSA_PAD_MODE_PKCSV15)"
.PD
This padding mode is no longer supported by the \s-1FIPS\s0 provider for key
agreement and key transport.
(This is a \s-1FIPS 140\-3\s0 requirement)
.ie n .IP """x931"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_X931\s0\fR)" 4
.el .IP "``x931'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_X931\s0\fR)" 4
.IX Item "x931 (OSSL_PKEY_RSA_PAD_MODE_X931)"
.RE
.RS 4
.RE
.PD 0
.ie n .IP """pad-mode"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_PAD_MODE\s0\fR) <integer>" 4
.el .IP "``pad-mode'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_PAD_MODE\s0\fR) <integer>" 4
.IX Item "pad-mode (OSSL_ASYM_CIPHER_PARAM_PAD_MODE) <integer>"
.PD
The default provider understands these \s-1RSA\s0 padding modes in integer form:
.RS 4
.IP "1 (\fB\s-1RSA_PKCS1_PADDING\s0\fR)" 4
.IX Item "1 (RSA_PKCS1_PADDING)"
This padding mode is no longer supported by the \s-1FIPS\s0 provider for key
agreement and key transport.
(This is a \s-1FIPS 140\-3\s0 requirement)
.IP "3 (\fB\s-1RSA_NO_PADDING\s0\fR)" 4
.IX Item "3 (RSA_NO_PADDING)"
.PD 0
.IP "4 (\fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR)" 4
.IX Item "4 (RSA_PKCS1_OAEP_PADDING)"
.IP "5 (\fB\s-1RSA_X931_PADDING\s0\fR)" 4
.IX Item "5 (RSA_X931_PADDING)"
.RE
.RS 4
.PD
.Sp
See \fBEVP_PKEY_CTX_set_rsa_padding\fR\|(3) for further details.
.RE
.ie n .IP """digest"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """digest-props"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest-props'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest-props (OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS) <UTF8 string>"
.ie n .IP """mgf1\-digest"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mgf1\-digest'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mgf1-digest (OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST) <UTF8 string>"
.ie n .IP """mgf1\-digest\-props"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mgf1\-digest\-props'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mgf1-digest-props (OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS) <UTF8 string>"
.ie n .IP """oaep-label"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\s0\fR) <octet string>" 4
.el .IP "``oaep-label'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL\s0\fR) <octet string>" 4
.IX Item "oaep-label (OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL) <octet string>"
.ie n .IP """tls-client-version"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\s0\fR) <unsigned integer>" 4
.el .IP "``tls-client-version'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\s0\fR) <unsigned integer>" 4
.IX Item "tls-client-version (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>"
.PD
See \fB\s-1RSA_PKCS1_WITH_TLS_PADDING\s0\fR on the page \fBEVP_PKEY_CTX_set_rsa_padding\fR\|(3).
.ie n .IP """tls-negotiated-version"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\s0\fR) <unsigned integer>" 4
.el .IP "``tls-negotiated-version'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\s0\fR) <unsigned integer>" 4
.IX Item "tls-negotiated-version (OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION) <unsigned integer>"
See \fB\s-1RSA_PKCS1_WITH_TLS_PADDING\s0\fR on the page \fBEVP_PKEY_CTX_set_rsa_padding\fR\|(3).
.Sp
See \*(L"Asymmetric Cipher Parameters\*(R" in \fBprovider\-asym_cipher\fR\|(7) for more information.
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK) <integer>"
.PD
See \*(L"Asymmetric Cipher Parameters\*(R" in \fBprovider\-asym_cipher\fR\|(7) for more information.
.ie n .IP """pkcs15\-pad\-disabled"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED\s0\fR) <integer>" 4
.el .IP "``pkcs15\-pad\-disabled'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED\s0\fR) <integer>" 4
.IX Item "pkcs15-pad-disabled (OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED) <integer>"
The default value of 1 causes an error during encryption if the \s-1RSA\s0 padding
mode is set to \*(L"pkcs1\*(R".
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-RSA\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-asym_cipher\fR\|(7),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7)
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2022\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

172
openssl-3.4.2/doc/man/man7/EVP_ASYM_CIPHER-SM2.7 Normal file
View File

@@ -0,0 +1,172 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_ASYM_CIPHER-SM2 7ossl"
.TH EVP_ASYM_CIPHER-SM2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_ASYM_CIPHER\-SM2
\&\- SM2 Asymmetric Cipher algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Asymmetric Cipher support for the \fB\s-1SM2\s0\fR key type.
.SS "\s-1SM2\s0 Asymmetric Cipher parameters"
.IX Subsection "SM2 Asymmetric Cipher parameters"
.ie n .IP """digest"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_ASYM_CIPHER_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """digest-props"" (\fB\s-1OSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest-props'' (\fB\s-1OSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest-props (OSSL_ASYM_CIPHER_PARAM_DIGEST_PROPS) <UTF8 string>"
.PD
See \*(L"Asymmetric Cipher Parameters\*(R" in \fBprovider\-asym_cipher\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-SM2\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-asym_cipher\fR\|(7),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

228
openssl-3.4.2/doc/man/man7/EVP_CIPHER-AES.7 Normal file
View File

@@ -0,0 +1,228 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-AES 7ossl"
.TH EVP_CIPHER-AES 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-AES \- The AES EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1AES\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the \s-1FIPS\s0 provider as well as the
default provider:
.ie n .IP """\s-1AES\-128\-CBC"", ""AES\-192\-CBC""\s0 and ""\s-1AES\-256\-CBC""\s0" 4
.el .IP "``\s-1AES\-128\-CBC'', ``AES\-192\-CBC''\s0 and ``\s-1AES\-256\-CBC''\s0" 4
.IX Item "AES-128-CBC, AES-192-CBC and AES-256-CBC"
.PD 0
.ie n .IP """\s-1AES\-128\-CBC\-CTS"", ""AES\-192\-CBC\-CTS""\s0 and ""\s-1AES\-256\-CBC\-CTS""\s0" 4
.el .IP "``\s-1AES\-128\-CBC\-CTS'', ``AES\-192\-CBC\-CTS''\s0 and ``\s-1AES\-256\-CBC\-CTS''\s0" 4
.IX Item "AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS"
.ie n .IP """\s-1AES\-128\-CFB"", ""AES\-192\-CFB"", ""AES\-256\-CFB"", ""AES\-128\-CFB1"", ""AES\-192\-CFB1"", ""AES\-256\-CFB1"", ""AES\-128\-CFB8"", ""AES\-192\-CFB8""\s0 and ""\s-1AES\-256\-CFB8""\s0" 4
.el .IP "``\s-1AES\-128\-CFB'', ``AES\-192\-CFB'', ``AES\-256\-CFB'', ``AES\-128\-CFB1'', ``AES\-192\-CFB1'', ``AES\-256\-CFB1'', ``AES\-128\-CFB8'', ``AES\-192\-CFB8''\s0 and ``\s-1AES\-256\-CFB8''\s0" 4
.IX Item "AES-128-CFB, AES-192-CFB, AES-256-CFB, AES-128-CFB1, AES-192-CFB1, AES-256-CFB1, AES-128-CFB8, AES-192-CFB8 and AES-256-CFB8"
.ie n .IP """\s-1AES\-128\-CTR"", ""AES\-192\-CTR""\s0 and ""\s-1AES\-256\-CTR""\s0" 4
.el .IP "``\s-1AES\-128\-CTR'', ``AES\-192\-CTR''\s0 and ``\s-1AES\-256\-CTR''\s0" 4
.IX Item "AES-128-CTR, AES-192-CTR and AES-256-CTR"
.ie n .IP """\s-1AES\-128\-ECB"", ""AES\-192\-ECB""\s0 and ""\s-1AES\-256\-ECB""\s0" 4
.el .IP "``\s-1AES\-128\-ECB'', ``AES\-192\-ECB''\s0 and ``\s-1AES\-256\-ECB''\s0" 4
.IX Item "AES-128-ECB, AES-192-ECB and AES-256-ECB"
.ie n .IP """\s-1AES\-192\-OFB"", ""AES\-128\-OFB""\s0 and ""\s-1AES\-256\-OFB""\s0" 4
.el .IP "``\s-1AES\-192\-OFB'', ``AES\-128\-OFB''\s0 and ``\s-1AES\-256\-OFB''\s0" 4
.IX Item "AES-192-OFB, AES-128-OFB and AES-256-OFB"
.ie n .IP """\s-1AES\-128\-XTS""\s0 and ""\s-1AES\-256\-XTS""\s0" 4
.el .IP "``\s-1AES\-128\-XTS''\s0 and ``\s-1AES\-256\-XTS''\s0" 4
.IX Item "AES-128-XTS and AES-256-XTS"
.ie n .IP """\s-1AES\-128\-CCM"", ""AES\-192\-CCM""\s0 and ""\s-1AES\-256\-CCM""\s0" 4
.el .IP "``\s-1AES\-128\-CCM'', ``AES\-192\-CCM''\s0 and ``\s-1AES\-256\-CCM''\s0" 4
.IX Item "AES-128-CCM, AES-192-CCM and AES-256-CCM"
.ie n .IP """\s-1AES\-128\-GCM"", ""AES\-192\-GCM""\s0 and ""\s-1AES\-256\-GCM""\s0" 4
.el .IP "``\s-1AES\-128\-GCM'', ``AES\-192\-GCM''\s0 and ``\s-1AES\-256\-GCM''\s0" 4
.IX Item "AES-128-GCM, AES-192-GCM and AES-256-GCM"
.ie n .IP """\s-1AES\-128\-WRAP"", ""AES\-192\-WRAP"", ""AES\-256\-WRAP"", ""AES\-128\-WRAP\-PAD"", ""AES\-192\-WRAP\-PAD"", ""AES\-256\-WRAP\-PAD"", ""AES\-128\-WRAP\-INV"", ""AES\-192\-WRAP\-INV"", ""AES\-256\-WRAP\-INV"", ""AES\-128\-WRAP\-PAD\-INV"", ""AES\-192\-WRAP\-PAD\-INV""\s0 and ""\s-1AES\-256\-WRAP\-PAD\-INV""\s0" 4
.el .IP "``\s-1AES\-128\-WRAP'', ``AES\-192\-WRAP'', ``AES\-256\-WRAP'', ``AES\-128\-WRAP\-PAD'', ``AES\-192\-WRAP\-PAD'', ``AES\-256\-WRAP\-PAD'', ``AES\-128\-WRAP\-INV'', ``AES\-192\-WRAP\-INV'', ``AES\-256\-WRAP\-INV'', ``AES\-128\-WRAP\-PAD\-INV'', ``AES\-192\-WRAP\-PAD\-INV''\s0 and ``\s-1AES\-256\-WRAP\-PAD\-INV''\s0" 4
.IX Item "AES-128-WRAP, AES-192-WRAP, AES-256-WRAP, AES-128-WRAP-PAD, AES-192-WRAP-PAD, AES-256-WRAP-PAD, AES-128-WRAP-INV, AES-192-WRAP-INV, AES-256-WRAP-INV, AES-128-WRAP-PAD-INV, AES-192-WRAP-PAD-INV and AES-256-WRAP-PAD-INV"
.ie n .IP """\s-1AES\-128\-CBC\-HMAC\-SHA1"", ""AES\-256\-CBC\-HMAC\-SHA1"", ""AES\-128\-CBC\-HMAC\-SHA256""\s0 and ""\s-1AES\-256\-CBC\-HMAC\-SHA256""\s0" 4
.el .IP "``\s-1AES\-128\-CBC\-HMAC\-SHA1'', ``AES\-256\-CBC\-HMAC\-SHA1'', ``AES\-128\-CBC\-HMAC\-SHA256''\s0 and ``\s-1AES\-256\-CBC\-HMAC\-SHA256''\s0" 4
.IX Item "AES-128-CBC-HMAC-SHA1, AES-256-CBC-HMAC-SHA1, AES-128-CBC-HMAC-SHA256 and AES-256-CBC-HMAC-SHA256"
.PD
.PP
The following algorithms are available in the default provider, but not the
\&\s-1FIPS\s0 provider:
.ie n .IP """\s-1AES\-128\-OCB"", ""AES\-192\-OCB""\s0 and ""\s-1AES\-256\-OCB""\s0" 4
.el .IP "``\s-1AES\-128\-OCB'', ``AES\-192\-OCB''\s0 and ``\s-1AES\-256\-OCB''\s0" 4
.IX Item "AES-128-OCB, AES-192-OCB and AES-256-OCB"
.PD 0
.ie n .IP """\s-1AES\-128\-SIV"", ""AES\-192\-SIV""\s0 and ""\s-1AES\-256\-SIV""\s0" 4
.el .IP "``\s-1AES\-128\-SIV'', ``AES\-192\-SIV''\s0 and ``\s-1AES\-256\-SIV''\s0" 4
.IX Item "AES-128-SIV, AES-192-SIV and AES-256-SIV"
.ie n .IP """\s-1AES\-128\-GCM\-SIV"", ""AES\-192\-GCM\-SIV""\s0 and ""\s-1AES\-256\-GCM\-SIV""\s0" 4
.el .IP "``\s-1AES\-128\-GCM\-SIV'', ``AES\-192\-GCM\-SIV''\s0 and ``\s-1AES\-256\-GCM\-SIV''\s0" 4
.IX Item "AES-128-GCM-SIV, AES-192-GCM-SIV and AES-256-GCM-SIV"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
The AES-SIV and AES-WRAP mode implementations do not support streaming. That
means to obtain correct results there can be only one \fBEVP_EncryptUpdate\fR\|(3)
or \fBEVP_DecryptUpdate\fR\|(3) call after the initialization of the context.
.PP
The AES-XTS implementations allow streaming to be performed, but each
\&\fBEVP_EncryptUpdate\fR\|(3) or \fBEVP_DecryptUpdate\fR\|(3) call requires each input
to be a multiple of the blocksize. Only the final \fBEVP_EncryptUpdate()\fR or
\&\fBEVP_DecryptUpdate()\fR call can optionally have an input that is not a multiple
of the blocksize but is larger than one block. In that case ciphertext
stealing (\s-1CTS\s0) is used to fill the block.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
The GCM-SIV mode ciphers were added in OpenSSL version 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

189
openssl-3.4.2/doc/man/man7/EVP_CIPHER-ARIA.7 Normal file
View File

@@ -0,0 +1,189 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-ARIA 7ossl"
.TH EVP_CIPHER-ARIA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-ARIA \- The ARIA EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1ARIA\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the default provider:
.ie n .IP """\s-1ARIA\-128\-CBC"", ""ARIA\-192\-CBC""\s0 and ""\s-1ARIA\-256\-CBC""\s0" 4
.el .IP "``\s-1ARIA\-128\-CBC'', ``ARIA\-192\-CBC''\s0 and ``\s-1ARIA\-256\-CBC''\s0" 4
.IX Item "ARIA-128-CBC, ARIA-192-CBC and ARIA-256-CBC"
.PD 0
.ie n .IP """\s-1ARIA\-128\-CFB"", ""ARIA\-192\-CFB"", ""ARIA\-256\-CFB"", ""ARIA\-128\-CFB1"", ""ARIA\-192\-CFB1"", ""ARIA\-256\-CFB1"", ""ARIA\-128\-CFB8"", ""ARIA\-192\-CFB8""\s0 and ""\s-1ARIA\-256\-CFB8""\s0" 4
.el .IP "``\s-1ARIA\-128\-CFB'', ``ARIA\-192\-CFB'', ``ARIA\-256\-CFB'', ``ARIA\-128\-CFB1'', ``ARIA\-192\-CFB1'', ``ARIA\-256\-CFB1'', ``ARIA\-128\-CFB8'', ``ARIA\-192\-CFB8''\s0 and ``\s-1ARIA\-256\-CFB8''\s0" 4
.IX Item "ARIA-128-CFB, ARIA-192-CFB, ARIA-256-CFB, ARIA-128-CFB1, ARIA-192-CFB1, ARIA-256-CFB1, ARIA-128-CFB8, ARIA-192-CFB8 and ARIA-256-CFB8"
.ie n .IP """\s-1ARIA\-128\-CTR"", ""ARIA\-192\-CTR""\s0 and ""\s-1ARIA\-256\-CTR""\s0" 4
.el .IP "``\s-1ARIA\-128\-CTR'', ``ARIA\-192\-CTR''\s0 and ``\s-1ARIA\-256\-CTR''\s0" 4
.IX Item "ARIA-128-CTR, ARIA-192-CTR and ARIA-256-CTR"
.ie n .IP """\s-1ARIA\-128\-ECB"", ""ARIA\-192\-ECB""\s0 and ""\s-1ARIA\-256\-ECB""\s0" 4
.el .IP "``\s-1ARIA\-128\-ECB'', ``ARIA\-192\-ECB''\s0 and ``\s-1ARIA\-256\-ECB''\s0" 4
.IX Item "ARIA-128-ECB, ARIA-192-ECB and ARIA-256-ECB"
.ie n .IP """\s-1AES\-192\-OCB"", ""AES\-128\-OCB""\s0 and ""\s-1AES\-256\-OCB""\s0" 4
.el .IP "``\s-1AES\-192\-OCB'', ``AES\-128\-OCB''\s0 and ``\s-1AES\-256\-OCB''\s0" 4
.IX Item "AES-192-OCB, AES-128-OCB and AES-256-OCB"
.ie n .IP """\s-1ARIA\-128\-OFB"", ""ARIA\-192\-OFB""\s0 and ""\s-1ARIA\-256\-OFB""\s0" 4
.el .IP "``\s-1ARIA\-128\-OFB'', ``ARIA\-192\-OFB''\s0 and ``\s-1ARIA\-256\-OFB''\s0" 4
.IX Item "ARIA-128-OFB, ARIA-192-OFB and ARIA-256-OFB"
.ie n .IP """\s-1ARIA\-128\-CCM"", ""ARIA\-192\-CCM""\s0 and ""\s-1ARIA\-256\-CCM""\s0" 4
.el .IP "``\s-1ARIA\-128\-CCM'', ``ARIA\-192\-CCM''\s0 and ``\s-1ARIA\-256\-CCM''\s0" 4
.IX Item "ARIA-128-CCM, ARIA-192-CCM and ARIA-256-CCM"
.ie n .IP """\s-1ARIA\-128\-GCM"", ""ARIA\-192\-GCM""\s0 and ""\s-1ARIA\-256\-GCM""\s0" 4
.el .IP "``\s-1ARIA\-128\-GCM'', ``ARIA\-192\-GCM''\s0 and ``\s-1ARIA\-256\-GCM''\s0" 4
.IX Item "ARIA-128-GCM, ARIA-192-GCM and ARIA-256-GCM"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

177
openssl-3.4.2/doc/man/man7/EVP_CIPHER-BLOWFISH.7 Normal file
View File

@@ -0,0 +1,177 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-BLOWFISH 7ossl"
.TH EVP_CIPHER-BLOWFISH 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-BLOWFISH \- The BLOBFISH EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1BLOWFISH\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """BF-ECB""" 4
.el .IP "``BF-ECB''" 4
.IX Item "BF-ECB"
.PD 0
.ie n .IP """BF-CBC""" 4
.el .IP "``BF-CBC''" 4
.IX Item "BF-CBC"
.ie n .IP """BF-OFB""" 4
.el .IP "``BF-OFB''" 4
.IX Item "BF-OFB"
.ie n .IP """BF-CFB""" 4
.el .IP "``BF-CFB''" 4
.IX Item "BF-CFB"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

183
openssl-3.4.2/doc/man/man7/EVP_CIPHER-CAMELLIA.7 Normal file
View File

@@ -0,0 +1,183 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-CAMELLIA 7ossl"
.TH EVP_CIPHER-CAMELLIA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-CAMELLIA \- The CAMELLIA EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1CAMELLIA\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the default provider:
.ie n .IP """\s-1CAMELLIA\-128\-CBC"", ""CAMELLIA\-192\-CBC""\s0 and ""\s-1CAMELLIA\-256\-CBC""\s0" 4
.el .IP "``\s-1CAMELLIA\-128\-CBC'', ``CAMELLIA\-192\-CBC''\s0 and ``\s-1CAMELLIA\-256\-CBC''\s0" 4
.IX Item "CAMELLIA-128-CBC, CAMELLIA-192-CBC and CAMELLIA-256-CBC"
.PD 0
.ie n .IP """\s-1CAMELLIA\-128\-CBC\-CTS"", ""CAMELLIA\-192\-CBC\-CTS""\s0 and ""\s-1CAMELLIA\-256\-CBC\-CTS""\s0" 4
.el .IP "``\s-1CAMELLIA\-128\-CBC\-CTS'', ``CAMELLIA\-192\-CBC\-CTS''\s0 and ``\s-1CAMELLIA\-256\-CBC\-CTS''\s0" 4
.IX Item "CAMELLIA-128-CBC-CTS, CAMELLIA-192-CBC-CTS and CAMELLIA-256-CBC-CTS"
.ie n .IP """\s-1CAMELLIA\-128\-CFB"", ""CAMELLIA\-192\-CFB"", ""CAMELLIA\-256\-CFB"", ""CAMELLIA\-128\-CFB1"", ""CAMELLIA\-192\-CFB1"", ""CAMELLIA\-256\-CFB1"", ""CAMELLIA\-128\-CFB8"", ""CAMELLIA\-192\-CFB8""\s0 and ""\s-1CAMELLIA\-256\-CFB8""\s0" 4
.el .IP "``\s-1CAMELLIA\-128\-CFB'', ``CAMELLIA\-192\-CFB'', ``CAMELLIA\-256\-CFB'', ``CAMELLIA\-128\-CFB1'', ``CAMELLIA\-192\-CFB1'', ``CAMELLIA\-256\-CFB1'', ``CAMELLIA\-128\-CFB8'', ``CAMELLIA\-192\-CFB8''\s0 and ``\s-1CAMELLIA\-256\-CFB8''\s0" 4
.IX Item "CAMELLIA-128-CFB, CAMELLIA-192-CFB, CAMELLIA-256-CFB, CAMELLIA-128-CFB1, CAMELLIA-192-CFB1, CAMELLIA-256-CFB1, CAMELLIA-128-CFB8, CAMELLIA-192-CFB8 and CAMELLIA-256-CFB8"
.ie n .IP """\s-1CAMELLIA\-128\-CTR"", ""CAMELLIA\-192\-CTR""\s0 and ""\s-1CAMELLIA\-256\-CTR""\s0" 4
.el .IP "``\s-1CAMELLIA\-128\-CTR'', ``CAMELLIA\-192\-CTR''\s0 and ``\s-1CAMELLIA\-256\-CTR''\s0" 4
.IX Item "CAMELLIA-128-CTR, CAMELLIA-192-CTR and CAMELLIA-256-CTR"
.ie n .IP """\s-1CAMELLIA\-128\-ECB"", ""CAMELLIA\-192\-ECB""\s0 and ""\s-1CAMELLIA\-256\-ECB""\s0" 4
.el .IP "``\s-1CAMELLIA\-128\-ECB'', ``CAMELLIA\-192\-ECB''\s0 and ``\s-1CAMELLIA\-256\-ECB''\s0" 4
.IX Item "CAMELLIA-128-ECB, CAMELLIA-192-ECB and CAMELLIA-256-ECB"
.ie n .IP """\s-1CAMELLIA\-192\-OFB"", ""CAMELLIA\-128\-OFB""\s0 and ""\s-1CAMELLIA\-256\-OFB""\s0" 4
.el .IP "``\s-1CAMELLIA\-192\-OFB'', ``CAMELLIA\-128\-OFB''\s0 and ``\s-1CAMELLIA\-256\-OFB''\s0" 4
.IX Item "CAMELLIA-192-OFB, CAMELLIA-128-OFB and CAMELLIA-256-OFB"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

177
openssl-3.4.2/doc/man/man7/EVP_CIPHER-CAST.7 Normal file
View File

@@ -0,0 +1,177 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-CAST 7ossl"
.TH EVP_CIPHER-CAST 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-CAST \- The CAST EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1CAST\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """\s-1CAST\-128\-CBC"", ""CAST\-192\-CBC""\s0 and ""\s-1CAST\-256\-CBC""\s0" 4
.el .IP "``\s-1CAST\-128\-CBC'', ``CAST\-192\-CBC''\s0 and ``\s-1CAST\-256\-CBC''\s0" 4
.IX Item "CAST-128-CBC, CAST-192-CBC and CAST-256-CBC"
.PD 0
.ie n .IP """\s-1CAST\-128\-CFB"", ""CAST\-192\-CFB"", ""CAST\-256\-CFB""\s0" 4
.el .IP "``\s-1CAST\-128\-CFB'', ``CAST\-192\-CFB'', ``CAST\-256\-CFB''\s0" 4
.IX Item "CAST-128-CFB, CAST-192-CFB, CAST-256-CFB"
.ie n .IP """\s-1CAST\-128\-ECB"", ""CAST\-192\-ECB""\s0 and ""\s-1CAST\-256\-ECB""\s0" 4
.el .IP "``\s-1CAST\-128\-ECB'', ``CAST\-192\-ECB''\s0 and ``\s-1CAST\-256\-ECB''\s0" 4
.IX Item "CAST-128-ECB, CAST-192-ECB and CAST-256-ECB"
.ie n .IP """\s-1CAST\-192\-OFB"", ""CAST\-128\-OFB""\s0 and ""\s-1CAST\-256\-OFB""\s0" 4
.el .IP "``\s-1CAST\-192\-OFB'', ``CAST\-128\-OFB''\s0 and ``\s-1CAST\-256\-OFB''\s0" 4
.IX Item "CAST-192-OFB, CAST-128-OFB and CAST-256-OFB"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

171
openssl-3.4.2/doc/man/man7/EVP_CIPHER-CHACHA.7 Normal file
View File

@@ -0,0 +1,171 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-CHACHA 7ossl"
.TH EVP_CIPHER-CHACHA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-CHACHA \- The CHACHA EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1CHACHA\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the default provider:
.ie n .IP """ChaCha20""" 4
.el .IP "``ChaCha20''" 4
.IX Item "ChaCha20"
.PD 0
.ie n .IP """ChaCha20\-Poly1305""" 4
.el .IP "``ChaCha20\-Poly1305''" 4
.IX Item "ChaCha20-Poly1305"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

215
openssl-3.4.2/doc/man/man7/EVP_CIPHER-DES.7 Normal file
View File

@@ -0,0 +1,215 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-DES 7ossl"
.TH EVP_CIPHER-DES 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-DES \- The DES EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1DES\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the \s-1FIPS\s0 provider as well as the
default provider:
.ie n .IP """\s-1DES\-EDE3\-ECB""\s0 or ""\s-1DES\-EDE3""\s0" 4
.el .IP "``\s-1DES\-EDE3\-ECB''\s0 or ``\s-1DES\-EDE3''\s0" 4
.IX Item "DES-EDE3-ECB or DES-EDE3"
.PD 0
.ie n .IP """\s-1DES\-EDE3\-CBC""\s0 or ""\s-1DES3""\s0" 4
.el .IP "``\s-1DES\-EDE3\-CBC''\s0 or ``\s-1DES3''\s0" 4
.IX Item "DES-EDE3-CBC or DES3"
.PD
.PP
The following algorithms are available in the default provider, but not the
\&\s-1FIPS\s0 provider:
.ie n .IP """\s-1DES\-EDE3\-CFB8""\s0 and ""\s-1DES\-EDE3\-CFB1""\s0" 4
.el .IP "``\s-1DES\-EDE3\-CFB8''\s0 and ``\s-1DES\-EDE3\-CFB1''\s0" 4
.IX Item "DES-EDE3-CFB8 and DES-EDE3-CFB1"
.PD 0
.ie n .IP """DES-EDE-ECB"" or ""DES-EDE""" 4
.el .IP "``DES-EDE-ECB'' or ``DES-EDE''" 4
.IX Item "DES-EDE-ECB or DES-EDE"
.ie n .IP """DES-EDE-CBC""" 4
.el .IP "``DES-EDE-CBC''" 4
.IX Item "DES-EDE-CBC"
.ie n .IP """DES-EDE-OFB""" 4
.el .IP "``DES-EDE-OFB''" 4
.IX Item "DES-EDE-OFB"
.ie n .IP """DES-EDE-CFB""" 4
.el .IP "``DES-EDE-CFB''" 4
.IX Item "DES-EDE-CFB"
.ie n .IP """\s-1DES3\-WRAP""\s0" 4
.el .IP "``\s-1DES3\-WRAP''\s0" 4
.IX Item "DES3-WRAP"
.PD
.PP
The following algorithms are available in the legacy provider:
.ie n .IP """DES-ECB""" 4
.el .IP "``DES-ECB''" 4
.IX Item "DES-ECB"
.PD 0
.ie n .IP """DES-CBC""" 4
.el .IP "``DES-CBC''" 4
.IX Item "DES-CBC"
.ie n .IP """DES-OFB""" 4
.el .IP "``DES-OFB''" 4
.IX Item "DES-OFB"
.ie n .IP """DES-CFB"", ""\s-1DES\-CFB1""\s0 and ""\s-1DES\-CFB8""\s0" 4
.el .IP "``DES-CFB'', ``\s-1DES\-CFB1''\s0 and ``\s-1DES\-CFB8''\s0" 4
.IX Item "DES-CFB, DES-CFB1 and DES-CFB8"
.ie n .IP """DESX-CBC""" 4
.el .IP "``DESX-CBC''" 4
.IX Item "DESX-CBC"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) including \*(L"encrypt-check\*(R" and \*(L"fips-indicator\*(R".
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7),
\&\fBOSSL_PROVIDER\-legacy\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

177
openssl-3.4.2/doc/man/man7/EVP_CIPHER-IDEA.7 Normal file
View File

@@ -0,0 +1,177 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-IDEA 7ossl"
.TH EVP_CIPHER-IDEA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-IDEA \- The IDEA EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1IDEA\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """IDEA-ECB""" 4
.el .IP "``IDEA-ECB''" 4
.IX Item "IDEA-ECB"
.PD 0
.ie n .IP """IDEA-CBC""" 4
.el .IP "``IDEA-CBC''" 4
.IX Item "IDEA-CBC"
.ie n .IP """IDEA-OFB"" or ""\s-1IDEA\-OFB64""\s0" 4
.el .IP "``IDEA-OFB'' or ``\s-1IDEA\-OFB64''\s0" 4
.IX Item "IDEA-OFB or IDEA-OFB64"
.ie n .IP """IDEA-CFB"" or ""\s-1IDEA\-CFB64""\s0" 4
.el .IP "``IDEA-CFB'' or ``\s-1IDEA\-CFB64''\s0" 4
.IX Item "IDEA-CFB or IDEA-CFB64"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

199
openssl-3.4.2/doc/man/man7/EVP_CIPHER-NULL.7 Normal file
View File

@@ -0,0 +1,199 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-NULL 7ossl"
.TH EVP_CIPHER-NULL 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-NULL \- The NULL EVP_CIPHER implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for a \s-1NULL\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
This is used when the \s-1TLS\s0 cipher suite is \s-1TLS_NULL_WITH_NULL_NULL.\s0
This does no encryption (just copies the data) and has a mac size of zero.
.SS "Algorithm Name"
.IX Subsection "Algorithm Name"
The following algorithm is available in the default provider:
.ie n .IP """\s-1NULL""\s0" 4
.el .IP "``\s-1NULL''\s0" 4
.IX Item "NULL"
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the following parameters:
.PP
\fIGettable \s-1EVP_CIPHER\s0 parameters\fR
.IX Subsection "Gettable EVP_CIPHER parameters"
.PP
See \*(L"Gettable \s-1EVP_CIPHER\s0 parameters\*(R" in \fBEVP_EncryptInit\fR\|(3)
.PP
\fIGettable \s-1EVP_CIPHER_CTX\s0 parameters\fR
.IX Subsection "Gettable EVP_CIPHER_CTX parameters"
.ie n .IP """keylen"" (\fB\s-1OSSL_CIPHER_PARAM_KEYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``keylen'' (\fB\s-1OSSL_CIPHER_PARAM_KEYLEN\s0\fR) <unsigned integer>" 4
.IX Item "keylen (OSSL_CIPHER_PARAM_KEYLEN) <unsigned integer>"
.PD 0
.ie n .IP """ivlen"" (\fB\s-1OSSL_CIPHER_PARAM_IVLEN\s0\fR and <\fB\s-1OSSL_CIPHER_PARAM_AEAD_IVLEN\s0\fR) <unsigned integer>" 4
.el .IP "``ivlen'' (\fB\s-1OSSL_CIPHER_PARAM_IVLEN\s0\fR and <\fB\s-1OSSL_CIPHER_PARAM_AEAD_IVLEN\s0\fR) <unsigned integer>" 4
.IX Item "ivlen (OSSL_CIPHER_PARAM_IVLEN and <OSSL_CIPHER_PARAM_AEAD_IVLEN) <unsigned integer>"
.ie n .IP """tls-mac"" (\fB\s-1OSSL_CIPHER_PARAM_TLS_MAC\s0\fR) <octet ptr>" 4
.el .IP "``tls-mac'' (\fB\s-1OSSL_CIPHER_PARAM_TLS_MAC\s0\fR) <octet ptr>" 4
.IX Item "tls-mac (OSSL_CIPHER_PARAM_TLS_MAC) <octet ptr>"
.PD
.PP
See \*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for further information.
.PP
\fISettable \s-1EVP_CIPHER_CTX\s0 parameters\fR
.IX Subsection "Settable EVP_CIPHER_CTX parameters"
.ie n .IP """tls-mac-size"" (\fB\s-1OSSL_CIPHER_PARAM_TLS_MAC_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``tls-mac-size'' (\fB\s-1OSSL_CIPHER_PARAM_TLS_MAC_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "tls-mac-size (OSSL_CIPHER_PARAM_TLS_MAC_SIZE) <unsigned integer>"
.PP
See \*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for further information.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 5246\s0 section\-6.2.3.1
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

183
openssl-3.4.2/doc/man/man7/EVP_CIPHER-RC2.7 Normal file
View File

@@ -0,0 +1,183 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-RC2 7ossl"
.TH EVP_CIPHER-RC2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-RC2 \- The RC2 EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1RC2\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """\s-1RC2\-CBC"", ""RC2""\s0 or ""\s-1RC2\-128""\s0" 4
.el .IP "``\s-1RC2\-CBC'', ``RC2''\s0 or ``\s-1RC2\-128''\s0" 4
.IX Item "RC2-CBC, RC2 or RC2-128"
.PD 0
.ie n .IP """\s-1RC2\-40\-CBC""\s0 or ""\s-1RC2\-40""\s0" 4
.el .IP "``\s-1RC2\-40\-CBC''\s0 or ``\s-1RC2\-40''\s0" 4
.IX Item "RC2-40-CBC or RC2-40"
.ie n .IP """\s-1RC2\-64\-CBC""\s0 or ""\s-1RC2\-64""\s0" 4
.el .IP "``\s-1RC2\-64\-CBC''\s0 or ``\s-1RC2\-64''\s0" 4
.IX Item "RC2-64-CBC or RC2-64"
.ie n .IP """\s-1RC2\-ECB""\s0" 4
.el .IP "``\s-1RC2\-ECB''\s0" 4
.IX Item "RC2-ECB"
.ie n .IP """\s-1RC2\-CFB""\s0" 4
.el .IP "``\s-1RC2\-CFB''\s0" 4
.IX Item "RC2-CFB"
.ie n .IP """\s-1RC2\-OFB""\s0" 4
.el .IP "``\s-1RC2\-OFB''\s0" 4
.IX Item "RC2-OFB"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

174
openssl-3.4.2/doc/man/man7/EVP_CIPHER-RC4.7 Normal file
View File

@@ -0,0 +1,174 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-RC4 7ossl"
.TH EVP_CIPHER-RC4 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-RC4 \- The RC4 EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1RC4\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """\s-1RC4""\s0" 4
.el .IP "``\s-1RC4''\s0" 4
.IX Item "RC4"
.PD 0
.ie n .IP """\s-1RC4\-40""\s0" 4
.el .IP "``\s-1RC4\-40''\s0" 4
.IX Item "RC4-40"
.ie n .IP """\s-1RC4\-HMAC\-MD5""\s0" 4
.el .IP "``\s-1RC4\-HMAC\-MD5''\s0" 4
.IX Item "RC4-HMAC-MD5"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

179
openssl-3.4.2/doc/man/man7/EVP_CIPHER-RC5.7 Normal file
View File

@@ -0,0 +1,179 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-RC5 7ossl"
.TH EVP_CIPHER-RC5 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-RC5 \- The RC5 EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1RC5\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.PP
Disabled by default. Use the \fIenable\-rc5\fR configuration option to enable.
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """\s-1RC5\-CBC""\s0 or ""\s-1RC5""\s0" 4
.el .IP "``\s-1RC5\-CBC''\s0 or ``\s-1RC5''\s0" 4
.IX Item "RC5-CBC or RC5"
.PD 0
.ie n .IP """\s-1RC5\-ECB""\s0" 4
.el .IP "``\s-1RC5\-ECB''\s0" 4
.IX Item "RC5-ECB"
.ie n .IP """\s-1RC5\-OFB""\s0" 4
.el .IP "``\s-1RC5\-OFB''\s0" 4
.IX Item "RC5-OFB"
.ie n .IP """\s-1RC5\-CFB""\s0" 4
.el .IP "``\s-1RC5\-CFB''\s0" 4
.IX Item "RC5-CFB"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

177
openssl-3.4.2/doc/man/man7/EVP_CIPHER-SEED.7 Normal file
View File

@@ -0,0 +1,177 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-SEED 7ossl"
.TH EVP_CIPHER-SEED 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-SEED \- The SEED EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1SEED\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the legacy provider:
.ie n .IP """SEED-CBC"" or ""\s-1SEED""\s0" 4
.el .IP "``SEED-CBC'' or ``\s-1SEED''\s0" 4
.IX Item "SEED-CBC or SEED"
.PD 0
.ie n .IP """SEED-ECB""" 4
.el .IP "``SEED-ECB''" 4
.IX Item "SEED-ECB"
.ie n .IP """SEED-OFB"" or ""\s-1SEED\-OFB128""\s0" 4
.el .IP "``SEED-OFB'' or ``\s-1SEED\-OFB128''\s0" 4
.IX Item "SEED-OFB or SEED-OFB128"
.ie n .IP """SEED-CFB"" or ""\s-1SEED\-CFB128""\s0" 4
.el .IP "``SEED-CFB'' or ``\s-1SEED\-CFB128''\s0" 4
.IX Item "SEED-CFB or SEED-CFB128"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

197
openssl-3.4.2/doc/man/man7/EVP_CIPHER-SM4.7 Normal file
View File

@@ -0,0 +1,197 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_CIPHER-SM4 7ossl"
.TH EVP_CIPHER-SM4 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_CIPHER\-SM4 \- The SM4 EVP_CIPHER implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for \s-1SM4\s0 symmetric encryption using the \fB\s-1EVP_CIPHER\s0\fR \s-1API.\s0
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
The following algorithms are available in the default provider:
.ie n .IP """\s-1SM4\-CBC:SM4""\s0" 4
.el .IP "``\s-1SM4\-CBC:SM4''\s0" 4
.IX Item "SM4-CBC:SM4"
.PD 0
.ie n .IP """\s-1SM4\-ECB""\s0" 4
.el .IP "``\s-1SM4\-ECB''\s0" 4
.IX Item "SM4-ECB"
.ie n .IP """\s-1SM4\-CTR""\s0" 4
.el .IP "``\s-1SM4\-CTR''\s0" 4
.IX Item "SM4-CTR"
.ie n .IP """\s-1SM4\-OFB""\s0 or ""\s-1SM4\-OFB128""\s0" 4
.el .IP "``\s-1SM4\-OFB''\s0 or ``\s-1SM4\-OFB128''\s0" 4
.IX Item "SM4-OFB or SM4-OFB128"
.ie n .IP """\s-1SM4\-CFB""\s0 or ""\s-1SM4\-CFB128""\s0" 4
.el .IP "``\s-1SM4\-CFB''\s0 or ``\s-1SM4\-CFB128''\s0" 4
.IX Item "SM4-CFB or SM4-CFB128"
.ie n .IP """\s-1SM4\-GCM""\s0" 4
.el .IP "``\s-1SM4\-GCM''\s0" 4
.IX Item "SM4-GCM"
.ie n .IP """\s-1SM4\-CCM""\s0" 4
.el .IP "``\s-1SM4\-CCM''\s0" 4
.IX Item "SM4-CCM"
.ie n .IP """\s-1SM4\-XTS""\s0" 4
.el .IP "``\s-1SM4\-XTS''\s0" 4
.IX Item "SM4-XTS"
.PD
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the parameters described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
The \s-1SM4\-XTS\s0 implementation allows streaming to be performed, but each
\&\fBEVP_EncryptUpdate\fR\|(3) or \fBEVP_DecryptUpdate\fR\|(3) call requires each input
to be a multiple of the blocksize. Only the final \fBEVP_EncryptUpdate()\fR or
\&\fBEVP_DecryptUpdate()\fR call can optionally have an input that is not a multiple
of the blocksize but is larger than one block. In that case ciphertext
stealing (\s-1CTS\s0) is used to fill the block.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

326
openssl-3.4.2/doc/man/man7/EVP_KDF-ARGON2.7 Normal file
View File

@@ -0,0 +1,326 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-ARGON2 7ossl"
.TH EVP_KDF-ARGON2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-ARGON2 \- The Argon2 EVP KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fBargon2\fR password-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-ARGON2\s0 algorithm implements the Argon2 password-based key
derivation function, as described in \s-1IETF RFC 9106.\s0 It is memory-hard in
the sense that it deliberately requires a significant amount of \s-1RAM\s0 for efficient
computation. The intention of this is to render brute forcing of passwords on
systems that lack large amounts of main memory (such as GPUs or ASICs)
computationally infeasible.
.PP
Argon2d (Argon2i) uses data-dependent (data-independent) memory access and
primary seek to address trade-off (side-channel) attacks.
.PP
Argon2id is a hybrid construction which, in the first two slices of the first
pass, generates reference addresses data-independently as in Argon2i, whereas
in later slices and next passes it generates them data-dependently as in
Argon2d.
.PP
Sbox-hardened version Argon2ds is not supported.
.PP
For more information, please refer to \s-1RFC 9106.\s0
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.ie n .IP """secret"" (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.el .IP "``secret'' (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.IX Item "secret (OSSL_KDF_PARAM_SECRET) <octet string>"
.ie n .IP """iter"" (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.el .IP "``iter'' (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.IX Item "iter (OSSL_KDF_PARAM_ITER) <unsigned integer>"
.ie n .IP """size"" (\fB\s-1OSSL_KDF_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_KDF_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_KDF_PARAM_SIZE) <unsigned integer>"
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.Sp
Note that \s-1RFC 9106\s0 recommends 128 bits salt for most applications, or 64 bits
salt in the case of space constraints. At least 128 bits output length is
recommended.
.Sp
Note that secret (or pepper) is an optional secret data used along the
password.
.ie n .IP """threads"" (\fB\s-1OSSL_KDF_PARAM_THREADS\s0\fR) <unsigned integer>" 4
.el .IP "``threads'' (\fB\s-1OSSL_KDF_PARAM_THREADS\s0\fR) <unsigned integer>" 4
.IX Item "threads (OSSL_KDF_PARAM_THREADS) <unsigned integer>"
The number of threads, bounded above by the number of lanes.
.Sp
This can only be used with built-in thread support. Threading must be
explicitly enabled. See \s-1EXAMPLES\s0 section for more information.
.ie n .IP """ad"" (\fB\s-1OSSL_KDF_PARAM_ARGON2_AD\s0\fR) <octet string>" 4
.el .IP "``ad'' (\fB\s-1OSSL_KDF_PARAM_ARGON2_AD\s0\fR) <octet string>" 4
.IX Item "ad (OSSL_KDF_PARAM_ARGON2_AD) <octet string>"
Optional associated data, may be used to \*(L"tag\*(R" a group of keys, or tie them
to a particular public key, without having to modify salt.
.ie n .IP """lanes"" (\fB\s-1OSSL_KDF_PARAM_ARGON2_LANES\s0\fR) <unsigned integer>" 4
.el .IP "``lanes'' (\fB\s-1OSSL_KDF_PARAM_ARGON2_LANES\s0\fR) <unsigned integer>" 4
.IX Item "lanes (OSSL_KDF_PARAM_ARGON2_LANES) <unsigned integer>"
Argon2 splits the requested memory size into lanes, each of which is designed
to be processed in parallel. For example, on a system with p cores, it's
recommended to use p lanes.
.Sp
The number of lanes is used to derive the key. It is possible to specify
more lanes than the number of available computational threads. This is
especially encouraged if multi-threading is disabled.
.ie n .IP """memcost"" (\fB\s-1OSSL_KDF_PARAM_ARGON2_MEMCOST\s0\fR) <unsigned integer>" 4
.el .IP "``memcost'' (\fB\s-1OSSL_KDF_PARAM_ARGON2_MEMCOST\s0\fR) <unsigned integer>" 4
.IX Item "memcost (OSSL_KDF_PARAM_ARGON2_MEMCOST) <unsigned integer>"
Memory cost parameter (the number of 1k memory blocks used).
.ie n .IP """version"" (\fB\s-1OSSL_KDF_PARAM_ARGON2_VERSION\s0\fR) <unsigned integer>" 4
.el .IP "``version'' (\fB\s-1OSSL_KDF_PARAM_ARGON2_VERSION\s0\fR) <unsigned integer>" 4
.IX Item "version (OSSL_KDF_PARAM_ARGON2_VERSION) <unsigned integer>"
Argon2 version. Supported values: 0x10, 0x13 (default).
.ie n .IP """early_clean"" (\fB\s-1OSSL_KDF_PARAM_EARLY_CLEAN\s0\fR) <unsigned integer>" 4
.el .IP "``early_clean'' (\fB\s-1OSSL_KDF_PARAM_EARLY_CLEAN\s0\fR) <unsigned integer>" 4
.IX Item "early_clean (OSSL_KDF_PARAM_EARLY_CLEAN) <unsigned integer>"
If set (nonzero), password and secret stored in Argon2 context are zeroed
early during initial hash computation, as soon as they are not needed.
Otherwise, they are zeroed along the rest of Argon2 context data on clear,
free, reset.
.Sp
This can be useful if, for example, multiple keys with different ad value
are to be generated from a single password and secret.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example uses Argon2d with password \*(L"1234567890\*(R", salt \*(L"saltsalt\*(R",
using 2 lanes, 2 threads, and memory cost of 65536:
.PP
.Vb 5
\& #include <string.h> /* strlen */
\& #include <openssl/core_names.h> /* OSSL_KDF_* */
\& #include <openssl/params.h> /* OSSL_PARAM_* */
\& #include <openssl/thread.h> /* OSSL_set_max_threads */
\& #include <openssl/kdf.h> /* EVP_KDF_* */
\&
\& int main(void)
\& {
\& int retval = 1;
\&
\& EVP_KDF *kdf = NULL;
\& EVP_KDF_CTX *kctx = NULL;
\& OSSL_PARAM params[6], *p = params;
\&
\& /* argon2 params, please refer to RFC9106 for recommended defaults */
\& uint32_t lanes = 2, threads = 2, memcost = 65536;
\& char pwd[] = "1234567890", salt[] = "saltsalt";
\&
\& /* derive result */
\& size_t outlen = 128;
\& unsigned char result[outlen];
\&
\& /* required if threads > 1 */
\& if (OSSL_set_max_threads(NULL, threads) != 1)
\& goto fail;
\&
\& p = params;
\& *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_THREADS, &threads);
\& *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_ARGON2_LANES,
\& &lanes);
\& *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_ARGON2_MEMCOST,
\& &memcost);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& salt,
\& strlen((const char *)salt));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
\& pwd,
\& strlen((const char *)pwd));
\& *p++ = OSSL_PARAM_construct_end();
\&
\& if ((kdf = EVP_KDF_fetch(NULL, "ARGON2D", NULL)) == NULL)
\& goto fail;
\& if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL)
\& goto fail;
\& if (EVP_KDF_derive(kctx, &result[0], outlen, params) != 1)
\& goto fail;
\&
\& printf("Output = %s\en", OPENSSL_buf2hexstr(result, outlen));
\& retval = 0;
\&
\& fail:
\& EVP_KDF_free(kdf);
\& EVP_KDF_CTX_free(kctx);
\& OSSL_set_max_threads(NULL, 0);
\&
\& return retval;
\& }
.Ve
.SH "NOTES"
.IX Header "NOTES"
\&\*(L"\s-1ARGON2I\*(R", \*(L"ARGON2D\*(R",\s0 and \*(L"\s-1ARGON2ID\*(R"\s0 are the names for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 9106\s0 Argon2, see <https://www.rfc\-editor.org/rfc/rfc9106.txt>.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added to OpenSSL 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2022\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

307
openssl-3.4.2/doc/man/man7/EVP_KDF-HKDF.7 Normal file
View File

@@ -0,0 +1,307 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-HKDF 7ossl"
.TH EVP_KDF-HKDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-HKDF \- The HKDF EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1HKDF\s0\fR \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0
.PP
The \s-1EVP_KDF\-HKDF\s0 algorithm implements the \s-1HKDF\s0 key derivation function.
\&\s-1HKDF\s0 follows the \*(L"extract-then-expand\*(R" paradigm, where the \s-1KDF\s0 logically
consists of two modules. The first stage takes the input keying material
and \*(L"extracts\*(R" from it a fixed-length pseudorandom key K. The second stage
\&\*(L"expands\*(R" the key K into several additional pseudorandom keys (the output
of the \s-1KDF\s0).
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1HKDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """info"" (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.el .IP "``info'' (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.IX Item "info (OSSL_KDF_PARAM_INFO) <octet string>"
This parameter sets the info value.
The length of the context info buffer cannot exceed 1024 bytes;
this should be more than enough for any normal use of \s-1HKDF.\s0
.ie n .IP """mode"" (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string> or <integer>" 4
.el .IP "``mode'' (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string> or <integer>" 4
.IX Item "mode (OSSL_KDF_PARAM_MODE) <UTF8 string> or <integer>"
This parameter sets the mode for the \s-1HKDF\s0 operation.
There are three modes that are currently defined:
.RS 4
.ie n .IP """\s-1EXTRACT_AND_EXPAND""\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND\s0\fR" 4
.el .IP "``\s-1EXTRACT_AND_EXPAND''\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND\s0\fR" 4
.IX Item "EXTRACT_AND_EXPAND or EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND"
This is the default mode. Calling \fBEVP_KDF_derive\fR\|(3) on an \s-1EVP_KDF_CTX\s0 set
up for \s-1HKDF\s0 will perform an extract followed by an expand operation in one go.
The derived key returned will be the result after the expand operation. The
intermediate fixed-length pseudorandom key K is not returned.
.Sp
In this mode the digest, key, salt and info values must be set before a key is
derived otherwise an error will occur.
.ie n .IP """\s-1EXTRACT_ONLY""\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0\fR" 4
.el .IP "``\s-1EXTRACT_ONLY''\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0\fR" 4
.IX Item "EXTRACT_ONLY or EVP_KDF_HKDF_MODE_EXTRACT_ONLY"
In this mode calling \fBEVP_KDF_derive\fR\|(3) will just perform the extract
operation. The value returned will be the intermediate fixed-length pseudorandom
key K. The \fIkeylen\fR parameter must match the size of K, which can be looked
up by calling \fBEVP_KDF_CTX_get_kdf_size()\fR after setting the mode and digest.
.Sp
The digest, key and salt values must be set before a key is derived otherwise
an error will occur.
.ie n .IP """\s-1EXPAND_ONLY""\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXPAND_ONLY\s0\fR" 4
.el .IP "``\s-1EXPAND_ONLY''\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXPAND_ONLY\s0\fR" 4
.IX Item "EXPAND_ONLY or EVP_KDF_HKDF_MODE_EXPAND_ONLY"
In this mode calling \fBEVP_KDF_derive\fR\|(3) will just perform the expand
operation. The input key should be set to the intermediate fixed-length
pseudorandom key K returned from a previous extract operation.
.Sp
The digest, key and info values must be set before a key is derived otherwise
an error will occur.
.RE
.RS 4
.RE
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if \*(L"key-check\*(R"
is set to 0 and the check fails.
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1HKDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HKDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an \s-1HKDF\s0 expand operation is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function. When using
\&\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0 the \fIkeylen\fR parameter must equal the size of
the intermediate fixed-length pseudorandom key otherwise an error will occur.
For that mode, the fixed output size can be looked up by calling \fBEVP_KDF_CTX_get_kdf_size()\fR
after setting the mode and digest on the \fB\s-1EVP_KDF_CTX\s0\fR.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 10 bytes using \s-1SHA\-256\s0 with the secret key \*(L"secret\*(R",
salt value \*(L"salt\*(R" and info value \*(L"label\*(R":
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[5], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "HKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "label", (size_t)5);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "salt", (size_t)4);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 5869\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3),
\&\s-1\fBEVP_KDF\-TLS13_KDF\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

199
openssl-3.4.2/doc/man/man7/EVP_KDF-HMAC-DRBG.7 Normal file
View File

@@ -0,0 +1,199 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-HMAC-DRBG 7ossl"
.TH EVP_KDF-HMAC-DRBG 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-HMAC\-DRBG
\&\- The HMAC DRBG DETERMINISTIC EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for a deterministic \s-1HMAC DRBG\s0 using the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0 This is similar
to \s-1\fBEVP_RAND\-HMAC\-DRBG\s0\fR\|(7), but uses fixed values for its entropy and nonce
values. This is used to generate deterministic nonce value required by \s-1ECDSA\s0
and \s-1DSA\s0 (as defined in \s-1RFC 6979\s0).
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"HMAC-DRBG-KDF\*(R" is the name for this implementation; it can be used
with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """digest"" (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_DRBG_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """properties"" (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_DRBG_PARAM_PROPERTIES) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """entropy"" (\fB\s-1OSSL_KDF_PARAM_HMACDRBG_ENTROPY\s0\fR) <octet string>" 4
.el .IP "``entropy'' (\fB\s-1OSSL_KDF_PARAM_HMACDRBG_ENTROPY\s0\fR) <octet string>" 4
.IX Item "entropy (OSSL_KDF_PARAM_HMACDRBG_ENTROPY) <octet string>"
Sets the entropy bytes supplied to the HMAC-DRBG.
.ie n .IP """nonce"" (\fB\s-1OSSL_KDF_PARAM_HMACDRBG_NONCE\s0\fR) <octet string>" 4
.el .IP "``nonce'' (\fB\s-1OSSL_KDF_PARAM_HMACDRBG_NONCE\s0\fR) <octet string>" 4
.IX Item "nonce (OSSL_KDF_PARAM_HMACDRBG_NONCE) <octet string>"
Sets the nonce bytes supplied to the HMAC-DRBG.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1KDF HMAC DRBG\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HMAC\-DRBG\-KDF", NULL);
\& EVP_KDF_CTX *kdf_ctx = EVP_KDF_CTX_new(kdf, NULL);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 6979\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
The \s-1EVP_KDF\-HMAC\-DRBG\s0 functionality was added in OpenSSL 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2022\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

336
openssl-3.4.2/doc/man/man7/EVP_KDF-KB.7 Normal file
View File

@@ -0,0 +1,336 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-KB 7ossl"
.TH EVP_KDF-KB 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-KB \- The Key\-Based EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP_KDF\-KB\s0 algorithm implements the Key-Based key derivation function
(\s-1KBKDF\s0). \s-1KBKDF\s0 derives a key from repeated application of a keyed \s-1MAC\s0 to an
input secret (and other optional values).
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1KBKDF\*(R"\s0 is the name for this implementation; it can be used with the
\&\fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """mode"" (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mode'' (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mode (OSSL_KDF_PARAM_MODE) <UTF8 string>"
The mode parameter determines which flavor of \s-1KBKDF\s0 to use \- currently the
choices are \*(L"counter\*(R" and \*(L"feedback\*(R". \*(L"counter\*(R" is the default, and will be
used if unspecified.
.ie n .IP """mac"" (\fB\s-1OSSL_KDF_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mac'' (\fB\s-1OSSL_KDF_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mac (OSSL_KDF_PARAM_MAC) <UTF8 string>"
The value is either \s-1CMAC, HMAC, KMAC128\s0 or \s-1KMAC256.\s0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """cipher"" (\fB\s-1OSSL_KDF_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_KDF_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_KDF_PARAM_CIPHER) <UTF8 string>"
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.IP """info (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.IX Item """info (OSSL_KDF_PARAM_INFO) <octet string>"
.ie n .IP """seed"" (\fB\s-1OSSL_KDF_PARAM_SEED\s0\fR) <octet string>" 4
.el .IP "``seed'' (\fB\s-1OSSL_KDF_PARAM_SEED\s0\fR) <octet string>" 4
.IX Item "seed (OSSL_KDF_PARAM_SEED) <octet string>"
.PD
The seed parameter is unused in counter mode.
.ie n .IP """use-l"" (\fB\s-1OSSL_KDF_PARAM_KBKDF_USE_L\s0\fR) <integer>" 4
.el .IP "``use-l'' (\fB\s-1OSSL_KDF_PARAM_KBKDF_USE_L\s0\fR) <integer>" 4
.IX Item "use-l (OSSL_KDF_PARAM_KBKDF_USE_L) <integer>"
Set to \fB0\fR to disable use of the optional Fixed Input data 'L' (see \s-1SP800\-108\s0).
The default value of \fB1\fR will be used if unspecified.
.ie n .IP """use-separator"" (\fB\s-1OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR\s0\fR) <integer>" 4
.el .IP "``use-separator'' (\fB\s-1OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR\s0\fR) <integer>" 4
.IX Item "use-separator (OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR) <integer>"
Set to \fB0\fR to disable use of the optional Fixed Input data 'zero separator'
(see \s-1SP800\-108\s0) that is placed between the Label and Context.
The default value of \fB1\fR will be used if unspecified.
.ie n .IP """r"" (\fB\s-1OSSL_KDF_PARAM_KBKDF_R\s0\fR) <integer>" 4
.el .IP "``r'' (\fB\s-1OSSL_KDF_PARAM_KBKDF_R\s0\fR) <integer>" 4
.IX Item "r (OSSL_KDF_PARAM_KBKDF_R) <integer>"
Set the fixed value 'r', indicating the length of the counter in bits.
.Sp
Supported values are \fB8\fR, \fB16\fR, \fB24\fR, and \fB32\fR.
The default value of \fB32\fR will be used if unspecified.
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if \*(L"key-check\*(R"
is set to 0 and the check fails.
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.PP
Depending on whether mac is \s-1CMAC\s0 or \s-1HMAC,\s0 either digest or cipher is required
(respectively) and the other is unused. They are unused for \s-1KMAC128\s0 and \s-1KMAC256.\s0
.PP
The parameters key, salt, info, and seed correspond to \s-1KI,\s0 Label, Context, and
\&\s-1IV\s0 (respectively) in \s-1SP800\-108.\s0 As in that document, salt, info, and seed are
optional and may be omitted.
.PP
\&\*(L"mac\*(R", \*(L"digest\*(R", cipher\*(L" and \*(R"properties" are described in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1KBKDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an \s-1KBKDF\s0 is specified via the \f(CW\*(C`keylen\*(C'\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function.
.PP
Note that currently OpenSSL only implements counter and feedback modes. Other
variants may be supported in the future.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 10 bytes using \s-1COUNTER\-HMAC\-SHA256,\s0 with \s-1KI\s0 \*(L"secret\*(R",
Label \*(L"label\*(R", and Context \*(L"context\*(R".
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[6], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& "SHA2\-256", 0);
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
\& "HMAC", 0);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& "secret", strlen("secret"));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "label", strlen("label"));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "context", strlen("context"));
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0)
\& error("EVP_KDF_derive");
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.PP
This example derives 10 bytes using \s-1FEEDBACK\-CMAC\-AES256,\s0 with \s-1KI\s0 \*(L"secret\*(R",
Label \*(L"label\*(R", and \s-1IV\s0 \*(L"sixteen bytes iv\*(R".
.PP
.Vb 5
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[8], *p = params;
\& unsigned char *iv = "sixteen bytes iv";
\&
\& kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, "AES256", 0);
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, "CMAC", 0);
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE, "FEEDBACK", 0);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& "secret", strlen("secret"));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "label", strlen("label"));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "context", strlen("context"));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
\& iv, strlen(iv));
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0)
\& error("EVP_KDF_derive");
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1NIST SP800\-108, IETF RFC 6803, IETF RFC 8009.\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.PP
Support for \s-1KMAC\s0 was added in OpenSSL 3.1.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019 Red Hat, Inc.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

244
openssl-3.4.2/doc/man/man7/EVP_KDF-KRB5KDF.7 Normal file
View File

@@ -0,0 +1,244 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-KRB5KDF 7ossl"
.TH EVP_KDF-KRB5KDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-KRB5KDF \- The RFC3961 Krb5 KDF EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1KRB5KDF\s0\fR \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0
.PP
The \s-1EVP_KDF\-KRB5KDF\s0 algorithm implements the key derivation function defined
in \s-1RFC 3961,\s0 section 5.1 and is used by Krb5 to derive session keys.
Three inputs are required to perform key derivation: a cipher, (for example
\&\s-1AES\-128\-CBC\s0), the initial key, and a constant.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1KRB5KDF\*(R"\s0 is the name for this implementation;
it can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """cipher"" (\fB\s-1OSSL_KDF_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_KDF_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_KDF_PARAM_CIPHER) <UTF8 string>"
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """constant"" (\fB\s-1OSSL_KDF_PARAM_CONSTANT\s0\fR) <octet string>" 4
.el .IP "``constant'' (\fB\s-1OSSL_KDF_PARAM_CONSTANT\s0\fR) <octet string>" 4
.IX Item "constant (OSSL_KDF_PARAM_CONSTANT) <octet string>"
This parameter sets the constant value for the \s-1KDF.\s0
If a value is already set, the contents are replaced.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1KRB5KDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of the \s-1KRB5KDF\s0 derivation is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function, and \s-1MUST\s0 match the key
length for the chosen cipher or an error is returned. Moreover, the
constant's length must not exceed the block size of the cipher.
Since the \s-1KRB5KDF\s0 output length depends on the chosen cipher, calling
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3) to obtain the requisite length returns the correct length
only after the cipher is set. Prior to that \fB\s-1EVP_MAX_KEY_LENGTH\s0\fR is returned.
The caller must allocate a buffer of the correct length for the chosen
cipher, and pass that buffer to the \fBEVP_KDF_derive\fR\|(3) function along
with that length.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives a key using the \s-1AES\-128\-CBC\s0 cipher:
.PP
.Vb 7
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char key[16] = "01234...";
\& unsigned char constant[] = "I\*(Aqm a constant";
\& unsigned char out[16];
\& size_t outlen = sizeof(out);
\& OSSL_PARAM params[4], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER,
\& SN_aes_128_cbc,
\& strlen(SN_aes_128_cbc));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& key, (size_t)16);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT,
\& constant, strlen(constant));
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, outlen, params) <= 0)
\& /* Error */
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 3961\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2016\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

215
openssl-3.4.2/doc/man/man7/EVP_KDF-PBKDF1.7 Normal file
View File

@@ -0,0 +1,215 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-PBKDF1 7ossl"
.TH EVP_KDF-PBKDF1 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-PBKDF1 \- The PBKDF1 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1PBKDF1\s0\fR password-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-PBKDF1\s0 algorithm implements the \s-1PBKDF1\s0 password-based key
derivation function, as described in \s-1RFC 8018\s0; it derives a key from a password
using a salt and iteration count.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1PBKDF1\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.ie n .IP """iter"" (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.el .IP "``iter'' (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.IX Item "iter (OSSL_KDF_PARAM_ITER) <unsigned integer>"
.PD
This parameter has a default value of 0 and should be set.
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
A typical application of this algorithm is to derive keying material for an
encryption algorithm from a password in the \*(L"pass\*(R", a salt in \*(L"salt\*(R",
and an iteration count.
.PP
Increasing the \*(L"iter\*(R" parameter slows down the algorithm which makes it
harder for an attacker to perform a brute force attack using a large number
of candidate passwords.
.PP
No assumption is made regarding the given password; it is simply treated as a
byte sequence.
.PP
The legacy provider needs to be available in order to access this algorithm.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 8018\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

247
openssl-3.4.2/doc/man/man7/EVP_KDF-PBKDF2.7 Normal file
View File

@@ -0,0 +1,247 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-PBKDF2 7ossl"
.TH EVP_KDF-PBKDF2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-PBKDF2 \- The PBKDF2 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1PBKDF2\s0\fR password-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-PBKDF2\s0 algorithm implements the \s-1PBKDF2\s0 password-based key
derivation function, as described in \s-1SP800\-132\s0; it derives a key from a password
using a salt and iteration count.
.PP
The output is considered to be a cryptographic key.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1PBKDF2\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.ie n .IP """iter"" (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.el .IP "``iter'' (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.IX Item "iter (OSSL_KDF_PARAM_ITER) <unsigned integer>"
.PD
This parameter has a default value of 2048.
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """pkcs5"" (\fB\s-1OSSL_KDF_PARAM_PKCS5\s0\fR) <integer>" 4
.el .IP "``pkcs5'' (\fB\s-1OSSL_KDF_PARAM_PKCS5\s0\fR) <integer>" 4
.IX Item "pkcs5 (OSSL_KDF_PARAM_PKCS5) <integer>"
This parameter can be used to enable or disable \s-1SP800\-132\s0 compliance checks.
Setting the mode to 0 enables the compliance checks.
.Sp
The checks performed are:
.RS 4
.IP "\- the iteration count is at least 1000." 4
.IX Item "- the iteration count is at least 1000."
.PD 0
.IP "\- the salt length is at least 128 bits." 4
.IX Item "- the salt length is at least 128 bits."
.IP "\- the derived key length is at least 112 bits." 4
.IX Item "- the derived key length is at least 112 bits."
.RE
.RS 4
.PD
.Sp
The default provider uses a default mode of 1 for backwards compatibility,
and the \s-1FIPS\s0 provider uses a default mode of 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.RE
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
This option is used by the OpenSSL \s-1FIPS\s0 provider.
.Sp
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if \*(L"pkcs5\*(R"
is set to 1 and the derived key length, salt length or iteration count test
fails.
.SH "NOTES"
.IX Header "NOTES"
A typical application of this algorithm is to derive keying material for an
encryption algorithm from a password in the \*(L"pass\*(R", a salt in \*(L"salt\*(R",
and an iteration count.
.PP
Increasing the \*(L"iter\*(R" parameter slows down the algorithm which makes it
harder for an attacker to perform a brute force attack using a large number
of candidate passwords.
.PP
No assumption is made regarding the given password; it is simply treated as a
byte sequence.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1SP800\-132\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

219
openssl-3.4.2/doc/man/man7/EVP_KDF-PKCS12KDF.7 Normal file
View File

@@ -0,0 +1,219 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-PKCS12KDF 7ossl"
.TH EVP_KDF-PKCS12KDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-PKCS12KDF \- The PKCS#12 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fBPKCS#12\fR password-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-PKCS12KDF\s0 algorithm implements the PKCS#12 password-based key
derivation function, as described in appendix B of \s-1RFC 7292\s0 (\s-1PKCS\s0 #12:
Personal Information Exchange Syntax); it derives a key from a password
using a salt, iteration count and the intended usage.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1PKCS12KDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.ie n .IP """iter"" (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.el .IP "``iter'' (\fB\s-1OSSL_KDF_PARAM_ITER\s0\fR) <unsigned integer>" 4
.IX Item "iter (OSSL_KDF_PARAM_ITER) <unsigned integer>"
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """id"" (\fB\s-1OSSL_KDF_PARAM_PKCS12_ID\s0\fR) <integer>" 4
.el .IP "``id'' (\fB\s-1OSSL_KDF_PARAM_PKCS12_ID\s0\fR) <integer>" 4
.IX Item "id (OSSL_KDF_PARAM_PKCS12_ID) <integer>"
This parameter is used to specify the intended usage of the output bits, as per
\&\s-1RFC 7292\s0 section B.3.
.SH "NOTES"
.IX Header "NOTES"
This algorithm is not available in the \s-1FIPS\s0 provider as it is not \s-1FIPS\s0
approvable.
.PP
A typical application of this algorithm is to derive keying material for an
encryption algorithm from a password in the \*(L"pass\*(R", a salt in \*(L"salt\*(R",
and an iteration count.
.PP
Increasing the \*(L"iter\*(R" parameter slows down the algorithm which makes it
harder for an attacker to perform a brute force attack using a large number
of candidate passwords.
.PP
No assumption is made regarding the given password; it is simply treated as a
byte sequence.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC7292\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

200
openssl-3.4.2/doc/man/man7/EVP_KDF-PVKKDF.7 Normal file
View File

@@ -0,0 +1,200 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-PVKKDF 7ossl"
.TH EVP_KDF-PVKKDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-PVKKDF \- The PVK EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1PVK KDF\s0\fR PIN-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-PVKKDF\s0 algorithm implements a \s-1PVK\s0 PIN-based key
derivation function; it derives a key from a password using a salt.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1PVKKDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
A typical application of this algorithm is to derive keying material for an
encryption algorithm from a password in the \*(L"pass\*(R" and a salt in \*(L"salt\*(R".
.PP
No assumption is made regarding the given password; it is simply treated as a
byte sequence.
.PP
The legacy provider needs to be available in order to access this algorithm.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

284
openssl-3.4.2/doc/man/man7/EVP_KDF-SCRYPT.7 Normal file
View File

@@ -0,0 +1,284 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-SCRYPT 7ossl"
.TH EVP_KDF-SCRYPT 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-SCRYPT \- The scrypt EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fBscrypt\fR password-based \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR
\&\s-1API.\s0
.PP
The \s-1EVP_KDF\-SCRYPT\s0 algorithm implements the scrypt password-based key
derivation function, as described in \s-1RFC 7914.\s0 It is memory-hard in the sense
that it deliberately requires a significant amount of \s-1RAM\s0 for efficient
computation. The intention of this is to render brute forcing of passwords on
systems that lack large amounts of main memory (such as GPUs or ASICs)
computationally infeasible.
.PP
scrypt provides three work factors that can be customized: N, r and p. N, which
has to be a positive power of two, is the general work factor and scales \s-1CPU\s0
time in an approximately linear fashion. r is the block size of the internally
used hash function and p is the parallelization factor. Both r and p need to be
greater than zero. The amount of \s-1RAM\s0 that scrypt requires for its computation
is roughly (128 * N * r * p) bytes.
.PP
In the original paper of Colin Percival (\*(L"Stronger Key Derivation via
Sequential Memory-Hard Functions\*(R", 2009), the suggested values that give a
computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N =
2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for
this computation is roughly 1 GiB. On a more recent \s-1CPU\s0 (Intel i7\-5930K at 3.5
GHz), this computation takes about 3 seconds. When N, r or p are not specified,
they default to 1048576, 8, and 1, respectively. The maximum amount of \s-1RAM\s0 that
may be used by scrypt defaults to 1025 MiB.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1SCRYPT\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """pass"" (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.el .IP "``pass'' (\fB\s-1OSSL_KDF_PARAM_PASSWORD\s0\fR) <octet string>" 4
.IX Item "pass (OSSL_KDF_PARAM_PASSWORD) <octet string>"
.PD 0
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """n"" (\fB\s-1OSSL_KDF_PARAM_SCRYPT_N\s0\fR) <unsigned integer>" 4
.el .IP "``n'' (\fB\s-1OSSL_KDF_PARAM_SCRYPT_N\s0\fR) <unsigned integer>" 4
.IX Item "n (OSSL_KDF_PARAM_SCRYPT_N) <unsigned integer>"
.PD 0
.ie n .IP """r"" (\fB\s-1OSSL_KDF_PARAM_SCRYPT_R\s0\fR) <unsigned integer>" 4
.el .IP "``r'' (\fB\s-1OSSL_KDF_PARAM_SCRYPT_R\s0\fR) <unsigned integer>" 4
.IX Item "r (OSSL_KDF_PARAM_SCRYPT_R) <unsigned integer>"
.ie n .IP """p"" (\fB\s-1OSSL_KDF_PARAM_SCRYPT_P\s0\fR) <unsigned integer>" 4
.el .IP "``p'' (\fB\s-1OSSL_KDF_PARAM_SCRYPT_P\s0\fR) <unsigned integer>" 4
.IX Item "p (OSSL_KDF_PARAM_SCRYPT_P) <unsigned integer>"
.ie n .IP """maxmem_bytes"" (\fB\s-1OSSL_KDF_PARAM_SCRYPT_MAXMEM\s0\fR) <unsigned integer>" 4
.el .IP "``maxmem_bytes'' (\fB\s-1OSSL_KDF_PARAM_SCRYPT_MAXMEM\s0\fR) <unsigned integer>" 4
.IX Item "maxmem_bytes (OSSL_KDF_PARAM_SCRYPT_MAXMEM) <unsigned integer>"
.PD
These parameters configure the scrypt work factors N, r, maxmem and p.
Both N and maxmem_bytes are parameters of type \fBuint64_t\fR.
Both r and p are parameters of type \fBuint32_t\fR.
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
This can be used to set the property query string when fetching the
fixed digest internally. \s-1NULL\s0 is used if this value is not set.
.SH "NOTES"
.IX Header "NOTES"
A context for scrypt can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an scrypt key derivation is specified via the
\&\*(L"keylen\*(R" parameter to the \fBEVP_KDF_derive\fR\|(3) function.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives a 64\-byte long test vector using scrypt with the password
\&\*(L"password\*(R", salt \*(L"NaCl\*(R" and N = 1024, r = 8, p = 16.
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[64];
\& OSSL_PARAM params[6], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
\& "password", (size_t)8);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "NaCl", (size_t)4);
\& *p++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_N, (uint64_t)1024);
\& *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_R, (uint32_t)8);
\& *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_P, (uint32_t)16);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& {
\& const unsigned char expected[sizeof(out)] = {
\& 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
\& 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
\& 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
\& 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
\& 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
\& 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
\& 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
\& 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
\& };
\&
\& assert(!memcmp(out, expected, sizeof(out)));
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 7914\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2017\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

343
openssl-3.4.2/doc/man/man7/EVP_KDF-SS.7 Normal file
View File

@@ -0,0 +1,343 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-SS 7ossl"
.TH EVP_KDF-SS 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-SS \- The Single Step / One Step EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP_KDF\-SS\s0 algorithm implements the Single Step key derivation function (\s-1SSKDF\s0).
\&\s-1SSKDF\s0 derives a key using input such as a shared secret key (that was generated
during the execution of a key establishment scheme) and fixedinfo.
\&\s-1SSKDF\s0 is also informally referred to as 'Concat \s-1KDF\s0'.
.PP
The output is considered to be keying material.
.SS "Auxiliary function"
.IX Subsection "Auxiliary function"
The implementation uses a selectable auxiliary function H, which can be one of:
.IP "\fBH(x) = hash(x, digest=md)\fR" 4
.IX Item "H(x) = hash(x, digest=md)"
.PD 0
.IP "\fBH(x) = HMAC_hash(x, key=salt, digest=md)\fR" 4
.IX Item "H(x) = HMAC_hash(x, key=salt, digest=md)"
.ie n .IP "\fBH(x) = KMACxxx(x, key=salt, custom=""\s-1KDF"",\s0 outlen=mac_size)\fR" 4
.el .IP "\fBH(x) = KMACxxx(x, key=salt, custom=``\s-1KDF'',\s0 outlen=mac_size)\fR" 4
.IX Item "H(x) = KMACxxx(x, key=salt, custom=KDF, outlen=mac_size)"
.PD
.PP
Both the \s-1HMAC\s0 and \s-1KMAC\s0 implementations set the key using the 'salt' value.
The hash and \s-1HMAC\s0 also require the digest to be set.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1SSKDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
This parameter is ignored for \s-1KMAC.\s0
.ie n .IP """mac"" (\fB\s-1OSSL_KDF_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mac'' (\fB\s-1OSSL_KDF_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mac (OSSL_KDF_PARAM_MAC) <UTF8 string>"
.PD 0
.ie n .IP """maclen"" (\fB\s-1OSSL_KDF_PARAM_MAC_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``maclen'' (\fB\s-1OSSL_KDF_PARAM_MAC_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "maclen (OSSL_KDF_PARAM_MAC_SIZE) <unsigned integer>"
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_SECRET) <octet string>"
This parameter set the shared secret that is used for key derivation.
.ie n .IP """info"" (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.el .IP "``info'' (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.IX Item "info (OSSL_KDF_PARAM_INFO) <octet string>"
This parameter sets an optional value for fixedinfo, also known as otherinfo.
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if \*(L"key-check\*(R"
is set to 0 and the check fails.
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1SSKDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an \s-1SSKDF\s0 is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 10 bytes using H(x) = \s-1SHA\-256,\s0 with the secret key \*(L"secret\*(R"
and fixedinfo value \*(L"label\*(R":
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[4], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "label", (size_t)5);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.PP
This example derives 10 bytes using H(x) = \s-1HMAC\s0(\s-1SHA\-256\s0), with the secret key \*(L"secret\*(R",
fixedinfo value \*(L"label\*(R" and salt \*(L"salt\*(R":
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[6], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
\& SN_hmac, strlen(SN_hmac));
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "label", (size_t)5);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "salt", (size_t)4);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.PP
This example derives 10 bytes using H(x) = \s-1KMAC128\s0(x,salt,outlen), with the secret key \*(L"secret\*(R"
fixedinfo value \*(L"label\*(R", salt of \*(L"salt\*(R" and \s-1KMAC\s0 outlen of 20:
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[6], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
\& SN_kmac128, strlen(SN_kmac128));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "label", (size_t)5);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
\& "salt", (size_t)4);
\& *p++ = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_MAC_SIZE, (size_t)20);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1NIST\s0 SP800\-56Cr1.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved. Copyright
(c) 2019, Oracle and/or its affiliates. All rights reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

318
openssl-3.4.2/doc/man/man7/EVP_KDF-SSHKDF.7 Normal file
View File

@@ -0,0 +1,318 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-SSHKDF 7ossl"
.TH EVP_KDF-SSHKDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-SSHKDF \- The SSHKDF EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1SSHKDF\s0\fR \s-1KDF\s0 through the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0
.PP
The \s-1EVP_KDF\-SSHKDF\s0 algorithm implements the \s-1SSHKDF\s0 key derivation function.
It is defined in \s-1RFC 4253,\s0 section 7.2 and is used by \s-1SSH\s0 to derive IVs,
encryption keys and integrity keys.
Five inputs are required to perform key derivation: The hashing function
(for example \s-1SHA256\s0), the Initial Key, the Exchange Hash, the Session \s-1ID,\s0
and the derivation key type.
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1SSHKDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """xcghash"" (\fB\s-1OSSL_KDF_PARAM_SSHKDF_XCGHASH\s0\fR) <octet string>" 4
.el .IP "``xcghash'' (\fB\s-1OSSL_KDF_PARAM_SSHKDF_XCGHASH\s0\fR) <octet string>" 4
.IX Item "xcghash (OSSL_KDF_PARAM_SSHKDF_XCGHASH) <octet string>"
.PD 0
.ie n .IP """session_id"" (\fB\s-1OSSL_KDF_PARAM_SSHKDF_SESSION_ID\s0\fR) <octet string>" 4
.el .IP "``session_id'' (\fB\s-1OSSL_KDF_PARAM_SSHKDF_SESSION_ID\s0\fR) <octet string>" 4
.IX Item "session_id (OSSL_KDF_PARAM_SSHKDF_SESSION_ID) <octet string>"
.PD
These parameters set the respective values for the \s-1KDF.\s0
If a value is already set, the contents are replaced.
.ie n .IP """type"" (\fB\s-1OSSL_KDF_PARAM_SSHKDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``type'' (\fB\s-1OSSL_KDF_PARAM_SSHKDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "type (OSSL_KDF_PARAM_SSHKDF_TYPE) <UTF8 string>"
This parameter sets the type for the \s-1SSHKDF\s0 operation.
There are six supported types:
.RS 4
.IP "\s-1EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV"
The Initial \s-1IV\s0 from client to server.
A single char of value 65 (\s-1ASCII\s0 char 'A').
.IP "\s-1EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI"
The Initial \s-1IV\s0 from server to client
A single char of value 66 (\s-1ASCII\s0 char 'B').
.IP "\s-1EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV"
The Encryption Key from client to server
A single char of value 67 (\s-1ASCII\s0 char 'C').
.IP "\s-1EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI"
The Encryption Key from server to client
A single char of value 68 (\s-1ASCII\s0 char 'D').
.IP "\s-1EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV"
The Integrity Key from client to server
A single char of value 69 (\s-1ASCII\s0 char 'E').
.IP "\s-1EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI\s0" 4
.IX Item "EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI"
The Integrity Key from client to server
A single char of value 70 (\s-1ASCII\s0 char 'F').
.RE
.RS 4
.RE
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if any \*(L"***\-check\*(R"
related parameter is set to 0 and the check fails.
.ie n .IP """digest-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_KDF_PARAM_FIPS_DIGEST_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if
used digest is not approved.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.Sp
According to \s-1SP\s0 800\-135r1, the following are approved digest algorithms: \s-1SHA\-1,
SHA2\-224, SHA2\-256, SHA2\-384, SHA2\-512.\s0
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1SSHKDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSHKDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of the \s-1SSHKDF\s0 derivation is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function.
Since the \s-1SSHKDF\s0 output length is variable, calling \fBEVP_KDF_CTX_get_kdf_size\fR\|(3)
to obtain the requisite length is not meaningful. The caller must
allocate a buffer of the desired length, and pass that buffer to the
\&\fBEVP_KDF_derive\fR\|(3) function along with the desired length.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives an 8 byte \s-1IV\s0 using \s-1SHA\-256\s0 with a 1K \*(L"key\*(R" and appropriate
\&\*(L"xcghash\*(R" and \*(L"session_id\*(R" values:
.PP
.Vb 9
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& char type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
\& unsigned char key[1024] = "01234...";
\& unsigned char xcghash[32] = "012345...";
\& unsigned char session_id[32] = "012345...";
\& unsigned char out[8];
\& size_t outlen = sizeof(out);
\& OSSL_PARAM params[6], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "SSHKDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
\& key, (size_t)1024);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_XCGHASH,
\& xcghash, (size_t)32);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
\& session_id, (size_t)32);
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
\& &type, sizeof(type));
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, outlen, params) <= 0)
\& /* Error */
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 4253\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2016\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

294
openssl-3.4.2/doc/man/man7/EVP_KDF-TLS13_KDF.7 Normal file
View File

@@ -0,0 +1,294 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-TLS13_KDF 7ossl"
.TH EVP_KDF-TLS13_KDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-TLS13_KDF \- The TLS 1.3 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \s-1TLS 1.3\s0 version of the \fB\s-1HKDF\s0\fR \s-1KDF\s0 through
the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0
.PP
The \s-1EVP_KDF\-TLS13_KDF\s0 algorithm implements the \s-1HKDF\s0 key derivation function
as used by \s-1TLS 1.3.\s0
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1TLS13\-KDF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
.ie n .IP """salt"" (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_KDF_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_KDF_PARAM_SALT) <octet string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """prefix"" (\fB\s-1OSSL_KDF_PARAM_PREFIX\s0\fR) <octet string>" 4
.el .IP "``prefix'' (\fB\s-1OSSL_KDF_PARAM_PREFIX\s0\fR) <octet string>" 4
.IX Item "prefix (OSSL_KDF_PARAM_PREFIX) <octet string>"
This parameter sets the label prefix on the specified \s-1TLS 1.3 KDF\s0 context.
For \s-1TLS 1.3\s0 this should be set to the \s-1ASCII\s0 string \*(L"tls13 \*(R" without a
trailing zero byte. Refer to \s-1RFC 8446\s0 section 7.1 \*(L"Key Schedule\*(R" for details.
.ie n .IP """label"" (\fB\s-1OSSL_KDF_PARAM_LABEL\s0\fR) <octet string>" 4
.el .IP "``label'' (\fB\s-1OSSL_KDF_PARAM_LABEL\s0\fR) <octet string>" 4
.IX Item "label (OSSL_KDF_PARAM_LABEL) <octet string>"
This parameter sets the label on the specified \s-1TLS 1.3 KDF\s0 context.
Refer to \s-1RFC 8446\s0 section 7.1 \*(L"Key Schedule\*(R" for details.
.ie n .IP """data"" (\fB\s-1OSSL_KDF_PARAM_DATA\s0\fR) <octet string>" 4
.el .IP "``data'' (\fB\s-1OSSL_KDF_PARAM_DATA\s0\fR) <octet string>" 4
.IX Item "data (OSSL_KDF_PARAM_DATA) <octet string>"
This parameter sets the context data on the specified \s-1TLS 1.3 KDF\s0 context.
Refer to \s-1RFC 8446\s0 section 7.1 \*(L"Key Schedule\*(R" for details.
.ie n .IP """mode"" (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string> or <integer>" 4
.el .IP "``mode'' (\fB\s-1OSSL_KDF_PARAM_MODE\s0\fR) <\s-1UTF8\s0 string> or <integer>" 4
.IX Item "mode (OSSL_KDF_PARAM_MODE) <UTF8 string> or <integer>"
This parameter sets the mode for the \s-1TLS 1.3 KDF\s0 operation.
There are two modes that are currently defined:
.RS 4
.ie n .IP """\s-1EXTRACT_ONLY""\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0\fR" 4
.el .IP "``\s-1EXTRACT_ONLY''\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0\fR" 4
.IX Item "EXTRACT_ONLY or EVP_KDF_HKDF_MODE_EXTRACT_ONLY"
In this mode calling \fBEVP_KDF_derive\fR\|(3) will just perform the extract
operation. The value returned will be the intermediate fixed-length pseudorandom
key K. The \fIkeylen\fR parameter must match the size of K, which can be looked
up by calling \fBEVP_KDF_CTX_get_kdf_size()\fR after setting the mode and digest.
.Sp
The digest, key and salt values must be set before a key is derived otherwise
an error will occur.
.ie n .IP """\s-1EXPAND_ONLY""\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXPAND_ONLY\s0\fR" 4
.el .IP "``\s-1EXPAND_ONLY''\s0 or \fB\s-1EVP_KDF_HKDF_MODE_EXPAND_ONLY\s0\fR" 4
.IX Item "EXPAND_ONLY or EVP_KDF_HKDF_MODE_EXPAND_ONLY"
In this mode calling \fBEVP_KDF_derive\fR\|(3) will just perform the expand
operation. The input key should be set to the intermediate fixed-length
pseudorandom key K returned from a previous extract operation.
.Sp
The digest, key and info values must be set before a key is derived otherwise
an error will occur.
.RE
.RS 4
.RE
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if any \*(L"***\-check\*(R"
related parameter is set to 0 and the check fails.
.ie n .IP """digest-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_KDF_PARAM_FIPS_DIGEST_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if
used digest is not approved.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.Sp
According to \s-1RFC 8446,\s0 the following are approved digest algorithms: \s-1SHA2\-256,
SHA2\-384.\s0
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
This \s-1KDF\s0 is intended for use by the \s-1TLS 1.3\s0 implementation in libssl.
It does not support all the options and capabilities that \s-1HKDF\s0 does.
.PP
The \fI\s-1OSSL_PARAM\s0\fR array passed to \fBEVP_KDF_derive\fR\|(3) or
\&\fBEVP_KDF_CTX_set_params\fR\|(3) must specify all of the parameters required.
This \s-1KDF\s0 does not support a piecemeal approach to providing these.
.PP
A context for a \s-1TLS 1.3 KDF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "TLS13\-KDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of a \s-1TLS 1.3 KDF\s0 expand operation is specified via the
\&\fIkeylen\fR parameter to the \fBEVP_KDF_derive\fR\|(3) function. When using
\&\s-1EVP_KDF_HKDF_MODE_EXTRACT_ONLY\s0 the \fIkeylen\fR parameter must equal the size of
the intermediate fixed-length pseudorandom key otherwise an error will occur.
For that mode, the fixed output size can be looked up by calling
\&\fBEVP_KDF_CTX_get_kdf_size()\fR after setting the mode and digest on the
\&\fB\s-1EVP_KDF_CTX\s0\fR.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 8446\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3),
\&\s-1\fBEVP_KDF\-HKDF\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

283
openssl-3.4.2/doc/man/man7/EVP_KDF-TLS1_PRF.7 Normal file
View File

@@ -0,0 +1,283 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-TLS1_PRF 7ossl"
.TH EVP_KDF-TLS1_PRF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-TLS1_PRF \- The TLS1 PRF EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing the \fB\s-1TLS1\s0\fR \s-1PRF\s0 through the \fB\s-1EVP_KDF\s0\fR \s-1API.\s0
.PP
The \s-1EVP_KDF\-TLS1_PRF\s0 algorithm implements the \s-1PRF\s0 used by \s-1TLS\s0 versions up to
and including \s-1TLS 1.2.\s0
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1TLS1\-PRF\*(R"\s0 is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.Sp
The \fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR parameter is used to set the message digest
associated with the \s-1TLS PRF.\s0
\&\fBEVP_md5_sha1()\fR is treated as a special case which uses the
\&\s-1PRF\s0 algorithm using both \fB\s-1MD5\s0\fR and \fB\s-1SHA1\s0\fR as used in \s-1TLS 1.0\s0 and 1.1.
.ie n .IP """secret"" (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.el .IP "``secret'' (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.IX Item "secret (OSSL_KDF_PARAM_SECRET) <octet string>"
This parameter sets the secret value of the \s-1TLS PRF.\s0
Any existing secret value is replaced.
.ie n .IP """seed"" (\fB\s-1OSSL_KDF_PARAM_SEED\s0\fR) <octet string>" 4
.el .IP "``seed'' (\fB\s-1OSSL_KDF_PARAM_SEED\s0\fR) <octet string>" 4
.IX Item "seed (OSSL_KDF_PARAM_SEED) <octet string>"
This parameter sets the context seed.
The length of the context seed cannot exceed 1024 bytes;
this should be more than enough for any normal use of the \s-1TLS PRF.\s0
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if any \*(L"***\-check\*(R"
related parameter is set to 0 and the check fails.
.ie n .IP """ems_check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_EMS_CHECK\s0\fR) <integer>" 4
.el .IP "``ems_check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_EMS_CHECK\s0\fR) <integer>" 4
.IX Item "ems_check (OSSL_KDF_PARAM_FIPS_EMS_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_derive()\fR if
\&\*(L"master secret\*(R" is used instead of \*(L"extended master secret\*(R" Setting this to zero
will ignore the error and set the approved \*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.ie n .IP """digest-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_KDF_PARAM_FIPS_DIGEST_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if
used digest is not approved.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.Sp
According to \s-1SP\s0 800\-135r1, the following are approved digest algorithms:
\&\s-1SHA2\-256, SHA2\-384, SHA2\-512.\s0
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
A context for the \s-1TLS PRF\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "TLS1\-PRF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The digest, secret value and seed must be set before a key is derived otherwise
an error will occur.
.PP
The output length of the \s-1PRF\s0 is specified by the \fIkeylen\fR parameter to the
\&\fBEVP_KDF_derive()\fR function.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 10 bytes using \s-1SHA\-256\s0 with the secret key \*(L"secret\*(R"
and seed value \*(L"seed\*(R":
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[4], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "TLS1\-PRF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
\& "seed", (size_t)4);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 2246, RFC 5246\s0 and \s-1NIST SP 800\-135\s0 r1
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

300
openssl-3.4.2/doc/man/man7/EVP_KDF-X942-ASN1.7 Normal file
View File

@@ -0,0 +1,300 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-X942-ASN1 7ossl"
.TH EVP_KDF-X942-ASN1 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-X942\-ASN1 \- The X9.42\-2003 asn1 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP_KDF\-X942\-ASN1\s0 algorithm implements the key derivation function
X942KDF\-ASN1. It is used by \s-1DH\s0 KeyAgreement, to derive a key using input such as
a shared secret key and other info. The other info is \s-1DER\s0 encoded data that
contains a 32 bit counter as well as optional fields for \*(L"partyu-info\*(R",
\&\*(L"partyv-info\*(R", \*(L"supp-pubinfo\*(R" and \*(L"supp-privinfo\*(R".
This kdf is used by Cryptographic Message Syntax (\s-1CMS\s0).
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"X942KDF\-ASN1\*(R" or \*(L"X942KDF\*(R" is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """secret"" (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.el .IP "``secret'' (\fB\s-1OSSL_KDF_PARAM_SECRET\s0\fR) <octet string>" 4
.IX Item "secret (OSSL_KDF_PARAM_SECRET) <octet string>"
The shared secret used for key derivation. This parameter sets the secret.
.ie n .IP """acvp-info"" (\fB\s-1OSSL_KDF_PARAM_X942_ACVPINFO\s0\fR) <octet string>" 4
.el .IP "``acvp-info'' (\fB\s-1OSSL_KDF_PARAM_X942_ACVPINFO\s0\fR) <octet string>" 4
.IX Item "acvp-info (OSSL_KDF_PARAM_X942_ACVPINFO) <octet string>"
This value should not be used in production and should only be used for \s-1ACVP\s0
testing. It is an optional octet string containing a combined \s-1DER\s0 encoded blob
of any of the optional fields related to \*(L"partyu-info\*(R", \*(L"partyv-info\*(R",
\&\*(L"supp-pubinfo\*(R" and \*(L"supp-privinfo\*(R". If it is specified then none of these other
fields should be used.
.ie n .IP """partyu-info"" (\fB\s-1OSSL_KDF_PARAM_X942_PARTYUINFO\s0\fR) <octet string>" 4
.el .IP "``partyu-info'' (\fB\s-1OSSL_KDF_PARAM_X942_PARTYUINFO\s0\fR) <octet string>" 4
.IX Item "partyu-info (OSSL_KDF_PARAM_X942_PARTYUINFO) <octet string>"
An optional octet string containing public info contributed by the initiator.
.ie n .IP """ukm"" (\fB\s-1OSSL_KDF_PARAM_UKM\s0\fR) <octet string>" 4
.el .IP "``ukm'' (\fB\s-1OSSL_KDF_PARAM_UKM\s0\fR) <octet string>" 4
.IX Item "ukm (OSSL_KDF_PARAM_UKM) <octet string>"
An alias for \*(L"partyu-info\*(R".
In \s-1CMS\s0 this is the user keying material.
.ie n .IP """partyv-info"" (\fB\s-1OSSL_KDF_PARAM_X942_PARTYVINFO\s0\fR) <octet string>" 4
.el .IP "``partyv-info'' (\fB\s-1OSSL_KDF_PARAM_X942_PARTYVINFO\s0\fR) <octet string>" 4
.IX Item "partyv-info (OSSL_KDF_PARAM_X942_PARTYVINFO) <octet string>"
An optional octet string containing public info contributed by the responder.
.ie n .IP """supp-pubinfo"" (\fB\s-1OSSL_KDF_PARAM_X942_SUPP_PUBINFO\s0\fR) <octet string>" 4
.el .IP "``supp-pubinfo'' (\fB\s-1OSSL_KDF_PARAM_X942_SUPP_PUBINFO\s0\fR) <octet string>" 4
.IX Item "supp-pubinfo (OSSL_KDF_PARAM_X942_SUPP_PUBINFO) <octet string>"
An optional octet string containing some additional, mutually-known public
information. Setting this value also sets \*(L"use-keybits\*(R" to 0.
.ie n .IP """use-keybits"" (\fB\s-1OSSL_KDF_PARAM_X942_USE_KEYBITS\s0\fR) <integer>" 4
.el .IP "``use-keybits'' (\fB\s-1OSSL_KDF_PARAM_X942_USE_KEYBITS\s0\fR) <integer>" 4
.IX Item "use-keybits (OSSL_KDF_PARAM_X942_USE_KEYBITS) <integer>"
The default value of 1 will use the \s-1KEK\s0 key length (in bits) as the
\&\*(L"supp-pubinfo\*(R". A value of 0 disables setting the \*(L"supp-pubinfo\*(R".
.ie n .IP """supp-privinfo"" (\fB\s-1OSSL_KDF_PARAM_X942_SUPP_PRIVINFO\s0\fR) <octet string>" 4
.el .IP "``supp-privinfo'' (\fB\s-1OSSL_KDF_PARAM_X942_SUPP_PRIVINFO\s0\fR) <octet string>" 4
.IX Item "supp-privinfo (OSSL_KDF_PARAM_X942_SUPP_PRIVINFO) <octet string>"
An optional octet string containing some additional, mutually-known private
information.
.ie n .IP """cekalg"" (\fB\s-1OSSL_KDF_PARAM_CEK_ALG\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cekalg'' (\fB\s-1OSSL_KDF_PARAM_CEK_ALG\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cekalg (OSSL_KDF_PARAM_CEK_ALG) <UTF8 string>"
This parameter sets the \s-1CEK\s0 wrapping algorithm name.
Valid values are \*(L"\s-1AES\-128\-WRAP\*(R", \*(L"AES\-192\-WRAP\*(R", \*(L"AES\-256\-WRAP\*(R"\s0 and \*(L"\s-1DES3\-WRAP\*(R".\s0
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if \*(L"key-check\*(R"
parameter is set to 0 and the check fails.
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
A context for X942KDF can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "X942KDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an X942KDF is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 24 bytes, with the secret key \*(L"secret\*(R" and random user
keying material:
.PP
.Vb 5
\& EVP_KDF_CTX *kctx;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[192/8];
\& unsignred char ukm[64];
\& OSSL_PARAM params[5], *p = params;
\&
\& if (RAND_bytes(ukm, sizeof(ukm)) <= 0)
\& error("RAND_bytes");
\&
\& kdf = EVP_KDF_fetch(NULL, "X942KDF", NULL);
\& if (kctx == NULL)
\& error("EVP_KDF_fetch");
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\& if (kctx == NULL)
\& error("EVP_KDF_CTX_new");
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, "SHA256", 0);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM, ukm, sizeof(ukm));
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, "AES\-256\-WRAP, 0);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0)
\& error("EVP_KDF_derive");
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1ANS1 X9.42\-2003
RFC 2631\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

166
openssl-3.4.2/doc/man/man7/EVP_KDF-X942-CONCAT.7 Normal file
View File

@@ -0,0 +1,166 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-X942-CONCAT 7ossl"
.TH EVP_KDF-X942-CONCAT 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-X942\-CONCAT \- The X942 Concat EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP_KDF\-X942\-CONCAT\s0 algorithm is identical to \s-1EVP_KDF\-X963.\s0 It is
used for key agreement to derive a key using input such as a shared secret key
and shared info.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"X942KDF_CONCAT\*(R" is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.PP
This is an alias for \*(L"X963KDF\*(R".
.PP
See \s-1\fBEVP_KDF\-X963\s0\fR\|(7) for a list of supported parameters and examples.
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

270
openssl-3.4.2/doc/man/man7/EVP_KDF-X963.7 Normal file
View File

@@ -0,0 +1,270 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KDF-X963 7ossl"
.TH EVP_KDF-X963 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KDF\-X963 \- The X9.63\-2001 EVP_KDF implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP_KDF\-X963\s0 algorithm implements the key derivation function (X963KDF).
X963KDF is used by Cryptographic Message Syntax (\s-1CMS\s0) for \s-1EC\s0 KeyAgreement, to
derive a key using input such as a shared secret key and shared info.
.PP
The output is considered to be keying material.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"X963KDF\*(R" is the name for this implementation; it
can be used with the \fBEVP_KDF_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """properties"" (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_KDF_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_KDF_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_KDF_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3).
.ie n .IP """key"" (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_KDF_PARAM_KEY) <octet string>"
The shared secret used for key derivation.
This parameter sets the secret.
.ie n .IP """info"" (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.el .IP "``info'' (\fB\s-1OSSL_KDF_PARAM_INFO\s0\fR) <octet string>" 4
.IX Item "info (OSSL_KDF_PARAM_INFO) <octet string>"
This parameter specifies an optional value for shared info.
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if any \*(L"***\-check\*(R"
related parameter is set to 0 and the check fails.
.ie n .IP """digest-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <int>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_DIGEST_CHECK\s0\fR) <int>" 4
.IX Item "digest-check (OSSL_KDF_PARAM_FIPS_DIGEST_CHECK) <int>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if
used digest is not approved.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.Sp
According to \s-1ANSI X9.63\-2001,\s0 the following are approved digest algorithms:
\&\s-1SHA2\-224, SHA2\-256, SHA2\-384, SHA2\-512, SHA2\-512/224, SHA2\-512/256, SHA3\-224,
SHA3\-256, SHA3\-384, SHA3\-512.\s0
.ie n .IP """key-check"" (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KDF_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KDF_PARAM_FIPS_KEY_CHECK) <integer>"
The default value of 1 causes an error during \fBEVP_KDF_CTX_set_params()\fR if the
length of used key-derivation key (\fB\s-1OSSL_KDF_PARAM_KEY\s0\fR) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "NOTES"
.IX Header "NOTES"
X963KDF is very similar to the \s-1SSKDF\s0 that uses a digest as the auxiliary function,
X963KDF appends the counter to the secret, whereas \s-1SSKDF\s0 prepends the counter.
.PP
A context for X963KDF can be obtained by calling:
.PP
.Vb 2
\& EVP_KDF *kdf = EVP_KDF_fetch(NULL, "X963KDF", NULL);
\& EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
.Ve
.PP
The output length of an X963KDF is specified via the \fIkeylen\fR
parameter to the \fBEVP_KDF_derive\fR\|(3) function.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example derives 10 bytes, with the secret key \*(L"secret\*(R" and sharedinfo
value \*(L"label\*(R":
.PP
.Vb 4
\& EVP_KDF *kdf;
\& EVP_KDF_CTX *kctx;
\& unsigned char out[10];
\& OSSL_PARAM params[4], *p = params;
\&
\& kdf = EVP_KDF_fetch(NULL, "X963KDF", NULL);
\& kctx = EVP_KDF_CTX_new(kdf);
\& EVP_KDF_free(kdf);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
\& SN_sha256, strlen(SN_sha256));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
\& "secret", (size_t)6);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
\& "label", (size_t)5);
\& *p = OSSL_PARAM_construct_end();
\& if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
\& error("EVP_KDF_derive");
\& }
\&
\& EVP_KDF_CTX_free(kctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\*(L"\s-1SEC 1:\s0 Elliptic Curve Cryptography\*(R"
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KDF\s0\fR\|(3),
\&\fBEVP_KDF_CTX_new\fR\|(3),
\&\fBEVP_KDF_CTX_free\fR\|(3),
\&\fBEVP_KDF_CTX_set_params\fR\|(3),
\&\fBEVP_KDF_CTX_get_kdf_size\fR\|(3),
\&\fBEVP_KDF_derive\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_KDF\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

205
openssl-3.4.2/doc/man/man7/EVP_KEM-EC.7 Normal file
View File

@@ -0,0 +1,205 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEM-EC 7ossl"
.TH EVP_KEM-EC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEM\-EC
\&\- EVP_KEM EC keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1EC\s0\fR keytype and its parameters are described in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7).
See \fBEVP_PKEY_encapsulate\fR\|(3) and \fBEVP_PKEY_decapsulate\fR\|(3) for more info.
.SS "\s-1EC KEM\s0 parameters"
.IX Subsection "EC KEM parameters"
.ie n .IP """operation"" (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR)<\s-1UTF8\s0 string>" 4
.el .IP "``operation'' (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR)<\s-1UTF8\s0 string>" 4
.IX Item "operation (OSSL_KEM_PARAM_OPERATION)<UTF8 string>"
The OpenSSL \s-1EC\s0 Key Encapsulation Mechanisms only supports the
following operation:
.RS 4
.ie n .IP """\s-1DHKEM""\s0 (\fB\s-1OSSL_KEM_PARAM_OPERATION_DHKEM\s0\fR)" 4
.el .IP "``\s-1DHKEM''\s0 (\fB\s-1OSSL_KEM_PARAM_OPERATION_DHKEM\s0\fR)" 4
.IX Item "DHKEM (OSSL_KEM_PARAM_OPERATION_DHKEM)"
The encapsulate function generates an ephemeral keypair. It produces keymaterial
by doing an \s-1ECDH\s0 key exchange using the ephemeral private key and a supplied
recipient public key. A \s-1HKDF\s0 operation using the keymaterial and a kem context
then produces a shared secret. The shared secret and the ephemeral public key
are returned.
The decapsulate function uses the recipient private key and the
ephemeral public key to produce the same keymaterial, which can then be used to
produce the same shared secret.
See <https://www.rfc\-editor.org/rfc/rfc9180.html#name\-dh\-based\-kem\-dhkem>
.RE
.RS 4
.Sp
This can be set using either \fBEVP_PKEY_CTX_set_kem_op()\fR or
\&\fBEVP_PKEY_CTX_set_params()\fR.
.RE
.ie n .IP """ikme"" (\fB\s-1OSSL_KEM_PARAM_IKME\s0\fR) <octet string>" 4
.el .IP "``ikme'' (\fB\s-1OSSL_KEM_PARAM_IKME\s0\fR) <octet string>" 4
.IX Item "ikme (OSSL_KEM_PARAM_IKME) <octet string>"
Used to specify the key material used for generation of the ephemeral key.
This value should not be reused for other purposes.
It can only be used for the curves \*(L"P\-256\*(R", \*(L"P\-384\*(R" and \*(L"P\-521\*(R" and should
have a length of at least the size of the encoded private key
(i.e. 32, 48 and 66 for the listed curves).
If this value is not set, then a random ikm is used.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "\s-1RFC9180\s0" 4
.IX Item "RFC9180"
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_kem_op\fR\|(3),
\&\fBEVP_PKEY_encapsulate\fR\|(3),
\&\fBEVP_PKEY_decapsulate\fR\|(3)
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

200
openssl-3.4.2/doc/man/man7/EVP_KEM-RSA.7 Normal file
View File

@@ -0,0 +1,200 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEM-RSA 7ossl"
.TH EVP_KEM-RSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEM\-RSA
\&\- EVP_KEM RSA keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1RSA\s0\fR keytype and its parameters are described in \s-1\fBEVP_PKEY\-RSA\s0\fR\|(7).
See \fBEVP_PKEY_encapsulate\fR\|(3) and \fBEVP_PKEY_decapsulate\fR\|(3) for more info.
.SS "\s-1RSA KEM\s0 parameters"
.IX Subsection "RSA KEM parameters"
.ie n .IP """operation"" (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``operation'' (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "operation (OSSL_KEM_PARAM_OPERATION) <UTF8 string>"
The OpenSSL \s-1RSA\s0 Key Encapsulation Mechanism only currently supports the
following operation
.RS 4
.ie n .IP """\s-1RSASVE""\s0" 4
.el .IP "``\s-1RSASVE''\s0" 4
.IX Item "RSASVE"
The encapsulate function simply generates a secret using random bytes and then
encrypts the secret using the \s-1RSA\s0 public key (with no padding).
The decapsulate function recovers the secret using the \s-1RSA\s0 private key.
.RE
.RS 4
.Sp
This can be set using \fBEVP_PKEY_CTX_set_kem_op()\fR.
.RE
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KEM_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_KEM_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_KEM_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_KEM_PARAM_FIPS_KEY_CHECK) <integer>"
.PD
These parameters are described in \fBprovider\-kem\fR\|(7).
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "SP800\-56Br2" 4
.IX Item "SP800-56Br2"
Section 7.2.1.2 \s-1RSASVE\s0 Generate Operation (\s-1RSASVE.GENERATE\s0).
Section 7.2.1.3 \s-1RSASVE\s0 Recovery Operation (\s-1RSASVE.RECOVER\s0).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_kem_op\fR\|(3),
\&\fBEVP_PKEY_encapsulate\fR\|(3),
\&\fBEVP_PKEY_decapsulate\fR\|(3)
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

204
openssl-3.4.2/doc/man/man7/EVP_KEM-X25519.7 Normal file
View File

@@ -0,0 +1,204 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEM-X25519 7ossl"
.TH EVP_KEM-X25519 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEM\-X25519, EVP_KEM\-X448
\&\- EVP_KEM X25519 and EVP_KEM X448 keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBX25519\fR and <X448> keytype and its parameters are described in
\&\s-1\fBEVP_PKEY\-X25519\s0\fR\|(7).
See \fBEVP_PKEY_encapsulate\fR\|(3) and \fBEVP_PKEY_decapsulate\fR\|(3) for more info.
.SS "X25519 and X448 \s-1KEM\s0 parameters"
.IX Subsection "X25519 and X448 KEM parameters"
.ie n .IP """operation"" (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR)<\s-1UTF8\s0 string>" 4
.el .IP "``operation'' (\fB\s-1OSSL_KEM_PARAM_OPERATION\s0\fR)<\s-1UTF8\s0 string>" 4
.IX Item "operation (OSSL_KEM_PARAM_OPERATION)<UTF8 string>"
The OpenSSL X25519 and X448 Key Encapsulation Mechanisms only support the
following operation:
.RS 4
.ie n .IP """\s-1DHKEM""\s0 (\fB\s-1OSSL_KEM_PARAM_OPERATION_DHKEM\s0\fR)" 4
.el .IP "``\s-1DHKEM''\s0 (\fB\s-1OSSL_KEM_PARAM_OPERATION_DHKEM\s0\fR)" 4
.IX Item "DHKEM (OSSL_KEM_PARAM_OPERATION_DHKEM)"
The encapsulate function generates an ephemeral keypair. It produces keymaterial
by doing an X25519 or X448 key exchange using the ephemeral private key and a
supplied recipient public key. A \s-1HKDF\s0 operation using the keymaterial and a kem
context then produces a shared secret. The shared secret and the ephemeral
public key are returned.
The decapsulate function uses the recipient private key and the
ephemeral public key to produce the same keymaterial, which can then be used to
produce the same shared secret.
See <https://www.rfc\-editor.org/rfc/rfc9180.html#name\-dh\-based\-kem\-dhkem>
.RE
.RS 4
.Sp
This can be set using either \fBEVP_PKEY_CTX_set_kem_op()\fR or
\&\fBEVP_PKEY_CTX_set_params()\fR.
.RE
.ie n .IP """ikme"" (\fB\s-1OSSL_KEM_PARAM_IKME\s0\fR) <octet string>" 4
.el .IP "``ikme'' (\fB\s-1OSSL_KEM_PARAM_IKME\s0\fR) <octet string>" 4
.IX Item "ikme (OSSL_KEM_PARAM_IKME) <octet string>"
Used to specify the key material used for generation of the ephemeral key.
This value should not be reused for other purposes.
It should have a length of at least 32 for X25519, and 56 for X448.
If this value is not set, then a random ikm is used.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "\s-1RFC9180\s0" 4
.IX Item "RFC9180"
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_kem_op\fR\|(3),
\&\fBEVP_PKEY_encapsulate\fR\|(3),
\&\fBEVP_PKEY_decapsulate\fR\|(3)
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.2.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

277
openssl-3.4.2/doc/man/man7/EVP_KEYEXCH-DH.7 Normal file
View File

@@ -0,0 +1,277 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEYEXCH-DH 7ossl"
.TH EVP_KEYEXCH-DH 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEYEXCH\-DH
\&\- DH Key Exchange algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Key exchange support for the \fB\s-1DH\s0\fR and \fB\s-1DHX\s0\fR key types.
.PP
Please note that although both key types support the same key exchange
operations, they cannot be used together in a single key exchange. It
is not possible to use a private key of the \fB\s-1DH\s0\fR type in key exchange
with the public key of \fB\s-1DHX\s0\fR type and vice versa.
.SS "\s-1DH\s0 and \s-1DHX\s0 key exchange parameters"
.IX Subsection "DH and DHX key exchange parameters"
.ie n .IP """pad"" (\fB\s-1OSSL_EXCHANGE_PARAM_PAD\s0\fR) <unsigned integer>" 4
.el .IP "``pad'' (\fB\s-1OSSL_EXCHANGE_PARAM_PAD\s0\fR) <unsigned integer>" 4
.IX Item "pad (OSSL_EXCHANGE_PARAM_PAD) <unsigned integer>"
Sets the padding mode for the associated key exchange ctx.
Setting a value of 1 will turn padding on.
Setting a value of 0 will turn padding off.
If padding is off then the derived shared secret may be smaller than the
largest possible secret size.
If padding is on then the derived shared secret will have its first bytes
filled with zeros where necessary to make the shared secret the same size as
the largest possible secret size.
The padding mode parameter is ignored (and padding implicitly enabled) when
the \s-1KDF\s0 type is set to \*(L"X942KDF\-ASN1\*(R" (\fB\s-1OSSL_KDF_NAME_X942KDF_ASN1\s0\fR).
.ie n .IP """kdf-type"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-type'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-type (OSSL_EXCHANGE_PARAM_KDF_TYPE) <UTF8 string>"
.PD 0
.ie n .IP """kdf-digest"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-digest'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-digest (OSSL_EXCHANGE_PARAM_KDF_DIGEST) <UTF8 string>"
.ie n .IP """kdf-digest-props"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-digest-props'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-digest-props (OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS) <UTF8 string>"
.ie n .IP """kdf-outlen"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_OUTLEN\s0\fR) <unsigned integer>" 4
.el .IP "``kdf-outlen'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_OUTLEN\s0\fR) <unsigned integer>" 4
.IX Item "kdf-outlen (OSSL_EXCHANGE_PARAM_KDF_OUTLEN) <unsigned integer>"
.ie n .IP """kdf-ukm"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_UKM\s0\fR) <octet string>" 4
.el .IP "``kdf-ukm'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_UKM\s0\fR) <octet string>" 4
.IX Item "kdf-ukm (OSSL_EXCHANGE_PARAM_KDF_UKM) <octet string>"
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.ie n .IP """key-check"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK) <integer>"
.ie n .IP """digest-check"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK) <integer>"
.PD
See \*(L"Common Key Exchange parameters\*(R" in \fBprovider\-keyexch\fR\|(7).
.ie n .IP """cekalg"" (\fB\s-1OSSL_KDF_PARAM_CEK_ALG\s0\fR) <octet string ptr>" 4
.el .IP "``cekalg'' (\fB\s-1OSSL_KDF_PARAM_CEK_ALG\s0\fR) <octet string ptr>" 4
.IX Item "cekalg (OSSL_KDF_PARAM_CEK_ALG) <octet string ptr>"
See \*(L"\s-1KDF\s0 Parameters\*(R" in \fBprovider\-kdf\fR\|(7).
.SH "EXAMPLES"
.IX Header "EXAMPLES"
The examples assume a host and peer both generate keys using the same
named group (or domain parameters). See \*(L"Examples\*(R" in \s-1\fBEVP_PKEY\-DH\s0\fR\|(7).
Both the host and peer transfer their public key to each other.
.PP
To convert the peer's generated key pair to a public key in \s-1DER\s0 format in order
to transfer to the host:
.PP
.Vb 3
\& EVP_PKEY *peer_key; /* It is assumed this contains the peers generated key */
\& unsigned char *peer_pub_der = NULL;
\& int peer_pub_der_len;
\&
\& peer_pub_der_len = i2d_PUBKEY(peer_key, &peer_pub_der);
\& ...
\& OPENSSL_free(peer_pub_der);
.Ve
.PP
To convert the received peer's public key from \s-1DER\s0 format on the host:
.PP
.Vb 4
\& const unsigned char *pd = peer_pub_der;
\& EVP_PKEY *peer_pub_key = d2i_PUBKEY(NULL, &pd, peer_pub_der_len);
\& ...
\& EVP_PKEY_free(peer_pub_key);
.Ve
.PP
To derive a shared secret on the host using the host's key and the peer's public
key:
.PP
.Vb 8
\& /* It is assumed that the host_key and peer_pub_key are set up */
\& void derive_secret(EVP_KEY *host_key, EVP_PKEY *peer_pub_key)
\& {
\& unsigned int pad = 1;
\& OSSL_PARAM params[2];
\& unsigned char *secret = NULL;
\& size_t secret_len = 0;
\& EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
\&
\& EVP_PKEY_derive_init(dctx);
\&
\& /* Optionally set the padding */
\& params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &pad);
\& params[1] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(dctx, params);
\&
\& EVP_PKEY_derive_set_peer(dctx, peer_pub_key);
\&
\& /* Get the size by passing NULL as the buffer */
\& EVP_PKEY_derive(dctx, NULL, &secret_len);
\& secret = OPENSSL_zalloc(secret_len);
\&
\& EVP_PKEY_derive(dctx, secret, &secret_len);
\& ...
\& OPENSSL_clear_free(secret, secret_len);
\& EVP_PKEY_CTX_free(dctx);
\& }
.Ve
.PP
Very similar code can be used by the peer to derive the same shared secret
using the host's public key and the peer's generated key pair.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-DH\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\-FFC\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keyexch\fR\|(7),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

269
openssl-3.4.2/doc/man/man7/EVP_KEYEXCH-ECDH.7 Normal file
View File

@@ -0,0 +1,269 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEYEXCH-ECDH 7ossl"
.TH EVP_KEYEXCH-ECDH 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEYEXCH\-ECDH \- ECDH Key Exchange algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Key exchange support for the \fB\s-1ECDH\s0\fR key type.
.SS "\s-1ECDH\s0 Key Exchange parameters"
.IX Subsection "ECDH Key Exchange parameters"
.ie n .IP """ecdh-cofactor-mode"" (\fB\s-1OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE\s0\fR) <integer>" 4
.el .IP "``ecdh-cofactor-mode'' (\fB\s-1OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE\s0\fR) <integer>" 4
.IX Item "ecdh-cofactor-mode (OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE) <integer>"
Sets or gets the \s-1ECDH\s0 mode of operation for the associated key exchange ctx.
.Sp
In the context of an Elliptic Curve Diffie-Hellman key exchange, this parameter
can be used to select between the plain Diffie-Hellman (\s-1DH\s0) or Cofactor
Diffie-Hellman (\s-1CDH\s0) variants of the key exchange algorithm.
.Sp
When setting, the value should be 1, 0 or \-1, respectively forcing cofactor mode
on, off, or resetting it to the default for the private key associated with the
given key exchange ctx.
.Sp
When getting, the value should be either 1 or 0, respectively signaling if the
cofactor mode is on or off.
.Sp
See also \fBprovider\-keymgmt\fR\|(7) for the related
\&\fB\s-1OSSL_PKEY_PARAM_USE_COFACTOR_ECDH\s0\fR parameter that can be set on a
per-key basis.
.ie n .IP """kdf-type"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-type'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-type (OSSL_EXCHANGE_PARAM_KDF_TYPE) <UTF8 string>"
.PD 0
.ie n .IP """kdf-digest"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-digest'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-digest (OSSL_EXCHANGE_PARAM_KDF_DIGEST) <UTF8 string>"
.ie n .IP """kdf-digest-props"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``kdf-digest-props'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "kdf-digest-props (OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS) <UTF8 string>"
.ie n .IP """kdf-outlen"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_OUTLEN\s0\fR) <unsigned integer>" 4
.el .IP "``kdf-outlen'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_OUTLEN\s0\fR) <unsigned integer>" 4
.IX Item "kdf-outlen (OSSL_EXCHANGE_PARAM_KDF_OUTLEN) <unsigned integer>"
.ie n .IP """kdf-ukm"" (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_UKM\s0\fR) <octet string>" 4
.el .IP "``kdf-ukm'' (\fB\s-1OSSL_EXCHANGE_PARAM_KDF_UKM\s0\fR) <octet string>" 4
.IX Item "kdf-ukm (OSSL_EXCHANGE_PARAM_KDF_UKM) <octet string>"
.PD
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK) <integer>"
.ie n .IP """digest-check"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK) <integer>"
.PD
See \*(L"Common Key Exchange parameters\*(R" in \fBprovider\-keyexch\fR\|(7).
.ie n .IP """ecdh-cofactor-check"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK\s0\fR) <integer>" 4
.el .IP "``ecdh-cofactor-check'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK\s0\fR) <integer>" 4
.IX Item "ecdh-cofactor-check (OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK) <integer>"
If required this parameter should before \fBOSSL_FUNC_keyexch_derive()\fR.
The default value of 1 causes an error during the OSSL_FUNC_keyexch_derive if
the \s-1EC\s0 curve has a cofactor that is not 1, and the cofactor is not used.
Setting this to 0 will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Examples of key agreement can be found in demos/keyexch.
.PP
Keys for the host and peer must be generated as shown in
\&\*(L"Examples\*(R" in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) using the same curve name.
.PP
The code to generate a shared secret for the normal case is identical to
\&\*(L"Examples\*(R" in \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7).
.PP
To derive a shared secret on the host using the host's key and the peer's public
key but also using X963KDF with a user key material:
.PP
.Vb 10
\& /* It is assumed that the host_key, peer_pub_key and ukm are set up */
\& void derive_secret(EVP_PKEY *host_key, EVP_PKEY *peer_key,
\& unsigned char *ukm, size_t ukm_len)
\& {
\& unsigned char secret[64];
\& size_t out_len = sizeof(secret);
\& size_t secret_len = out_len;
\& unsigned int pad = 1;
\& OSSL_PARAM params[6];
\& EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
\&
\& EVP_PKEY_derive_init(dctx);
\&
\& params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &pad);
\& params[1] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
\& "X963KDF", 0);
\& params[2] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
\& "SHA1", 0);
\& params[3] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
\& &out_len);
\& params[4] = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,
\& ukm, ukm_len);
\& params[5] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(dctx, params);
\&
\& EVP_PKEY_derive_set_peer(dctx, peer_pub_key);
\& EVP_PKEY_derive(dctx, secret, &secret_len);
\& ...
\& OPENSSL_clear_free(secret, secret_len);
\& EVP_PKEY_CTX_free(dctx);
\& }
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-EC\s0\fR\|(7)
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keyexch\fR\|(7),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

185
openssl-3.4.2/doc/man/man7/EVP_KEYEXCH-X25519.7 Normal file
View File

@@ -0,0 +1,185 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_KEYEXCH-X25519 7ossl"
.TH EVP_KEYEXCH-X25519 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_KEYEXCH\-X25519,
EVP_KEYEXCH\-X448
\&\- X25519 and X448 Key Exchange algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Key exchange support for the \fBX25519\fR and \fBX448\fR key types.
.SS "Key exchange parameters"
.IX Subsection "Key exchange parameters"
.ie n .IP """pad"" (\fB\s-1OSSL_EXCHANGE_PARAM_PAD\s0\fR) <unsigned integer>" 4
.el .IP "``pad'' (\fB\s-1OSSL_EXCHANGE_PARAM_PAD\s0\fR) <unsigned integer>" 4
.IX Item "pad (OSSL_EXCHANGE_PARAM_PAD) <unsigned integer>"
.PD 0
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD
\&\fBX25519\fR and \fBX448\fR are not \s-1FIPS\s0 approved in \s-1FIPS 140\-3.\s0
So this getter will return 0.
.Sp
See \*(L"Common Key Exchange parameters\*(R" in \fBprovider\-keyexch\fR\|(7).
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Keys for the host and peer can be generated as shown in
\&\*(L"Examples\*(R" in \s-1\fBEVP_PKEY\-X25519\s0\fR\|(7).
.PP
The code to generate a shared secret is identical to
\&\*(L"Examples\*(R" in \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-FFC\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\-DH\s0\fR\|(7)
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keyexch\fR\|(7),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

216
openssl-3.4.2/doc/man/man7/EVP_MAC-BLAKE2.7 Normal file
View File

@@ -0,0 +1,216 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-BLAKE2 7ossl"
.TH EVP_MAC-BLAKE2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-BLAKE2, EVP_MAC\-BLAKE2BMAC, EVP_MAC\-BLAKE2SMAC
\&\- The BLAKE2 EVP_MAC implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1BLAKE2\s0 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
These implementations are identified with one of these names and
properties, to be used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1BLAKE2BMAC"",\s0 ""provider=default""" 4
.el .IP "``\s-1BLAKE2BMAC'',\s0 ``provider=default''" 4
.IX Item "BLAKE2BMAC, provider=default"
.PD 0
.ie n .IP """\s-1BLAKE2SMAC"",\s0 ""provider=default""" 4
.el .IP "``\s-1BLAKE2SMAC'',\s0 ``provider=default''" 4
.IX Item "BLAKE2SMAC, provider=default"
.PD
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
All these parameters (except for \*(L"block-size\*(R") can be set with
\&\fBEVP_MAC_CTX_set_params()\fR.
Furthermore, the \*(L"size\*(R" parameter can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR, or with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter should not exceed that of a \fBsize_t\fR.
Likewise, the \*(L"block-size\*(R" parameter can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR, or with \fBEVP_MAC_CTX_get_block_size()\fR.
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
It may be at most 64 bytes for \s-1BLAKE2BMAC\s0 or 32 for \s-1BLAKE2SMAC\s0 and at
least 1 byte in both cases.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.ie n .IP """custom"" (\fB\s-1OSSL_MAC_PARAM_CUSTOM\s0\fR) <octet string>" 4
.el .IP "``custom'' (\fB\s-1OSSL_MAC_PARAM_CUSTOM\s0\fR) <octet string>" 4
.IX Item "custom (OSSL_MAC_PARAM_CUSTOM) <octet string>"
Sets the customization/personalization string.
It is an optional value of at most 16 bytes for \s-1BLAKE2BMAC\s0 or 8 for
\&\s-1BLAKE2SMAC,\s0 and is empty by default.
.ie n .IP """salt"" (\fB\s-1OSSL_MAC_PARAM_SALT\s0\fR) <octet string>" 4
.el .IP "``salt'' (\fB\s-1OSSL_MAC_PARAM_SALT\s0\fR) <octet string>" 4
.IX Item "salt (OSSL_MAC_PARAM_SALT) <octet string>"
Sets the salt.
It is an optional value of at most 16 bytes for \s-1BLAKE2BMAC\s0 or 8 for
\&\s-1BLAKE2SMAC,\s0 and is empty by default.
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
Sets the \s-1MAC\s0 size.
It can be any number between 1 and 32 for \s-1EVP_MAC_BLAKE2S\s0 or between 1
and 64 for \s-1EVP_MAC_BLAKE2B.\s0
It is 32 and 64 respectively by default.
.ie n .IP """block-size"" (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``block-size'' (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "block-size (OSSL_MAC_PARAM_BLOCK_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 block size.
It is 64 for \s-1EVP_MAC_BLAKE2S\s0 and 128 for \s-1EVP_MAC_BLAKE2B.\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
The macros and functions described here were added to OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

222
openssl-3.4.2/doc/man/man7/EVP_MAC-CMAC.7 Normal file
View File

@@ -0,0 +1,222 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-CMAC 7ossl"
.TH EVP_MAC-CMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-CMAC \- The CMAC EVP_MAC implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1CMAC\s0 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.PP
This implementation uses \s-1EVP_CIPHER\s0 functions to get access to the underlying
cipher.
.SS "Identity"
.IX Subsection "Identity"
This implementation is identified with this name and properties, to be
used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1CMAC"",\s0 ""provider=default"" or ""provider=fips""" 4
.el .IP "``\s-1CMAC'',\s0 ``provider=default'' or ``provider=fips''" 4
.IX Item "CMAC, provider=default or provider=fips"
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
The following parameter can be set with \fBEVP_MAC_CTX_set_params()\fR:
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.ie n .IP """cipher"" (\fB\s-1OSSL_MAC_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_MAC_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_MAC_PARAM_CIPHER) <UTF8 string>"
Sets the name of the underlying cipher to be used. The mode of the cipher
must be \s-1CBC.\s0
.ie n .IP """properties"" (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_MAC_PARAM_PROPERTIES) <UTF8 string>"
Sets the properties to be queried when trying to fetch the underlying cipher.
This must be given together with the cipher naming parameter to be considered
valid.
.ie n .IP """encrypt-check"" (\fB\s-1OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK\s0\fR) <integer>" 4
.el .IP "``encrypt-check'' (\fB\s-1OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK\s0\fR) <integer>" 4
.IX Item "encrypt-check (OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK) <integer>"
This option is used by the OpenSSL \s-1FIPS\s0 provider.
If required this parameter should be set before \fBEVP_MAC_init()\fR
.Sp
The default value of 1 causes an error when a unapproved Triple-DES encryption
operation is triggered.
Setting this to 0 will ignore the error and set the approved
\&\*(L"fips-indicator\*(R" to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.PP
The following parameters can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR:
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
The \*(L"size\*(R" parameter can also be retrieved with with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter is equal to that of an \fBunsigned int\fR.
.ie n .IP """block-size"" (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``block-size'' (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "block-size (OSSL_MAC_PARAM_BLOCK_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 block size. The \*(L"block-size\*(R" parameter can also be retrieved with
\&\fBEVP_MAC_CTX_get_block_size()\fR.
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
This option is used by the OpenSSL \s-1FIPS\s0 provider.
.Sp
A getter that returns 1 if the operation is \s-1FIPS\s0 approved, or 0 otherwise.
This may be used after calling \fBEVP_MAC_final()\fR.
It may return 0 if the \*(L"encrypt-check\*(R" option is set to 0.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

202
openssl-3.4.2/doc/man/man7/EVP_MAC-GMAC.7 Normal file
View File

@@ -0,0 +1,202 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-GMAC 7ossl"
.TH EVP_MAC-GMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-GMAC \- The GMAC EVP_MAC implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1GMAC\s0 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.PP
This implementation uses \s-1EVP_CIPHER\s0 functions to get access to the underlying
cipher.
.SS "Identity"
.IX Subsection "Identity"
This implementation is identified with this name and properties, to be
used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1GMAC"",\s0 ""provider=default"" or ""provider=fips""" 4
.el .IP "``\s-1GMAC'',\s0 ``provider=default'' or ``provider=fips''" 4
.IX Item "GMAC, provider=default or provider=fips"
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
The following parameter can be set with \fBEVP_MAC_CTX_set_params()\fR:
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.ie n .IP """iv"" (\fB\s-1OSSL_MAC_PARAM_IV\s0\fR) <octet string>" 4
.el .IP "``iv'' (\fB\s-1OSSL_MAC_PARAM_IV\s0\fR) <octet string>" 4
.IX Item "iv (OSSL_MAC_PARAM_IV) <octet string>"
Sets the \s-1IV\s0 of the underlying cipher, when applicable.
.ie n .IP """cipher"" (\fB\s-1OSSL_MAC_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_MAC_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_MAC_PARAM_CIPHER) <UTF8 string>"
Sets the name of the underlying cipher to be used.
.ie n .IP """properties"" (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_MAC_PARAM_PROPERTIES) <UTF8 string>"
Sets the properties to be queried when trying to fetch the underlying cipher.
This must be given together with the cipher naming parameter to be considered
valid.
.PP
The following parameters can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR:
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 size.
.PP
The \*(L"size\*(R" parameter can also be retrieved with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter is equal to that of an \fBunsigned int\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

228
openssl-3.4.2/doc/man/man7/EVP_MAC-HMAC.7 Normal file
View File

@@ -0,0 +1,228 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-HMAC 7ossl"
.TH EVP_MAC-HMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-HMAC \- The HMAC EVP_MAC implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1HMAC\s0 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.PP
This implementation uses \s-1EVP_MD\s0 functions to get access to the underlying
digest.
.SS "Identity"
.IX Subsection "Identity"
This implementation is identified with this name and properties, to be
used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1HMAC"",\s0 ""provider=default"" or ""provider=fips""" 4
.el .IP "``\s-1HMAC'',\s0 ``provider=default'' or ``provider=fips''" 4
.IX Item "HMAC, provider=default or provider=fips"
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
The following parameters can be set with \fBEVP_MAC_CTX_set_params()\fR:
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.ie n .IP """digest"" (\fB\s-1OSSL_MAC_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_MAC_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_MAC_PARAM_DIGEST) <UTF8 string>"
Sets the name of the underlying digest to be used.
.ie n .IP """properties"" (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_MAC_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_MAC_PARAM_PROPERTIES) <UTF8 string>"
Sets the properties to be queried when trying to fetch the underlying digest.
This must be given together with the digest naming parameter (\*(L"digest\*(R", or
\&\fB\s-1OSSL_MAC_PARAM_DIGEST\s0\fR) to be considered valid.
.ie n .IP """digest-noinit"" (\fB\s-1OSSL_MAC_PARAM_DIGEST_NOINIT\s0\fR) <integer>" 4
.el .IP "``digest-noinit'' (\fB\s-1OSSL_MAC_PARAM_DIGEST_NOINIT\s0\fR) <integer>" 4
.IX Item "digest-noinit (OSSL_MAC_PARAM_DIGEST_NOINIT) <integer>"
A flag to set the \s-1MAC\s0 digest to not initialise the implementation
specific data.
The value 0 or 1 is expected.
This option is deprecated and will be removed in a future release.
It may be set but is currently ignored
.ie n .IP """digest-oneshot"" (\fB\s-1OSSL_MAC_PARAM_DIGEST_ONESHOT\s0\fR) <integer>" 4
.el .IP "``digest-oneshot'' (\fB\s-1OSSL_MAC_PARAM_DIGEST_ONESHOT\s0\fR) <integer>" 4
.IX Item "digest-oneshot (OSSL_MAC_PARAM_DIGEST_ONESHOT) <integer>"
A flag to set the \s-1MAC\s0 digest to be a one-shot operation.
The value 0 or 1 is expected.
This option is deprecated and will be removed in a future release.
It may be set but is currently ignored.
.ie n .IP """tls-data-size"" (\fB\s-1OSSL_MAC_PARAM_TLS_DATA_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``tls-data-size'' (\fB\s-1OSSL_MAC_PARAM_TLS_DATA_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "tls-data-size (OSSL_MAC_PARAM_TLS_DATA_SIZE) <unsigned integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_MAC_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_MAC_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_MAC_PARAM_FIPS_KEY_CHECK) <integer>"
.PD
See \*(L"Mac Parameters\*(R" in \fBprovider\-mac\fR\|(7).
.PP
The following parameters can be retrieved with \fBEVP_MAC_CTX_get_params()\fR:
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
The \*(L"size\*(R" parameter can also be retrieved with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter is equal to that of an \fBunsigned int\fR.
.ie n .IP """block-size"" (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``block-size'' (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "block-size (OSSL_MAC_PARAM_BLOCK_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 block size. The \*(L"block-size\*(R" parameter can also be retrieved with
\&\fBEVP_MAC_CTX_get_block_size()\fR.
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
See \*(L"Mac Parameters\*(R" in \fBprovider\-mac\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3), \s-1\fBHMAC\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

296
openssl-3.4.2/doc/man/man7/EVP_MAC-KMAC.7 Normal file
View File

@@ -0,0 +1,296 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-KMAC 7ossl"
.TH EVP_MAC-KMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-KMAC, EVP_MAC\-KMAC128, EVP_MAC\-KMAC256
\&\- The KMAC EVP_MAC implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1KMAC\s0 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
These implementations are identified with one of these names and
properties, to be used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1KMAC\-128"",\s0 ""provider=default"" or ""provider=fips""" 4
.el .IP "``\s-1KMAC\-128'',\s0 ``provider=default'' or ``provider=fips''" 4
.IX Item "KMAC-128, provider=default or provider=fips"
.PD 0
.ie n .IP """\s-1KMAC\-256"",\s0 ""provider=default"" or ""provider=fips""" 4
.el .IP "``\s-1KMAC\-256'',\s0 ``provider=default'' or ``provider=fips''" 4
.IX Item "KMAC-256, provider=default or provider=fips"
.PD
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
All these parameters (except for \*(L"block-size\*(R") can be set with
\&\fBEVP_MAC_CTX_set_params()\fR.
Furthermore, the \*(L"size\*(R" parameter can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR, or with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter should not exceed that of a \fBsize_t\fR.
Likewise, the \*(L"block-size\*(R" parameter can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR, or with \fBEVP_MAC_CTX_get_block_size()\fR.
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
The length of the key (in bytes) must be in the range 4...512.
.ie n .IP """custom"" (\fB\s-1OSSL_MAC_PARAM_CUSTOM\s0\fR) <octet string>" 4
.el .IP "``custom'' (\fB\s-1OSSL_MAC_PARAM_CUSTOM\s0\fR) <octet string>" 4
.IX Item "custom (OSSL_MAC_PARAM_CUSTOM) <octet string>"
Sets the customization string.
It is an optional value with a length of at most 512 bytes, and is
empty by default.
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
Sets the \s-1MAC\s0 size.
By default, it is 32 for \f(CW\*(C`KMAC\-128\*(C'\fR and 64 for \f(CW\*(C`KMAC\-256\*(C'\fR.
.ie n .IP """block-size"" (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``block-size'' (\fB\s-1OSSL_MAC_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "block-size (OSSL_MAC_PARAM_BLOCK_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 block size.
It is 168 for \f(CW\*(C`KMAC\-128\*(C'\fR and 136 for \f(CW\*(C`KMAC\-256\*(C'\fR.
.ie n .IP """xof"" (\fB\s-1OSSL_MAC_PARAM_XOF\s0\fR) <integer>" 4
.el .IP "``xof'' (\fB\s-1OSSL_MAC_PARAM_XOF\s0\fR) <integer>" 4
.IX Item "xof (OSSL_MAC_PARAM_XOF) <integer>"
The \*(L"xof\*(R" parameter value is expected to be 1 or 0. Use 1 to enable \s-1XOF\s0 mode.
The default value is 0.
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_MAC_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <int>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_MAC_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <int>" 4
.IX Item "fips-indicator (OSSL_MAC_PARAM_FIPS_APPROVED_INDICATOR) <int>"
This settable parameter is described in \fBprovider\-mac\fR\|(7).
.ie n .IP """no-short-mac"" (\fB\s-1OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC\s0\fR) <integer>" 4
.el .IP "``no-short-mac'' (\fB\s-1OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC\s0\fR) <integer>" 4
.IX Item "no-short-mac (OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC) <integer>"
This settable parameter is described in \fBprovider\-mac\fR\|(7). It is used by
the OpenSSL \s-1FIPS\s0 provider and the minimum length output for \s-1KMAC\s0
is defined by \s-1NIST\s0's \s-1SP 800\-185 8.4.2.\s0
.ie n .IP """key-check"" (\fB\s-1OSSL_MAC_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_MAC_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_MAC_PARAM_FIPS_KEY_CHECK) <integer>"
This settable parameter is described in \fBprovider\-mac\fR\|(7).
.PP
The \*(L"custom\*(R" and \*(L"no-short-mac\*(R" parameters must be set as part of or before
the \fBEVP_MAC_init()\fR call.
The \*(L"xof\*(R" and \*(L"size\*(R" parameters can be set at any time before \fBEVP_MAC_final()\fR.
The \*(L"key\*(R" parameter is set as part of the \fBEVP_MAC_init()\fR call, but can be
set before it instead.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 2
\& #include <openssl/evp.h>
\& #include <openssl/params.h>
\&
\& static int do_kmac(const unsigned char *in, size_t in_len,
\& const unsigned char *key, size_t key_len,
\& const unsigned char *custom, size_t custom_len,
\& int xof_enabled, unsigned char *out, int out_len)
\& {
\& EVP_MAC_CTX *ctx = NULL;
\& EVP_MAC *mac = NULL;
\& OSSL_PARAM params[4], *p;
\& int ret = 0;
\& size_t l = 0;
\&
\& mac = EVP_MAC_fetch(NULL, "KMAC\-128", NULL);
\& if (mac == NULL)
\& goto err;
\& ctx = EVP_MAC_CTX_new(mac);
\& /* The mac can be freed after it is used by EVP_MAC_CTX_new */
\& EVP_MAC_free(mac);
\& if (ctx == NULL)
\& goto err;
\&
\& /*
\& * Setup parameters required before calling EVP_MAC_init()
\& * The parameters OSSL_MAC_PARAM_XOF and OSSL_MAC_PARAM_SIZE may also be
\& * used at this point.
\& */
\& p = params;
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
\& (void *)key, key_len);
\& if (custom != NULL && custom_len != 0)
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM,
\& (void *)custom, custom_len);
\& *p = OSSL_PARAM_construct_end();
\& if (!EVP_MAC_CTX_set_params(ctx, params))
\& goto err;
\&
\& if (!EVP_MAC_init(ctx))
\& goto err;
\&
\& /*
\& * Note: the following optional parameters can be set any time
\& * before EVP_MAC_final().
\& */
\& p = params;
\& *p++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof_enabled);
\& *p++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_SIZE, &out_len);
\& *p = OSSL_PARAM_construct_end();
\& if (!EVP_MAC_CTX_set_params(ctx, params))
\& goto err;
\&
\& /* The update may be called multiple times here for streamed input */
\& if (!EVP_MAC_update(ctx, in, in_len))
\& goto err;
\& if (!EVP_MAC_final(ctx, out, &l, out_len))
\& goto err;
\& ret = 1;
\& err:
\& EVP_MAC_CTX_free(ctx);
\& return ret;
\& }
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3),
\&\s-1SP 800\-185 8.4.2\s0 <https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf>
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

191
openssl-3.4.2/doc/man/man7/EVP_MAC-Poly1305.7 Normal file
View File

@@ -0,0 +1,191 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-POLY1305 7ossl"
.TH EVP_MAC-POLY1305 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-Poly1305 \- The Poly1305 EVP_MAC implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing Poly1305 MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is identified with this name and properties, to be
used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1POLY1305"",\s0 ""provider=default""" 4
.el .IP "``\s-1POLY1305'',\s0 ``provider=default''" 4
.IX Item "POLY1305, provider=default"
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
The following parameter can be set with \fBEVP_MAC_CTX_set_params()\fR:
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.PP
The following parameters can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR:
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
Gets the \s-1MAC\s0 size.
.PP
The \*(L"size\*(R" parameter can also be retrieved with with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter should not exceed that of an \fBunsigned int\fR.
.SH "NOTES"
.IX Header "NOTES"
The OpenSSL implementation of the Poly 1305 \s-1MAC\s0 corresponds to \s-1RFC 7539.\s0
.PP
It is critical to never reuse the key. The security implication noted in
\&\s-1RFC 8439\s0 applies equally to the OpenSSL implementation.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

190
openssl-3.4.2/doc/man/man7/EVP_MAC-Siphash.7 Normal file
View File

@@ -0,0 +1,190 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MAC-SIPHASH 7ossl"
.TH EVP_MAC-SIPHASH 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MAC\-Siphash \- The Siphash EVP_MAC implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing Siphash MACs through the \fB\s-1EVP_MAC\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is identified with this name and properties, to be
used with \fBEVP_MAC_fetch()\fR:
.ie n .IP """\s-1SIPHASH"",\s0 ""provider=default""" 4
.el .IP "``\s-1SIPHASH'',\s0 ``provider=default''" 4
.IX Item "SIPHASH, provider=default"
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The general description of these parameters can be found in
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3).
.PP
All these parameters can be set with \fBEVP_MAC_CTX_set_params()\fR.
Furthermore, the \*(L"size\*(R" parameter can be retrieved with
\&\fBEVP_MAC_CTX_get_params()\fR, or with \fBEVP_MAC_CTX_get_mac_size()\fR.
The length of the \*(L"size\*(R" parameter should not exceed that of a \fBsize_t\fR.
.ie n .IP """key"" (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.el .IP "``key'' (\fB\s-1OSSL_MAC_PARAM_KEY\s0\fR) <octet string>" 4
.IX Item "key (OSSL_MAC_PARAM_KEY) <octet string>"
Sets the \s-1MAC\s0 key.
Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3).
.ie n .IP """size"" (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_MAC_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_MAC_PARAM_SIZE) <unsigned integer>"
Sets the \s-1MAC\s0 size.
.ie n .IP """c\-rounds"" (\fB\s-1OSSL_MAC_PARAM_C_ROUNDS\s0\fR) <unsigned integer>" 4
.el .IP "``c\-rounds'' (\fB\s-1OSSL_MAC_PARAM_C_ROUNDS\s0\fR) <unsigned integer>" 4
.IX Item "c-rounds (OSSL_MAC_PARAM_C_ROUNDS) <unsigned integer>"
Specifies the number of rounds per message block. By default this is \fI2\fR.
.ie n .IP """d\-rounds"" (\fB\s-1OSSL_MAC_PARAM_D_ROUNDS\s0\fR) <unsigned integer>" 4
.el .IP "``d\-rounds'' (\fB\s-1OSSL_MAC_PARAM_D_ROUNDS\s0\fR) <unsigned integer>" 4
.IX Item "d-rounds (OSSL_MAC_PARAM_D_ROUNDS) <unsigned integer>"
Specifies the number of finalisation rounds. By default this is \fI4\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_MAC\s0\fR\|(3), \s-1\fBOSSL_PARAM\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

198
openssl-3.4.2/doc/man/man7/EVP_MD-BLAKE2.7 Normal file
View File

@@ -0,0 +1,198 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-BLAKE2 7ossl"
.TH EVP_MD-BLAKE2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-BLAKE2 \- The BLAKE2 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1BLAKE2\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation is only available with the default provider, and
includes the following varieties:
.IP "\s-1BLAKE2S\-256\s0" 4
.IX Item "BLAKE2S-256"
Known names are \*(L"\s-1BLAKE2S\-256\*(R"\s0 and \*(L"BLAKE2s256\*(R".
.IP "\s-1BLAKE2B\-512\s0" 4
.IX Item "BLAKE2B-512"
Known names are \*(L"\s-1BLAKE2B\-512\*(R"\s0 and \*(L"BLAKE2b512\*(R".
.SS "Settable Parameters"
.IX Subsection "Settable Parameters"
\&\*(L"\s-1BLAKE2B\-512\*(R"\s0 supports the following \fBEVP_MD_CTX_set_params()\fR key
described in \*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3).
.ie n .IP """size"" (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_DIGEST_PARAM_SIZE) <unsigned integer>"
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SS "Settable Context Parameters"
.IX Subsection "Settable Context Parameters"
The implementation supports the following \s-1\fBOSSL_PARAM\s0\fR\|(3) entries which
are settable for an \fB\s-1EVP_MD_CTX\s0\fR with \fBEVP_DigestInit_ex2\fR\|(3) or
\&\fBEVP_MD_CTX_set_params\fR\|(3):
.ie n .IP """size"" (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_DIGEST_PARAM_SIZE) <unsigned integer>"
Sets a different digest length for the \fBEVP_DigestFinal\fR\|(3) output.
The value of the \*(L"size\*(R" parameter must not exceed the default digest length
of the respective \s-1BLAKE2\s0 algorithm variants, 64 for \s-1BLAKE2B\-512\s0 and
32 for \s-1BLAKE2S\-256.\s0 The parameter must be set with the
\&\fBEVP_DigestInit_ex2\fR\|(3) call to have an immediate effect. When set with
\&\fBEVP_MD_CTX_set_params\fR\|(3) it will have an effect only if the \fB\s-1EVP_MD_CTX\s0\fR
context is reinitialized.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.PP
The variable size support was added in OpenSSL 3.2 for \s-1BLAKE2B\-512\s0 and
in OpenSSL 3.3 for \s-1BLAKE2S\-256.\s0
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

178
openssl-3.4.2/doc/man/man7/EVP_MD-KECCAK.7 Normal file
View File

@@ -0,0 +1,178 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-KECCAK 7ossl"
.TH EVP_MD-KECCAK 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-KECCAK \- The KECCAK EVP_MD implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1KECCAK\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation is available in the default provider and
includes the following varieties:
.ie n .IP """\s-1KECCAK\-224""\s0" 4
.el .IP "``\s-1KECCAK\-224''\s0" 4
.IX Item "KECCAK-224"
.PD 0
.ie n .IP """\s-1KECCAK\-256""\s0" 4
.el .IP "``\s-1KECCAK\-256''\s0" 4
.IX Item "KECCAK-256"
.ie n .IP """\s-1KECCAK\-384""\s0" 4
.el .IP "``\s-1KECCAK\-384''\s0" 4
.IX Item "KECCAK-384"
.ie n .IP """\s-1KECCAK\-512""\s0" 4
.el .IP "``\s-1KECCAK\-512''\s0" 4
.IX Item "KECCAK-512"
.PD
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

164
openssl-3.4.2/doc/man/man7/EVP_MD-MD2.7 Normal file
View File

@@ -0,0 +1,164 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-MD2 7ossl"
.TH EVP_MD-MD2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-MD2 \- The MD2 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1MD2\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the legacy provider, and is
identified with the name \*(L"\s-1MD2\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

164
openssl-3.4.2/doc/man/man7/EVP_MD-MD4.7 Normal file
View File

@@ -0,0 +1,164 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-MD4 7ossl"
.TH EVP_MD-MD4 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-MD4 \- The MD4 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1MD4\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the legacy provider, and is
identified with the name \*(L"\s-1MD4\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

181
openssl-3.4.2/doc/man/man7/EVP_MD-MD5-SHA1.7 Normal file
View File

@@ -0,0 +1,181 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-MD5-SHA1 7ossl"
.TH EVP_MD-MD5-SHA1 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-MD5\-SHA1 \- The MD5\-SHA1 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1MD5\-SHA1\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.PP
\&\s-1MD5\-SHA1\s0 is a rather special digest that's used with SSLv3.
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the default provider, and is
identified with the name \*(L"\s-1MD5\-SHA1\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SS "Settable Context Parameters"
.IX Subsection "Settable Context Parameters"
This implementation supports the following \s-1\fBOSSL_PARAM\s0\fR\|(3) entries,
settable for an \fB\s-1EVP_MD_CTX\s0\fR with \fBEVP_MD_CTX_set_params\fR\|(3):
.ie n .IP """ssl3\-ms"" (\fB\s-1OSSL_DIGEST_PARAM_SSL3_MS\s0\fR) <octet string>" 4
.el .IP "``ssl3\-ms'' (\fB\s-1OSSL_DIGEST_PARAM_SSL3_MS\s0\fR) <octet string>" 4
.IX Item "ssl3-ms (OSSL_DIGEST_PARAM_SSL3_MS) <octet string>"
This parameter is set by libssl in order to calculate a signature hash for an
SSLv3 CertificateVerify message as per \s-1RFC6101.\s0
It is only set after all handshake messages have already been digested via
\&\fBOP_digest_update()\fR calls.
The parameter provides the master secret value to be added to the digest.
The digest implementation should calculate the complete digest as per \s-1RFC6101\s0
section 5.6.8.
The next call after setting this parameter should be \fBOP_digest_final()\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MD_CTX_set_params\fR\|(3), \fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

164
openssl-3.4.2/doc/man/man7/EVP_MD-MD5.7 Normal file
View File

@@ -0,0 +1,164 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-MD5 7ossl"
.TH EVP_MD-MD5 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-MD5 \- The MD5 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1MD5\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the default provider, and is
identified with the name \*(L"\s-1MD5\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

175
openssl-3.4.2/doc/man/man7/EVP_MD-MDC2.7 Normal file
View File

@@ -0,0 +1,175 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-MDC2 7ossl"
.TH EVP_MD-MDC2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-MDC2 \- The MDC2 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1MDC2\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the legacy provider, and is
identified with the name \*(L"\s-1MDC2\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SS "Settable Context Parameters"
.IX Subsection "Settable Context Parameters"
This implementation supports the following \s-1\fBOSSL_PARAM\s0\fR\|(3) entries,
settable for an \fB\s-1EVP_MD_CTX\s0\fR with \fBEVP_MD_CTX_set_params\fR\|(3):
.ie n .IP """pad-type"" (\fB\s-1OSSL_DIGEST_PARAM_PAD_TYPE\s0\fR) <unsigned integer>" 4
.el .IP "``pad-type'' (\fB\s-1OSSL_DIGEST_PARAM_PAD_TYPE\s0\fR) <unsigned integer>" 4
.IX Item "pad-type (OSSL_DIGEST_PARAM_PAD_TYPE) <unsigned integer>"
Sets the padding type to be used.
Normally the final \s-1MDC2\s0 block is padded with zeros.
If the pad type is set to 2 then the final block is padded with 0x80 followed by
zeros.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MD_CTX_set_params\fR\|(3), \fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

169
openssl-3.4.2/doc/man/man7/EVP_MD-NULL.7 Normal file
View File

@@ -0,0 +1,169 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-NULL 7ossl"
.TH EVP_MD-NULL 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-NULL \- The NULL EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for a \s-1NULL\s0 digest through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
This algorithm does nothing and returns 1 for its init,
update and final methods.
.SS "Algorithm Name"
.IX Subsection "Algorithm Name"
The following algorithm is available in the default provider:
.ie n .IP """\s-1NULL""\s0" 4
.el .IP "``\s-1NULL''\s0" 4
.IX Item "NULL"
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MD_CTX_set_params\fR\|(3), \fBprovider\-digest\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

168
openssl-3.4.2/doc/man/man7/EVP_MD-RIPEMD160.7 Normal file
View File

@@ -0,0 +1,168 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-RIPEMD160 7ossl"
.TH EVP_MD-RIPEMD160 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-RIPEMD160 \- The RIPEMD160 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1RIPEMD160\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation is available in both the default and legacy providers, and is
identified with any of the names \*(L"\s-1RIPEMD\-160\*(R", \*(L"RIPEMD160\*(R", \*(L"RIPEMD\*(R"\s0 and
\&\*(L"\s-1RMD160\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This digest was added to the default provider in OpenSSL 3.0.7.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

180
openssl-3.4.2/doc/man/man7/EVP_MD-SHA1.7 Normal file
View File

@@ -0,0 +1,180 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-SHA1 7ossl"
.TH EVP_MD-SHA1 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-SHA1 \- The SHA1 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1SHA1\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation is available with the \s-1FIPS\s0 provider as well as the
default provider, and is identified with the names \*(L"\s-1SHA1\*(R"\s0 and \*(L"\s-1SHA\-1\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SS "Settable Context Parameters"
.IX Subsection "Settable Context Parameters"
This implementation supports the following \s-1\fBOSSL_PARAM\s0\fR\|(3) entries,
settable for an \fB\s-1EVP_MD_CTX\s0\fR with \fBEVP_MD_CTX_set_params\fR\|(3):
.ie n .IP """ssl3\-ms"" (\fB\s-1OSSL_DIGEST_PARAM_SSL3_MS\s0\fR) <octet string>" 4
.el .IP "``ssl3\-ms'' (\fB\s-1OSSL_DIGEST_PARAM_SSL3_MS\s0\fR) <octet string>" 4
.IX Item "ssl3-ms (OSSL_DIGEST_PARAM_SSL3_MS) <octet string>"
This parameter is set by libssl in order to calculate a signature hash for an
SSLv3 CertificateVerify message as per \s-1RFC6101.\s0
It is only set after all handshake messages have already been digested via
\&\fBOP_digest_update()\fR calls.
The parameter provides the master secret value to be added to the digest.
The digest implementation should calculate the complete digest as per \s-1RFC6101\s0
section 5.6.8.
The next call after setting this parameter should be \fBOP_digest_final()\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MD_CTX_set_params\fR\|(3), \fBprovider\-digest\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

196
openssl-3.4.2/doc/man/man7/EVP_MD-SHA2.7 Normal file
View File

@@ -0,0 +1,196 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-SHA2 7ossl"
.TH EVP_MD-SHA2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-SHA2 \- The SHA2 EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1SHA2\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation includes the following varieties:
.IP "\(bu" 4
Available with the \s-1FIPS\s0 provider as well as the default provider:
.RS 4
.IP "\s-1SHA2\-224\s0" 4
.IX Item "SHA2-224"
Known names are \*(L"\s-1SHA2\-224\*(R", \*(L"SHA\-224\*(R"\s0 and \*(L"\s-1SHA224\*(R".\s0
.IP "\s-1SHA2\-256\s0" 4
.IX Item "SHA2-256"
Known names are \*(L"\s-1SHA2\-256\*(R", \*(L"SHA\-256\*(R"\s0 and \*(L"\s-1SHA256\*(R".\s0
.IP "\s-1SHA2\-384\s0" 4
.IX Item "SHA2-384"
Known names are \*(L"\s-1SHA2\-384\*(R", \*(L"SHA\-384\*(R"\s0 and \*(L"\s-1SHA384\*(R".\s0
.IP "\s-1SHA2\-512\s0" 4
.IX Item "SHA2-512"
Known names are \*(L"\s-1SHA2\-512\*(R", \*(L"SHA\-512\*(R"\s0 and \*(L"\s-1SHA512\*(R".\s0
.RE
.RS 4
.RE
.IP "\(bu" 4
Available with the default provider:
.RS 4
.IP "\s-1SHA2\-256/192\s0" 4
.IX Item "SHA2-256/192"
Known names are \*(L"\s-1SHA2\-256/192\*(R", \*(L"SHA\-256/192\*(R"\s0 and \*(L"\s-1SHA256\-192\*(R".\s0
.IP "\s-1SHA2\-512/224\s0" 4
.IX Item "SHA2-512/224"
Known names are \*(L"\s-1SHA2\-512/224\*(R", \*(L"SHA\-512/224\*(R"\s0 and \*(L"\s-1SHA512\-224\*(R".\s0
.IP "\s-1SHA2\-512/256\s0" 4
.IX Item "SHA2-512/256"
Known names are \*(L"\s-1SHA2\-512/256\*(R", \*(L"SHA\-512/256\*(R"\s0 and \*(L"\s-1SHA512\-256\*(R".\s0
.RE
.RS 4
.RE
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

178
openssl-3.4.2/doc/man/man7/EVP_MD-SHA3.7 Normal file
View File

@@ -0,0 +1,178 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-SHA3 7ossl"
.TH EVP_MD-SHA3 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-SHA3 \- The SHA3 EVP_MD implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1SHA3\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identities"
.IX Subsection "Identities"
This implementation is available with the \s-1FIPS\s0 provider as well as the
default provider, and includes the following varieties:
.ie n .IP """\s-1SHA3\-224""\s0" 4
.el .IP "``\s-1SHA3\-224''\s0" 4
.IX Item "SHA3-224"
.PD 0
.ie n .IP """\s-1SHA3\-256""\s0" 4
.el .IP "``\s-1SHA3\-256''\s0" 4
.IX Item "SHA3-256"
.ie n .IP """\s-1SHA3\-384""\s0" 4
.el .IP "``\s-1SHA3\-384''\s0" 4
.IX Item "SHA3-384"
.ie n .IP """\s-1SHA3\-512""\s0" 4
.el .IP "``\s-1SHA3\-512''\s0" 4
.IX Item "SHA3-512"
.PD
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

217
openssl-3.4.2/doc/man/man7/EVP_MD-SHAKE.7 Normal file
View File

@@ -0,0 +1,217 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-SHAKE 7ossl"
.TH EVP_MD-SHAKE 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-SHAKE, EVP_MD\-KECCAK\-KMAC
\&\- The SHAKE / KECCAK family EVP_MD implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1SHAKE\s0 or KECCAK-KMAC digests through the
\&\fB\s-1EVP_MD\s0\fR \s-1API.\s0
.PP
KECCAK-KMAC is an Extendable Output Function (\s-1XOF\s0), with a definition
similar to \s-1SHAKE,\s0 used by the \s-1KMAC EVP_MAC\s0 implementation (see
\&\s-1\fBEVP_MAC\-KMAC\s0\fR\|(7)).
.SS "Identities"
.IX Subsection "Identities"
This implementation is available in the \s-1FIPS\s0 provider as well as the default
provider, and includes the following varieties:
.IP "\s-1KECCAK\-KMAC\-128\s0" 4
.IX Item "KECCAK-KMAC-128"
Known names are \*(L"\s-1KECCAK\-KMAC\-128\*(R"\s0 and \*(L"\s-1KECCAK\-KMAC128\*(R".\s0 This is used
by \s-1\fBEVP_MAC\-KMAC128\s0\fR\|(7). Using the notation from \s-1NIST FIPS 202\s0
(Section 6.2), we have \s-1KECCAK\-KMAC\-128\s0(M,\ d) = KECCAK[256](M\ ||\ 00,\ d)
(see the description of \s-1KMAC128\s0 in Appendix A of \s-1NIST SP 800\-185\s0).
.IP "\s-1KECCAK\-KMAC\-256\s0" 4
.IX Item "KECCAK-KMAC-256"
Known names are \*(L"\s-1KECCAK\-KMAC\-256\*(R"\s0 and \*(L"\s-1KECCAK\-KMAC256\*(R".\s0 This is used
by \s-1\fBEVP_MAC\-KMAC256\s0\fR\|(7). Using the notation from \s-1NIST FIPS 202\s0
(Section 6.2), we have \s-1KECCAK\-KMAC\-256\s0(M,\ d) = KECCAK[512](M\ ||\ 00,\ d)
(see the description of \s-1KMAC256\s0 in Appendix A of \s-1NIST SP 800\-185\s0).
.IP "\s-1SHAKE\-128\s0" 4
.IX Item "SHAKE-128"
Known names are \*(L"\s-1SHAKE\-128\*(R"\s0 and \*(L"\s-1SHAKE128\*(R".\s0
.IP "\s-1SHAKE\-256\s0" 4
.IX Item "SHAKE-256"
Known names are \*(L"\s-1SHAKE\-256\*(R"\s0 and \*(L"\s-1SHAKE256\*(R".\s0
.SS "Parameters"
.IX Subsection "Parameters"
This implementation supports the following \s-1\fBOSSL_PARAM\s0\fR\|(3) entries:
.ie n .IP """xoflen"" (\fB\s-1OSSL_DIGEST_PARAM_XOFLEN\s0\fR) <unsigned integer>" 4
.el .IP "``xoflen'' (\fB\s-1OSSL_DIGEST_PARAM_XOFLEN\s0\fR) <unsigned integer>" 4
.IX Item "xoflen (OSSL_DIGEST_PARAM_XOFLEN) <unsigned integer>"
Sets or Gets the digest length for extendable output functions.
The length of the \*(L"xoflen\*(R" parameter should not exceed that of a \fBsize_t\fR.
.Sp
The \s-1SHAKE\-128\s0 and \s-1SHAKE\-256\s0 implementations do not have any default digest
length.
.Sp
This parameter must be set before calling either \fBEVP_DigestFinal_ex()\fR or
\&\fBEVP_DigestFinal()\fR, since these functions were not designed to handle variable
length output. It is recommended to either use \fBEVP_DigestSqueeze()\fR or
\&\fBEVP_DigestFinalXOF()\fR instead.
.ie n .IP """size"" (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_DIGEST_PARAM_SIZE) <unsigned integer>"
An alias of \*(L"xoflen\*(R".
.PP
See \*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3) for further information related to parameters
.SH "NOTES"
.IX Header "NOTES"
For \s-1SHAKE\-128,\s0 to ensure the maximum security strength of 128 bits, the output
length passed to \fBEVP_DigestFinalXOF()\fR should be at least 32.
.PP
For \s-1SHAKE\-256,\s0 to ensure the maximum security strength of 256 bits, the output
length passed to \fBEVP_DigestFinalXOF()\fR should be at least 64.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MD_CTX_set_params\fR\|(3), \fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
Since OpenSSL 3.4 the \s-1SHAKE\-128\s0 and \s-1SHAKE\-256\s0 implementations have no default
digest length.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

164
openssl-3.4.2/doc/man/man7/EVP_MD-SM3.7 Normal file
View File

@@ -0,0 +1,164 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-SM3 7ossl"
.TH EVP_MD-SM3 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-SM3 \- The SM3 EVP_MD implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1SM3\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the default provider, and is
identified with the name \*(L"\s-1SM3\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

164
openssl-3.4.2/doc/man/man7/EVP_MD-WHIRLPOOL.7 Normal file
View File

@@ -0,0 +1,164 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-WHIRLPOOL 7ossl"
.TH EVP_MD-WHIRLPOOL 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-WHIRLPOOL \- The WHIRLPOOL EVP_MD implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1WHIRLPOOL\s0 digests through the \fB\s-1EVP_MD\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
This implementation is only available with the legacy provider, and is
identified with the name \*(L"\s-1WHIRLPOOL\*(R".\s0
.SS "Gettable Parameters"
.IX Subsection "Gettable Parameters"
This implementation supports the common gettable parameters described
in \fBEVP_MD\-common\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

183
openssl-3.4.2/doc/man/man7/EVP_MD-common.7 Normal file
View File

@@ -0,0 +1,183 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_MD-COMMON 7ossl"
.TH EVP_MD-COMMON 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_MD\-common \- The OpenSSL EVP_MD implementations, common things
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
All the OpenSSL \s-1EVP_MD\s0 implementations understand the following
\&\s-1\fBOSSL_PARAM\s0\fR\|(3) entries that are
gettable with \fBEVP_MD_get_params\fR\|(3), as well as these:
.ie n .IP """blocksize"" (\fB\s-1OSSL_DIGEST_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``blocksize'' (\fB\s-1OSSL_DIGEST_PARAM_BLOCK_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "blocksize (OSSL_DIGEST_PARAM_BLOCK_SIZE) <unsigned integer>"
The digest block size.
The length of the \*(L"blocksize\*(R" parameter should not exceed that of a
\&\fBsize_t\fR.
.Sp
This value can also be retrieved with \fBEVP_MD_get_block_size\fR\|(3).
.ie n .IP """size"" (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.el .IP "``size'' (\fB\s-1OSSL_DIGEST_PARAM_SIZE\s0\fR) <unsigned integer>" 4
.IX Item "size (OSSL_DIGEST_PARAM_SIZE) <unsigned integer>"
The digest output size.
The length of the \*(L"size\*(R" parameter should not exceed that of a \fBsize_t\fR.
.Sp
This value can also be retrieved with \fBEVP_MD_get_size\fR\|(3).
.ie n .IP """flags"" (\fB\s-1OSSL_DIGEST_PARAM_FLAGS\s0\fR) <unsigned integer>" 4
.el .IP "``flags'' (\fB\s-1OSSL_DIGEST_PARAM_FLAGS\s0\fR) <unsigned integer>" 4
.IX Item "flags (OSSL_DIGEST_PARAM_FLAGS) <unsigned integer>"
Diverse flags that describe exceptional behaviour for the digest.
These flags are described in \*(L"\s-1DESCRIPTION\*(R"\s0 in \fBEVP_MD_meth_set_flags\fR\|(3).
.Sp
The length of the \*(L"flags\*(R" parameter should equal that of an
\&\fBunsigned long int\fR.
.Sp
This value can also be retrieved with \fBEVP_MD_get_flags\fR\|(3).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_DigestInit\fR\|(3), \fBEVP_MD_get_params\fR\|(3), \fBprovider\-digest\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

459
openssl-3.4.2/doc/man/man7/EVP_PKEY-DH.7 Normal file
View File

@@ -0,0 +1,459 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-DH 7ossl"
.TH EVP_PKEY-DH 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-DH, EVP_PKEY\-DHX, EVP_KEYMGMT\-DH, EVP_KEYMGMT\-DHX
\&\- EVP_PKEY DH and DHX keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
For finite field Diffie-Hellman key agreement, two classes of domain
parameters can be used: \*(L"safe\*(R" domain parameters that are associated with
approved named safe-prime groups, and a class of \*(L"FIPS186\-type\*(R" domain
parameters. FIPS186\-type domain parameters should only be used for backward
compatibility with existing applications that cannot be upgraded to use the
approved safe-prime groups.
.PP
See \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7) for more information about \s-1FFC\s0 keys.
.PP
The \fB\s-1DH\s0\fR key type uses PKCS#3 format which saves \fIp\fR and \fIg\fR, but not the
\&\fIq\fR value.
The \fB\s-1DHX\s0\fR key type uses X9.42 format which saves the value of \fIq\fR and this
must be used for \s-1FIPS186\-4.\s0 If key validation is required, users should be aware
of the nuances associated with \s-1FIPS186\-4\s0 style parameters as discussed in
\&\*(L"\s-1DH\s0 and \s-1DHX\s0 key validation\*(R".
.SS "\s-1DH\s0 and \s-1DHX\s0 domain parameters"
.IX Subsection "DH and DHX domain parameters"
In addition to the common \s-1FFC\s0 parameters that all \s-1FFC\s0 keytypes should support
(see \*(L"\s-1FFC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7)) the \fB\s-1DHX\s0\fR and \fB\s-1DH\s0\fR keytype
implementations support the following:
.ie n .IP """group"" (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``group'' (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "group (OSSL_PKEY_PARAM_GROUP_NAME) <UTF8 string>"
Sets or gets a string that associates a \fB\s-1DH\s0\fR or \fB\s-1DHX\s0\fR named safe prime group
with known values for \fIp\fR, \fIq\fR and \fIg\fR.
.Sp
The following values can be used by the OpenSSL's default and \s-1FIPS\s0 providers:
\&\*(L"ffdhe2048\*(R", \*(L"ffdhe3072\*(R", \*(L"ffdhe4096\*(R", \*(L"ffdhe6144\*(R", \*(L"ffdhe8192\*(R",
\&\*(L"modp_2048\*(R", \*(L"modp_3072\*(R", \*(L"modp_4096\*(R", \*(L"modp_6144\*(R", \*(L"modp_8192\*(R".
.Sp
The following additional values can also be used by OpenSSL's default provider:
\&\*(L"modp_1536\*(R", \*(L"dh_1024_160\*(R", \*(L"dh_2048_224\*(R", \*(L"dh_2048_256\*(R".
.Sp
\&\s-1DH/DHX\s0 named groups can be easily validated since the parameters are well known.
For protocols that only transfer \fIp\fR and \fIg\fR the value of \fIq\fR can also be
retrieved.
.SS "\s-1DH\s0 and \s-1DHX\s0 additional parameters"
.IX Subsection "DH and DHX additional parameters"
.ie n .IP """encoded-pub-key"" (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.el .IP "``encoded-pub-key'' (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.IX Item "encoded-pub-key (OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY) <octet string>"
Used for getting and setting the encoding of the \s-1DH\s0 public key used in a key
exchange message for the \s-1TLS\s0 protocol.
See \fBEVP_PKEY_set1_encoded_public_key()\fR and \fBEVP_PKEY_get1_encoded_public_key()\fR.
.SS "\s-1DH\s0 additional domain parameters"
.IX Subsection "DH additional domain parameters"
.ie n .IP """safeprime-generator"" (\fB\s-1OSSL_PKEY_PARAM_DH_GENERATOR\s0\fR) <integer>" 4
.el .IP "``safeprime-generator'' (\fB\s-1OSSL_PKEY_PARAM_DH_GENERATOR\s0\fR) <integer>" 4
.IX Item "safeprime-generator (OSSL_PKEY_PARAM_DH_GENERATOR) <integer>"
Used for \s-1DH\s0 generation of safe primes using the old safe prime generator code.
The default value is 2.
It is recommended to use a named safe prime group instead, if domain parameter
validation is required.
.Sp
Randomly generated safe primes are not allowed by \s-1FIPS,\s0 so setting this value
for the OpenSSL \s-1FIPS\s0 provider will instead choose a named safe prime group
based on the size of \fIp\fR.
.SS "\s-1DH\s0 and \s-1DHX\s0 domain parameter / key generation parameters"
.IX Subsection "DH and DHX domain parameter / key generation parameters"
In addition to the common \s-1FFC\s0 key generation parameters that all \s-1FFC\s0 key types
should support (see \*(L"\s-1FFC\s0 key generation parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7)) the
\&\fB\s-1DH\s0\fR and \fB\s-1DHX\s0\fR keytype implementation supports the following:
.ie n .IP """type"" (\fB\s-1OSSL_PKEY_PARAM_FFC_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``type'' (\fB\s-1OSSL_PKEY_PARAM_FFC_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "type (OSSL_PKEY_PARAM_FFC_TYPE) <UTF8 string>"
Sets the type of parameter generation. For \fB\s-1DH\s0\fR valid values are:
.RS 4
.ie n .IP """fips186_4""" 4
.el .IP "``fips186_4''" 4
.IX Item "fips186_4"
.PD 0
.ie n .IP """default""" 4
.el .IP "``default''" 4
.IX Item "default"
.ie n .IP """fips186_2""" 4
.el .IP "``fips186_2''" 4
.IX Item "fips186_2"
.PD
These are described in \*(L"\s-1FFC\s0 key generation parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7)
.ie n .IP """group""" 4
.el .IP "``group''" 4
.IX Item "group"
This specifies that a named safe prime name will be chosen using the \*(L"pbits\*(R"
type.
.ie n .IP """generator""" 4
.el .IP "``generator''" 4
.IX Item "generator"
A safe prime generator. See the \*(L"safeprime-generator\*(R" type above.
This is only valid for \fB\s-1DH\s0\fR keys.
.RE
.RS 4
.RE
.ie n .IP """pbits"" (\fB\s-1OSSL_PKEY_PARAM_FFC_PBITS\s0\fR) <unsigned integer>" 4
.el .IP "``pbits'' (\fB\s-1OSSL_PKEY_PARAM_FFC_PBITS\s0\fR) <unsigned integer>" 4
.IX Item "pbits (OSSL_PKEY_PARAM_FFC_PBITS) <unsigned integer>"
Sets the size (in bits) of the prime 'p'.
.Sp
For \*(L"fips186_4\*(R" this must be 2048.
For \*(L"fips186_2\*(R" this must be 1024.
For \*(L"group\*(R" this can be any one of 2048, 3072, 4096, 6144 or 8192.
.ie n .IP """priv_len"" (\fB\s-1OSSL_PKEY_PARAM_DH_PRIV_LEN\s0\fR) <integer>" 4
.el .IP "``priv_len'' (\fB\s-1OSSL_PKEY_PARAM_DH_PRIV_LEN\s0\fR) <integer>" 4
.IX Item "priv_len (OSSL_PKEY_PARAM_DH_PRIV_LEN) <integer>"
An optional value to set the maximum length of the generated private key.
The default value used if this is not set is the maximum value of
BN_num_bits(\fIq\fR)). The minimum value that this can be set to is 2 * s.
Where s is the security strength of the key which has values of
112, 128, 152, 176 and 200 for key sizes of 2048, 3072, 4096, 6144 and 8192.
.SS "\s-1DH\s0 and \s-1DHX\s0 key validation"
.IX Subsection "DH and DHX key validation"
For keys that are not a named group the \s-1FIPS186\-4\s0 standard specifies that the
values used for \s-1FFC\s0 parameter generation are also required for parameter
validation. This means that optional \s-1FFC\s0 domain parameter values for
\&\fIseed\fR, \fIpcounter\fR and \fIgindex\fR or \fIhindex\fR may need to be stored for
validation purposes.
For \fB\s-1DHX\s0\fR the \fIseed\fR and \fIpcounter\fR can be stored in \s-1ASN1\s0 data
(but the \fIgindex\fR or \fIhindex\fR cannot be stored). It is recommended to use a
\&\fB\s-1DH\s0\fR parameters with named safe prime group instead.
.PP
With the OpenSSL \s-1FIPS\s0 provider, \fBEVP_PKEY_param_check\fR\|(3) and
\&\fBEVP_PKEY_param_check_quick\fR\|(3) behave in the following way: the parameters
are tested if they are either an approved safe prime group \s-1OR\s0 that the \s-1FFC\s0
parameters conform to \s-1FIPS186\-4\s0 as defined in SP800\-56Ar3 \fIAssurances of
Domain-Parameter Validity\fR.
.PP
The OpenSSL default provider uses simpler checks that allows there to be no \fIq\fR
value for backwards compatibility, however the \fBEVP_PKEY_param_check\fR\|(3) will
test the \fIp\fR value for being a prime (and a safe prime if \fIq\fR is missing)
which can take significant time. The \fBEVP_PKEY_param_check_quick\fR\|(3) avoids
the prime tests.
.PP
\&\fBEVP_PKEY_public_check\fR\|(3) conforms to SP800\-56Ar3
\&\fI\s-1FFC\s0 Full Public-Key Validation\fR.
.PP
\&\fBEVP_PKEY_public_check_quick\fR\|(3) conforms to SP800\-56Ar3
\&\fI\s-1FFC\s0 Partial Public-Key Validation\fR when the key is an approved named safe
prime group, otherwise it is the same as \fBEVP_PKEY_public_check\fR\|(3).
.PP
\&\fBEVP_PKEY_private_check\fR\|(3) tests that the private key is in the correct range
according to SP800\-56Ar3. The OpenSSL \s-1FIPS\s0 provider requires the value of \fIq\fR
to be set (note that this is implicitly set for named safe prime groups).
For backwards compatibility the OpenSSL default provider only requires \fIp\fR to
be set.
.PP
\&\fBEVP_PKEY_pairwise_check\fR\|(3) conforms to SP800\-56Ar3
\&\fIOwner Assurance of Pair-wise Consistency\fR.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
An \fB\s-1EVP_PKEY\s0\fR context can be obtained by calling:
.PP
.Vb 1
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);
.Ve
.PP
A \fB\s-1DH\s0\fR key can be generated with a named safe prime group by calling:
.PP
.Vb 4
\& int priv_len = 2 * 112;
\& OSSL_PARAM params[3];
\& EVP_PKEY *pkey = NULL;
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);
\&
\& params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0);
\& /* "priv_len" is optional */
\& params[1] = OSSL_PARAM_construct_int("priv_len", &priv_len);
\& params[2] = OSSL_PARAM_construct_end();
\&
\& EVP_PKEY_keygen_init(pctx);
\& EVP_PKEY_CTX_set_params(pctx, params);
\& EVP_PKEY_generate(pctx, &pkey);
\& ...
\& EVP_PKEY_free(pkey);
\& EVP_PKEY_CTX_free(pctx);
.Ve
.PP
\&\fB\s-1DHX\s0\fR domain parameters can be generated according to \fB\s-1FIPS186\-4\s0\fR by calling:
.PP
.Vb 6
\& int gindex = 2;
\& unsigned int pbits = 2048;
\& unsigned int qbits = 256;
\& OSSL_PARAM params[6];
\& EVP_PKEY *param_key = NULL;
\& EVP_PKEY_CTX *pctx = NULL;
\&
\& pctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
\& EVP_PKEY_paramgen_init(pctx);
\&
\& params[0] = OSSL_PARAM_construct_uint("pbits", &pbits);
\& params[1] = OSSL_PARAM_construct_uint("qbits", &qbits);
\& params[2] = OSSL_PARAM_construct_int("gindex", &gindex);
\& params[3] = OSSL_PARAM_construct_utf8_string("type", "fips186_4", 0);
\& params[4] = OSSL_PARAM_construct_utf8_string("digest", "SHA256", 0);
\& params[5] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(pctx, params);
\&
\& EVP_PKEY_generate(pctx, &param_key);
\&
\& EVP_PKEY_print_params(bio_out, param_key, 0, NULL);
\& ...
\& EVP_PKEY_free(param_key);
\& EVP_PKEY_CTX_free(pctx);
.Ve
.PP
A \fB\s-1DH\s0\fR key can be generated using domain parameters by calling:
.PP
.Vb 2
\& EVP_PKEY *key = NULL;
\& EVP_PKEY_CTX *gctx = EVP_PKEY_CTX_new_from_pkey(NULL, param_key, NULL);
\&
\& EVP_PKEY_keygen_init(gctx);
\& EVP_PKEY_generate(gctx, &key);
\& EVP_PKEY_print_private(bio_out, key, 0, NULL);
\& ...
\& EVP_PKEY_free(key);
\& EVP_PKEY_CTX_free(gctx);
.Ve
.PP
To validate \fB\s-1FIPS186\-4\s0\fR \fB\s-1DHX\s0\fR domain parameters decoded from \fB\s-1PEM\s0\fR or
\&\fB\s-1DER\s0\fR data, additional values used during generation may be required to
be set into the key.
.PP
\&\fBEVP_PKEY_todata()\fR, \fBOSSL_PARAM_merge()\fR, and \fBEVP_PKEY_fromdata()\fR are useful
to add these parameters to the original key or domain parameters before
the actual validation. In production code the return values should be checked.
.PP
.Vb 11
\& EVP_PKEY *received_domp = ...; /* parameters received and decoded */
\& unsigned char *seed = ...; /* and additional parameters received */
\& size_t seedlen = ...; /* by other means, required */
\& int gindex = ...; /* for the validation */
\& int pcounter = ...;
\& int hindex = ...;
\& OSSL_PARAM extra_params[4];
\& OSSL_PARAM *domain_params = NULL;
\& OSSL_PARAM *merged_params = NULL;
\& EVP_PKEY_CTX *ctx = NULL, *validate_ctx = NULL;
\& EVP_PKEY *complete_domp = NULL;
\&
\& EVP_PKEY_todata(received_domp, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
\& &domain_params);
\& extra_params[0] = OSSL_PARAM_construct_octet_string("seed", seed, seedlen);
\& /*
\& * NOTE: For unverifiable g use "hindex" instead of "gindex"
\& * extra_params[1] = OSSL_PARAM_construct_int("hindex", &hindex);
\& */
\& extra_params[1] = OSSL_PARAM_construct_int("gindex", &gindex);
\& extra_params[2] = OSSL_PARAM_construct_int("pcounter", &pcounter);
\& extra_params[3] = OSSL_PARAM_construct_end();
\& merged_params = OSSL_PARAM_merge(domain_params, extra_params);
\&
\& ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
\& EVP_PKEY_fromdata_init(ctx);
\& EVP_PKEY_fromdata(ctx, &complete_domp, OSSL_KEYMGMT_SELECT_ALL,
\& merged_params);
\&
\& validate_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, complete_domp, NULL);
\& if (EVP_PKEY_param_check(validate_ctx) > 0)
\& /* validation_passed(); */
\& else
\& /* validation_failed(); */
\&
\& OSSL_PARAM_free(domain_params);
\& OSSL_PARAM_free(merged_params);
\& EVP_PKEY_CTX_free(ctx);
\& EVP_PKEY_CTX_free(validate_ctx);
\& EVP_PKEY_free(complete_domp);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "\s-1RFC 7919\s0 (\s-1TLS\s0 ffdhe named safe prime groups)" 4
.IX Item "RFC 7919 (TLS ffdhe named safe prime groups)"
.PD 0
.IP "\s-1RFC 3526\s0 (\s-1IKE\s0 modp named safe prime groups)" 4
.IX Item "RFC 3526 (IKE modp named safe prime groups)"
.ie n .IP "\s-1RFC 5114\s0 (Additional \s-1DH\s0 named groups for dh_1024_160"", ""dh_2048_224"" and ""dh_2048_256"")." 4
.el .IP "\s-1RFC 5114\s0 (Additional \s-1DH\s0 named groups for dh_1024_160``, ''dh_2048_224`` and ''dh_2048_256"")." 4
.IX Item "RFC 5114 (Additional DH named groups for dh_1024_160, dh_2048_224 and dh_2048_256"")."
.PD
.PP
The following sections of SP800\-56Ar3:
.IP "5.5.1.1 \s-1FFC\s0 Domain Parameter Selection/Generation" 4
.IX Item "5.5.1.1 FFC Domain Parameter Selection/Generation"
.PD 0
.IP "Appendix D: \s-1FFC\s0 Safe-prime Groups" 4
.IX Item "Appendix D: FFC Safe-prime Groups"
.PD
.PP
The following sections of \s-1FIPS186\-4:\s0
.IP "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function." 4
.IX Item "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function."
.PD 0
.IP "A.2.3 Generation of canonical generator g." 4
.IX Item "A.2.3 Generation of canonical generator g."
.IP "A.2.1 Unverifiable Generation of the Generator g." 4
.IX Item "A.2.1 Unverifiable Generation of the Generator g."
.PD
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-FFC\s0\fR\|(7),
\&\s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7),
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

271
openssl-3.4.2/doc/man/man7/EVP_PKEY-DSA.7 Normal file
View File

@@ -0,0 +1,271 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-DSA 7ossl"
.TH EVP_PKEY-DSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-DSA, EVP_KEYMGMT\-DSA \- EVP_PKEY DSA keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
For \fB\s-1DSA\s0\fR the \s-1FIPS 186\-4\s0 standard specifies that the values used for \s-1FFC\s0
parameter generation are also required for parameter validation.
This means that optional \s-1FFC\s0 domain parameter values for \fIseed\fR, \fIpcounter\fR
and \fIgindex\fR may need to be stored for validation purposes. For \fB\s-1DSA\s0\fR these
fields are not stored in the \s-1ASN1\s0 data so they need to be stored externally if
validation is required.
.PP
As part of \s-1FIPS 140\-3 DSA\s0 is not longer \s-1FIPS\s0 approved for key generation and
signature validation, but is still allowed for signature verification.
.SS "\s-1DSA\s0 parameters"
.IX Subsection "DSA parameters"
The \fB\s-1DSA\s0\fR key type supports the \s-1FFC\s0 parameters (see
\&\*(L"\s-1FFC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7)).
.PP
It also supports the following parameters:
.ie n .IP """sign-check"" (\fB\s-1OSSL_PKEY_PARAM_FIPS_SIGN_CHECK\s0\fR) <integer" 4
.el .IP "``sign-check'' (\fB\s-1OSSL_PKEY_PARAM_FIPS_SIGN_CHECK\s0\fR) <integer" 4
.IX Item "sign-check (OSSL_PKEY_PARAM_FIPS_SIGN_CHECK) <integer"
.PD 0
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD
See \*(L"Common Information Parameters\*(R" in \fBprovider\-keymgmt\fR\|(7) for more information.
.SS "\s-1DSA\s0 key generation parameters"
.IX Subsection "DSA key generation parameters"
The \fB\s-1DSA\s0\fR key type supports the \s-1FFC\s0 key generation parameters (see
\&\*(L"\s-1FFC\s0 key generation parameters\*(R" in \s-1\fBEVP_PKEY\-FFC\s0\fR\|(7)
.PP
The following restrictions apply to the \*(L"pbits\*(R" field:
.PP
For \*(L"fips186_4\*(R" this must be either 2048 or 3072.
For \*(L"fips186_2\*(R" this must be 1024.
For \*(L"group\*(R" this can be any one of 2048, 3072, 4096, 6144 or 8192.
.SS "\s-1DSA\s0 key validation"
.IX Subsection "DSA key validation"
For \s-1DSA\s0 keys, \fBEVP_PKEY_param_check\fR\|(3) behaves in the following way:
The OpenSSL \s-1FIPS\s0 provider conforms to the rules within the \s-1FIPS186\-4\s0
standard for \s-1FFC\s0 parameter validation. For backwards compatibility the OpenSSL
default provider uses a much simpler check (see below) for parameter validation,
unless the seed parameter is set.
.PP
For \s-1DSA\s0 keys, \fBEVP_PKEY_param_check_quick\fR\|(3) behaves in the following way:
A simple check of L and N and partial g is performed. The default provider
also supports validation of legacy \*(L"fips186_2\*(R" keys.
.PP
For \s-1DSA\s0 keys, \fBEVP_PKEY_public_check\fR\|(3), \fBEVP_PKEY_private_check\fR\|(3) and
\&\fBEVP_PKEY_pairwise_check\fR\|(3) the OpenSSL default and \s-1FIPS\s0 providers conform to
the rules within SP800\-56Ar3 for public, private and pairwise tests respectively.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
An \fB\s-1EVP_PKEY\s0\fR context can be obtained by calling:
.PP
.Vb 1
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL);
.Ve
.PP
The \fB\s-1DSA\s0\fR domain parameters can be generated by calling:
.PP
.Vb 6
\& unsigned int pbits = 2048;
\& unsigned int qbits = 256;
\& int gindex = 1;
\& OSSL_PARAM params[5];
\& EVP_PKEY *param_key = NULL;
\& EVP_PKEY_CTX *pctx = NULL;
\&
\& pctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL);
\& EVP_PKEY_paramgen_init(pctx);
\&
\& params[0] = OSSL_PARAM_construct_uint("pbits", &pbits);
\& params[1] = OSSL_PARAM_construct_uint("qbits", &qbits);
\& params[2] = OSSL_PARAM_construct_int("gindex", &gindex);
\& params[3] = OSSL_PARAM_construct_utf8_string("digest", "SHA384", 0);
\& params[4] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(pctx, params);
\&
\& EVP_PKEY_generate(pctx, &param_key);
\& EVP_PKEY_CTX_free(pctx);
\&
\& EVP_PKEY_print_params(bio_out, param_key, 0, NULL);
.Ve
.PP
A \fB\s-1DSA\s0\fR key can be generated using domain parameters by calling:
.PP
.Vb 2
\& EVP_PKEY *key = NULL;
\& EVP_PKEY_CTX *gctx = NULL;
\&
\& gctx = EVP_PKEY_CTX_new_from_pkey(NULL, param_key, NULL);
\& EVP_PKEY_keygen_init(gctx);
\& EVP_PKEY_generate(gctx, &key);
\& EVP_PKEY_CTX_free(gctx);
\& EVP_PKEY_print_private(bio_out, key, 0, NULL);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
The following sections of \s-1FIPS186\-4:\s0
.IP "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function." 4
.IX Item "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function."
.PD 0
.IP "A.2.3 Generation of canonical generator g." 4
.IX Item "A.2.3 Generation of canonical generator g."
.IP "A.2.1 Unverifiable Generation of the Generator g." 4
.IX Item "A.2.1 Unverifiable Generation of the Generator g."
.PD
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-FFC\s0\fR\|(7),
\&\s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7)
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7),
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
\&\s-1DSA\s0 Key generation and signature generation are no longer \s-1FIPS\s0 approved in
OpenSSL 3.4. See \*(L"\s-1FIPS\s0 indicators\*(R" in \fBfips_module\fR\|(7) for more information.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

447
openssl-3.4.2/doc/man/man7/EVP_PKEY-EC.7 Normal file
View File

@@ -0,0 +1,447 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-EC 7ossl"
.TH EVP_PKEY-EC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-EC,
EVP_KEYMGMT\-EC
\&\- EVP_PKEY EC keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1EC\s0\fR keytype is implemented in OpenSSL's default provider.
.SS "Common \s-1EC\s0 parameters"
.IX Subsection "Common EC parameters"
The normal way of specifying domain parameters for an \s-1EC\s0 curve is via the
curve name \*(L"group\*(R". For curves with no curve name, explicit parameters can be
used that specify \*(L"field-type\*(R", \*(L"p\*(R", \*(L"a\*(R", \*(L"b\*(R", \*(L"generator\*(R" and \*(L"order\*(R".
Explicit parameters are supported for backwards compatibility reasons, but they
are not compliant with multiple standards (including \s-1RFC5915\s0) which only allow
named curves.
.PP
The following Key generation/Gettable/Import/Export types are available for the
built-in \s-1EC\s0 algorithm:
.ie n .IP """group"" (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``group'' (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "group (OSSL_PKEY_PARAM_GROUP_NAME) <UTF8 string>"
The curve name.
.ie n .IP """field-type"" (\fB\s-1OSSL_PKEY_PARAM_EC_FIELD_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``field-type'' (\fB\s-1OSSL_PKEY_PARAM_EC_FIELD_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "field-type (OSSL_PKEY_PARAM_EC_FIELD_TYPE) <UTF8 string>"
The value should be either \*(L"prime-field\*(R" or \*(L"characteristic-two-field\*(R",
which correspond to prime field Fp and binary field F2^m.
.ie n .IP """p"" (\fB\s-1OSSL_PKEY_PARAM_EC_P\s0\fR) <unsigned integer>" 4
.el .IP "``p'' (\fB\s-1OSSL_PKEY_PARAM_EC_P\s0\fR) <unsigned integer>" 4
.IX Item "p (OSSL_PKEY_PARAM_EC_P) <unsigned integer>"
For a curve over Fp \fIp\fR is the prime for the field. For a curve over F2^m \fIp\fR
represents the irreducible polynomial \- each bit represents a term in the
polynomial. Therefore, there will either be three or five bits set dependent on
whether the polynomial is a trinomial or a pentanomial.
.ie n .IP """a"" (\fB\s-1OSSL_PKEY_PARAM_EC_A\s0\fR) <unsigned integer>" 4
.el .IP "``a'' (\fB\s-1OSSL_PKEY_PARAM_EC_A\s0\fR) <unsigned integer>" 4
.IX Item "a (OSSL_PKEY_PARAM_EC_A) <unsigned integer>"
.PD 0
.ie n .IP """b"" (\fB\s-1OSSL_PKEY_PARAM_EC_B\s0\fR) <unsigned integer>" 4
.el .IP "``b'' (\fB\s-1OSSL_PKEY_PARAM_EC_B\s0\fR) <unsigned integer>" 4
.IX Item "b (OSSL_PKEY_PARAM_EC_B) <unsigned integer>"
.ie n .IP """seed"" (\fB\s-1OSSL_PKEY_PARAM_EC_SEED\s0\fR) <octet string>" 4
.el .IP "``seed'' (\fB\s-1OSSL_PKEY_PARAM_EC_SEED\s0\fR) <octet string>" 4
.IX Item "seed (OSSL_PKEY_PARAM_EC_SEED) <octet string>"
.PD
\&\fIa\fR and \fIb\fR represents the coefficients of the curve
For Fp: y^2 mod p = x^3 +ax + b mod p \s-1OR\s0
For F2^m: y^2 + xy = x^3 + ax^2 + b
.Sp
\&\fIseed\fR is an optional value that is for information purposes only.
It represents the random number seed used to generate the coefficient \fIb\fR from a
random number.
.ie n .IP """generator"" (\fB\s-1OSSL_PKEY_PARAM_EC_GENERATOR\s0\fR) <octet string>" 4
.el .IP "``generator'' (\fB\s-1OSSL_PKEY_PARAM_EC_GENERATOR\s0\fR) <octet string>" 4
.IX Item "generator (OSSL_PKEY_PARAM_EC_GENERATOR) <octet string>"
.PD 0
.ie n .IP """order"" (\fB\s-1OSSL_PKEY_PARAM_EC_ORDER\s0\fR) <unsigned integer>" 4
.el .IP "``order'' (\fB\s-1OSSL_PKEY_PARAM_EC_ORDER\s0\fR) <unsigned integer>" 4
.IX Item "order (OSSL_PKEY_PARAM_EC_ORDER) <unsigned integer>"
.ie n .IP """cofactor"" (\fB\s-1OSSL_PKEY_PARAM_EC_COFACTOR\s0\fR) <unsigned integer>" 4
.el .IP "``cofactor'' (\fB\s-1OSSL_PKEY_PARAM_EC_COFACTOR\s0\fR) <unsigned integer>" 4
.IX Item "cofactor (OSSL_PKEY_PARAM_EC_COFACTOR) <unsigned integer>"
.PD
The \fIgenerator\fR is a well defined point on the curve chosen for cryptographic
operations. The encoding conforms with Sec. 2.3.3 of the \s-1SECG SEC 1\s0 (\*(L"Elliptic Curve
Cryptography\*(R") standard. See \fBEC_POINT_oct2point()\fR.
Integers used for point multiplications will be between 0 and
\&\fIorder\fR \- 1.
\&\fIcofactor\fR is an optional value.
\&\fIorder\fR multiplied by the \fIcofactor\fR gives the number of points on the curve.
.ie n .IP """decoded-from-explicit"" (\fB\s-1OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS\s0\fR) <integer>" 4
.el .IP "``decoded-from-explicit'' (\fB\s-1OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS\s0\fR) <integer>" 4
.IX Item "decoded-from-explicit (OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS) <integer>"
Gets a flag indicating whether the key or parameters were decoded from explicit
curve parameters. Set to 1 if so or 0 if a named curve was used.
.ie n .IP """use-cofactor-flag"" (\fB\s-1OSSL_PKEY_PARAM_USE_COFACTOR_ECDH\s0\fR) <integer>" 4
.el .IP "``use-cofactor-flag'' (\fB\s-1OSSL_PKEY_PARAM_USE_COFACTOR_ECDH\s0\fR) <integer>" 4
.IX Item "use-cofactor-flag (OSSL_PKEY_PARAM_USE_COFACTOR_ECDH) <integer>"
Enable Cofactor \s-1DH\s0 (\s-1ECC CDH\s0) if this value is 1, otherwise it uses normal \s-1EC DH\s0
if the value is zero. The cofactor variant multiplies the shared secret by the
\&\s-1EC\s0 curve's cofactor (note for some curves the cofactor is 1).
.Sp
See also \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7) for the related
\&\fB\s-1OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE\s0\fR parameter that can be set on a
per-operation basis.
.ie n .IP """encoding"" (\fB\s-1OSSL_PKEY_PARAM_EC_ENCODING\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``encoding'' (\fB\s-1OSSL_PKEY_PARAM_EC_ENCODING\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "encoding (OSSL_PKEY_PARAM_EC_ENCODING) <UTF8 string>"
Set the format used for serializing the \s-1EC\s0 group parameters.
Valid values are \*(L"explicit\*(R" or \*(L"named_curve\*(R". The default value is \*(L"named_curve\*(R".
.ie n .IP """point-format"" (\fB\s-1OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``point-format'' (\fB\s-1OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "point-format (OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT) <UTF8 string>"
Sets or gets the point_conversion_form for the \fIkey\fR. For a description of
point_conversion_forms please see \fBEC_POINT_new\fR\|(3). Valid values are
\&\*(L"uncompressed\*(R" or \*(L"compressed\*(R". The default value is \*(L"uncompressed\*(R".
.ie n .IP """group-check"" (\fB\s-1OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``group-check'' (\fB\s-1OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "group-check (OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE) <UTF8 string>"
Sets or Gets the type of group check done when \fBEVP_PKEY_param_check()\fR is called.
Valid values are \*(L"default\*(R", \*(L"named\*(R" and \*(L"named-nist\*(R".
The \*(L"named\*(R" type checks that the domain parameters match the inbuilt curve parameters,
\&\*(L"named-nist\*(R" is similar but also checks that the named curve is a nist curve.
The \*(L"default\*(R" type does domain parameter validation for the OpenSSL default provider,
but is equivalent to \*(L"named-nist\*(R" for the OpenSSL \s-1FIPS\s0 provider.
.ie n .IP """include-public"" (\fB\s-1OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC\s0\fR) <integer>" 4
.el .IP "``include-public'' (\fB\s-1OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC\s0\fR) <integer>" 4
.IX Item "include-public (OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC) <integer>"
Setting this value to 0 indicates that the public key should not be included when
encoding the private key. The default value of 1 will include the public key.
.ie n .IP """pub"" (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <octet string>" 4
.el .IP "``pub'' (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <octet string>" 4
.IX Item "pub (OSSL_PKEY_PARAM_PUB_KEY) <octet string>"
The public key value in encoded \s-1EC\s0 point format conforming to Sec. 2.3.3 and
2.3.4 of the \s-1SECG SEC 1\s0 (\*(L"Elliptic Curve Cryptography\*(R") standard.
This parameter is used when importing or exporting the public key value with the
\&\fBEVP_PKEY_fromdata()\fR and \fBEVP_PKEY_todata()\fR functions.
.Sp
Note, in particular, that the choice of point compression format used for
encoding the exported value via \fBEVP_PKEY_todata()\fR depends on the underlying
provider implementation.
Before OpenSSL 3.0.8, the implementation of providers included with OpenSSL always
opted for an encoding in compressed format, unconditionally.
Since OpenSSL 3.0.8, the implementation has been changed to honor the
\&\fB\s-1OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT\s0\fR parameter, if set, or to default
to uncompressed format.
.ie n .IP """priv"" (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <unsigned integer>" 4
.el .IP "``priv'' (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <unsigned integer>" 4
.IX Item "priv (OSSL_PKEY_PARAM_PRIV_KEY) <unsigned integer>"
The private key value.
.ie n .IP """encoded-pub-key"" (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.el .IP "``encoded-pub-key'' (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.IX Item "encoded-pub-key (OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY) <octet string>"
Used for getting and setting the encoding of an \s-1EC\s0 public key. The public key
is expected to be a point conforming to Sec. 2.3.4 of the \s-1SECG SEC 1\s0 (\*(L"Elliptic
Curve Cryptography\*(R") standard.
.ie n .IP """qx"" (\fB\s-1OSSL_PKEY_PARAM_EC_PUB_X\s0\fR) <unsigned integer>" 4
.el .IP "``qx'' (\fB\s-1OSSL_PKEY_PARAM_EC_PUB_X\s0\fR) <unsigned integer>" 4
.IX Item "qx (OSSL_PKEY_PARAM_EC_PUB_X) <unsigned integer>"
Used for getting the \s-1EC\s0 public key X component.
.ie n .IP """qy"" (\fB\s-1OSSL_PKEY_PARAM_EC_PUB_Y\s0\fR) <unsigned integer>" 4
.el .IP "``qy'' (\fB\s-1OSSL_PKEY_PARAM_EC_PUB_Y\s0\fR) <unsigned integer>" 4
.IX Item "qy (OSSL_PKEY_PARAM_EC_PUB_Y) <unsigned integer>"
Used for getting the \s-1EC\s0 public key Y component.
.ie n .IP """default-digest"" (\fB\s-1OSSL_PKEY_PARAM_DEFAULT_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``default-digest'' (\fB\s-1OSSL_PKEY_PARAM_DEFAULT_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "default-digest (OSSL_PKEY_PARAM_DEFAULT_DIGEST) <UTF8 string>"
Getter that returns the default digest name.
(Currently returns \*(L"\s-1SHA256\*(R"\s0 as of OpenSSL 3.0).
.ie n .IP """dhkem-ikm"" (\fB\s-1OSSL_PKEY_PARAM_DHKEM_IKM\s0\fR) <octet string>" 4
.el .IP "``dhkem-ikm'' (\fB\s-1OSSL_PKEY_PARAM_DHKEM_IKM\s0\fR) <octet string>" 4
.IX Item "dhkem-ikm (OSSL_PKEY_PARAM_DHKEM_IKM) <octet string>"
\&\s-1DHKEM\s0 requires the generation of a keypair using an input key material (seed).
Use this to specify the key material used for generation of the private key.
This value should not be reused for other purposes. It can only be used
for the curves \*(L"P\-256\*(R", \*(L"P\-384\*(R" and \*(L"P\-521\*(R" and should have a length of at least
the size of the encoded private key (i.e. 32, 48 and 66 for the listed curves).
.PP
The following Gettable types are also available for the built-in \s-1EC\s0 algorithm:
.ie n .IP """basis-type"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``basis-type'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "basis-type (OSSL_PKEY_PARAM_EC_CHAR2_TYPE) <UTF8 string>"
Supports the values \*(L"tpBasis\*(R" for a trinomial or \*(L"ppBasis\*(R" for a pentanomial.
This field is only used for a binary field F2^m.
.ie n .IP """m"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_M\s0\fR) <integer>" 4
.el .IP "``m'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_M\s0\fR) <integer>" 4
.IX Item "m (OSSL_PKEY_PARAM_EC_CHAR2_M) <integer>"
.PD 0
.ie n .IP """tp"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS\s0\fR) <integer>" 4
.el .IP "``tp'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS\s0\fR) <integer>" 4
.IX Item "tp (OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS) <integer>"
.ie n .IP """k1"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K1\s0\fR) <integer>" 4
.el .IP "``k1'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K1\s0\fR) <integer>" 4
.IX Item "k1 (OSSL_PKEY_PARAM_EC_CHAR2_PP_K1) <integer>"
.ie n .IP """k2"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K2\s0\fR) <integer>" 4
.el .IP "``k2'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K2\s0\fR) <integer>" 4
.IX Item "k2 (OSSL_PKEY_PARAM_EC_CHAR2_PP_K2) <integer>"
.ie n .IP """k3"" (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K3\s0\fR) <integer>" 4
.el .IP "``k3'' (\fB\s-1OSSL_PKEY_PARAM_EC_CHAR2_PP_K3\s0\fR) <integer>" 4
.IX Item "k3 (OSSL_PKEY_PARAM_EC_CHAR2_PP_K3) <integer>"
.PD
These fields are only used for a binary field F2^m.
\&\fIm\fR is the degree of the binary field.
.Sp
\&\fItp\fR is the middle bit of a trinomial so its value must be in the
range m > tp > 0.
.Sp
\&\fIk1\fR, \fIk2\fR and \fIk3\fR are used to get the middle bits of a pentanomial such
that m > k3 > k2 > k1 > 0
.PP
The following key generation settable parameter is also available for the
OpenSSL \s-1FIPS\s0 provider's \s-1EC\s0 algorithm:
.ie n .IP """key-check"" (\fB\s-1OSSL_PKEY_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_PKEY_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_PKEY_PARAM_FIPS_KEY_CHECK) <integer>"
See \*(L"Common Information Parameters\*(R" in \fBprovider\-keymgmt\fR\|(7) for further information.
.PP
The following key generation Gettable parameter is available for the OpenSSL
\&\s-1FIPS\s0 provider's \s-1EC\s0 algorithm:
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
See \*(L"Common Information Parameters\*(R" in \fBprovider\-keymgmt\fR\|(7) for further information.
.SS "\s-1EC\s0 key validation"
.IX Subsection "EC key validation"
For \s-1EC\s0 keys, \fBEVP_PKEY_param_check\fR\|(3) behaves in the following way:
For the OpenSSL default provider it uses either
\&\fBEC_GROUP_check\fR\|(3) or \fBEC_GROUP_check_named_curve\fR\|(3) depending on the flag
\&\s-1EC_FLAG_CHECK_NAMED_GROUP.\s0
The OpenSSL \s-1FIPS\s0 provider uses \fBEC_GROUP_check_named_curve\fR\|(3) in order to
conform to SP800\-56Ar3 \fIAssurances of Domain-Parameter Validity\fR.
.PP
For \s-1EC\s0 keys, \fBEVP_PKEY_param_check_quick\fR\|(3) is equivalent to
\&\fBEVP_PKEY_param_check\fR\|(3).
.PP
For \s-1EC\s0 keys, \fBEVP_PKEY_public_check\fR\|(3) and \fBEVP_PKEY_public_check_quick\fR\|(3)
conform to SP800\-56Ar3 \fI\s-1ECC\s0 Full Public-Key Validation\fR and
\&\fI\s-1ECC\s0 Partial Public-Key Validation\fR respectively.
.PP
For \s-1EC\s0 Keys, \fBEVP_PKEY_private_check\fR\|(3) and \fBEVP_PKEY_pairwise_check\fR\|(3)
conform to SP800\-56Ar3 \fIPrivate key validity\fR and
\&\fIOwner Assurance of Pair-wise Consistency\fR respectively.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
An \fB\s-1EVP_PKEY\s0\fR context can be obtained by calling:
.PP
.Vb 2
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
.Ve
.PP
An \fB\s-1EVP_PKEY\s0\fR \s-1ECDSA\s0 or \s-1ECDH\s0 key can be generated with a \*(L"P\-256\*(R" named group by
calling:
.PP
.Vb 1
\& pkey = EVP_EC_gen("P\-256");
.Ve
.PP
or like this:
.PP
.Vb 4
\& EVP_PKEY *key = NULL;
\& OSSL_PARAM params[2];
\& EVP_PKEY_CTX *gctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
\&
\& EVP_PKEY_keygen_init(gctx);
\&
\& params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
\& "P\-256", 0);
\& params[1] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(gctx, params);
\&
\& EVP_PKEY_generate(gctx, &key);
\&
\& EVP_PKEY_print_private(bio_out, key, 0, NULL);
\& ...
\& EVP_PKEY_free(key);
\& EVP_PKEY_CTX_free(gctx);
.Ve
.PP
An \fB\s-1EVP_PKEY\s0\fR \s-1EC CDH\s0 (Cofactor Diffie-Hellman) key can be generated with a
\&\*(L"K\-571\*(R" named group by calling:
.PP
.Vb 5
\& int use_cdh = 1;
\& EVP_PKEY *key = NULL;
\& OSSL_PARAM params[3];
\& EVP_PKEY_CTX *gctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
\&
\& EVP_PKEY_keygen_init(gctx);
\&
\& params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
\& "K\-571", 0);
\& /*
\& * This curve has a cofactor that is not 1 \- so setting CDH mode changes
\& * the behaviour. For many curves the cofactor is 1 \- so setting this has
\& * no effect.
\& */
\& params[1] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH,
\& &use_cdh);
\& params[2] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(gctx, params);
\&
\& EVP_PKEY_generate(gctx, &key);
\& EVP_PKEY_print_private(bio_out, key, 0, NULL);
\& ...
\& EVP_PKEY_free(key);
\& EVP_PKEY_CTX_free(gctx);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_EC_gen\fR\|(3),
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7),
\&\s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7),
\&\s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

346
openssl-3.4.2/doc/man/man7/EVP_PKEY-FFC.7 Normal file
View File

@@ -0,0 +1,346 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-FFC 7ossl"
.TH EVP_PKEY-FFC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-FFC \- EVP_PKEY DSA and DH/DHX shared FFC parameters.
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Finite field cryptography (\s-1FFC\s0) is a method of implementing discrete logarithm
cryptography using finite field mathematics. \s-1DSA\s0 is an example of \s-1FFC\s0 and
Diffie-Hellman key establishment algorithms specified in \s-1SP800\-56A\s0 can also be
implemented as \s-1FFC.\s0
.PP
The \fB\s-1DSA\s0\fR, \fB\s-1DH\s0\fR and \fB\s-1DHX\s0\fR keytypes are implemented in OpenSSL's default and
\&\s-1FIPS\s0 providers.
The implementations support the basic \s-1DSA, DH\s0 and \s-1DHX\s0 keys, containing the public
and private keys \fIpub\fR and \fIpriv\fR as well as the three main domain parameters
\&\fIp\fR, \fIq\fR and \fIg\fR.
.PP
For \fB\s-1DSA\s0\fR (and \fB\s-1DH\s0\fR that is not a named group) the \s-1FIPS186\-4\s0 standard
specifies that the values used for \s-1FFC\s0 parameter generation are also required
for parameter validation.
This means that optional \s-1FFC\s0 domain parameter values for \fIseed\fR, \fIpcounter\fR
and \fIgindex\fR may need to be stored for validation purposes.
For \fB\s-1DH\s0\fR the \fIseed\fR and \fIpcounter\fR can be stored in \s-1ASN1\s0 data
(but the \fIgindex\fR is not). For \fB\s-1DSA\s0\fR however, these fields are not stored in
the \s-1ASN1\s0 data so they need to be stored externally if validation is required.
.PP
The \fB\s-1DH\s0\fR key type uses PKCS#3 format which saves p and g, but not the 'q' value.
The \fB\s-1DHX\s0\fR key type uses X9.42 format which saves the value of 'q' and this
must be used for \s-1FIPS186\-4.\s0
.SS "\s-1FFC\s0 parameters"
.IX Subsection "FFC parameters"
In addition to the common parameters that all keytypes should support (see
\&\*(L"Common parameters\*(R" in \fBprovider\-keymgmt\fR\|(7)), the \fB\s-1DSA\s0\fR, \fB\s-1DH\s0\fR and \fB\s-1DHX\s0\fR keytype
implementations support the following.
.ie n .IP """pub"" (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <unsigned integer>" 4
.el .IP "``pub'' (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <unsigned integer>" 4
.IX Item "pub (OSSL_PKEY_PARAM_PUB_KEY) <unsigned integer>"
The public key value.
.ie n .IP """priv"" (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <unsigned integer>" 4
.el .IP "``priv'' (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <unsigned integer>" 4
.IX Item "priv (OSSL_PKEY_PARAM_PRIV_KEY) <unsigned integer>"
The private key value.
.SS "\s-1FFC DSA, DH\s0 and \s-1DHX\s0 domain parameters"
.IX Subsection "FFC DSA, DH and DHX domain parameters"
.ie n .IP """p"" (\fB\s-1OSSL_PKEY_PARAM_FFC_P\s0\fR) <unsigned integer>" 4
.el .IP "``p'' (\fB\s-1OSSL_PKEY_PARAM_FFC_P\s0\fR) <unsigned integer>" 4
.IX Item "p (OSSL_PKEY_PARAM_FFC_P) <unsigned integer>"
A \s-1DSA\s0 or Diffie-Hellman prime \*(L"p\*(R" value.
.ie n .IP """g"" (\fB\s-1OSSL_PKEY_PARAM_FFC_G\s0\fR) <unsigned integer>" 4
.el .IP "``g'' (\fB\s-1OSSL_PKEY_PARAM_FFC_G\s0\fR) <unsigned integer>" 4
.IX Item "g (OSSL_PKEY_PARAM_FFC_G) <unsigned integer>"
A \s-1DSA\s0 or Diffie-Hellman generator \*(L"g\*(R" value.
.SS "\s-1FFC DSA\s0 and \s-1DHX\s0 domain parameters"
.IX Subsection "FFC DSA and DHX domain parameters"
.ie n .IP """q"" (\fB\s-1OSSL_PKEY_PARAM_FFC_Q\s0\fR) <unsigned integer>" 4
.el .IP "``q'' (\fB\s-1OSSL_PKEY_PARAM_FFC_Q\s0\fR) <unsigned integer>" 4
.IX Item "q (OSSL_PKEY_PARAM_FFC_Q) <unsigned integer>"
A \s-1DSA\s0 or Diffie-Hellman prime \*(L"q\*(R" value.
.ie n .IP """seed"" (\fB\s-1OSSL_PKEY_PARAM_FFC_SEED\s0\fR) <octet string>" 4
.el .IP "``seed'' (\fB\s-1OSSL_PKEY_PARAM_FFC_SEED\s0\fR) <octet string>" 4
.IX Item "seed (OSSL_PKEY_PARAM_FFC_SEED) <octet string>"
An optional domain parameter \fIseed\fR value used during generation and validation
of \fIp\fR, \fIq\fR and canonical \fIg\fR.
For validation this needs to set the \fIseed\fR that was produced during generation.
.ie n .IP """gindex"" (\fB\s-1OSSL_PKEY_PARAM_FFC_GINDEX\s0\fR) <integer>" 4
.el .IP "``gindex'' (\fB\s-1OSSL_PKEY_PARAM_FFC_GINDEX\s0\fR) <integer>" 4
.IX Item "gindex (OSSL_PKEY_PARAM_FFC_GINDEX) <integer>"
Sets the index to use for canonical generation and verification of the generator
\&\fIg\fR.
Set this to a positive value from 0..FF to use this mode. This \fIgindex\fR can
then be reused during key validation to verify the value of \fIg\fR. If this value
is not set or is \-1 then unverifiable generation of the generator \fIg\fR will be
used.
.ie n .IP """pcounter"" (\fB\s-1OSSL_PKEY_PARAM_FFC_PCOUNTER\s0\fR) <integer>" 4
.el .IP "``pcounter'' (\fB\s-1OSSL_PKEY_PARAM_FFC_PCOUNTER\s0\fR) <integer>" 4
.IX Item "pcounter (OSSL_PKEY_PARAM_FFC_PCOUNTER) <integer>"
An optional domain parameter \fIcounter\fR value that is output during generation
of \fIp\fR. This value must be saved if domain parameter validation is required.
.ie n .IP """hindex"" (\fB\s-1OSSL_PKEY_PARAM_FFC_H\s0\fR) <integer>" 4
.el .IP "``hindex'' (\fB\s-1OSSL_PKEY_PARAM_FFC_H\s0\fR) <integer>" 4
.IX Item "hindex (OSSL_PKEY_PARAM_FFC_H) <integer>"
For unverifiable generation of the generator \fIg\fR this value is output during
generation of \fIg\fR. Its value is the first integer larger than one that
satisfies g = h^j mod p (where g != 1 and \*(L"j\*(R" is the cofactor).
.ie n .IP """j"" (\fB\s-1OSSL_PKEY_PARAM_FFC_COFACTOR\s0\fR) <unsigned integer>" 4
.el .IP "``j'' (\fB\s-1OSSL_PKEY_PARAM_FFC_COFACTOR\s0\fR) <unsigned integer>" 4
.IX Item "j (OSSL_PKEY_PARAM_FFC_COFACTOR) <unsigned integer>"
An optional informational cofactor parameter that should equal to (p \- 1) / q.
.ie n .IP """validate-pq"" (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_PQ\s0\fR) <unsigned integer>" 4
.el .IP "``validate-pq'' (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_PQ\s0\fR) <unsigned integer>" 4
.IX Item "validate-pq (OSSL_PKEY_PARAM_FFC_VALIDATE_PQ) <unsigned integer>"
.PD 0
.ie n .IP """validate-g"" (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_G\s0\fR) <unsigned integer>" 4
.el .IP "``validate-g'' (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_G\s0\fR) <unsigned integer>" 4
.IX Item "validate-g (OSSL_PKEY_PARAM_FFC_VALIDATE_G) <unsigned integer>"
.PD
These boolean values are used during \s-1FIPS186\-4\s0 or \s-1FIPS186\-2\s0 key validation checks
(See \fBEVP_PKEY_param_check\fR\|(3)) to select validation options. By default
\&\fIvalidate-pq\fR and \fIvalidate-g\fR are both set to 1 to check that p,q and g are
valid. Either of these may be set to 0 to skip a test, which is mainly useful
for testing purposes.
.ie n .IP """validate-legacy"" (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY\s0\fR) <unsigned integer>" 4
.el .IP "``validate-legacy'' (\fB\s-1OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY\s0\fR) <unsigned integer>" 4
.IX Item "validate-legacy (OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY) <unsigned integer>"
This boolean value is used during key validation checks
(See \fBEVP_PKEY_param_check\fR\|(3)) to select the validation type. The default
value of 0 selects \s-1FIPS186\-4\s0 validation. Setting this value to 1 selects
\&\s-1FIPS186\-2\s0 validation.
.SS "\s-1FFC\s0 key generation parameters"
.IX Subsection "FFC key generation parameters"
The following key generation types are available for \s-1DSA\s0 and \s-1DHX\s0 algorithms:
.ie n .IP """type"" (\fB\s-1OSSL_PKEY_PARAM_FFC_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``type'' (\fB\s-1OSSL_PKEY_PARAM_FFC_TYPE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "type (OSSL_PKEY_PARAM_FFC_TYPE) <UTF8 string>"
Sets the type of parameter generation. The shared valid values are:
.RS 4
.ie n .IP """fips186_4""" 4
.el .IP "``fips186_4''" 4
.IX Item "fips186_4"
The current standard.
.ie n .IP """fips186_2""" 4
.el .IP "``fips186_2''" 4
.IX Item "fips186_2"
The old standard that should only be used for legacy purposes.
.ie n .IP """default""" 4
.el .IP "``default''" 4
.IX Item "default"
This can choose one of \*(L"fips186_4\*(R" or \*(L"fips186_2\*(R" depending on other
parameters set for parameter generation.
.RE
.RS 4
.RE
.ie n .IP """pbits"" (\fB\s-1OSSL_PKEY_PARAM_FFC_PBITS\s0\fR) <unsigned integer>" 4
.el .IP "``pbits'' (\fB\s-1OSSL_PKEY_PARAM_FFC_PBITS\s0\fR) <unsigned integer>" 4
.IX Item "pbits (OSSL_PKEY_PARAM_FFC_PBITS) <unsigned integer>"
Sets the size (in bits) of the prime 'p'.
.ie n .IP """qbits"" (\fB\s-1OSSL_PKEY_PARAM_FFC_QBITS\s0\fR) <unsigned integer>" 4
.el .IP "``qbits'' (\fB\s-1OSSL_PKEY_PARAM_FFC_QBITS\s0\fR) <unsigned integer>" 4
.IX Item "qbits (OSSL_PKEY_PARAM_FFC_QBITS) <unsigned integer>"
Sets the size (in bits) of the prime 'q'.
.Sp
For \*(L"fips186_4\*(R" this can be either 224 or 256.
For \*(L"fips186_2\*(R" this has a size of 160.
.ie n .IP """digest"" (\fB\s-1OSSL_PKEY_PARAM_FFC_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_PKEY_PARAM_FFC_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_PKEY_PARAM_FFC_DIGEST) <UTF8 string>"
Sets the Digest algorithm to be used as part of the Key Generation Function
associated with the given Key Generation \fIctx\fR.
This must also be set for key validation.
.ie n .IP """properties"" (\fB\s-1OSSL_PKEY_PARAM_FFC_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_PKEY_PARAM_FFC_DIGEST_PROPS\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_PKEY_PARAM_FFC_DIGEST_PROPS) <UTF8 string>"
Sets properties to be used upon look up of the implementation for the selected
Digest algorithm for the Key Generation Function associated with the given key
generation \fIctx\fR. This may also be set for key validation.
.ie n .IP """seed"" (\fB\s-1OSSL_PKEY_PARAM_FFC_SEED\s0\fR) <octet string>" 4
.el .IP "``seed'' (\fB\s-1OSSL_PKEY_PARAM_FFC_SEED\s0\fR) <octet string>" 4
.IX Item "seed (OSSL_PKEY_PARAM_FFC_SEED) <octet string>"
For \*(L"fips186_4\*(R" or \*(L"fips186_2\*(R" generation this sets the \fIseed\fR data to use
instead of generating a random seed internally. This should be used for
testing purposes only. This will either produce fixed values for the generated
parameters \s-1OR\s0 it will fail if the seed did not generate valid primes.
.ie n .IP """gindex"" (\fB\s-1OSSL_PKEY_PARAM_FFC_GINDEX\s0\fR) <integer>" 4
.el .IP "``gindex'' (\fB\s-1OSSL_PKEY_PARAM_FFC_GINDEX\s0\fR) <integer>" 4
.IX Item "gindex (OSSL_PKEY_PARAM_FFC_GINDEX) <integer>"
.PD 0
.ie n .IP """pcounter"" (\fB\s-1OSSL_PKEY_PARAM_FFC_PCOUNTER\s0\fR) <integer>" 4
.el .IP "``pcounter'' (\fB\s-1OSSL_PKEY_PARAM_FFC_PCOUNTER\s0\fR) <integer>" 4
.IX Item "pcounter (OSSL_PKEY_PARAM_FFC_PCOUNTER) <integer>"
.ie n .IP """hindex"" (\fB\s-1OSSL_PKEY_PARAM_FFC_H\s0\fR) <integer>" 4
.el .IP "``hindex'' (\fB\s-1OSSL_PKEY_PARAM_FFC_H\s0\fR) <integer>" 4
.IX Item "hindex (OSSL_PKEY_PARAM_FFC_H) <integer>"
.PD
These types are described above.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
The following sections of SP800\-56Ar3:
.IP "5.5.1.1 \s-1FFC\s0 Domain Parameter Selection/Generation" 4
.IX Item "5.5.1.1 FFC Domain Parameter Selection/Generation"
.PP
The following sections of \s-1FIPS186\-4:\s0
.IP "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function." 4
.IX Item "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function."
.PD 0
.IP "A.2.3 Generation of canonical generator g." 4
.IX Item "A.2.3 Generation of canonical generator g."
.IP "A.2.1 Unverifiable Generation of the Generator g." 4
.IX Item "A.2.1 Unverifiable Generation of the Generator g."
.PD
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-DSA\s0\fR\|(7),
\&\s-1\fBEVP_PKEY\-DH\s0\fR\|(7),
\&\s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7),
\&\s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3),
\&\s-1\fBEVP_PKEY\s0\fR\|(3),
\&\fBprovider\-keymgmt\fR\|(7),
\&\fBOSSL_PROVIDER\-default\fR\|(7),
\&\s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

207
openssl-3.4.2/doc/man/man7/EVP_PKEY-HMAC.7 Normal file
View File

@@ -0,0 +1,207 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-HMAC 7ossl"
.TH EVP_PKEY-HMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-HMAC, EVP_KEYMGMT\-HMAC, EVP_PKEY\-Siphash, EVP_KEYMGMT\-Siphash,
EVP_PKEY\-Poly1305, EVP_KEYMGMT\-Poly1305, EVP_PKEY\-CMAC, EVP_KEYMGMT\-CMAC
\&\- EVP_PKEY legacy MAC keytypes and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1HMAC\s0\fR and \fB\s-1CMAC\s0\fR key types are implemented in OpenSSL's default and \s-1FIPS\s0
providers. Additionally the \fBSiphash\fR and \fBPoly1305\fR key types are implemented
in the default provider. Performing \s-1MAC\s0 operations via an \s-1EVP_PKEY\s0
is considered legacy and are only available for backwards compatibility purposes
and for a restricted set of algorithms. The preferred way of performing \s-1MAC\s0
operations is via the \s-1EVP_MAC\s0 APIs. See \fBEVP_MAC_init\fR\|(3).
.PP
For further details on using \s-1EVP_PKEY\s0 based \s-1MAC\s0 keys see
\&\s-1\fBEVP_SIGNATURE\-HMAC\s0\fR\|(7), \fBEVP_SIGNATURE\-Siphash\fR\|(7),
\&\fBEVP_SIGNATURE\-Poly1305\fR\|(7) or \s-1\fBEVP_SIGNATURE\-CMAC\s0\fR\|(7).
.SS "Common \s-1MAC\s0 parameters"
.IX Subsection "Common MAC parameters"
All the \fB\s-1MAC\s0\fR keytypes support the following parameters.
.ie n .IP """priv"" (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.el .IP "``priv'' (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.IX Item "priv (OSSL_PKEY_PARAM_PRIV_KEY) <octet string>"
The \s-1MAC\s0 key value.
.ie n .IP """properties"" (\fB\s-1OSSL_PKEY_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_PKEY_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_PKEY_PARAM_PROPERTIES) <UTF8 string>"
A property query string to be used when any algorithms are fetched.
.SS "\s-1CMAC\s0 parameters"
.IX Subsection "CMAC parameters"
As well as the parameters described above, the \fB\s-1CMAC\s0\fR keytype additionally
supports the following parameters.
.ie n .IP """cipher"" (\fB\s-1OSSL_PKEY_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_PKEY_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_PKEY_PARAM_CIPHER) <UTF8 string>"
The name of a cipher to be used when generating the \s-1MAC.\s0
.ie n .IP """engine"" (\fB\s-1OSSL_PKEY_PARAM_ENGINE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``engine'' (\fB\s-1OSSL_PKEY_PARAM_ENGINE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "engine (OSSL_PKEY_PARAM_ENGINE) <UTF8 string>"
The name of an engine to be used for the specified cipher (if any).
.SS "Common \s-1MAC\s0 key generation parameters"
.IX Subsection "Common MAC key generation parameters"
\&\s-1MAC\s0 key generation is unusual in that no new key is actually generated. Instead
a new provider side key object is created with the supplied raw key value. This
is done for backwards compatibility with previous versions of OpenSSL.
.ie n .IP """priv"" (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.el .IP "``priv'' (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.IX Item "priv (OSSL_PKEY_PARAM_PRIV_KEY) <octet string>"
The \s-1MAC\s0 key value.
.SS "\s-1CMAC\s0 key generation parameters"
.IX Subsection "CMAC key generation parameters"
In addition to the common \s-1MAC\s0 key generation parameters, the \s-1CMAC\s0 key generation
additionally recognises the following.
.ie n .IP """cipher"" (\fB\s-1OSSL_PKEY_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_PKEY_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_PKEY_PARAM_CIPHER) <UTF8 string>"
The name of a cipher to be used when generating the \s-1MAC.\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3), \s-1\fBEVP_PKEY\s0\fR\|(3), \fBprovider\-keymgmt\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

438
openssl-3.4.2/doc/man/man7/EVP_PKEY-RSA.7 Normal file
View File

@@ -0,0 +1,438 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-RSA 7ossl"
.TH EVP_PKEY-RSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-RSA, EVP_KEYMGMT\-RSA, RSA
\&\- EVP_PKEY RSA keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1RSA\s0\fR keytype is implemented in OpenSSL's default and \s-1FIPS\s0 providers.
That implementation supports the basic \s-1RSA\s0 keys, containing the modulus \fIn\fR,
the public exponent \fIe\fR, the private exponent \fId\fR, and a collection of prime
factors, exponents and coefficient for \s-1CRT\s0 calculations, of which the first
few are known as \fIp\fR and \fIq\fR, \fIdP\fR and \fIdQ\fR, and \fIqInv\fR.
.SS "Common \s-1RSA\s0 parameters"
.IX Subsection "Common RSA parameters"
In addition to the common parameters that all keytypes should support (see
\&\*(L"Common parameters\*(R" in \fBprovider\-keymgmt\fR\|(7)), the \fB\s-1RSA\s0\fR keytype implementation
supports the following.
.ie n .IP """n"" (\fB\s-1OSSL_PKEY_PARAM_RSA_N\s0\fR) <unsigned integer>" 4
.el .IP "``n'' (\fB\s-1OSSL_PKEY_PARAM_RSA_N\s0\fR) <unsigned integer>" 4
.IX Item "n (OSSL_PKEY_PARAM_RSA_N) <unsigned integer>"
The \s-1RSA\s0 modulus \*(L"n\*(R" value.
.ie n .IP """e"" (\fB\s-1OSSL_PKEY_PARAM_RSA_E\s0\fR) <unsigned integer>" 4
.el .IP "``e'' (\fB\s-1OSSL_PKEY_PARAM_RSA_E\s0\fR) <unsigned integer>" 4
.IX Item "e (OSSL_PKEY_PARAM_RSA_E) <unsigned integer>"
The \s-1RSA\s0 public exponent \*(L"e\*(R" value.
This value must always be set when creating a raw key using \fBEVP_PKEY_fromdata\fR\|(3).
Note that when a decryption operation is performed, that this value is used for
blinding purposes to prevent timing attacks.
.ie n .IP """d"" (\fB\s-1OSSL_PKEY_PARAM_RSA_D\s0\fR) <unsigned integer>" 4
.el .IP "``d'' (\fB\s-1OSSL_PKEY_PARAM_RSA_D\s0\fR) <unsigned integer>" 4
.IX Item "d (OSSL_PKEY_PARAM_RSA_D) <unsigned integer>"
The \s-1RSA\s0 private exponent \*(L"d\*(R" value.
.ie n .IP """rsa\-factor1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR1\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR1\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor1 (OSSL_PKEY_PARAM_RSA_FACTOR1) <unsigned integer>"
.PD 0
.ie n .IP """rsa\-factor2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR2\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR2\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor2 (OSSL_PKEY_PARAM_RSA_FACTOR2) <unsigned integer>"
.ie n .IP """rsa\-factor3"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR3\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor3'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR3\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor3 (OSSL_PKEY_PARAM_RSA_FACTOR3) <unsigned integer>"
.ie n .IP """rsa\-factor4"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR4\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor4'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR4\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor4 (OSSL_PKEY_PARAM_RSA_FACTOR4) <unsigned integer>"
.ie n .IP """rsa\-factor5"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR5\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor5'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR5\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor5 (OSSL_PKEY_PARAM_RSA_FACTOR5) <unsigned integer>"
.ie n .IP """rsa\-factor6"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR6\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor6'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR6\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor6 (OSSL_PKEY_PARAM_RSA_FACTOR6) <unsigned integer>"
.ie n .IP """rsa\-factor7"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR7\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor7'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR7\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor7 (OSSL_PKEY_PARAM_RSA_FACTOR7) <unsigned integer>"
.ie n .IP """rsa\-factor8"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR8\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor8'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR8\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor8 (OSSL_PKEY_PARAM_RSA_FACTOR8) <unsigned integer>"
.ie n .IP """rsa\-factor9"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR9\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor9'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR9\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor9 (OSSL_PKEY_PARAM_RSA_FACTOR9) <unsigned integer>"
.ie n .IP """rsa\-factor10"" (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR10\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-factor10'' (\fB\s-1OSSL_PKEY_PARAM_RSA_FACTOR10\s0\fR) <unsigned integer>" 4
.IX Item "rsa-factor10 (OSSL_PKEY_PARAM_RSA_FACTOR10) <unsigned integer>"
.PD
\&\s-1RSA\s0 prime factors. The factors are known as \*(L"p\*(R", \*(L"q\*(R" and \*(L"r_i\*(R" in \s-1RFC8017.\s0
Up to eight additional \*(L"r_i\*(R" prime factors are supported.
.ie n .IP """rsa\-exponent1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT1\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT1\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent1 (OSSL_PKEY_PARAM_RSA_EXPONENT1) <unsigned integer>"
.PD 0
.ie n .IP """rsa\-exponent2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT2\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT2\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent2 (OSSL_PKEY_PARAM_RSA_EXPONENT2) <unsigned integer>"
.ie n .IP """rsa\-exponent3"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT3\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent3'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT3\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent3 (OSSL_PKEY_PARAM_RSA_EXPONENT3) <unsigned integer>"
.ie n .IP """rsa\-exponent4"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT4\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent4'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT4\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent4 (OSSL_PKEY_PARAM_RSA_EXPONENT4) <unsigned integer>"
.ie n .IP """rsa\-exponent5"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT5\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent5'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT5\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent5 (OSSL_PKEY_PARAM_RSA_EXPONENT5) <unsigned integer>"
.ie n .IP """rsa\-exponent6"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT6\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent6'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT6\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent6 (OSSL_PKEY_PARAM_RSA_EXPONENT6) <unsigned integer>"
.ie n .IP """rsa\-exponent7"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT7\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent7'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT7\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent7 (OSSL_PKEY_PARAM_RSA_EXPONENT7) <unsigned integer>"
.ie n .IP """rsa\-exponent8"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT8\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent8'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT8\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent8 (OSSL_PKEY_PARAM_RSA_EXPONENT8) <unsigned integer>"
.ie n .IP """rsa\-exponent9"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT9\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent9'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT9\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent9 (OSSL_PKEY_PARAM_RSA_EXPONENT9) <unsigned integer>"
.ie n .IP """rsa\-exponent10"" (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT10\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-exponent10'' (\fB\s-1OSSL_PKEY_PARAM_RSA_EXPONENT10\s0\fR) <unsigned integer>" 4
.IX Item "rsa-exponent10 (OSSL_PKEY_PARAM_RSA_EXPONENT10) <unsigned integer>"
.PD
\&\s-1RSA CRT\s0 (Chinese Remainder Theorem) exponents. The exponents are known
as \*(L"dP\*(R", \*(L"dQ\*(R" and \*(L"d_i\*(R" in \s-1RFC8017.\s0
Up to eight additional \*(L"d_i\*(R" exponents are supported.
.ie n .IP """rsa\-coefficient1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT1\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT1\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient1 (OSSL_PKEY_PARAM_RSA_COEFFICIENT1) <unsigned integer>"
.PD 0
.ie n .IP """rsa\-coefficient2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT2\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT2\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient2 (OSSL_PKEY_PARAM_RSA_COEFFICIENT2) <unsigned integer>"
.ie n .IP """rsa\-coefficient3"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT3\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient3'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT3\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient3 (OSSL_PKEY_PARAM_RSA_COEFFICIENT3) <unsigned integer>"
.ie n .IP """rsa\-coefficient4"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT4\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient4'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT4\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient4 (OSSL_PKEY_PARAM_RSA_COEFFICIENT4) <unsigned integer>"
.ie n .IP """rsa\-coefficient5"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT5\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient5'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT5\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient5 (OSSL_PKEY_PARAM_RSA_COEFFICIENT5) <unsigned integer>"
.ie n .IP """rsa\-coefficient6"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT6\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient6'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT6\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient6 (OSSL_PKEY_PARAM_RSA_COEFFICIENT6) <unsigned integer>"
.ie n .IP """rsa\-coefficient7"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT7\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient7'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT7\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient7 (OSSL_PKEY_PARAM_RSA_COEFFICIENT7) <unsigned integer>"
.ie n .IP """rsa\-coefficient8"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT8\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient8'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT8\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient8 (OSSL_PKEY_PARAM_RSA_COEFFICIENT8) <unsigned integer>"
.ie n .IP """rsa\-coefficient9"" (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT9\s0\fR) <unsigned integer>" 4
.el .IP "``rsa\-coefficient9'' (\fB\s-1OSSL_PKEY_PARAM_RSA_COEFFICIENT9\s0\fR) <unsigned integer>" 4
.IX Item "rsa-coefficient9 (OSSL_PKEY_PARAM_RSA_COEFFICIENT9) <unsigned integer>"
.PD
\&\s-1RSA CRT\s0 (Chinese Remainder Theorem) coefficients. The coefficients are known as
\&\*(L"qInv\*(R" and \*(L"t_i\*(R".
Up to eight additional \*(L"t_i\*(R" exponents are supported.
.SS "\s-1RSA\s0 key generation parameters"
.IX Subsection "RSA key generation parameters"
When generating \s-1RSA\s0 keys, the following key generation parameters may be used.
.ie n .IP """bits"" (\fB\s-1OSSL_PKEY_PARAM_RSA_BITS\s0\fR) <unsigned integer>" 4
.el .IP "``bits'' (\fB\s-1OSSL_PKEY_PARAM_RSA_BITS\s0\fR) <unsigned integer>" 4
.IX Item "bits (OSSL_PKEY_PARAM_RSA_BITS) <unsigned integer>"
The value should be the cryptographic length for the \fB\s-1RSA\s0\fR cryptosystem, in
bits.
.ie n .IP """primes"" (\fB\s-1OSSL_PKEY_PARAM_RSA_PRIMES\s0\fR) <unsigned integer>" 4
.el .IP "``primes'' (\fB\s-1OSSL_PKEY_PARAM_RSA_PRIMES\s0\fR) <unsigned integer>" 4
.IX Item "primes (OSSL_PKEY_PARAM_RSA_PRIMES) <unsigned integer>"
The value should be the number of primes for the generated \fB\s-1RSA\s0\fR key. The
default is 2. It isn't permitted to specify a larger number of primes than
10. Additionally, the number of primes is limited by the length of the key
being generated so the maximum number could be less.
Some providers may only support a value of 2.
.ie n .IP """e"" (\fB\s-1OSSL_PKEY_PARAM_RSA_E\s0\fR) <unsigned integer>" 4
.el .IP "``e'' (\fB\s-1OSSL_PKEY_PARAM_RSA_E\s0\fR) <unsigned integer>" 4
.IX Item "e (OSSL_PKEY_PARAM_RSA_E) <unsigned integer>"
The \s-1RSA\s0 \*(L"e\*(R" value. The value may be any odd number greater than or equal to
65537. The default value is 65537.
For legacy reasons a value of 3 is currently accepted but is deprecated.
.ie n .IP """rsa-derive-from-pq"" (\fB\s-1OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ\s0\fR) <unsigned integer>" 4
.el .IP "``rsa-derive-from-pq'' (\fB\s-1OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ\s0\fR) <unsigned integer>" 4
.IX Item "rsa-derive-from-pq (OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ) <unsigned integer>"
Indicate that missing parameters not passed in the parameter list should be
derived if not provided. Setting a nonzero value will cause all
needed exponents and coefficients to be derived if not available. Setting this
option requires at least \s-1OSSL_PARAM_RSA_FACTOR1, OSSL_PARAM_RSA_FACTOR2,\s0
and \s-1OSSL_PARAM_RSA_N\s0 to be provided. This option is ignored if
\&\s-1OSSL_KEYMGMT_SELECT_PRIVATE_KEY\s0 is not set in the selection parameter.
.SS "\s-1RSA\s0 key generation parameters for \s-1FIPS\s0 module testing"
.IX Subsection "RSA key generation parameters for FIPS module testing"
When generating \s-1RSA\s0 keys, the following additional key generation parameters may
be used for algorithm testing purposes only. Do not use these to generate
\&\s-1RSA\s0 keys for a production environment.
.ie n .IP """xp"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP\s0\fR) <unsigned integer>" 4
.el .IP "``xp'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP\s0\fR) <unsigned integer>" 4
.IX Item "xp (OSSL_PKEY_PARAM_RSA_TEST_XP) <unsigned integer>"
.PD 0
.ie n .IP """xq"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ\s0\fR) <unsigned integer>" 4
.el .IP "``xq'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ\s0\fR) <unsigned integer>" 4
.IX Item "xq (OSSL_PKEY_PARAM_RSA_TEST_XQ) <unsigned integer>"
.PD
These 2 fields are normally randomly generated and are used to generate \*(L"p\*(R" and
\&\*(L"q\*(R".
.ie n .IP """xp1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP1\s0\fR) <unsigned integer>" 4
.el .IP "``xp1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP1\s0\fR) <unsigned integer>" 4
.IX Item "xp1 (OSSL_PKEY_PARAM_RSA_TEST_XP1) <unsigned integer>"
.PD 0
.ie n .IP """xp2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP2\s0\fR) <unsigned integer>" 4
.el .IP "``xp2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XP2\s0\fR) <unsigned integer>" 4
.IX Item "xp2 (OSSL_PKEY_PARAM_RSA_TEST_XP2) <unsigned integer>"
.ie n .IP """xq1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ1\s0\fR) <unsigned integer>" 4
.el .IP "``xq1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ1\s0\fR) <unsigned integer>" 4
.IX Item "xq1 (OSSL_PKEY_PARAM_RSA_TEST_XQ1) <unsigned integer>"
.ie n .IP """xq2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ2\s0\fR) <unsigned integer>" 4
.el .IP "``xq2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_XQ2\s0\fR) <unsigned integer>" 4
.IX Item "xq2 (OSSL_PKEY_PARAM_RSA_TEST_XQ2) <unsigned integer>"
.PD
These 4 fields are normally randomly generated. The prime factors \*(L"p1\*(R", \*(L"p2\*(R",
\&\*(L"q1\*(R" and \*(L"q2\*(R" are determined from these values.
.SS "\s-1RSA\s0 key parameters for \s-1FIPS\s0 module testing"
.IX Subsection "RSA key parameters for FIPS module testing"
The following intermediate values can be retrieved only if the values
specified in \*(L"\s-1RSA\s0 key generation parameters for \s-1FIPS\s0 module testing\*(R" are set.
These should not be accessed in a production environment.
.ie n .IP """p1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_P1\s0\fR) <unsigned integer>" 4
.el .IP "``p1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_P1\s0\fR) <unsigned integer>" 4
.IX Item "p1 (OSSL_PKEY_PARAM_RSA_TEST_P1) <unsigned integer>"
.PD 0
.ie n .IP """p2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_P2\s0\fR) <unsigned integer>" 4
.el .IP "``p2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_P2\s0\fR) <unsigned integer>" 4
.IX Item "p2 (OSSL_PKEY_PARAM_RSA_TEST_P2) <unsigned integer>"
.ie n .IP """q1"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_Q1\s0\fR) <unsigned integer>" 4
.el .IP "``q1'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_Q1\s0\fR) <unsigned integer>" 4
.IX Item "q1 (OSSL_PKEY_PARAM_RSA_TEST_Q1) <unsigned integer>"
.ie n .IP """q2"" (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_Q2\s0\fR) <unsigned integer>" 4
.el .IP "``q2'' (\fB\s-1OSSL_PKEY_PARAM_RSA_TEST_Q2\s0\fR) <unsigned integer>" 4
.IX Item "q2 (OSSL_PKEY_PARAM_RSA_TEST_Q2) <unsigned integer>"
.PD
The auxiliary probable primes.
.SS "\s-1RSA\s0 key validation"
.IX Subsection "RSA key validation"
For \s-1RSA\s0 keys, \fBEVP_PKEY_param_check\fR\|(3) and \fBEVP_PKEY_param_check_quick\fR\|(3)
both return 1 unconditionally.
.PP
For \s-1RSA\s0 keys, \fBEVP_PKEY_public_check\fR\|(3) conforms to the SP800\-56Br1 \fIpublic key
check\fR when the OpenSSL \s-1FIPS\s0 provider is used. The OpenSSL default provider
performs similar tests but relaxes the keysize restrictions for backwards
compatibility.
.PP
For \s-1RSA\s0 keys, \fBEVP_PKEY_public_check_quick\fR\|(3) is the same as
\&\fBEVP_PKEY_public_check\fR\|(3).
.PP
For \s-1RSA\s0 keys, \fBEVP_PKEY_private_check\fR\|(3) conforms to the SP800\-56Br1
\&\fIprivate key test\fR.
.PP
For \s-1RSA\s0 keys, \fBEVP_PKEY_pairwise_check\fR\|(3) conforms to the
SP800\-56Br1 \fIKeyPair Validation check\fR for the OpenSSL \s-1FIPS\s0 provider. The
OpenSSL default provider allows testing of the validity of multi-primes.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "\s-1FIPS186\-4\s0" 4
.IX Item "FIPS186-4"
Section B.3.6 Generation of Probable Primes with Conditions Based on
Auxiliary Probable Primes
.IP "\s-1RFC 8017,\s0 excluding RSA-PSS and RSA-OAEP" 4
.IX Item "RFC 8017, excluding RSA-PSS and RSA-OAEP"
.SH "EXAMPLES"
.IX Header "EXAMPLES"
An \fB\s-1EVP_PKEY\s0\fR context can be obtained by calling:
.PP
.Vb 2
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
.Ve
.PP
An \fB\s-1RSA\s0\fR key can be generated simply like this:
.PP
.Vb 1
\& pkey = EVP_RSA_gen(4096);
.Ve
.PP
or like this:
.PP
.Vb 3
\& EVP_PKEY *pkey = NULL;
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
\&
\& EVP_PKEY_keygen_init(pctx);
\& EVP_PKEY_generate(pctx, &pkey);
\& EVP_PKEY_CTX_free(pctx);
.Ve
.PP
An \fB\s-1RSA\s0\fR key can be generated with key generation parameters:
.PP
.Vb 5
\& unsigned int primes = 3;
\& unsigned int bits = 4096;
\& OSSL_PARAM params[3];
\& EVP_PKEY *pkey = NULL;
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
\&
\& EVP_PKEY_keygen_init(pctx);
\&
\& params[0] = OSSL_PARAM_construct_uint("bits", &bits);
\& params[1] = OSSL_PARAM_construct_uint("primes", &primes);
\& params[2] = OSSL_PARAM_construct_end();
\& EVP_PKEY_CTX_set_params(pctx, params);
\&
\& EVP_PKEY_generate(pctx, &pkey);
\& EVP_PKEY_print_private(bio_out, pkey, 0, NULL);
\& EVP_PKEY_CTX_free(pctx);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_RSA_gen\fR\|(3), \s-1\fBEVP_KEYMGMT\s0\fR\|(3), \s-1\fBEVP_PKEY\s0\fR\|(3), \fBprovider\-keymgmt\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

227
openssl-3.4.2/doc/man/man7/EVP_PKEY-SM2.7 Normal file
View File

@@ -0,0 +1,227 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-SM2 7ossl"
.TH EVP_PKEY-SM2 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-SM2, EVP_KEYMGMT\-SM2, SM2
\&\- EVP_PKEY keytype support for the Chinese SM2 signature and encryption algorithms
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1SM2\s0\fR algorithm was first defined by the Chinese national standard \s-1GM/T
0003\-2012\s0 and was later standardized by \s-1ISO\s0 as \s-1ISO/IEC 14888.\s0 \fB\s-1SM2\s0\fR is actually
an elliptic curve based algorithm. The current implementation in OpenSSL supports
both signature and encryption schemes via the \s-1EVP\s0 interface.
.PP
When doing the \fB\s-1SM2\s0\fR signature algorithm, it requires a distinguishing identifier
to form the message prefix which is hashed before the real message is hashed.
.SS "Common \s-1SM2\s0 parameters"
.IX Subsection "Common SM2 parameters"
\&\s-1SM2\s0 uses the parameters defined in \*(L"Common \s-1EC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7).
The following parameters are different:
.ie n .IP """cofactor"" (\fB\s-1OSSL_PKEY_PARAM_EC_COFACTOR\s0\fR) <unsigned integer>" 4
.el .IP "``cofactor'' (\fB\s-1OSSL_PKEY_PARAM_EC_COFACTOR\s0\fR) <unsigned integer>" 4
.IX Item "cofactor (OSSL_PKEY_PARAM_EC_COFACTOR) <unsigned integer>"
This parameter is ignored for \fB\s-1SM2\s0\fR.
.IP "(\fB\s-1OSSL_PKEY_PARAM_DEFAULT_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "(OSSL_PKEY_PARAM_DEFAULT_DIGEST) <UTF8 string>"
Getter that returns the default digest name.
(Currently returns \*(L"\s-1SM3\*(R"\s0 as of OpenSSL 3.0).
.SH "NOTES"
.IX Header "NOTES"
\&\fB\s-1SM2\s0\fR signatures can be generated by using the 'DigestSign' series of APIs, for
instance, \fBEVP_DigestSignInit()\fR, \fBEVP_DigestSignUpdate()\fR and \fBEVP_DigestSignFinal()\fR.
Ditto for the verification process by calling the 'DigestVerify' series of APIs.
Note that the \s-1SM2\s0 algorithm requires the presence of the public key for signatures,
as such the \fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR option must be set on any key used in signature
generation.
.PP
Before computing an \fB\s-1SM2\s0\fR signature, an \fB\s-1EVP_PKEY_CTX\s0\fR needs to be created,
and an \fB\s-1SM2\s0\fR \s-1ID\s0 must be set for it, like this:
.PP
.Vb 1
\& EVP_PKEY_CTX_set1_id(pctx, id, id_len);
.Ve
.PP
Before calling the \fBEVP_DigestSignInit()\fR or \fBEVP_DigestVerifyInit()\fR functions,
that \fB\s-1EVP_PKEY_CTX\s0\fR should be assigned to the \fB\s-1EVP_MD_CTX\s0\fR, like this:
.PP
.Vb 1
\& EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
.Ve
.PP
There is normally no need to pass a \fBpctx\fR parameter to \fBEVP_DigestSignInit()\fR
or \fBEVP_DigestVerifyInit()\fR in such a scenario.
.PP
\&\s-1SM2\s0 can be tested with the \fBopenssl\-speed\fR\|(1) application since version 3.0.
Currently, the only valid algorithm name is \fBsm2\fR.
.PP
Since version 3.0, \s-1SM2\s0 keys can be generated and loaded only when the domain
parameters specify the \s-1SM2\s0 elliptic curve.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example demonstrates the calling sequence for using an \fB\s-1EVP_PKEY\s0\fR to verify
a message with the \s-1SM2\s0 signature algorithm and the \s-1SM3\s0 hash algorithm:
.PP
.Vb 1
\& #include <openssl/evp.h>
\&
\& /* obtain an EVP_PKEY using whatever methods... */
\& mctx = EVP_MD_CTX_new();
\& pctx = EVP_PKEY_CTX_new(pkey, NULL);
\& EVP_PKEY_CTX_set1_id(pctx, id, id_len);
\& EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
\& EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey);
\& EVP_DigestVerifyUpdate(mctx, msg, msg_len);
\& EVP_DigestVerifyFinal(mctx, sig, sig_len)
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_new\fR\|(3),
\&\fBEVP_DigestSignInit\fR\|(3),
\&\fBEVP_DigestVerifyInit\fR\|(3),
\&\fBEVP_PKEY_CTX_set1_id\fR\|(3),
\&\fBEVP_MD_CTX_set_pkey_ctx\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

246
openssl-3.4.2/doc/man/man7/EVP_PKEY-X25519.7 Normal file
View File

@@ -0,0 +1,246 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_PKEY-X25519 7ossl"
.TH EVP_PKEY-X25519 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_PKEY\-X25519, EVP_PKEY\-X448, EVP_PKEY\-ED25519, EVP_PKEY\-ED448,
EVP_KEYMGMT\-X25519, EVP_KEYMGMT\-X448, EVP_KEYMGMT\-ED25519, EVP_KEYMGMT\-ED448
\&\- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBX25519\fR, \fBX448\fR, \fB\s-1ED25519\s0\fR and \fB\s-1ED448\s0\fR keytypes are
implemented in OpenSSL's default and \s-1FIPS\s0 providers. These implementations
support the associated key, containing the public key \fIpub\fR and the
private key \fIpriv\fR.
.SS "Keygen Parameters"
.IX Subsection "Keygen Parameters"
.ie n .IP """dhkem-ikm"" (\fB\s-1OSSL_PKEY_PARAM_DHKEM_IKM\s0\fR) <octet string>" 4
.el .IP "``dhkem-ikm'' (\fB\s-1OSSL_PKEY_PARAM_DHKEM_IKM\s0\fR) <octet string>" 4
.IX Item "dhkem-ikm (OSSL_PKEY_PARAM_DHKEM_IKM) <octet string>"
\&\s-1DHKEM\s0 requires the generation of a keypair using an input key material (seed).
Use this to specify the key material used for generation of the private key.
This value should not be reused for other purposes.
It should have a length of at least 32 for X25519, and 56 for X448.
This is only supported by X25519 and X448.
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
This getter is only supported by X25519 and X448 for the \s-1FIPS\s0 provider.
Since X25519 and X448 are unapproved in \s-1FIPS 140\-3\s0 this getter return 0.
.Sp
See \*(L"Common Information Parameters\*(R" in \fBprovider\-keymgmt\fR\|(7) for further information.
.PP
Use \fBEVP_PKEY_CTX_set_params()\fR after calling \fBEVP_PKEY_keygen_init()\fR.
.SS "Common X25519, X448, \s-1ED25519\s0 and \s-1ED448\s0 parameters"
.IX Subsection "Common X25519, X448, ED25519 and ED448 parameters"
In addition to the common parameters that all keytypes should support (see
\&\*(L"Common parameters\*(R" in \fBprovider\-keymgmt\fR\|(7)), the implementation of these keytypes
support the following.
.ie n .IP """group"" (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``group'' (\fB\s-1OSSL_PKEY_PARAM_GROUP_NAME\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "group (OSSL_PKEY_PARAM_GROUP_NAME) <UTF8 string>"
This is only supported by X25519 and X448. The group name must be \*(L"x25519\*(R" or
\&\*(L"x448\*(R" respectively for those algorithms. This is only present for consistency
with other key exchange algorithms and is typically not needed.
.ie n .IP """pub"" (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <octet string>" 4
.el .IP "``pub'' (\fB\s-1OSSL_PKEY_PARAM_PUB_KEY\s0\fR) <octet string>" 4
.IX Item "pub (OSSL_PKEY_PARAM_PUB_KEY) <octet string>"
The public key value.
.ie n .IP """priv"" (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.el .IP "``priv'' (\fB\s-1OSSL_PKEY_PARAM_PRIV_KEY\s0\fR) <octet string>" 4
.IX Item "priv (OSSL_PKEY_PARAM_PRIV_KEY) <octet string>"
The private key value.
.ie n .IP """encoded-pub-key"" (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.el .IP "``encoded-pub-key'' (\fB\s-1OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY\s0\fR) <octet string>" 4
.IX Item "encoded-pub-key (OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY) <octet string>"
Used for getting and setting the encoding of a public key for the \fBX25519\fR and
\&\fBX448\fR key types. Public keys are expected be encoded in a format as defined by
\&\s-1RFC7748.\s0
.SS "\s-1ED25519\s0 and \s-1ED448\s0 parameters"
.IX Subsection "ED25519 and ED448 parameters"
.ie n .IP """mandatory-digest"" (\fB\s-1OSSL_PKEY_PARAM_MANDATORY_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mandatory-digest'' (\fB\s-1OSSL_PKEY_PARAM_MANDATORY_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mandatory-digest (OSSL_PKEY_PARAM_MANDATORY_DIGEST) <UTF8 string>"
The empty string, signifying that no digest may be specified.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
.IP "\s-1RFC 8032\s0" 4
.IX Item "RFC 8032"
.PD 0
.IP "\s-1RFC 8410\s0" 4
.IX Item "RFC 8410"
.PD
.SH "EXAMPLES"
.IX Header "EXAMPLES"
An \fB\s-1EVP_PKEY\s0\fR context can be obtained by calling:
.PP
.Vb 2
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
\&
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
\&
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
\&
\& EVP_PKEY_CTX *pctx =
\& EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
.Ve
.PP
An \fBX25519\fR key can be generated like this:
.PP
.Vb 1
\& pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519");
.Ve
.PP
An \fBX448\fR, \fB\s-1ED25519\s0\fR, or \fB\s-1ED448\s0\fR key can be generated likewise.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_KEYMGMT\s0\fR\|(3), \s-1\fBEVP_PKEY\s0\fR\|(3), \fBprovider\-keymgmt\fR\|(7),
\&\s-1\fBEVP_KEYEXCH\-X25519\s0\fR\|(7), \s-1\fBEVP_KEYEXCH\-X448\s0\fR\|(7),
\&\s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7), \s-1\fBEVP_SIGNATURE\-ED448\s0\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

202
openssl-3.4.2/doc/man/man7/EVP_RAND-CRNG-TEST.7 Normal file
View File

@@ -0,0 +1,202 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-CRNG-TEST 7ossl"
.TH EVP_RAND-CRNG-TEST 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-CRNG\-TEST \- The FIPS health testing EVP_RAND filter
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This \fB\s-1EVP_RAND\s0\fR object acts as a filter between the entropy source
and its users. It performs \s-1CRNG\s0 health tests as defined in
\&\s-1SP 800\-90B\s0 <https://csrc.nist.gov/pubs/sp/800/90/b/final> Section 4 \*(L"Health
Tests\*(R". Most requests are forwarded to the entropy source, either via
its parent reference or via the provider entropy upcalls.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"CRNG-TEST\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
If a parent \s-1EVP_RAND\s0 is specified on context creation, the parent's
parameters are supported because the request is forwarded to the parent
seed source for processing.
.PP
If no parent \s-1EVP_RAND\s0 is specified on context creation, the following parameters
are supported:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
This parameter works as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \fBprovider\-rand\fR\|(7).
.SH "NOTES"
.IX Header "NOTES"
This \s-1EVP_RAND\s0 is only implemented by the OpenSSL \s-1FIPS\s0 provider.
.PP
A context for a health test filter can be obtained by calling:
.PP
.Vb 3
\& EVP_RAND *parent = ...;
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "CRNG\-TEST", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, parent);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3), \s-1\fBOSSL_PROVIDER\-FIPS\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.4.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

249
openssl-3.4.2/doc/man/man7/EVP_RAND-CTR-DRBG.7 Normal file
View File

@@ -0,0 +1,249 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-CTR-DRBG 7ossl"
.TH EVP_RAND-CTR-DRBG 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-CTR\-DRBG \- The CTR DRBG EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for the counter deterministic random bit generator through the
\&\fB\s-1EVP_RAND\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"CTR-DRBG\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.ie n .IP """reseed_requests"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_requests'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.IX Item "reseed_requests (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>"
.ie n .IP """reseed_time_interval"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.el .IP "``reseed_time_interval'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.IX Item "reseed_time_interval (OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL) <integer>"
.ie n .IP """min_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "min_entropylen (OSSL_DRBG_PARAM_MIN_ENTROPYLEN) <unsigned integer>"
.ie n .IP """max_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_entropylen (OSSL_DRBG_PARAM_MAX_ENTROPYLEN) <unsigned integer>"
.ie n .IP """min_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "min_noncelen (OSSL_DRBG_PARAM_MIN_NONCELEN) <unsigned integer>"
.ie n .IP """max_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "max_noncelen (OSSL_DRBG_PARAM_MAX_NONCELEN) <unsigned integer>"
.ie n .IP """max_perslen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_perslen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_perslen (OSSL_DRBG_PARAM_MAX_PERSLEN) <unsigned integer>"
.ie n .IP """max_adinlen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_adinlen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_adinlen (OSSL_DRBG_PARAM_MAX_ADINLEN) <unsigned integer>"
.ie n .IP """reseed_counter"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_counter'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.IX Item "reseed_counter (OSSL_DRBG_PARAM_RESEED_COUNTER) <unsigned integer>"
.ie n .IP """properties"" (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_DRBG_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """cipher"" (\fB\s-1OSSL_DRBG_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``cipher'' (\fB\s-1OSSL_DRBG_PARAM_CIPHER\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "cipher (OSSL_DRBG_PARAM_CIPHER) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.ie n .IP """use_derivation_function"" (\fB\s-1OSSL_DRBG_PARAM_USE_DF\s0\fR) <integer>" 4
.el .IP "``use_derivation_function'' (\fB\s-1OSSL_DRBG_PARAM_USE_DF\s0\fR) <integer>" 4
.IX Item "use_derivation_function (OSSL_DRBG_PARAM_USE_DF) <integer>"
This Boolean indicates if a derivation function should be used or not.
A nonzero value (the default) uses the derivation function. A zero value
does not.
.SH "NOTES"
.IX Header "NOTES"
A context for \s-1CTR DRBG\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "CTR\-DRBG", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 5
\& EVP_RAND *rand;
\& EVP_RAND_CTX *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[2], *p = params;
\& unsigned int strength = 128;
\&
\& rand = EVP_RAND_fetch(NULL, "CTR\-DRBG", NULL);
\& rctx = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_free(rand);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
\& SN_aes_256_ctr, 0);
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1NIST SP 800\-90A\s0 and \s-1SP 800\-90B\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

274
openssl-3.4.2/doc/man/man7/EVP_RAND-HASH-DRBG.7 Normal file
View File

@@ -0,0 +1,274 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-HASH-DRBG 7ossl"
.TH EVP_RAND-HASH-DRBG 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-HASH\-DRBG \- The HASH DRBG EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for the hash deterministic random bit generator through the
\&\fB\s-1EVP_RAND\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"HASH-DRBG\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.ie n .IP """reseed_requests"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_requests'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.IX Item "reseed_requests (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>"
.ie n .IP """reseed_time_interval"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.el .IP "``reseed_time_interval'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.IX Item "reseed_time_interval (OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL) <integer>"
.ie n .IP """min_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "min_entropylen (OSSL_DRBG_PARAM_MIN_ENTROPYLEN) <unsigned integer>"
.ie n .IP """max_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_entropylen (OSSL_DRBG_PARAM_MAX_ENTROPYLEN) <unsigned integer>"
.ie n .IP """min_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "min_noncelen (OSSL_DRBG_PARAM_MIN_NONCELEN) <unsigned integer>"
.ie n .IP """max_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "max_noncelen (OSSL_DRBG_PARAM_MAX_NONCELEN) <unsigned integer>"
.ie n .IP """max_perslen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_perslen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_perslen (OSSL_DRBG_PARAM_MAX_PERSLEN) <unsigned integer>"
.ie n .IP """max_adinlen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_adinlen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_adinlen (OSSL_DRBG_PARAM_MAX_ADINLEN) <unsigned integer>"
.ie n .IP """reseed_counter"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_counter'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.IX Item "reseed_counter (OSSL_DRBG_PARAM_RESEED_COUNTER) <unsigned integer>"
.ie n .IP """properties"" (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_DRBG_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """digest"" (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_DRBG_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD 0
.ie n .IP """digest-check"" (\fB\s-1OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK) <integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \fBprovider\-rand\fR\|(7).
.SH "NOTES"
.IX Header "NOTES"
When the \s-1FIPS\s0 provider is installed using the \fB\-no_drbg_truncated_digests\fR
option to fipsinstall, only these digests are permitted (as per
\&\s-1FIPS 140\-3 IG D.R\s0 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>):
.IP "\s-1SHA\-1\s0" 4
.IX Item "SHA-1"
.PD 0
.IP "\s-1SHA2\-256\s0" 4
.IX Item "SHA2-256"
.IP "\s-1SHA2\-512\s0" 4
.IX Item "SHA2-512"
.IP "\s-1SHA3\-256\s0" 4
.IX Item "SHA3-256"
.IP "\s-1SHA3\-512\s0" 4
.IX Item "SHA3-512"
.PD
.PP
A context for \s-1HASH DRBG\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "HASH\-DRBG", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 5
\& EVP_RAND *rand;
\& EVP_RAND_CTX *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[2], *p = params;
\& unsigned int strength = 128;
\&
\& rand = EVP_RAND_fetch(NULL, "HASH\-DRBG", NULL);
\& rctx = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_free(rand);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha512, 0);
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1NIST SP 800\-90A\s0 and \s-1SP 800\-90B\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3),
\&\fBopenssl\-fipsinstall\fR\|(1)
.SH "HISTORY"
.IX Header "HISTORY"
OpenSSL 3.1.1 introduced the \fB\-no_drbg_truncated_digests\fR option to
fipsinstall which restricts the permitted digests when using the \s-1FIPS\s0
provider in a complaint manner. For details refer to
\&\s-1FIPS 140\-3 IG D.R\s0 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

277
openssl-3.4.2/doc/man/man7/EVP_RAND-HMAC-DRBG.7 Normal file
View File

@@ -0,0 +1,277 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-HMAC-DRBG 7ossl"
.TH EVP_RAND-HMAC-DRBG 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-HMAC\-DRBG \- The HMAC DRBG EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for the \s-1HMAC\s0 deterministic random bit generator through the
\&\fB\s-1EVP_RAND\s0\fR \s-1API.\s0
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"HMAC-DRBG\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.ie n .IP """reseed_requests"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_requests'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.IX Item "reseed_requests (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>"
.ie n .IP """reseed_time_interval"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.el .IP "``reseed_time_interval'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.IX Item "reseed_time_interval (OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL) <integer>"
.ie n .IP """min_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "min_entropylen (OSSL_DRBG_PARAM_MIN_ENTROPYLEN) <unsigned integer>"
.ie n .IP """max_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_entropylen (OSSL_DRBG_PARAM_MAX_ENTROPYLEN) <unsigned integer>"
.ie n .IP """min_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "min_noncelen (OSSL_DRBG_PARAM_MIN_NONCELEN) <unsigned integer>"
.ie n .IP """max_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "max_noncelen (OSSL_DRBG_PARAM_MAX_NONCELEN) <unsigned integer>"
.ie n .IP """max_perslen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_perslen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_perslen (OSSL_DRBG_PARAM_MAX_PERSLEN) <unsigned integer>"
.ie n .IP """max_adinlen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_adinlen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_adinlen (OSSL_DRBG_PARAM_MAX_ADINLEN) <unsigned integer>"
.ie n .IP """reseed_counter"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_counter'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.IX Item "reseed_counter (OSSL_DRBG_PARAM_RESEED_COUNTER) <unsigned integer>"
.ie n .IP """properties"" (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_DRBG_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_DRBG_PARAM_PROPERTIES) <UTF8 string>"
.ie n .IP """mac"" (\fB\s-1OSSL_DRBG_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mac'' (\fB\s-1OSSL_DRBG_PARAM_MAC\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mac (OSSL_DRBG_PARAM_MAC) <UTF8 string>"
.ie n .IP """digest"" (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_DRBG_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_DRBG_PARAM_DIGEST) <UTF8 string>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD 0
.ie n .IP """digest-check"" (\fB\s-1OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_DRBG_PARAM_FIPS_DIGEST_CHECK) <integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \fBprovider\-rand\fR\|(7).
.SH "NOTES"
.IX Header "NOTES"
When using the \s-1FIPS\s0 provider, only these digests are permitted (as per
\&\s-1FIPS 140\-3 IG D.R\s0 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>):
.IP "\s-1SHA\-1\s0" 4
.IX Item "SHA-1"
.PD 0
.IP "\s-1SHA2\-256\s0" 4
.IX Item "SHA2-256"
.IP "\s-1SHA2\-512\s0" 4
.IX Item "SHA2-512"
.IP "\s-1SHA3\-256\s0" 4
.IX Item "SHA3-256"
.IP "\s-1SHA3\-512\s0" 4
.IX Item "SHA3-512"
.PD
.PP
A context for \s-1HMAC DRBG\s0 can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "HMAC\-DRBG", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 5
\& EVP_RAND *rand;
\& EVP_RAND_CTX *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[3], *p = params;
\& unsigned int strength = 128;
\&
\& rand = EVP_RAND_fetch(NULL, "HMAC\-DRBG", NULL);
\& rctx = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_free(rand);
\&
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC, SN_hmac, 0);
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha256, 0);
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
.Ve
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1NIST SP 800\-90A\s0 and \s-1SP 800\-90B\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3),
\&\fBopenssl\-fipsinstall\fR\|(1)
.SH "HISTORY"
.IX Header "HISTORY"
OpenSSL 3.1.1 introduced the \fB\-no_drbg_truncated_digests\fR option to
fipsinstall which restricts the permitted digests when using the \s-1FIPS\s0
provider in a complaint manner. For details refer to
\&\s-1FIPS 140\-3 IG D.R\s0 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>).
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

225
openssl-3.4.2/doc/man/man7/EVP_RAND-JITTER.7 Normal file
View File

@@ -0,0 +1,225 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-JITTER 7ossl"
.TH EVP_RAND-JITTER 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-JITTER \- The randomness seed source EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for deterministic random number generator seeding through the
\&\fB\s-1EVP_RAND\s0\fR \s-1API.\s0
.PP
This software seed source produces randomness based on tiny \s-1CPU\s0
\&\*(L"jitter\*(R" fluctuations.
.PP
It is available when OpenSSL is compiled with \fBenable-jitter\fR
option. When available it is listed in \fBopenssl list
\&\-random\-generators\fR and \fBopenssl info \-seeds\fR.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"\s-1JITTER\*(R"\s0 is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
A context for the seed source can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "JITTER", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.PP
The \fBenable-jitter\fR configuration option was added in OpenSSL 3.4.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 5
\& EVP_RAND *rand;
\& EVP_RAND_CTX *seed, *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[2], *p = params;
\& unsigned int strength = 128;
\&
\& /* Create and instantiate a seed source */
\& rand = EVP_RAND_fetch(NULL, "JITTER", NULL);
\& seed = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_instantiate(seed, strength, 0, NULL, 0, NULL);
\& EVP_RAND_free(rand);
\&
\& /* Feed this into a DRBG */
\& rand = EVP_RAND_fetch(NULL, "CTR\-DRBG", NULL);
\& rctx = EVP_RAND_CTX_new(rand, seed);
\& EVP_RAND_free(rand);
\&
\& /* Configure the DRBG */
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
\& SN_aes_256_ctr, 0);
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
\& EVP_RAND_CTX_free(seed);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

220
openssl-3.4.2/doc/man/man7/EVP_RAND-SEED-SRC.7 Normal file
View File

@@ -0,0 +1,220 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-SEED-SRC 7ossl"
.TH EVP_RAND-SEED-SRC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-SEED\-SRC \- The randomness seed source EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for deterministic random number generator seeding through the
\&\fB\s-1EVP_RAND\s0\fR \s-1API.\s0
.PP
The seed sources used are specified at the time OpenSSL is configured for
building using the \fB\-\-with\-rand\-seed=\fR option. By default, operating system
randomness sources are used.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"SEED-SRC\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_RAND_PARAM_MAX_REQUEST\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
A context for the seed source can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "SEED\-SRC", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 5
\& EVP_RAND *rand;
\& EVP_RAND_CTX *seed, *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[2], *p = params;
\& unsigned int strength = 128;
\&
\& /* Create and instantiate a seed source */
\& rand = EVP_RAND_fetch(NULL, "SEED\-SRC", NULL);
\& seed = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_instantiate(seed, strength, 0, NULL, 0, NULL);
\& EVP_RAND_free(rand);
\&
\& /* Feed this into a DRBG */
\& rand = EVP_RAND_fetch(NULL, "CTR\-DRBG", NULL);
\& rctx = EVP_RAND_CTX_new(rand, seed);
\& EVP_RAND_free(rand);
\&
\& /* Configure the DRBG */
\& *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
\& SN_aes_256_ctr, 0);
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
\& EVP_RAND_CTX_free(seed);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

267
openssl-3.4.2/doc/man/man7/EVP_RAND-TEST-RAND.7 Normal file
View File

@@ -0,0 +1,267 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND-TEST-RAND 7ossl"
.TH EVP_RAND-TEST-RAND 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND\-TEST\-RAND \- The test EVP_RAND implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for a test generator through the \fB\s-1EVP_RAND\s0\fR \s-1API.\s0 This generator is
for test purposes only, it does not generate random numbers.
.SS "Identity"
.IX Subsection "Identity"
\&\*(L"TEST-RAND\*(R" is the name for this implementation; it can be used with the
\&\fBEVP_RAND_fetch()\fR function.
.SS "Supported parameters"
.IX Subsection "Supported parameters"
The supported parameters are:
.ie n .IP """state"" (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.el .IP "``state'' (\fB\s-1OSSL_RAND_PARAM_STATE\s0\fR) <integer>" 4
.IX Item "state (OSSL_RAND_PARAM_STATE) <integer>"
.PD 0
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD
These parameter works as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3).
.ie n .IP """strength"" (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.el .IP "``strength'' (\fB\s-1OSSL_RAND_PARAM_STRENGTH\s0\fR) <unsigned integer>" 4
.IX Item "strength (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>"
.PD 0
.ie n .IP """reseed_requests"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_requests'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.IX Item "reseed_requests (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>"
.ie n .IP """reseed_time_interval"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.el .IP "``reseed_time_interval'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL\s0\fR) <integer>" 4
.IX Item "reseed_time_interval (OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL) <integer>"
.ie n .IP """max_request"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.el .IP "``max_request'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_REQUESTS\s0\fR) <unsigned integer>" 4
.IX Item "max_request (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>"
.ie n .IP """min_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "min_entropylen (OSSL_DRBG_PARAM_MIN_ENTROPYLEN) <unsigned integer>"
.ie n .IP """max_entropylen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_entropylen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ENTROPYLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_entropylen (OSSL_DRBG_PARAM_MAX_ENTROPYLEN) <unsigned integer>"
.ie n .IP """min_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``min_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MIN_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "min_noncelen (OSSL_DRBG_PARAM_MIN_NONCELEN) <unsigned integer>"
.ie n .IP """max_noncelen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_noncelen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_NONCELEN\s0\fR) <unsigned integer>" 4
.IX Item "max_noncelen (OSSL_DRBG_PARAM_MAX_NONCELEN) <unsigned integer>"
.ie n .IP """max_perslen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_perslen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_PERSLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_perslen (OSSL_DRBG_PARAM_MAX_PERSLEN) <unsigned integer>"
.ie n .IP """max_adinlen"" (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.el .IP "``max_adinlen'' (\fB\s-1OSSL_DRBG_PARAM_MAX_ADINLEN\s0\fR) <unsigned integer>" 4
.IX Item "max_adinlen (OSSL_DRBG_PARAM_MAX_ADINLEN) <unsigned integer>"
.ie n .IP """reseed_counter"" (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.el .IP "``reseed_counter'' (\fB\s-1OSSL_DRBG_PARAM_RESEED_COUNTER\s0\fR) <unsigned integer>" 4
.IX Item "reseed_counter (OSSL_DRBG_PARAM_RESEED_COUNTER) <unsigned integer>"
.PD
These parameters work as described in \*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3), except that
they can all be set as well as read.
.ie n .IP """test_entropy"" (\fB\s-1OSSL_RAND_PARAM_TEST_ENTROPY\s0\fR) <octet string>" 4
.el .IP "``test_entropy'' (\fB\s-1OSSL_RAND_PARAM_TEST_ENTROPY\s0\fR) <octet string>" 4
.IX Item "test_entropy (OSSL_RAND_PARAM_TEST_ENTROPY) <octet string>"
Sets the bytes returned when the test generator is sent an entropy request.
The current position is remembered across generate calls.
If there are insufficient data present to satisfy a call, an error is returned.
.ie n .IP """test_nonce"" (\fB\s-1OSSL_RAND_PARAM_TEST_NONCE\s0\fR) <octet string>" 4
.el .IP "``test_nonce'' (\fB\s-1OSSL_RAND_PARAM_TEST_NONCE\s0\fR) <octet string>" 4
.IX Item "test_nonce (OSSL_RAND_PARAM_TEST_NONCE) <octet string>"
Sets the bytes returned when the test generator is sent a nonce request.
Each nonce request will return all of the bytes.
.ie n .IP """generate"" (\fB\s-1OSSL_RAND_PARAM_GENERATE\s0\fR) <integer>" 4
.el .IP "``generate'' (\fB\s-1OSSL_RAND_PARAM_GENERATE\s0\fR) <integer>" 4
.IX Item "generate (OSSL_RAND_PARAM_GENERATE) <integer>"
If this parameter is zero, it will only emit the nonce and entropy data
supplied via the aforementioned parameters. Otherwise, low quality
non-cryptographic pseudorandom output is produced. This parameter defaults
to zero.
.SH "NOTES"
.IX Header "NOTES"
A context for a test generator can be obtained by calling:
.PP
.Vb 2
\& EVP_RAND *rand = EVP_RAND_fetch(NULL, "TEST\-RAND", NULL);
\& EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, NULL);
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
.Vb 7
\& EVP_RAND *rand;
\& EVP_RAND_CTX *rctx;
\& unsigned char bytes[100];
\& OSSL_PARAM params[4], *p = params;
\& unsigned char entropy[1000] = { ... };
\& unsigned char nonce[20] = { ... };
\& unsigned int strength = 48;
\&
\& rand = EVP_RAND_fetch(NULL, "TEST\-RAND", NULL);
\& rctx = EVP_RAND_CTX_new(rand, NULL);
\& EVP_RAND_free(rand);
\&
\& *p++ = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
\& entropy, sizeof(entropy));
\& *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
\& nonce, sizeof(nonce));
\& *p = OSSL_PARAM_construct_end();
\& EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
\&
\& EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
\&
\& EVP_RAND_CTX_free(rctx);
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\*(L"\s-1PARAMETERS\*(R"\s0 in \s-1\fBEVP_RAND\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

407
openssl-3.4.2/doc/man/man7/EVP_RAND.7 Normal file
View File

@@ -0,0 +1,407 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_RAND 7ossl"
.TH EVP_RAND 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_RAND \- the random bit generator
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 2
\& #include <openssl/evp.h>
\& #include <rand.h>
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The default OpenSSL \s-1RAND\s0 method is based on the \s-1EVP_RAND\s0 classes to provide
non-deterministic inputs to other cryptographic algorithms.
.PP
While the \s-1RAND API\s0 is the 'frontend' which is intended to be used by
application developers for obtaining random bytes, the \s-1EVP_RAND API\s0
serves as the 'backend', connecting the former with the operating
systems's entropy sources and providing access to deterministic random
bit generators (\s-1DRBG\s0) and their configuration parameters.
A \s-1DRBG\s0 is a certain type of cryptographically-secure pseudo-random
number generator (\s-1CSPRNG\s0), which is described in
[\s-1NIST SP 800\-90A\s0 Rev. 1].
.SS "Disclaimer"
.IX Subsection "Disclaimer"
Unless you have very specific requirements for your random generator,
it is in general not necessary to utilize the \s-1EVP_RAND API\s0 directly.
The usual way to obtain random bytes is to use \fBRAND_bytes\fR\|(3) or
\&\fBRAND_priv_bytes\fR\|(3), see also \s-1\fBRAND\s0\fR\|(7).
.SS "Typical Use Cases"
.IX Subsection "Typical Use Cases"
Typical examples for such special use cases are the following:
.IP "\(bu" 2
You want to use your own private \s-1DRBG\s0 instances.
Multiple \s-1DRBG\s0 instances which are accessed only by a single thread provide
additional security (because their internal states are independent) and
better scalability in multithreaded applications (because they don't need
to be locked).
.IP "\(bu" 2
You need to integrate a previously unsupported entropy source.
Refer to \fBprovider\-rand\fR\|(7) for the implementation details to support adding
randomness sources to \s-1EVP_RAND.\s0
.IP "\(bu" 2
You need to change the default settings of the standard OpenSSL \s-1RAND\s0
implementation to meet specific requirements.
.SH "EVP_RAND CHAINING"
.IX Header "EVP_RAND CHAINING"
An \s-1EVP_RAND\s0 instance can be used as the entropy source of another
\&\s-1EVP_RAND\s0 instance, provided it has itself access to a valid entropy source.
The \s-1EVP_RAND\s0 instance which acts as entropy source is called the \fIparent\fR,
the other instance the \fIchild\fR. Typically, the child will be a \s-1DRBG\s0 because
it does not make sense for the child to be an entropy source.
.PP
This is called chaining. A chained \s-1EVP_RAND\s0 instance is created by passing
a pointer to the parent \s-1EVP_RAND_CTX\s0 as argument to the \fBEVP_RAND_CTX_new()\fR call.
It is possible to create chains of more than two \s-1DRBG\s0 in a row.
It is also possible to use any \s-1EVP_RAND_CTX\s0 class as the parent, however, only
a live entropy source may ignore and not use its parent.
.SH "THE THREE SHARED DRBG INSTANCES"
.IX Header "THE THREE SHARED DRBG INSTANCES"
Currently, there are three shared \s-1DRBG\s0 instances,
the <primary>, <public>, and <private> \s-1DRBG.\s0
While the <primary> \s-1DRBG\s0 is a single global instance, the <public> and <private>
\&\s-1DRBG\s0 are created per thread and accessed through thread-local storage.
.PP
By default, the functions \fBRAND_bytes\fR\|(3) and \fBRAND_priv_bytes\fR\|(3) use
the thread-local <public> and <private> \s-1DRBG\s0 instance, respectively.
.SS "The <primary> \s-1DRBG\s0 instance"
.IX Subsection "The <primary> DRBG instance"
The <primary> \s-1DRBG\s0 is not used directly by the application, only for reseeding
the two other two \s-1DRBG\s0 instances. It reseeds itself by obtaining randomness
either from os entropy sources or by consuming randomness which was added
previously by \fBRAND_add\fR\|(3).
.SS "The <public> \s-1DRBG\s0 instance"
.IX Subsection "The <public> DRBG instance"
This instance is used per default by \fBRAND_bytes\fR\|(3).
.SS "The <private> \s-1DRBG\s0 instance"
.IX Subsection "The <private> DRBG instance"
This instance is used per default by \fBRAND_priv_bytes\fR\|(3)
.SH "LOCKING"
.IX Header "LOCKING"
The <primary> \s-1DRBG\s0 is intended to be accessed concurrently for reseeding
by its child \s-1DRBG\s0 instances. The necessary locking is done internally.
It is \fInot\fR thread-safe to access the <primary> \s-1DRBG\s0 directly via the
\&\s-1EVP_RAND\s0 interface.
The <public> and <private> \s-1DRBG\s0 are thread-local, i.e. there is an
instance of each per thread. So they can safely be accessed without
locking via the \s-1EVP_RAND\s0 interface.
.PP
Pointers to these \s-1DRBG\s0 instances can be obtained using
\&\fBRAND_get0_primary()\fR, \fBRAND_get0_public()\fR and \fBRAND_get0_private()\fR, respectively.
Note that it is not allowed to store a pointer to one of the thread-local
\&\s-1DRBG\s0 instances in a variable or other memory location where it will be
accessed and used by multiple threads.
.PP
All other \s-1DRBG\s0 instances created by an application don't support locking,
because they are intended to be used by a single thread.
Instead of accessing a single \s-1DRBG\s0 instance concurrently from different
threads, it is recommended to instantiate a separate \s-1DRBG\s0 instance per
thread. Using the <primary> \s-1DRBG\s0 as entropy source for multiple \s-1DRBG\s0
instances on different threads is thread-safe, because the \s-1DRBG\s0 instance
will lock the <primary> \s-1DRBG\s0 automatically for obtaining random input.
.SH "THE OVERALL PICTURE"
.IX Header "THE OVERALL PICTURE"
The following picture gives an overview over how the \s-1DRBG\s0 instances work
together and are being used.
.PP
.Vb 10
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& | os entropy sources |
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& |
\& v +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& RAND_add() ==> <primary> <\-| shared DRBG (with locking) |
\& / \e +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& / \e +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& <public> <private> <\- | per\-thread DRBG instances |
\& | | +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& v v
\& RAND_bytes() RAND_priv_bytes()
\& | ^
\& | |
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+ +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
\& | general purpose | | used for secrets like session keys |
\& | random generator | | and private keys for certificates |
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+ +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
.Ve
.PP
The usual way to obtain random bytes is to call RAND_bytes(...) or
RAND_priv_bytes(...). These calls are roughly equivalent to calling
EVP_RAND_generate(<public>, ...) and
EVP_RAND_generate(<private>, ...),
respectively.
.SH "RESEEDING"
.IX Header "RESEEDING"
A \s-1DRBG\s0 instance seeds itself automatically, pulling random input from
its entropy source. The entropy source can be either a trusted operating
system entropy source, or another \s-1DRBG\s0 with access to such a source.
.PP
Automatic reseeding occurs after a predefined number of generate requests.
The selection of the trusted entropy sources is configured at build
time using the \-\-with\-rand\-seed option. The following sections explain
the reseeding process in more detail.
.SS "Automatic Reseeding"
.IX Subsection "Automatic Reseeding"
Before satisfying a generate request (\fBEVP_RAND_generate\fR\|(3)), the \s-1DRBG\s0
reseeds itself automatically, if one of the following conditions holds:
.PP
\&\- the \s-1DRBG\s0 was not instantiated (=seeded) yet or has been uninstantiated.
.PP
\&\- the number of generate requests since the last reseeding exceeds a
certain threshold, the so called \fIreseed_interval\fR.
This behaviour can be disabled by setting the \fIreseed_interval\fR to 0.
.PP
\&\- the time elapsed since the last reseeding exceeds a certain time
interval, the so called \fIreseed_time_interval\fR.
This can be disabled by setting the \fIreseed_time_interval\fR to 0.
.PP
\&\- the \s-1DRBG\s0 is in an error state.
.PP
\&\fBNote\fR: An error state is entered if the entropy source fails while
the \s-1DRBG\s0 is seeding or reseeding.
The last case ensures that the \s-1DRBG\s0 automatically recovers
from the error as soon as the entropy source is available again.
.SS "Manual Reseeding"
.IX Subsection "Manual Reseeding"
In addition to automatic reseeding, the caller can request an immediate
reseeding of the \s-1DRBG\s0 with fresh entropy by setting the
\&\fIprediction resistance\fR parameter to 1 when calling
\&\fBEVP_RAND_generate\fR\|(3).
.PP
The document [\s-1NIST SP 800\-90C\s0] describes prediction resistance requests
in detail and imposes strict conditions on the entropy sources that are
approved for providing prediction resistance.
A request for prediction resistance can only be satisfied by pulling fresh
entropy from a live entropy source (section 5.5.2 of [\s-1NIST SP 800\-90C\s0]).
It is up to the user to ensure that a live entropy source is configured
and is being used.
.PP
For the three shared DRBGs (and only for these) there is another way to
reseed them manually:
If \fBRAND_add\fR\|(3) is called with a positive \fIrandomness\fR argument
(or \fBRAND_seed\fR\|(3)), then this will immediately reseed the <primary> \s-1DRBG.\s0
The <public> and <private> \s-1DRBG\s0 will detect this on their next generate
call and reseed, pulling randomness from <primary>.
.PP
The last feature has been added to support the common practice used with
previous OpenSSL versions to call \fBRAND_add()\fR before calling \fBRAND_bytes()\fR.
.SS "Entropy Input and Additional Data"
.IX Subsection "Entropy Input and Additional Data"
The \s-1DRBG\s0 distinguishes two different types of random input: \fIentropy\fR,
which comes from a trusted source, and \fIadditional input\fR',
which can optionally be added by the user and is considered untrusted.
It is possible to add \fIadditional input\fR not only during reseeding,
but also for every generate request.
.SS "Configuring the Random Seed Source"
.IX Subsection "Configuring the Random Seed Source"
In most cases OpenSSL will automatically choose a suitable seed source
for automatically seeding and reseeding its <primary> \s-1DRBG.\s0 The
default seed source can be configured when OpenSSL is compiled by
setting \fB\-DOPENSSL_DEFAULT_SEED_SRC=SEED\-SRC\fR. If not set then
\&\*(L"SEED-SRC\*(R" is used. One can specify a third-party provider seed-source,
or \fB\-DOPENSSL_DEFAULT_SEED_SRC=JITTER\fR if available.
.PP
In some cases however, it will be necessary to explicitly specify a
seed source used by \*(L"SEED-SRC\*(R" during configuration, using the
\&\-\-with\-rand\-seed option. For more information, see the \s-1INSTALL\s0
instructions. There are also operating systems where no seed source is
available and automatic reseeding is disabled by default.
.PP
The following two sections describe the reseeding process of the primary
\&\s-1DRBG,\s0 depending on whether automatic reseeding is available or not.
.SS "Reseeding the primary \s-1DRBG\s0 with automatic seeding enabled"
.IX Subsection "Reseeding the primary DRBG with automatic seeding enabled"
Calling \fBRAND_poll()\fR or \fBRAND_add()\fR is not necessary, because the \s-1DRBG\s0
pulls the necessary entropy from its source automatically.
However, both calls are permitted, and do reseed the \s-1RNG.\s0
.PP
\&\fBRAND_add()\fR can be used to add both kinds of random input, depending on the
value of the \fIrandomness\fR argument:
.IP "randomness == 0:" 4
.IX Item "randomness == 0:"
The random bytes are mixed as additional input into the current state of
the \s-1DRBG.\s0
Mixing in additional input is not considered a full reseeding, hence the
reseed counter is not reset.
.IP "randomness > 0:" 4
.IX Item "randomness > 0:"
The random bytes are used as entropy input for a full reseeding
(resp. reinstantiation) if the \s-1DRBG\s0 is instantiated
(resp. uninstantiated or in an error state).
The number of random bits required for reseeding is determined by the
security strength of the \s-1DRBG.\s0 Currently it defaults to 256 bits (32 bytes).
It is possible to provide less randomness than required.
In this case the missing randomness will be obtained by pulling random input
from the trusted entropy sources.
.PP
\&\s-1NOTE:\s0 Manual reseeding is *not allowed* in \s-1FIPS\s0 mode, because
[\s-1NIST\s0 SP\-800\-90Ar1] mandates that entropy *shall not* be provided by
the consuming application for instantiation (Section 9.1) or
reseeding (Section 9.2). For that reason, the \fIrandomness\fR
argument is ignored and the random bytes provided by the \fBRAND_add\fR\|(3) and
\&\fBRAND_seed\fR\|(3) calls are treated as additional data.
.SS "Reseeding the primary \s-1DRBG\s0 with automatic seeding disabled"
.IX Subsection "Reseeding the primary DRBG with automatic seeding disabled"
Calling \fBRAND_poll()\fR will always fail.
.PP
\&\fBRAND_add()\fR needs to be called for initial seeding and periodic reseeding.
At least 48 bytes (384 bits) of randomness have to be provided, otherwise
the (re\-)seeding of the \s-1DRBG\s0 will fail. This corresponds to one and a half
times the security strength of the \s-1DRBG.\s0 The extra half is used for the
nonce during instantiation.
.PP
More precisely, the number of bytes needed for seeding depend on the
\&\fIsecurity strength\fR of the \s-1DRBG,\s0 which is set to 256 by default.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBRAND\s0\fR\|(7), \s-1\fBEVP_RAND\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2017\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

266
openssl-3.4.2/doc/man/man7/EVP_SIGNATURE-DSA.7 Normal file
View File

@@ -0,0 +1,266 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-DSA 7ossl"
.TH EVP_SIGNATURE-DSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_SIGNATURE\-DSA
\&\- The EVP_PKEY DSA signature implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1DSA\s0 signatures. The signature produced with
\&\fBEVP_PKEY_sign\fR\|(3) is \s-1DER\s0 encoded \s-1ASN.1\s0 in the form described in
\&\s-1RFC 3279,\s0 section 2.2.2.
See \s-1\fBEVP_PKEY\-DSA\s0\fR\|(7) for information related to \s-1DSA\s0 keys.
.PP
As part of \s-1FIPS 140\-3 DSA\s0 is not longer \s-1FIPS\s0 approved for key generation and
signature validation, but is still allowed for signature verification.
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
In this list, names are grouped together to signify that they are the same
algorithm having multiple names. This also includes the \s-1OID\s0 in canonical
decimal form (which means that they are possible to fetch if the caller has a
mere \s-1OID\s0 which came out in this form after a call to \fBOBJ_obj2txt\fR\|(3)).
.ie n .IP """\s-1DSA"",\s0 ""dsaEncryption"", ""1.2.840.10040.4.1""" 4
.el .IP "``\s-1DSA'',\s0 ``dsaEncryption'', ``1.2.840.10040.4.1''" 4
.IX Item "DSA, dsaEncryption, 1.2.840.10040.4.1"
The base signature algorithm, supported explicitly fetched with
\&\fBEVP_PKEY_sign_init_ex2\fR\|(3), and implicitly fetched (through
\&\s-1EC\s0 keys) with \fBEVP_DigestSignInit\fR\|(3) and
\&\fBEVP_DigestVerifyInit\fR\|(3).
.Sp
It can't be used with \fBEVP_PKEY_sign_message_init\fR\|(3)
.ie n .IP """\s-1DSA\-SHA1"", ""DSA\-SHA\-1"",\s0 ""dsaWithSHA1"", ""1.2.840.10040.4.3""" 4
.el .IP "``\s-1DSA\-SHA1'', ``DSA\-SHA\-1'',\s0 ``dsaWithSHA1'', ``1.2.840.10040.4.3''" 4
.IX Item "DSA-SHA1, DSA-SHA-1, dsaWithSHA1, 1.2.840.10040.4.3"
.PD 0
.ie n .IP """\s-1DSA\-SHA2\-224"", ""DSA\-SHA224"",\s0 ""dsa_with_SHA224"", ""2.16.840.1.101.3.4.3.1""" 4
.el .IP "``\s-1DSA\-SHA2\-224'', ``DSA\-SHA224'',\s0 ``dsa_with_SHA224'', ``2.16.840.1.101.3.4.3.1''" 4
.IX Item "DSA-SHA2-224, DSA-SHA224, dsa_with_SHA224, 2.16.840.1.101.3.4.3.1"
.ie n .IP """\s-1DSA\-SHA2\-256"", ""DSA\-SHA256"",\s0 ""dsa_with_SHA256"", ""2.16.840.1.101.3.4.3.2""" 4
.el .IP "``\s-1DSA\-SHA2\-256'', ``DSA\-SHA256'',\s0 ``dsa_with_SHA256'', ``2.16.840.1.101.3.4.3.2''" 4
.IX Item "DSA-SHA2-256, DSA-SHA256, dsa_with_SHA256, 2.16.840.1.101.3.4.3.2"
.ie n .IP """\s-1DSA\-SHA2\-384"", ""DSA\-SHA384"",\s0 ""dsa_with_SHA384"", ""id\-dsa\-with\-sha384"", ""1.2.840.1.101.3.4.3.3""" 4
.el .IP "``\s-1DSA\-SHA2\-384'', ``DSA\-SHA384'',\s0 ``dsa_with_SHA384'', ``id\-dsa\-with\-sha384'', ``1.2.840.1.101.3.4.3.3''" 4
.IX Item "DSA-SHA2-384, DSA-SHA384, dsa_with_SHA384, id-dsa-with-sha384, 1.2.840.1.101.3.4.3.3"
.ie n .IP """\s-1DSA\-SHA2\-512"", ""DSA\-SHA512"",\s0 ""dsa_with_SHA512"", ""id\-dsa\-with\-sha512"", ""1.2.840.1.101.3.4.3.4""" 4
.el .IP "``\s-1DSA\-SHA2\-512'', ``DSA\-SHA512'',\s0 ``dsa_with_SHA512'', ``id\-dsa\-with\-sha512'', ``1.2.840.1.101.3.4.3.4''" 4
.IX Item "DSA-SHA2-512, DSA-SHA512, dsa_with_SHA512, id-dsa-with-sha512, 1.2.840.1.101.3.4.3.4"
.ie n .IP """\s-1DSA\-SHA3\-224"",\s0 ""dsa_with_SHA3\-224"", ""id\-dsa\-with\-sha3\-224"", ""2.16.840.1.101.3.4.3.5""" 4
.el .IP "``\s-1DSA\-SHA3\-224'',\s0 ``dsa_with_SHA3\-224'', ``id\-dsa\-with\-sha3\-224'', ``2.16.840.1.101.3.4.3.5''" 4
.IX Item "DSA-SHA3-224, dsa_with_SHA3-224, id-dsa-with-sha3-224, 2.16.840.1.101.3.4.3.5"
.ie n .IP """\s-1DSA\-SHA3\-256"",\s0 ""dsa_with_SHA3\-256"", ""id\-dsa\-with\-sha3\-256"", ""2.16.840.1.101.3.4.3.6""" 4
.el .IP "``\s-1DSA\-SHA3\-256'',\s0 ``dsa_with_SHA3\-256'', ``id\-dsa\-with\-sha3\-256'', ``2.16.840.1.101.3.4.3.6''" 4
.IX Item "DSA-SHA3-256, dsa_with_SHA3-256, id-dsa-with-sha3-256, 2.16.840.1.101.3.4.3.6"
.ie n .IP """\s-1DSA\-SHA3\-384"",\s0 ""dsa_with_SHA3\-384"", ""id\-dsa\-with\-sha3\-384"", ""2.16.840.1.101.3.4.3.7""" 4
.el .IP "``\s-1DSA\-SHA3\-384'',\s0 ``dsa_with_SHA3\-384'', ``id\-dsa\-with\-sha3\-384'', ``2.16.840.1.101.3.4.3.7''" 4
.IX Item "DSA-SHA3-384, dsa_with_SHA3-384, id-dsa-with-sha3-384, 2.16.840.1.101.3.4.3.7"
.ie n .IP """\s-1DSA\-SHA3\-512"",\s0 ""dsa_with_SHA3\-512"", ""id\-dsa\-with\-sha3\-512"", ""2.16.840.1.101.3.4.3.8""" 4
.el .IP "``\s-1DSA\-SHA3\-512'',\s0 ``dsa_with_SHA3\-512'', ``id\-dsa\-with\-sha3\-512'', ``2.16.840.1.101.3.4.3.8''" 4
.IX Item "DSA-SHA3-512, dsa_with_SHA3-512, id-dsa-with-sha3-512, 2.16.840.1.101.3.4.3.8"
.PD
\&\s-1DSA\s0 signature schemes with diverse message digest algorithms. They are all
supported explicitly fetched with \fBEVP_PKEY_sign_init_ex2\fR\|(3) and
\&\fBEVP_PKEY_sign_message_init\fR\|(3).
.SS "Signature Parameters"
.IX Subsection "Signature Parameters"
The following signature parameters can be set using \fBEVP_PKEY_CTX_set_params()\fR.
This may be called after \fBEVP_PKEY_sign_init()\fR or \fBEVP_PKEY_verify_init()\fR,
and before calling \fBEVP_PKEY_sign()\fR or \fBEVP_PKEY_verify()\fR. They may also be set
using \fBEVP_PKEY_sign_init_ex()\fR or \fBEVP_PKEY_verify_init_ex()\fR.
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """properties"" (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_SIGNATURE_PARAM_PROPERTIES) <UTF8 string>"
.PD
These two are not supported with the \s-1DSA\s0 signature schemes that already
include a message digest algorithm, See \*(L"Algorithm Names\*(R" above.
.ie n .IP """nonce-type"" (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.el .IP "``nonce-type'' (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.IX Item "nonce-type (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK) <integer>"
.ie n .IP """digest-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK) <integer>"
.ie n .IP """sign-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK\s0\fR) <int>" 4
.el .IP "``sign-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK\s0\fR) <int>" 4
.IX Item "sign-check (OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK) <int>"
.PD
The settable parameters are described in \fBprovider\-signature\fR\|(7).
.PP
The following signature parameters can be retrieved using
\&\fBEVP_PKEY_CTX_get_params()\fR.
.ie n .IP """algorithm-id"" (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.el .IP "``algorithm-id'' (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.IX Item "algorithm-id (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.ie n .IP """nonce-type"" (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.el .IP "``nonce-type'' (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.IX Item "nonce-type (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>"
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.PD
The gettable parameters are described in \fBprovider\-signature\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_params\fR\|(3),
\&\fBEVP_PKEY_sign\fR\|(3),
\&\fBEVP_PKEY_verify\fR\|(3),
\&\fBprovider\-signature\fR\|(7),
.SH "HISTORY"
.IX Header "HISTORY"
\&\s-1DSA\s0 Key generation and signature generation are no longer \s-1FIPS\s0 approved in
OpenSSL 3.4. See \*(L"\s-1FIPS\s0 indicators\*(R" in \fBfips_module\fR\|(7) for more information.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

255
openssl-3.4.2/doc/man/man7/EVP_SIGNATURE-ECDSA.7 Normal file
View File

@@ -0,0 +1,255 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-ECDSA 7ossl"
.TH EVP_SIGNATURE-ECDSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_SIGNATURE\-ECDSA \- The EVP_PKEY ECDSA signature implementation.
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1ECDSA\s0 signatures.
See \s-1\fBEVP_PKEY\-EC\s0\fR\|(7) for information related to \s-1EC\s0 keys.
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
In this list, names are grouped together to signify that they are the same
algorithm having multiple names. This also includes the \s-1OID\s0 in canonical
decimal form (which means that they are possible to fetch if the caller has a
mere \s-1OID\s0 which came out in this form after a call to \fBOBJ_obj2txt\fR\|(3)).
.ie n .IP """\s-1ECDSA""\s0" 4
.el .IP "``\s-1ECDSA''\s0" 4
.IX Item "ECDSA"
The base signature algorithm, supported explicitly fetched with
\&\fBEVP_PKEY_sign_init_ex2\fR\|(3), and implicitly fetched (through
\&\s-1EC\s0 keys) with \fBEVP_DigestSignInit\fR\|(3) and
\&\fBEVP_DigestVerifyInit\fR\|(3).
.Sp
It can't be used with \fBEVP_PKEY_sign_message_init\fR\|(3)
.ie n .IP """\s-1ECDSA\-SHA1"", ""ECDSA\-SHA\-1"",\s0 ""ecdsa\-with\-SHA1"", ""1.2.840.10045.4.1""" 4
.el .IP "``\s-1ECDSA\-SHA1'', ``ECDSA\-SHA\-1'',\s0 ``ecdsa\-with\-SHA1'', ``1.2.840.10045.4.1''" 4
.IX Item "ECDSA-SHA1, ECDSA-SHA-1, ecdsa-with-SHA1, 1.2.840.10045.4.1"
.PD 0
.ie n .IP """\s-1ECDSA\-SHA2\-224"", ""ECDSA\-SHA224"",\s0 ""ecdsa\-with\-SHA224"", ""1.2.840.10045.4.3.1""" 4
.el .IP "``\s-1ECDSA\-SHA2\-224'', ``ECDSA\-SHA224'',\s0 ``ecdsa\-with\-SHA224'', ``1.2.840.10045.4.3.1''" 4
.IX Item "ECDSA-SHA2-224, ECDSA-SHA224, ecdsa-with-SHA224, 1.2.840.10045.4.3.1"
.ie n .IP """\s-1ECDSA\-SHA2\-256"", ""ECDSA\-SHA256"",\s0 ""ecdsa\-with\-SHA256"", ""1.2.840.10045.4.3.2""" 4
.el .IP "``\s-1ECDSA\-SHA2\-256'', ``ECDSA\-SHA256'',\s0 ``ecdsa\-with\-SHA256'', ``1.2.840.10045.4.3.2''" 4
.IX Item "ECDSA-SHA2-256, ECDSA-SHA256, ecdsa-with-SHA256, 1.2.840.10045.4.3.2"
.ie n .IP """\s-1ECDSA\-SHA2\-384"", ""ECDSA\-SHA384"",\s0 ""ecdsa\-with\-SHA384"", ""1.2.840.10045.4.3.3""" 4
.el .IP "``\s-1ECDSA\-SHA2\-384'', ``ECDSA\-SHA384'',\s0 ``ecdsa\-with\-SHA384'', ``1.2.840.10045.4.3.3''" 4
.IX Item "ECDSA-SHA2-384, ECDSA-SHA384, ecdsa-with-SHA384, 1.2.840.10045.4.3.3"
.ie n .IP """\s-1ECDSA\-SHA2\-512"", ""ECDSA\-SHA512"",\s0 ""ecdsa\-with\-SHA512"", ""1.2.840.10045.4.3.4""" 4
.el .IP "``\s-1ECDSA\-SHA2\-512'', ``ECDSA\-SHA512'',\s0 ``ecdsa\-with\-SHA512'', ``1.2.840.10045.4.3.4''" 4
.IX Item "ECDSA-SHA2-512, ECDSA-SHA512, ecdsa-with-SHA512, 1.2.840.10045.4.3.4"
.ie n .IP """\s-1ECDSA\-SHA3\-224"",\s0 ""ecdsa_with_SHA3\-224"", ""id\-ecdsa\-with\-sha3\-224"", ""2.16.840.1.101.3.4.3.9""" 4
.el .IP "``\s-1ECDSA\-SHA3\-224'',\s0 ``ecdsa_with_SHA3\-224'', ``id\-ecdsa\-with\-sha3\-224'', ``2.16.840.1.101.3.4.3.9''" 4
.IX Item "ECDSA-SHA3-224, ecdsa_with_SHA3-224, id-ecdsa-with-sha3-224, 2.16.840.1.101.3.4.3.9"
.ie n .IP """\s-1ECDSA\-SHA3\-256"",\s0 ""ecdsa_with_SHA3\-256"", ""id\-ecdsa\-with\-sha3\-256"", ""2.16.840.1.101.3.4.3.10""" 4
.el .IP "``\s-1ECDSA\-SHA3\-256'',\s0 ``ecdsa_with_SHA3\-256'', ``id\-ecdsa\-with\-sha3\-256'', ``2.16.840.1.101.3.4.3.10''" 4
.IX Item "ECDSA-SHA3-256, ecdsa_with_SHA3-256, id-ecdsa-with-sha3-256, 2.16.840.1.101.3.4.3.10"
.ie n .IP """\s-1ECDSA\-SHA3\-384"",\s0 ""ecdsa_with_SHA3\-384"", ""id\-ecdsa\-with\-sha3\-384"", ""2.16.840.1.101.3.4.3.11""" 4
.el .IP "``\s-1ECDSA\-SHA3\-384'',\s0 ``ecdsa_with_SHA3\-384'', ``id\-ecdsa\-with\-sha3\-384'', ``2.16.840.1.101.3.4.3.11''" 4
.IX Item "ECDSA-SHA3-384, ecdsa_with_SHA3-384, id-ecdsa-with-sha3-384, 2.16.840.1.101.3.4.3.11"
.ie n .IP """\s-1ECDSA\-SHA3\-512"",\s0 ""ecdsa_with_SHA3\-512"", ""id\-ecdsa\-with\-sha3\-512"", ""2.16.840.1.101.3.4.3.12""" 4
.el .IP "``\s-1ECDSA\-SHA3\-512'',\s0 ``ecdsa_with_SHA3\-512'', ``id\-ecdsa\-with\-sha3\-512'', ``2.16.840.1.101.3.4.3.12''" 4
.IX Item "ECDSA-SHA3-512, ecdsa_with_SHA3-512, id-ecdsa-with-sha3-512, 2.16.840.1.101.3.4.3.12"
.PD
\&\s-1ECDSA\s0 signature schemes with diverse message digest algorithms. They are all
supported explicitly fetched with \fBEVP_PKEY_sign_init_ex2\fR\|(3) and
\&\fBEVP_PKEY_sign_message_init\fR\|(3).
.SS "\s-1ECDSA\s0 Signature Parameters"
.IX Subsection "ECDSA Signature Parameters"
The following signature parameters can be set using \fBEVP_PKEY_CTX_set_params()\fR.
This may be called after \fBEVP_PKEY_sign_init()\fR or \fBEVP_PKEY_verify_init()\fR,
and before calling \fBEVP_PKEY_sign()\fR or \fBEVP_PKEY_verify()\fR.
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """properties"" (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_SIGNATURE_PARAM_PROPERTIES) <UTF8 string>"
.PD
These two are not supported with the \s-1ECDSA\s0 signature schemes that already
include a message digest algorithm, See \*(L"Algorithm Names\*(R" above.
.ie n .IP """nonce-type"" (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.el .IP "``nonce-type'' (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.IX Item "nonce-type (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>"
.PD 0
.ie n .IP """key-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK) <integer>"
.ie n .IP """digest-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK) <integer>"
.PD
These parameters are described in \fBprovider\-signature\fR\|(7).
.PP
The following signature parameters can be retrieved using
\&\fBEVP_PKEY_CTX_get_params()\fR.
.ie n .IP """algorithm-id"" (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.el .IP "``algorithm-id'' (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.IX Item "algorithm-id (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>"
.PD 0
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.ie n .IP """nonce-type"" (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.el .IP "``nonce-type'' (\fB\s-1OSSL_SIGNATURE_PARAM_NONCE_TYPE\s0\fR) <unsigned integer>" 4
.IX Item "nonce-type (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>"
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.ie n .IP """verify-message"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE\s0\fR <integer>" 4
.el .IP "``verify-message'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE\s0\fR <integer>" 4
.IX Item "verify-message (OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE <integer>"
.PD
The parameters are described in \fBprovider\-signature\fR\|(7).
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_params\fR\|(3),
\&\fBEVP_PKEY_sign\fR\|(3),
\&\fBEVP_PKEY_verify\fR\|(3),
\&\fBprovider\-signature\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

304
openssl-3.4.2/doc/man/man7/EVP_SIGNATURE-ED25519.7 Normal file
View File

@@ -0,0 +1,304 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-ED25519 7ossl"
.TH EVP_SIGNATURE-ED25519 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_SIGNATURE\-ED25519,
EVP_SIGNATURE\-ED448,
Ed25519,
Ed448
\&\- EVP_PKEY Ed25519 and Ed448 support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBEd25519\fR and \fBEd448\fR \s-1EVP_PKEY\s0 implementation supports key
generation, one-shot digest-sign and digest-verify using the EdDSA
signature schemes described in \s-1RFC 8032.\s0 It has associated private and
public key formats compatible with \s-1RFC 8410.\s0
.SS "EdDSA Instances"
.IX Subsection "EdDSA Instances"
\&\s-1RFC 8032\s0 describes five EdDSA instances: Ed25519, Ed25519ctx,
Ed25519ph, Ed448, Ed448ph.
.PP
The instances Ed25519, Ed25519ctx, Ed448 are referred to as \fBPureEdDSA\fR
schemes. For these three instances, the sign and verify procedures
require access to the complete message (not a digest of the message).
.PP
The instances Ed25519ph, Ed448ph are referred to as \fBHashEdDSA\fR
schemes. For these two instances, the sign and verify procedures do
not require access to the complete message; they operate on a hash of
the message. For Ed25519ph, the hash function is \s-1SHA512.\s0 For
Ed448ph, the hash function is \s-1SHAKE256\s0 with an output length of 512
bits.
.PP
The instances Ed25519ctx, Ed25519ph, Ed448, Ed448ph accept an optional
\&\fBcontext-string\fR as input to sign and verify operations (and for
Ed25519ctx, the context-string must be nonempty). For the Ed25519
instance, a nonempty context-string is not permitted.
.PP
These instances can be specified as signature parameters when using
\&\fBEVP_DigestSignInit\fR\|(3) and \fBEVP_DigestVerifyInit\fR\|(3), see
\&\*(L"\s-1ED25519\s0 and \s-1ED448\s0 Signature Parameters\*(R" below.
.PP
These instances are also explicitly fetchable as algorithms using
\&\fBEVP_SIGNATURE_fetch\fR\|(3), which can be used with
\&\fBEVP_PKEY_sign_init_ex2\fR\|(3), \fBEVP_PKEY_verify_init_ex2\fR\|(3),
\&\fBEVP_PKEY_sign_message_init\fR\|(3) and \fBEVP_PKEY_verify_message_init\fR\|(3).
.SS "\s-1ED25519\s0 and \s-1ED448\s0 Signature Parameters"
.IX Subsection "ED25519 and ED448 Signature Parameters"
Two parameters can be set during signing or verification: the EdDSA
\&\fBinstance name\fR and the \fBcontext-string value\fR. They can be set by
passing an \s-1OSSL_PARAM\s0 array to \fBEVP_DigestSignInit_ex()\fR.
.IP "\(bu" 4
\&\*(L"instance\*(R" (\fB\s-1OSSL_SIGNATURE_PARAM_INSTANCE\s0\fR) <utf8 string>
.Sp
One of the five strings \*(L"Ed25519\*(R", \*(L"Ed25519ctx\*(R", \*(L"Ed25519ph\*(R", \*(L"Ed448\*(R", \*(L"Ed448ph\*(R".
.Sp
\&\*(L"Ed25519\*(R", \*(L"Ed25519ctx\*(R", \*(L"Ed25519ph\*(R" are valid only for an Ed25519 \s-1EVP_PKEY.\s0
.Sp
\&\*(L"Ed448\*(R", \*(L"Ed448ph\*(R" are valid only for an Ed448 \s-1EVP_PKEY.\s0
.IP "\(bu" 4
\&\*(L"context-string\*(R" (\fB\s-1OSSL_SIGNATURE_PARAM_CONTEXT_STRING\s0\fR) <octet string>
.Sp
A string of octets with length at most 255.
.PP
Both of these parameters are optional.
.PP
When using \fBEVP_DigestSignInit\fR\|(3) or \fBEVP_DigestVerifyInit\fR\|(3), the
signature algorithm is derived from the key type name. The key type name
(\*(L"Ed25519\*(R" or \*(L"Ed448\*(R") is also the default for the instance, but this can be
changed with the \*(L"instance\*(R" parameter.
.PP
Note that a message digest name must \fB\s-1NOT\s0\fR be specified when signing
or verifying.
.PP
When using \fBEVP_PKEY_sign_init_ex2\fR\|(3), \fBEVP_PKEY_verify_init_ex2\fR\|(3),
\&\fBEVP_PKEY_sign_message_init\fR\|(3) or \fBEVP_PKEY_verify_message_init\fR\|(3), the
instance is the explicit signature algorithm name, and may not be changed
(trying to give one with the \*(L"instance\*(R" parameter is therefore an error).
.PP
If a context-string is not specified, then an empty context-string is
used.
.PP
See \s-1\fBEVP_PKEY\-X25519\s0\fR\|(7) for information related to \fBX25519\fR and \fBX448\fR keys.
.PP
The following signature parameters can be retrieved using
\&\fBEVP_PKEY_CTX_get_params()\fR.
.IP "\(bu" 4
\&\*(L"algorithm-id\*(R" (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>
.IP "\(bu" 4
\&\*(L"instance\*(R" (\fB\s-1OSSL_SIGNATURE_PARAM_INSTANCE\s0\fR) <utf8 string>
.IP "\(bu" 4
\&\*(L"context-string\*(R" (\fB\s-1OSSL_SIGNATURE_PARAM_CONTEXT_STRING\s0\fR) <octet string>
.PP
The parameters are described in \fBprovider\-signature\fR\|(7).
.SH "NOTES"
.IX Header "NOTES"
The PureEdDSA instances do not support the streaming mechanism of
other signature algorithms using, for example, \fBEVP_DigestUpdate()\fR.
The message to sign or verify must be passed using the one-shot
\&\fBEVP_DigestSign()\fR and \fBEVP_DigestVerify()\fR functions.
.PP
The HashEdDSA instances do not yet support the streaming mechanisms
(so the one-shot functions must be used with HashEdDSA as well).
.PP
When calling \fBEVP_DigestSignInit()\fR or \fBEVP_DigestVerifyInit()\fR, the
digest \fItype\fR parameter \fB\s-1MUST\s0\fR be set to \s-1NULL.\s0
.PP
Applications wishing to sign certificates (or other structures such as
CRLs or certificate requests) using Ed25519 or Ed448 can either use \fBX509_sign()\fR
or \fBX509_sign_ctx()\fR in the usual way.
.PP
Ed25519 or Ed448 private keys can be set directly using
\&\fBEVP_PKEY_new_raw_private_key\fR\|(3) or loaded from a PKCS#8 private key file
using \fBPEM_read_bio_PrivateKey\fR\|(3) (or similar function). Completely new keys
can also be generated (see the example below). Setting a private key also sets
the associated public key.
.PP
Ed25519 or Ed448 public keys can be set directly using
\&\fBEVP_PKEY_new_raw_public_key\fR\|(3) or loaded from a SubjectPublicKeyInfo
structure in a \s-1PEM\s0 file using \fBPEM_read_bio_PUBKEY\fR\|(3) (or similar function).
.PP
Ed25519 and Ed448 can be tested with the \fBopenssl\-speed\fR\|(1) application
since version 1.1.1.
Valid algorithm names are \fBed25519\fR, \fBed448\fR and \fBeddsa\fR. If \fBeddsa\fR is
specified, then both Ed25519 and Ed448 are benchmarked.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
To sign a message using an \s-1ED25519 EVP_PKEY\s0 structure:
.PP
.Vb 5
\& void do_sign(EVP_PKEY *ed_key, unsigned char *msg, size_t msg_len)
\& {
\& size_t sig_len;
\& unsigned char *sig = NULL;
\& EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
\&
\& const OSSL_PARAM params[] = {
\& OSSL_PARAM_utf8_string ("instance", "Ed25519ctx", 10),
\& OSSL_PARAM_octet_string("context\-string", (unsigned char *)"A protocol defined context string", 33),
\& OSSL_PARAM_END
\& };
\&
\& /* The input "params" is not needed if default options are acceptable.
\& Use NULL in place of "params" in that case. */
\& EVP_DigestSignInit_ex(md_ctx, NULL, NULL, NULL, NULL, ed_key, params);
\& /* Calculate the required size for the signature by passing a NULL buffer. */
\& EVP_DigestSign(md_ctx, NULL, &sig_len, msg, msg_len);
\& sig = OPENSSL_zalloc(sig_len);
\&
\& EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len);
\& ...
\& OPENSSL_free(sig);
\& EVP_MD_CTX_free(md_ctx);
\& }
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBEVP_PKEY\-X25519\s0\fR\|(7)
\&\fBprovider\-signature\fR\|(7),
\&\fBEVP_DigestSignInit\fR\|(3),
\&\fBEVP_DigestVerifyInit\fR\|(3),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2017\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

183
openssl-3.4.2/doc/man/man7/EVP_SIGNATURE-HMAC.7 Normal file
View File

@@ -0,0 +1,183 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-HMAC 7ossl"
.TH EVP_SIGNATURE-HMAC 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_SIGNATURE\-HMAC, EVP_SIGNATURE\-Siphash, EVP_SIGNATURE\-Poly1305,
EVP_SIGNATURE\-CMAC
\&\- The legacy EVP_PKEY MAC signature implementations
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The algorithms described here have legacy support for creating MACs using
\&\fBEVP_DigestSignInit\fR\|(3) and related functions. This is not the preferred way of
creating MACs. Instead you should use the newer \fBEVP_MAC_init\fR\|(3) functions.
This mechanism is provided for backwards compatibility with older versions of
OpenSSL.
.PP
The same signature parameters can be set using \fBEVP_PKEY_CTX_set_params()\fR as can
be set via \fBEVP_MAC_CTX_set_params()\fR for the underlying \s-1EVP_MAC.\s0 See
\&\s-1\fBEVP_MAC\-HMAC\s0\fR\|(7), \fBEVP_MAC\-Siphash\fR\|(7), \fBEVP_MAC\-Poly1305\fR\|(7) and
\&\s-1\fBEVP_MAC\-CMAC\s0\fR\|(7) for details.
.PP
.Vb 3
\& See L<EVP_PKEY\-HMAC(7)>, L<EVP_PKEY\-Siphash(7)>, L<EVP_PKEY\-Poly1305(7)> or
\& L<EVP_PKEY\-CMAC(7)> for details about parameters that are supported during the
\& creation of an EVP_PKEY.
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_MAC_init\fR\|(3),
\&\fBEVP_DigestSignInit\fR\|(3),
\&\s-1\fBEVP_PKEY\-HMAC\s0\fR\|(7),
\&\fBEVP_PKEY\-Siphash\fR\|(7),
\&\fBEVP_PKEY\-Poly1305\fR\|(7),
\&\s-1\fBEVP_PKEY\-CMAC\s0\fR\|(7),
\&\s-1\fBEVP_MAC\-HMAC\s0\fR\|(7),
\&\fBEVP_MAC\-Siphash\fR\|(7),
\&\fBEVP_MAC\-Poly1305\fR\|(7),
\&\s-1\fBEVP_MAC\-CMAC\s0\fR\|(7),
\&\fBprovider\-signature\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

352
openssl-3.4.2/doc/man/man7/EVP_SIGNATURE-RSA.7 Normal file
View File

@@ -0,0 +1,352 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_SIGNATURE-RSA 7ossl"
.TH EVP_SIGNATURE-RSA 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_SIGNATURE\-RSA
\&\- The EVP_PKEY RSA signature implementation
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Support for computing \s-1RSA\s0 signatures.
See \s-1\fBEVP_PKEY\-RSA\s0\fR\|(7) for information related to \s-1RSA\s0 keys.
.SS "Algorithm Names"
.IX Subsection "Algorithm Names"
In this list, names are grouped together to signify that they are the same
algorithm having multiple names. This also includes the \s-1OID\s0 in canonical
decimal form (which means that they are possible to fetch if the caller has a
mere \s-1OID\s0 which came out in this form after a call to \fBOBJ_obj2txt\fR\|(3)).
.ie n .IP """\s-1RSA"",\s0 ""rsaEncryption"", ""1.2.840.113549.1.1.1""" 4
.el .IP "``\s-1RSA'',\s0 ``rsaEncryption'', ``1.2.840.113549.1.1.1''" 4
.IX Item "RSA, rsaEncryption, 1.2.840.113549.1.1.1"
The base signature algorithm, supported explicitly fetched with
\&\fBEVP_PKEY_sign_init_ex2\fR\|(3), and implicitly fetched (through
\&\s-1RSA\s0 keys) with \fBEVP_DigestSignInit\fR\|(3) and
\&\fBEVP_DigestVerifyInit\fR\|(3).
.Sp
It can't be used with \fBEVP_PKEY_sign_message_init\fR\|(3)
.ie n .IP """\s-1RSA\-RIPEMD160"",\s0 ""ripemd160WithRSA"", ""1.3.36.3.3.1.2""" 4
.el .IP "``\s-1RSA\-RIPEMD160'',\s0 ``ripemd160WithRSA'', ``1.3.36.3.3.1.2''" 4
.IX Item "RSA-RIPEMD160, ripemd160WithRSA, 1.3.36.3.3.1.2"
.PD 0
.ie n .IP """\s-1RSA\-SHA2\-256"", ""RSA\-SHA256"",\s0 ""sha256WithRSAEncryption"", ""1.2.840.113549.1.1.11""" 4
.el .IP "``\s-1RSA\-SHA2\-256'', ``RSA\-SHA256'',\s0 ``sha256WithRSAEncryption'', ``1.2.840.113549.1.1.11''" 4
.IX Item "RSA-SHA2-256, RSA-SHA256, sha256WithRSAEncryption, 1.2.840.113549.1.1.11"
.ie n .IP """\s-1RSA\-SHA2\-384"", ""RSA\-SHA384"",\s0 ""sha384WithRSAEncryption"", ""1.2.840.113549.1.1.12""" 4
.el .IP "``\s-1RSA\-SHA2\-384'', ``RSA\-SHA384'',\s0 ``sha384WithRSAEncryption'', ``1.2.840.113549.1.1.12''" 4
.IX Item "RSA-SHA2-384, RSA-SHA384, sha384WithRSAEncryption, 1.2.840.113549.1.1.12"
.ie n .IP """\s-1RSA\-SHA2\-512"", ""RSA\-SHA512"",\s0 ""sha512WithRSAEncryption"", ""1.2.840.113549.1.1.13""" 4
.el .IP "``\s-1RSA\-SHA2\-512'', ``RSA\-SHA512'',\s0 ``sha512WithRSAEncryption'', ``1.2.840.113549.1.1.13''" 4
.IX Item "RSA-SHA2-512, RSA-SHA512, sha512WithRSAEncryption, 1.2.840.113549.1.1.13"
.ie n .IP """\s-1RSA\-SHA2\-224"", ""RSA\-SHA224"",\s0 ""sha224WithRSAEncryption"", ""1.2.840.113549.1.1.14""" 4
.el .IP "``\s-1RSA\-SHA2\-224'', ``RSA\-SHA224'',\s0 ``sha224WithRSAEncryption'', ``1.2.840.113549.1.1.14''" 4
.IX Item "RSA-SHA2-224, RSA-SHA224, sha224WithRSAEncryption, 1.2.840.113549.1.1.14"
.ie n .IP """\s-1RSA\-SHA2\-512/224"", ""RSA\-SHA512\-224"",\s0 ""sha512\-224WithRSAEncryption"", ""1.2.840.113549.1.1.15""" 4
.el .IP "``\s-1RSA\-SHA2\-512/224'', ``RSA\-SHA512\-224'',\s0 ``sha512\-224WithRSAEncryption'', ``1.2.840.113549.1.1.15''" 4
.IX Item "RSA-SHA2-512/224, RSA-SHA512-224, sha512-224WithRSAEncryption, 1.2.840.113549.1.1.15"
.ie n .IP """\s-1RSA\-SHA2\-512/256"", ""RSA\-SHA512\-256"",\s0 ""sha512\-256WithRSAEncryption"", ""1.2.840.113549.1.1.16""" 4
.el .IP "``\s-1RSA\-SHA2\-512/256'', ``RSA\-SHA512\-256'',\s0 ``sha512\-256WithRSAEncryption'', ``1.2.840.113549.1.1.16''" 4
.IX Item "RSA-SHA2-512/256, RSA-SHA512-256, sha512-256WithRSAEncryption, 1.2.840.113549.1.1.16"
.ie n .IP """\s-1RSA\-SHA3\-224"",\s0 ""id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-224"", ""2.16.840.1.101.3.4.3.13""" 4
.el .IP "``\s-1RSA\-SHA3\-224'',\s0 ``id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-224'', ``2.16.840.1.101.3.4.3.13''" 4
.IX Item "RSA-SHA3-224, id-rsassa-pkcs1-v1_5-with-sha3-224, 2.16.840.1.101.3.4.3.13"
.ie n .IP """\s-1RSA\-SHA3\-256"",\s0 ""id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-256"", ""2.16.840.1.101.3.4.3.14""" 4
.el .IP "``\s-1RSA\-SHA3\-256'',\s0 ``id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-256'', ``2.16.840.1.101.3.4.3.14''" 4
.IX Item "RSA-SHA3-256, id-rsassa-pkcs1-v1_5-with-sha3-256, 2.16.840.1.101.3.4.3.14"
.ie n .IP """\s-1RSA\-SHA3\-384"",\s0 ""id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-384"", ""2.16.840.1.101.3.4.3.15""" 4
.el .IP "``\s-1RSA\-SHA3\-384'',\s0 ``id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-384'', ``2.16.840.1.101.3.4.3.15''" 4
.IX Item "RSA-SHA3-384, id-rsassa-pkcs1-v1_5-with-sha3-384, 2.16.840.1.101.3.4.3.15"
.ie n .IP """\s-1RSA\-SHA3\-512"",\s0 ""id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-512"", ""2.16.840.1.101.3.4.3.16""" 4
.el .IP "``\s-1RSA\-SHA3\-512'',\s0 ``id\-rsassa\-pkcs1\-v1_5\-with\-sha3\-512'', ``2.16.840.1.101.3.4.3.16''" 4
.IX Item "RSA-SHA3-512, id-rsassa-pkcs1-v1_5-with-sha3-512, 2.16.840.1.101.3.4.3.16"
.ie n .IP """\s-1RSA\-SM3"",\s0 ""sm3WithRSAEncryption"", ""1.2.156.10197.1.504""" 4
.el .IP "``\s-1RSA\-SM3'',\s0 ``sm3WithRSAEncryption'', ``1.2.156.10197.1.504''" 4
.IX Item "RSA-SM3, sm3WithRSAEncryption, 1.2.156.10197.1.504"
.PD
PKCS#1 v1.5 \s-1RSA\s0 signature schemes with diverse message digest algorithms. They
are all supported explicitly fetched with \fBEVP_PKEY_sign_init_ex2\fR\|(3) and
\&\fBEVP_PKEY_sign_message_init\fR\|(3).
They are all pre-set to use the pad mode \*(L"pkcs1\*(R". This cannot be changed.
.SS "Signature Parameters"
.IX Subsection "Signature Parameters"
The following signature parameters can be set using \fBEVP_PKEY_CTX_set_params()\fR.
This may be called after \fBEVP_PKEY_sign_init()\fR or \fBEVP_PKEY_verify_init()\fR,
and before calling \fBEVP_PKEY_sign()\fR or \fBEVP_PKEY_verify()\fR. They may also be set
using \fBEVP_PKEY_sign_init_ex()\fR or \fBEVP_PKEY_verify_init_ex()\fR.
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """properties"" (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``properties'' (\fB\s-1OSSL_SIGNATURE_PARAM_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "properties (OSSL_SIGNATURE_PARAM_PROPERTIES) <UTF8 string>"
.PD
These are not supported with the \s-1RSA\s0 signature schemes that already include a
message digest algorithm, See \*(L"Algorithm Names\*(R" above.
.Sp
These common parameters are described in \fBprovider\-signature\fR\|(7).
.ie n .IP """pad-mode"" (\fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``pad-mode'' (\fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "pad-mode (OSSL_SIGNATURE_PARAM_PAD_MODE) <UTF8 string>"
The type of padding to be used. Its value can be one of the following:
.RS 4
.ie n .IP """none"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_NONE\s0\fR)" 4
.el .IP "``none'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_NONE\s0\fR)" 4
.IX Item "none (OSSL_PKEY_RSA_PAD_MODE_NONE)"
.PD 0
.ie n .IP """pkcs1"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PKCSV15\s0\fR)" 4
.el .IP "``pkcs1'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PKCSV15\s0\fR)" 4
.IX Item "pkcs1 (OSSL_PKEY_RSA_PAD_MODE_PKCSV15)"
.ie n .IP """x931"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_X931\s0\fR)" 4
.el .IP "``x931'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_X931\s0\fR)" 4
.IX Item "x931 (OSSL_PKEY_RSA_PAD_MODE_X931)"
.PD
This padding mode is no longer supported by the \s-1FIPS\s0 provider for signature
generation, but may be used for signature verification for legacy use cases.
(This is a \s-1FIPS 140\-3\s0 requirement)
.ie n .IP """pss"" (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PSS\s0\fR)" 4
.el .IP "``pss'' (\fB\s-1OSSL_PKEY_RSA_PAD_MODE_PSS\s0\fR)" 4
.IX Item "pss (OSSL_PKEY_RSA_PAD_MODE_PSS)"
.RE
.RS 4
.RE
.PD 0
.ie n .IP """mgf1\-digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mgf1\-digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mgf1-digest (OSSL_SIGNATURE_PARAM_MGF1_DIGEST) <UTF8 string>"
.PD
The digest algorithm name to use for the maskGenAlgorithm used by \*(L"pss\*(R" mode.
.ie n .IP """mgf1\-properties"" (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mgf1\-properties'' (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mgf1-properties (OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES) <UTF8 string>"
Sets the name of the property query associated with the \*(L"mgf1\-digest\*(R" algorithm.
\&\s-1NULL\s0 is used if this optional value is not set.
.ie n .IP """saltlen"" (\fB\s-1OSSL_SIGNATURE_PARAM_PSS_SALTLEN\s0\fR) <integer> or <\s-1UTF8\s0 string>" 4
.el .IP "``saltlen'' (\fB\s-1OSSL_SIGNATURE_PARAM_PSS_SALTLEN\s0\fR) <integer> or <\s-1UTF8\s0 string>" 4
.IX Item "saltlen (OSSL_SIGNATURE_PARAM_PSS_SALTLEN) <integer> or <UTF8 string>"
The \*(L"pss\*(R" mode minimum salt length. The value can either be an integer,
a string value representing a number or one of the following string values:
.RS 4
.ie n .IP """digest"" (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST\s0\fR)" 4
.el .IP "``digest'' (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST\s0\fR)" 4
.IX Item "digest (OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST)"
Use the same length as the digest size.
.ie n .IP """max"" (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_MAX\s0\fR)" 4
.el .IP "``max'' (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_MAX\s0\fR)" 4
.IX Item "max (OSSL_PKEY_RSA_PSS_SALT_LEN_MAX)"
Use the maximum salt length.
.ie n .IP """auto"" (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO\s0\fR)" 4
.el .IP "``auto'' (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO\s0\fR)" 4
.IX Item "auto (OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO)"
Auto detect the salt length.
.ie n .IP """auto-digestmax"" (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX\s0\fR)" 4
.el .IP "``auto-digestmax'' (\fB\s-1OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX\s0\fR)" 4
.IX Item "auto-digestmax (OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX)"
Auto detect the salt length when verifying. Maximize the salt length up to the
digest size when signing to comply with \s-1FIPS 186\-4\s0 section 5.5.
.RE
.RS 4
.RE
.PP
The OpenSSL \s-1FIPS\s0 provider also supports the following parameters:
.ie n .IP """key-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.el .IP "``key-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\s0\fR) <integer>" 4
.IX Item "key-check (OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK) <integer>"
.PD 0
.ie n .IP """digest-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.el .IP "``digest-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\s0\fR) <integer>" 4
.IX Item "digest-check (OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK) <integer>"
.ie n .IP """sign\-x931\-pad\-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK\s0\fR) <integer>" 4
.el .IP "``sign\-x931\-pad\-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK\s0\fR) <integer>" 4
.IX Item "sign-x931-pad-check (OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK) <integer>"
.PD
These parameters are described in \fBprovider\-signature\fR\|(7).
.ie n .IP """rsa-pss-saltlen-check"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK\s0\fR) <integer>" 4
.el .IP "``rsa-pss-saltlen-check'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK\s0\fR) <integer>" 4
.IX Item "rsa-pss-saltlen-check (OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK) <integer>"
The default value of 1 causes an error during signature generation or
verification if salt length (\fB\s-1OSSL_SIGNATURE_PARAM_PSS_SALTLEN\s0\fR) is not between
zero and the output block size of the digest function (inclusive).
Setting this to zero will ignore the error and set the approved \*(L"fips-indicator\*(R"
to 0.
This option breaks \s-1FIPS\s0 compliance if it causes the approved \*(L"fips-indicator\*(R"
to return 0.
.PP
The following signature parameters can be retrieved using
\&\fBEVP_PKEY_CTX_get_params()\fR.
.ie n .IP """algorithm-id"" (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.el .IP "``algorithm-id'' (\fB\s-1OSSL_SIGNATURE_PARAM_ALGORITHM_ID\s0\fR) <octet string>" 4
.IX Item "algorithm-id (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>"
.PD 0
.ie n .IP """fips-indicator"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.el .IP "``fips-indicator'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\s0\fR) <integer>" 4
.IX Item "fips-indicator (OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
.ie n .IP """verify-message"" (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE\s0\fR <integer>" 4
.el .IP "``verify-message'' (\fB\s-1OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE\s0\fR <integer>" 4
.IX Item "verify-message (OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE <integer>"
.PD
These common parameter are described in \fBprovider\-signature\fR\|(7).
.ie n .IP """digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "digest (OSSL_SIGNATURE_PARAM_DIGEST) <UTF8 string>"
.PD 0
.ie n .IP """pad-mode"" (\fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``pad-mode'' (\fB\s-1OSSL_SIGNATURE_PARAM_PAD_MODE\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "pad-mode (OSSL_SIGNATURE_PARAM_PAD_MODE) <UTF8 string>"
.ie n .IP """mgf1\-digest"" (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.el .IP "``mgf1\-digest'' (\fB\s-1OSSL_SIGNATURE_PARAM_MGF1_DIGEST\s0\fR) <\s-1UTF8\s0 string>" 4
.IX Item "mgf1-digest (OSSL_SIGNATURE_PARAM_MGF1_DIGEST) <UTF8 string>"
.ie n .IP """saltlen"" (\fB\s-1OSSL_SIGNATURE_PARAM_PSS_SALTLEN\s0\fR) <integer> or <\s-1UTF8\s0 string>" 4
.el .IP "``saltlen'' (\fB\s-1OSSL_SIGNATURE_PARAM_PSS_SALTLEN\s0\fR) <integer> or <\s-1UTF8\s0 string>" 4
.IX Item "saltlen (OSSL_SIGNATURE_PARAM_PSS_SALTLEN) <integer> or <UTF8 string>"
.PD
These parameters are as described above.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_params\fR\|(3),
\&\fBEVP_PKEY_sign\fR\|(3),
\&\fBEVP_PKEY_verify\fR\|(3),
\&\fBprovider\-signature\fR\|(7),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

665
openssl-3.4.2/doc/man/man7/OSSL_PROVIDER-FIPS.7 Normal file
View File

@@ -0,0 +1,665 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_PROVIDER-FIPS 7ossl"
.TH OSSL_PROVIDER-FIPS 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_PROVIDER\-FIPS \- OpenSSL FIPS provider
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The OpenSSL \s-1FIPS\s0 provider is a special provider that conforms to the Federal
Information Processing Standards (\s-1FIPS\s0) specified in \s-1FIPS 140\-3.\s0 This 'module'
contains an approved set of cryptographic algorithms that is validated by an
accredited testing laboratory.
.SS "Properties"
.IX Subsection "Properties"
The implementations in this provider specifically have these properties
defined:
.ie n .IP """provider=fips""" 4
.el .IP "``provider=fips''" 4
.IX Item "provider=fips"
.PD 0
.ie n .IP """fips=yes""" 4
.el .IP "``fips=yes''" 4
.IX Item "fips=yes"
.PD
.PP
It may be used in a property query string with fetching functions such as
\&\fBEVP_MD_fetch\fR\|(3) or \fBEVP_CIPHER_fetch\fR\|(3), as well as with other
functions that take a property query string, such as
\&\fBEVP_PKEY_CTX_new_from_name\fR\|(3).
.PP
To be \s-1FIPS\s0 compliant, it is mandatory to include \f(CW\*(C`fips=yes\*(C'\fR as
part of all property queries. This ensures that only \s-1FIPS\s0 approved
implementations are used for cryptographic operations. The \f(CW\*(C`fips=yes\*(C'\fR
query may also include other non-crypto support operations that
are not in the \s-1FIPS\s0 provider, such as asymmetric key encoders, see
\&\*(L"Asymmetric Key Management\*(R" in \fBOSSL_PROVIDER\-default\fR\|(7).
.PP
It is not mandatory to include \f(CW\*(C`provider=fips\*(C'\fR as part of your property
query. Including \f(CW\*(C`provider=fips\*(C'\fR in your property query guarantees
that the OpenSSL \s-1FIPS\s0 provider is used for cryptographic operations
rather than other \s-1FIPS\s0 capable providers.
.SS "Provider parameters"
.IX Subsection "Provider parameters"
See \*(L"Provider parameters\*(R" in \fBprovider\-base\fR\|(7) for a list of base parameters.
Additionally the OpenSSL \s-1FIPS\s0 provider also supports the following gettable
parameters:
.ie n .IP """security-checks"" (\fB\s-1OSSL_OSSL_PROV_PARAM_SECURITY_CHECKS\s0\fR) <unsigned integer>" 4
.el .IP "``security-checks'' (\fB\s-1OSSL_OSSL_PROV_PARAM_SECURITY_CHECKS\s0\fR) <unsigned integer>" 4
.IX Item "security-checks (OSSL_OSSL_PROV_PARAM_SECURITY_CHECKS) <unsigned integer>"
For further information refer to the \fBopenssl\-fipsinstall\fR\|(1) option
\&\fB\-no_security_checks\fR.
.SH "OPERATIONS AND ALGORITHMS"
.IX Header "OPERATIONS AND ALGORITHMS"
The OpenSSL \s-1FIPS\s0 provider supports these operations and algorithms:
.SS "Hashing Algorithms / Message Digests"
.IX Subsection "Hashing Algorithms / Message Digests"
.IP "\s-1SHA1,\s0 see \s-1\fBEVP_MD\-SHA1\s0\fR\|(7)" 4
.IX Item "SHA1, see EVP_MD-SHA1"
.PD 0
.IP "\s-1SHA2,\s0 see \s-1\fBEVP_MD\-SHA2\s0\fR\|(7)" 4
.IX Item "SHA2, see EVP_MD-SHA2"
.IP "\s-1SHA3,\s0 see \s-1\fBEVP_MD\-SHA3\s0\fR\|(7)" 4
.IX Item "SHA3, see EVP_MD-SHA3"
.IP "KECCAK-KMAC, see \s-1\fBEVP_MD\-KECCAK\-KMAC\s0\fR\|(7)" 4
.IX Item "KECCAK-KMAC, see EVP_MD-KECCAK-KMAC"
.IP "\s-1SHAKE,\s0 see \s-1\fBEVP_MD\-SHAKE\s0\fR\|(7)" 4
.IX Item "SHAKE, see EVP_MD-SHAKE"
.PD
.SS "Symmetric Ciphers"
.IX Subsection "Symmetric Ciphers"
.IP "\s-1AES,\s0 see \s-1\fBEVP_CIPHER\-AES\s0\fR\|(7)" 4
.IX Item "AES, see EVP_CIPHER-AES"
.PD 0
.IP "3DES, see \s-1\fBEVP_CIPHER\-DES\s0\fR\|(7)" 4
.IX Item "3DES, see EVP_CIPHER-DES"
.PD
This is an unapproved algorithm.
.SS "Message Authentication Code (\s-1MAC\s0)"
.IX Subsection "Message Authentication Code (MAC)"
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_MAC-CMAC"
.PD 0
.IP "\s-1GMAC,\s0 see \s-1\fBEVP_MAC\-GMAC\s0\fR\|(7)" 4
.IX Item "GMAC, see EVP_MAC-GMAC"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_MAC\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_MAC-HMAC"
.IP "\s-1KMAC,\s0 see \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7)" 4
.IX Item "KMAC, see EVP_MAC-KMAC"
.PD
.SS "Key Derivation Function (\s-1KDF\s0)"
.IX Subsection "Key Derivation Function (KDF)"
.IP "\s-1HKDF,\s0 see \s-1\fBEVP_KDF\-HKDF\s0\fR\|(7)" 4
.IX Item "HKDF, see EVP_KDF-HKDF"
.PD 0
.IP "\s-1TLS13\-KDF,\s0 see \s-1\fBEVP_KDF\-TLS13_KDF\s0\fR\|(7)" 4
.IX Item "TLS13-KDF, see EVP_KDF-TLS13_KDF"
.IP "\s-1SSKDF,\s0 see \s-1\fBEVP_KDF\-SS\s0\fR\|(7)" 4
.IX Item "SSKDF, see EVP_KDF-SS"
.IP "\s-1PBKDF2,\s0 see \s-1\fBEVP_KDF\-PBKDF2\s0\fR\|(7)" 4
.IX Item "PBKDF2, see EVP_KDF-PBKDF2"
.IP "\s-1SSHKDF,\s0 see \s-1\fBEVP_KDF\-SSHKDF\s0\fR\|(7)" 4
.IX Item "SSHKDF, see EVP_KDF-SSHKDF"
.IP "\s-1TLS1\-PRF,\s0 see \s-1\fBEVP_KDF\-TLS1_PRF\s0\fR\|(7)" 4
.IX Item "TLS1-PRF, see EVP_KDF-TLS1_PRF"
.IP "\s-1KBKDF,\s0 see \s-1\fBEVP_KDF\-KB\s0\fR\|(7)" 4
.IX Item "KBKDF, see EVP_KDF-KB"
.IP "X942KDF\-ASN1, see \s-1\fBEVP_KDF\-X942\-ASN1\s0\fR\|(7)" 4
.IX Item "X942KDF-ASN1, see EVP_KDF-X942-ASN1"
.IP "X942KDF\-CONCAT, see \s-1\fBEVP_KDF\-X942\-CONCAT\s0\fR\|(7)" 4
.IX Item "X942KDF-CONCAT, see EVP_KDF-X942-CONCAT"
.IP "X963KDF, see \s-1\fBEVP_KDF\-X963\s0\fR\|(7)" 4
.IX Item "X963KDF, see EVP_KDF-X963"
.PD
.SS "Key Exchange"
.IX Subsection "Key Exchange"
.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)" 4
.IX Item "DH, see EVP_KEYEXCH-DH"
.PD 0
.IP "\s-1ECDH,\s0 see \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)" 4
.IX Item "ECDH, see EVP_KEYEXCH-ECDH"
.IP "X25519, see \s-1\fBEVP_KEYEXCH\-X25519\s0\fR\|(7)" 4
.IX Item "X25519, see EVP_KEYEXCH-X25519"
.IP "X448, see \s-1\fBEVP_KEYEXCH\-X448\s0\fR\|(7)" 4
.IX Item "X448, see EVP_KEYEXCH-X448"
.IP "\s-1TLS1\-PRF\s0" 4
.IX Item "TLS1-PRF"
.IP "\s-1HKDF\s0" 4
.IX Item "HKDF"
.PD
.SS "Asymmetric Signature"
.IX Subsection "Asymmetric Signature"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_SIGNATURE-RSA"
The \fBX931\fR padding mode \*(L"\s-1OSSL_PKEY_RSA_PAD_MODE_X931\*(R"\s0 is no longer supported
for signature generation, but may be used for verification for legacy use cases.
(This is a \s-1FIPS 140\-3\s0 requirement)
.IP "\s-1DSA,\s0 see \s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7)" 4
.IX Item "DSA, see EVP_SIGNATURE-DSA"
.PD 0
.IP "\s-1ED25519,\s0 see \s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7)" 4
.IX Item "ED25519, see EVP_SIGNATURE-ED25519"
.IP "\s-1ED448,\s0 see \s-1\fBEVP_SIGNATURE\-ED448\s0\fR\|(7)" 4
.IX Item "ED448, see EVP_SIGNATURE-ED448"
.IP "\s-1ECDSA,\s0 see \s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7)" 4
.IX Item "ECDSA, see EVP_SIGNATURE-ECDSA"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_SIGNATURE\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_SIGNATURE-HMAC"
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_SIGNATURE\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_SIGNATURE-CMAC"
.PD
.SS "Asymmetric Cipher"
.IX Subsection "Asymmetric Cipher"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_ASYM_CIPHER\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_ASYM_CIPHER-RSA"
.SS "Asymmetric Key Encapsulation"
.IX Subsection "Asymmetric Key Encapsulation"
.PD 0
.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEM\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_KEM-RSA"
.PD
.SS "Asymmetric Key Management"
.IX Subsection "Asymmetric Key Management"
.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYMGMT\-DH\s0\fR\|(7)" 4
.IX Item "DH, see EVP_KEYMGMT-DH"
.PD 0
.IP "\s-1DHX,\s0 see \s-1\fBEVP_KEYMGMT\-DHX\s0\fR\|(7)" 4
.IX Item "DHX, see EVP_KEYMGMT-DHX"
.IP "\s-1DSA,\s0 see \s-1\fBEVP_KEYMGMT\-DSA\s0\fR\|(7)" 4
.IX Item "DSA, see EVP_KEYMGMT-DSA"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEYMGMT\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_KEYMGMT-RSA"
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1EC,\s0 see \s-1\fBEVP_KEYMGMT\-EC\s0\fR\|(7)" 4
.IX Item "EC, see EVP_KEYMGMT-EC"
.IP "X25519, see \s-1\fBEVP_KEYMGMT\-X25519\s0\fR\|(7)" 4
.IX Item "X25519, see EVP_KEYMGMT-X25519"
.PD
This is an unapproved algorithm.
.IP "X448, see \s-1\fBEVP_KEYMGMT\-X448\s0\fR\|(7)" 4
.IX Item "X448, see EVP_KEYMGMT-X448"
This is an unapproved algorithm.
.IP "\s-1ED25519,\s0 see \s-1\fBEVP_KEYMGMT\-ED25519\s0\fR\|(7)" 4
.IX Item "ED25519, see EVP_KEYMGMT-ED25519"
This is an unapproved algorithm.
.IP "\s-1ED448,\s0 see \s-1\fBEVP_KEYMGMT\-ED448\s0\fR\|(7)" 4
.IX Item "ED448, see EVP_KEYMGMT-ED448"
This is an unapproved algorithm.
.IP "\s-1TLS1\-PRF\s0" 4
.IX Item "TLS1-PRF"
.PD 0
.IP "\s-1HKDF\s0" 4
.IX Item "HKDF"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_KEYMGMT\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_KEYMGMT-HMAC"
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_KEYMGMT\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_KEYMGMT-CMAC"
.PD
.SS "Random Number Generation"
.IX Subsection "Random Number Generation"
.IP "CRNG-TEST, see \s-1\fBEVP_RAND\-CRNG\-TEST\s0\fR\|(7)" 4
.IX Item "CRNG-TEST, see EVP_RAND-CRNG-TEST"
.PD 0
.IP "CTR-DRBG, see \s-1\fBEVP_RAND\-CTR\-DRBG\s0\fR\|(7)" 4
.IX Item "CTR-DRBG, see EVP_RAND-CTR-DRBG"
.IP "HASH-DRBG, see \s-1\fBEVP_RAND\-HASH\-DRBG\s0\fR\|(7)" 4
.IX Item "HASH-DRBG, see EVP_RAND-HASH-DRBG"
.IP "HMAC-DRBG, see \s-1\fBEVP_RAND\-HMAC\-DRBG\s0\fR\|(7)" 4
.IX Item "HMAC-DRBG, see EVP_RAND-HMAC-DRBG"
.IP "TEST-RAND, see \s-1\fBEVP_RAND\-TEST\-RAND\s0\fR\|(7)" 4
.IX Item "TEST-RAND, see EVP_RAND-TEST-RAND"
.PD
TEST-RAND is an unapproved algorithm.
.SH "SELF TESTING"
.IX Header "SELF TESTING"
One of the requirements for the \s-1FIPS\s0 module is self testing. An optional callback
mechanism is available to return information to the user using
\&\fBOSSL_SELF_TEST_set_callback\fR\|(3).
.PP
The parameters passed to the callback are described in \fBOSSL_SELF_TEST_new\fR\|(3)
.PP
The OpenSSL \s-1FIPS\s0 module uses the following mechanism to provide information
about the self tests as they run.
This is useful for debugging if a self test is failing.
The callback also allows forcing any self test to fail, in order to check that
it operates correctly on failure.
Note that all self tests run even if a self test failure occurs.
.PP
The \s-1FIPS\s0 module passes the following type(s) to \fBOSSL_SELF_TEST_onbegin()\fR.
.ie n .IP """Module_Integrity"" (\fB\s-1OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY\s0\fR)" 4
.el .IP "``Module_Integrity'' (\fB\s-1OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY\s0\fR)" 4
.IX Item "Module_Integrity (OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)"
Uses \s-1HMAC SHA256\s0 on the module file to validate that the module has not been
modified. The integrity value is compared to a value written to a configuration
file during installation.
.ie n .IP """Install_Integrity"" (\fB\s-1OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY\s0\fR)" 4
.el .IP "``Install_Integrity'' (\fB\s-1OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY\s0\fR)" 4
.IX Item "Install_Integrity (OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY)"
Uses \s-1HMAC SHA256\s0 on a fixed string to validate that the installation process
has already been performed and the self test \s-1KATS\s0 have already been tested,
The integrity value is compared to a value written to a configuration
file after successfully running the self tests during installation.
.ie n .IP """KAT_Cipher"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_CIPHER\s0\fR)" 4
.el .IP "``KAT_Cipher'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_CIPHER\s0\fR)" 4
.IX Item "KAT_Cipher (OSSL_SELF_TEST_TYPE_KAT_CIPHER)"
Known answer test for a symmetric cipher.
.ie n .IP """KAT_AsymmetricCipher"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER\s0\fR)" 4
.el .IP "``KAT_AsymmetricCipher'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER\s0\fR)" 4
.IX Item "KAT_AsymmetricCipher (OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER)"
Known answer test for a asymmetric cipher.
.ie n .IP """KAT_Digest"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_DIGEST\s0\fR)" 4
.el .IP "``KAT_Digest'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_DIGEST\s0\fR)" 4
.IX Item "KAT_Digest (OSSL_SELF_TEST_TYPE_KAT_DIGEST)"
Known answer test for a digest.
.ie n .IP """KAT_Signature"" (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_SIGNATURE\s0\fR)" 4
.el .IP "``KAT_Signature'' (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_SIGNATURE\s0\fR)" 4
.IX Item "KAT_Signature (OSSL_SELF_TEST_TYPE_KAT_SIGNATURE)"
Known answer test for a signature.
.ie n .IP """PCT_Signature"" (\fB\s-1OSSL_SELF_TEST_TYPE_PCT_SIGNATURE\s0\fR)" 4
.el .IP "``PCT_Signature'' (\fB\s-1OSSL_SELF_TEST_TYPE_PCT_SIGNATURE\s0\fR)" 4
.IX Item "PCT_Signature (OSSL_SELF_TEST_TYPE_PCT_SIGNATURE)"
Pairwise Consistency check for a signature.
.ie n .IP """\s-1KAT_KDF""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KDF\s0\fR)" 4
.el .IP "``\s-1KAT_KDF''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KDF\s0\fR)" 4
.IX Item "KAT_KDF (OSSL_SELF_TEST_TYPE_KAT_KDF)"
Known answer test for a key derivation function.
.ie n .IP """\s-1KAT_KA""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KA\s0\fR)" 4
.el .IP "``\s-1KAT_KA''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_KAT_KA\s0\fR)" 4
.IX Item "KAT_KA (OSSL_SELF_TEST_TYPE_KAT_KA)"
Known answer test for key agreement.
.ie n .IP """\s-1DRBG""\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_DRBG\s0\fR)" 4
.el .IP "``\s-1DRBG''\s0 (\fB\s-1OSSL_SELF_TEST_TYPE_DRBG\s0\fR)" 4
.IX Item "DRBG (OSSL_SELF_TEST_TYPE_DRBG)"
Known answer test for a Deterministic Random Bit Generator.
.ie n .IP """Conditional_PCT"" (\fB\s-1OSSL_SELF_TEST_TYPE_PCT\s0\fR)" 4
.el .IP "``Conditional_PCT'' (\fB\s-1OSSL_SELF_TEST_TYPE_PCT\s0\fR)" 4
.IX Item "Conditional_PCT (OSSL_SELF_TEST_TYPE_PCT)"
Conditional test that is run during the generation of key pairs.
.ie n .IP """Continuous_RNG_Test"" (\fB\s-1OSSL_SELF_TEST_TYPE_CRNG\s0\fR)" 4
.el .IP "``Continuous_RNG_Test'' (\fB\s-1OSSL_SELF_TEST_TYPE_CRNG\s0\fR)" 4
.IX Item "Continuous_RNG_Test (OSSL_SELF_TEST_TYPE_CRNG)"
Continuous random number generator test.
.PP
The \*(L"Module_Integrity\*(R" self test is always run at startup.
The \*(L"Install_Integrity\*(R" self test is used to check if the self tests have
already been run at installation time. If they have already run then the
self tests are not run on subsequent startups.
All other self test categories are run once at installation time, except for the
\&\*(L"Pairwise_Consistency_Test\*(R".
.PP
There is only one instance of the \*(L"Module_Integrity\*(R" and \*(L"Install_Integrity\*(R"
self tests. All other self tests may have multiple instances.
.PP
The \s-1FIPS\s0 module passes the following descriptions(s) to \fBOSSL_SELF_TEST_onbegin()\fR.
.ie n .IP """\s-1HMAC""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_INTEGRITY_HMAC\s0\fR)" 4
.el .IP "``\s-1HMAC''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_INTEGRITY_HMAC\s0\fR)" 4
.IX Item "HMAC (OSSL_SELF_TEST_DESC_INTEGRITY_HMAC)"
\&\*(L"Module_Integrity\*(R" and \*(L"Install_Integrity\*(R" use this.
.ie n .IP """\s-1RSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1\s0\fR)" 4
.el .IP "``\s-1RSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1\s0\fR)" 4
.IX Item "RSA (OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1)"
.PD 0
.ie n .IP """\s-1RSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA\s0\fR)" 4
.el .IP "``\s-1RSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_RSA\s0\fR)" 4
.IX Item "RSA (OSSL_SELF_TEST_DESC_PCT_RSA)"
.ie n .IP """\s-1ECDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_ECDSA\s0\fR)" 4
.el .IP "``\s-1ECDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_ECDSA\s0\fR)" 4
.IX Item "ECDSA (OSSL_SELF_TEST_DESC_PCT_ECDSA)"
.ie n .IP """\s-1EDDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_EDDSA\s0\fR)" 4
.el .IP "``\s-1EDDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_EDDSA\s0\fR)" 4
.IX Item "EDDSA (OSSL_SELF_TEST_DESC_PCT_EDDSA)"
.ie n .IP """\s-1DSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_DSA\s0\fR)" 4
.el .IP "``\s-1DSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_PCT_DSA\s0\fR)" 4
.IX Item "DSA (OSSL_SELF_TEST_DESC_PCT_DSA)"
.PD
Key generation tests used with the \*(L"Pairwise_Consistency_Test\*(R" type.
.ie n .IP """RSA_Encrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_ENC\s0\fR)" 4
.el .IP "``RSA_Encrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_ENC\s0\fR)" 4
.IX Item "RSA_Encrypt (OSSL_SELF_TEST_DESC_ASYM_RSA_ENC)"
.PD 0
.ie n .IP """RSA_Decrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_DEC\s0\fR)" 4
.el .IP "``RSA_Decrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_ASYM_RSA_DEC\s0\fR)" 4
.IX Item "RSA_Decrypt (OSSL_SELF_TEST_DESC_ASYM_RSA_DEC)"
.PD
\&\*(L"KAT_AsymmetricCipher\*(R" uses this to indicate an encrypt or decrypt \s-1KAT.\s0
.ie n .IP """\s-1AES_GCM""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_GCM\s0\fR)" 4
.el .IP "``\s-1AES_GCM''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_GCM\s0\fR)" 4
.IX Item "AES_GCM (OSSL_SELF_TEST_DESC_CIPHER_AES_GCM)"
.PD 0
.ie n .IP """AES_ECB_Decrypt"" (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_ECB\s0\fR)" 4
.el .IP "``AES_ECB_Decrypt'' (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_AES_ECB\s0\fR)" 4
.IX Item "AES_ECB_Decrypt (OSSL_SELF_TEST_DESC_CIPHER_AES_ECB)"
.ie n .IP """\s-1TDES""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_TDES\s0\fR)" 4
.el .IP "``\s-1TDES''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_CIPHER_TDES\s0\fR)" 4
.IX Item "TDES (OSSL_SELF_TEST_DESC_CIPHER_TDES)"
.PD
Symmetric cipher tests used with the \*(L"KAT_Cipher\*(R" type.
.ie n .IP """\s-1SHA1""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA1\s0\fR)" 4
.el .IP "``\s-1SHA1''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA1\s0\fR)" 4
.IX Item "SHA1 (OSSL_SELF_TEST_DESC_MD_SHA1)"
.PD 0
.ie n .IP """\s-1SHA2""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA2\s0\fR)" 4
.el .IP "``\s-1SHA2''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA2\s0\fR)" 4
.IX Item "SHA2 (OSSL_SELF_TEST_DESC_MD_SHA2)"
.ie n .IP """\s-1SHA3""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA3\s0\fR)" 4
.el .IP "``\s-1SHA3''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_MD_SHA3\s0\fR)" 4
.IX Item "SHA3 (OSSL_SELF_TEST_DESC_MD_SHA3)"
.PD
Digest tests used with the \*(L"KAT_Digest\*(R" type.
.ie n .IP """\s-1DSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_DSA\s0\fR)" 4
.el .IP "``\s-1DSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_DSA\s0\fR)" 4
.IX Item "DSA (OSSL_SELF_TEST_DESC_SIGN_DSA)"
.PD 0
.ie n .IP """\s-1RSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_RSA\s0\fR)" 4
.el .IP "``\s-1RSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_RSA\s0\fR)" 4
.IX Item "RSA (OSSL_SELF_TEST_DESC_SIGN_RSA)"
.ie n .IP """\s-1ECDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_ECDSA\s0\fR)" 4
.el .IP "``\s-1ECDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_ECDSA\s0\fR)" 4
.IX Item "ECDSA (OSSL_SELF_TEST_DESC_SIGN_ECDSA)"
.ie n .IP """\s-1EDDSA""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_EDDSA\s0\fR)" 4
.el .IP "``\s-1EDDSA''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_SIGN_EDDSA\s0\fR)" 4
.IX Item "EDDSA (OSSL_SELF_TEST_DESC_SIGN_EDDSA)"
.PD
Signature tests used with the \*(L"KAT_Signature\*(R" type.
.ie n .IP """\s-1ECDH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_ECDH\s0\fR)" 4
.el .IP "``\s-1ECDH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_ECDH\s0\fR)" 4
.IX Item "ECDH (OSSL_SELF_TEST_DESC_KA_ECDH)"
.PD 0
.ie n .IP """\s-1DH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_DH\s0\fR)" 4
.el .IP "``\s-1DH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KA_DH\s0\fR)" 4
.IX Item "DH (OSSL_SELF_TEST_DESC_KA_DH)"
.PD
Key agreement tests used with the \*(L"\s-1KAT_KA\*(R"\s0 type.
.ie n .IP """\s-1HKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_HKDF\s0\fR)" 4
.el .IP "``\s-1HKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_HKDF\s0\fR)" 4
.IX Item "HKDF (OSSL_SELF_TEST_DESC_KDF_HKDF)"
.PD 0
.ie n .IP """\s-1TLS13_KDF_EXTRACT""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT\s0\fR)" 4
.el .IP "``\s-1TLS13_KDF_EXTRACT''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT\s0\fR)" 4
.IX Item "TLS13_KDF_EXTRACT (OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT)"
.ie n .IP """\s-1TLS13_KDF_EXPAND""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND\s0\fR)" 4
.el .IP "``\s-1TLS13_KDF_EXPAND''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND\s0\fR)" 4
.IX Item "TLS13_KDF_EXPAND (OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND)"
.ie n .IP """\s-1SSKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSKDF\s0\fR)" 4
.el .IP "``\s-1SSKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSKDF\s0\fR)" 4
.IX Item "SSKDF (OSSL_SELF_TEST_DESC_KDF_SSKDF)"
.ie n .IP """X963KDF"" (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X963KDF\s0\fR)" 4
.el .IP "``X963KDF'' (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X963KDF\s0\fR)" 4
.IX Item "X963KDF (OSSL_SELF_TEST_DESC_KDF_X963KDF)"
.ie n .IP """X942KDF"" (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X942KDF\s0\fR)" 4
.el .IP "``X942KDF'' (\fB\s-1OSSL_SELF_TEST_DESC_KDF_X942KDF\s0\fR)" 4
.IX Item "X942KDF (OSSL_SELF_TEST_DESC_KDF_X942KDF)"
.ie n .IP """\s-1PBKDF2""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_PBKDF2\s0\fR)" 4
.el .IP "``\s-1PBKDF2''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_PBKDF2\s0\fR)" 4
.IX Item "PBKDF2 (OSSL_SELF_TEST_DESC_KDF_PBKDF2)"
.ie n .IP """\s-1SSHKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSHKDF\s0\fR)" 4
.el .IP "``\s-1SSHKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_SSHKDF\s0\fR)" 4
.IX Item "SSHKDF (OSSL_SELF_TEST_DESC_KDF_SSHKDF)"
.ie n .IP """\s-1TLS12_PRF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS12_PRF\s0\fR)" 4
.el .IP "``\s-1TLS12_PRF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_TLS12_PRF\s0\fR)" 4
.IX Item "TLS12_PRF (OSSL_SELF_TEST_DESC_KDF_TLS12_PRF)"
.ie n .IP """\s-1KBKDF""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_KBKDF\s0\fR)" 4
.el .IP "``\s-1KBKDF''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_KDF_KBKDF\s0\fR)" 4
.IX Item "KBKDF (OSSL_SELF_TEST_DESC_KDF_KBKDF)"
.PD
Key Derivation Function tests used with the \*(L"\s-1KAT_KDF\*(R"\s0 type.
.ie n .IP """\s-1CTR""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_CTR\s0\fR)" 4
.el .IP "``\s-1CTR''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_CTR\s0\fR)" 4
.IX Item "CTR (OSSL_SELF_TEST_DESC_DRBG_CTR)"
.PD 0
.ie n .IP """\s-1HASH""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HASH\s0\fR)" 4
.el .IP "``\s-1HASH''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HASH\s0\fR)" 4
.IX Item "HASH (OSSL_SELF_TEST_DESC_DRBG_HASH)"
.ie n .IP """\s-1HMAC""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HMAC\s0\fR)" 4
.el .IP "``\s-1HMAC''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_DRBG_HMAC\s0\fR)" 4
.IX Item "HMAC (OSSL_SELF_TEST_DESC_DRBG_HMAC)"
.PD
\&\s-1DRBG\s0 tests used with the \*(L"\s-1DRBG\*(R"\s0 type.
.ie n .IP """\s-1RNG""\s0 (\fB\s-1OSSL_SELF_TEST_DESC_RNG\s0\fR)" 4
.el .IP "``\s-1RNG''\s0 (\fB\s-1OSSL_SELF_TEST_DESC_RNG\s0\fR)" 4
.IX Item "RNG (OSSL_SELF_TEST_DESC_RNG)"
\&\*(L"Continuous_RNG_Test\*(R" uses this.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
A simple self test callback is shown below for illustrative purposes.
.PP
.Vb 1
\& #include <openssl/self_test.h>
\&
\& static OSSL_CALLBACK self_test_cb;
\&
\& static int self_test_cb(const OSSL_PARAM params[], void *arg)
\& {
\& int ret = 0;
\& const OSSL_PARAM *p = NULL;
\& const char *phase = NULL, *type = NULL, *desc = NULL;
\&
\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE);
\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
\& goto err;
\& phase = (const char *)p\->data;
\&
\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC);
\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
\& goto err;
\& desc = (const char *)p\->data;
\&
\& p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE);
\& if (p == NULL || p\->data_type != OSSL_PARAM_UTF8_STRING)
\& goto err;
\& type = (const char *)p\->data;
\&
\& /* Do some logging */
\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_START) == 0)
\& BIO_printf(bio_out, "%s : (%s) : ", desc, type);
\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_PASS) == 0
\& || strcmp(phase, OSSL_SELF_TEST_PHASE_FAIL) == 0)
\& BIO_printf(bio_out, "%s\en", phase);
\&
\& /* Corrupt the SHA1 self test during the \*(Aqcorrupt\*(Aq phase by returning 0 */
\& if (strcmp(phase, OSSL_SELF_TEST_PHASE_CORRUPT) == 0
\& && strcmp(desc, OSSL_SELF_TEST_DESC_MD_SHA1) == 0) {
\& BIO_printf(bio_out, "%s %s", phase, desc);
\& return 0;
\& }
\& ret = 1;
\& err:
\& return ret;
\& }
.Ve
.SH "NOTES"
.IX Header "NOTES"
Some released versions of OpenSSL do not include a validated
\&\s-1FIPS\s0 provider. To determine which versions have undergone
the validation process, please refer to the
OpenSSL Downloads page <https://www.openssl.org/source/>. If you
require FIPS-approved functionality, it is essential to build your \s-1FIPS\s0
provider using one of the validated versions listed there. Normally,
it is possible to utilize a \s-1FIPS\s0 provider constructed from one of the
validated versions alongside \fIlibcrypto\fR and \fIlibssl\fR compiled from any
release within the same major release series. This flexibility enables
you to address bug fixes and CVEs that fall outside the \s-1FIPS\s0 boundary.
.PP
The \s-1FIPS\s0 provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
consequently the property query \f(CW\*(C`fips=yes\*(C'\fR is mandatory for applications that
want to operate in a \s-1FIPS\s0 approved manner. The algorithms are:
.IP "Triple \s-1DES ECB\s0" 4
.IX Item "Triple DES ECB"
.PD 0
.IP "Triple \s-1DES CBC\s0" 4
.IX Item "Triple DES CBC"
.IP "EdDSA" 4
.IX Item "EdDSA"
.PD
.PP
You can load the \s-1FIPS\s0 provider into multiple library contexts as any other
provider. However the following restriction applies. The \s-1FIPS\s0 provider cannot
be used by multiple copies of OpenSSL libcrypto in a single process.
.PP
As the provider saves core callbacks to the libcrypto obtained in the
\&\fBOSSL_provider_init()\fR call to global data it will fail if subsequent
invocations of its \fBOSSL_provider_init()\fR function yield different addresses
of these callbacks than in the initial call. This happens when different
copies of libcrypto are present in the memory of the process and both try
to load the same \s-1FIPS\s0 provider. A workaround is to have a different copy
of the \s-1FIPS\s0 provider loaded for each of the libcrypto instances in the
process.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBopenssl\-fipsinstall\fR\|(1),
\&\fBfips_config\fR\|(5),
\&\fBOSSL_SELF_TEST_set_callback\fR\|(3),
\&\fBOSSL_SELF_TEST_new\fR\|(3),
\&\s-1\fBOSSL_PARAM\s0\fR\|(3),
\&\fBopenssl\-core.h\fR\|(7),
\&\fBopenssl\-core_dispatch.h\fR\|(7),
\&\fBprovider\fR\|(7),
<https://www.openssl.org/source/>
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2019\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

290
openssl-3.4.2/doc/man/man7/OSSL_PROVIDER-base.7 Normal file
View File

@@ -0,0 +1,290 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_PROVIDER-BASE 7ossl"
.TH OSSL_PROVIDER-BASE 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_PROVIDER\-base \- OpenSSL base provider
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The OpenSSL base provider supplies the encoding for OpenSSL's
asymmetric cryptography.
.SS "Properties"
.IX Subsection "Properties"
The implementations in this provider specifically have this property
defined:
.ie n .IP """provider=base""" 4
.el .IP "``provider=base''" 4
.IX Item "provider=base"
.PP
It may be used in a property query string with fetching functions.
.PP
It isn't mandatory to query for this property, except to make sure to get
implementations of this provider and none other.
.ie n .IP """type=parameters""" 4
.el .IP "``type=parameters''" 4
.IX Item "type=parameters"
.PD 0
.ie n .IP """type=private""" 4
.el .IP "``type=private''" 4
.IX Item "type=private"
.ie n .IP """type=public""" 4
.el .IP "``type=public''" 4
.IX Item "type=public"
.PD
.PP
These may be used in a property query string with fetching functions to select
which data are to be encoded. Either the private key material, the public
key material or the domain parameters can be selected.
.ie n .IP """format=der""" 4
.el .IP "``format=der''" 4
.IX Item "format=der"
.PD 0
.ie n .IP """format=pem""" 4
.el .IP "``format=pem''" 4
.IX Item "format=pem"
.ie n .IP """format=text""" 4
.el .IP "``format=text''" 4
.IX Item "format=text"
.PD
.PP
These may be used in a property query string with fetching functions to select
the encoding output format. Either the \s-1DER, PEM\s0 and plaintext are
currently permitted.
.SH "OPERATIONS AND ALGORITHMS"
.IX Header "OPERATIONS AND ALGORITHMS"
The OpenSSL base provider supports these operations and algorithms:
.SS "Random Number Generation"
.IX Subsection "Random Number Generation"
.IP "SEED-SRC, see \s-1\fBEVP_RAND\-SEED\-SRC\s0\fR\|(7)" 4
.IX Item "SEED-SRC, see EVP_RAND-SEED-SRC"
.PD 0
.IP "\s-1JITTER,\s0 see \s-1\fBEVP_RAND\-JITTER\s0\fR\|(7)" 4
.IX Item "JITTER, see EVP_RAND-JITTER"
.PD
.PP
In addition to this provider, the \*(L"SEED-SRC\*(R" and \*(L"\s-1JITTER\*(R"\s0 algorithms
are also available in the default provider.
.SS "Asymmetric Key Encoder"
.IX Subsection "Asymmetric Key Encoder"
.IP "\s-1RSA\s0" 4
.IX Item "RSA"
.PD 0
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1DH\s0" 4
.IX Item "DH"
.IP "\s-1DHX\s0" 4
.IX Item "DHX"
.IP "\s-1DSA\s0" 4
.IX Item "DSA"
.IP "\s-1EC\s0" 4
.IX Item "EC"
.IP "\s-1ED25519\s0" 4
.IX Item "ED25519"
.IP "\s-1ED448\s0" 4
.IX Item "ED448"
.IP "X25519" 4
.IX Item "X25519"
.IP "X448" 4
.IX Item "X448"
.IP "\s-1SM2\s0" 4
.IX Item "SM2"
.PD
.PP
In addition to this provider, all of these encoding algorithms are also
available in the default provider. Some of these algorithms may be used in
combination with the \s-1FIPS\s0 provider.
.SS "Asymmetric Key Decoder"
.IX Subsection "Asymmetric Key Decoder"
.IP "\s-1RSA\s0" 4
.IX Item "RSA"
.PD 0
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1DH\s0" 4
.IX Item "DH"
.IP "\s-1DHX\s0" 4
.IX Item "DHX"
.IP "\s-1DSA\s0" 4
.IX Item "DSA"
.IP "\s-1EC\s0" 4
.IX Item "EC"
.IP "\s-1ED25519\s0" 4
.IX Item "ED25519"
.IP "\s-1ED448\s0" 4
.IX Item "ED448"
.IP "X25519" 4
.IX Item "X25519"
.IP "X448" 4
.IX Item "X448"
.IP "\s-1SM2\s0" 4
.IX Item "SM2"
.IP "\s-1DER\s0" 4
.IX Item "DER"
.PD
.PP
In addition to this provider, all of these decoding algorithms are also
available in the default provider. Some of these algorithms may be used in
combination with the \s-1FIPS\s0 provider.
.SS "Stores"
.IX Subsection "Stores"
.IP "file" 4
.IX Item "file"
.PD 0
.IP "org.openssl.winstore, see \fBOSSL_STORE\-winstore\fR\|(7)" 4
.IX Item "org.openssl.winstore, see OSSL_STORE-winstore"
.PD
.PP
In addition to this provider, all of these store algorithms are also
available in the default provider.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBOSSL_PROVIDER\-default\fR\|(7), \fBopenssl\-core.h\fR\|(7),
\&\fBopenssl\-core_dispatch.h\fR\|(7), \fBprovider\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

490
openssl-3.4.2/doc/man/man7/OSSL_PROVIDER-default.7 Normal file
View File

@@ -0,0 +1,490 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_PROVIDER-DEFAULT 7ossl"
.TH OSSL_PROVIDER-DEFAULT 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_PROVIDER\-default \- OpenSSL default provider
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The OpenSSL default provider supplies the majority of OpenSSL's diverse
algorithm implementations. If an application doesn't specify anything else
explicitly (e.g. in the application or via config), then this is the
provider that will be used as fallback: It is loaded automatically the
first time that an algorithm is fetched from a provider or a function
acting on providers is called and no other provider has been loaded yet.
.PP
If an attempt to load a provider has already been made (whether successful
or not) then the default provider won't be loaded automatically. Therefore
if the default provider is to be used in conjunction with other providers
then it must be loaded explicitly. Automatic loading of the default
provider only occurs a maximum of once; if the default provider is
explicitly unloaded then the default provider will not be automatically
loaded again.
.SS "Properties"
.IX Subsection "Properties"
The implementations in this provider specifically have this property
defined:
.ie n .IP """provider=default""" 4
.el .IP "``provider=default''" 4
.IX Item "provider=default"
.PP
It may be used in a property query string with fetching functions such as
\&\fBEVP_MD_fetch\fR\|(3) or \fBEVP_CIPHER_fetch\fR\|(3), as well as with other
functions that take a property query string, such as
\&\fBEVP_PKEY_CTX_new_from_name\fR\|(3).
.PP
It isn't mandatory to query for this property, except to make sure to get
implementations of this provider and none other.
.PP
Some implementations may define additional properties. Exact information is
listed below
.SH "OPERATIONS AND ALGORITHMS"
.IX Header "OPERATIONS AND ALGORITHMS"
The OpenSSL default provider supports these operations and algorithms:
.SS "Hashing Algorithms / Message Digests"
.IX Subsection "Hashing Algorithms / Message Digests"
.IP "\s-1SHA1,\s0 see \s-1\fBEVP_MD\-SHA1\s0\fR\|(7)" 4
.IX Item "SHA1, see EVP_MD-SHA1"
.PD 0
.IP "\s-1SHA2,\s0 see \s-1\fBEVP_MD\-SHA2\s0\fR\|(7)" 4
.IX Item "SHA2, see EVP_MD-SHA2"
.IP "\s-1SHA3,\s0 see \s-1\fBEVP_MD\-SHA3\s0\fR\|(7)" 4
.IX Item "SHA3, see EVP_MD-SHA3"
.IP "\s-1KECCAK,\s0 see \s-1\fBEVP_MD\-KECCAK\s0\fR\|(7)" 4
.IX Item "KECCAK, see EVP_MD-KECCAK"
.IP "KECCAK-KMAC, see \s-1\fBEVP_MD\-KECCAK\-KMAC\s0\fR\|(7)" 4
.IX Item "KECCAK-KMAC, see EVP_MD-KECCAK-KMAC"
.IP "\s-1SHAKE,\s0 see \s-1\fBEVP_MD\-SHAKE\s0\fR\|(7)" 4
.IX Item "SHAKE, see EVP_MD-SHAKE"
.IP "\s-1BLAKE2,\s0 see \s-1\fBEVP_MD\-BLAKE2\s0\fR\|(7)" 4
.IX Item "BLAKE2, see EVP_MD-BLAKE2"
.IP "\s-1SM3,\s0 see \s-1\fBEVP_MD\-SM3\s0\fR\|(7)" 4
.IX Item "SM3, see EVP_MD-SM3"
.IP "\s-1MD5,\s0 see \s-1\fBEVP_MD\-MD5\s0\fR\|(7)" 4
.IX Item "MD5, see EVP_MD-MD5"
.IP "\s-1MD5\-SHA1,\s0 see \s-1\fBEVP_MD\-MD5\-SHA1\s0\fR\|(7)" 4
.IX Item "MD5-SHA1, see EVP_MD-MD5-SHA1"
.IP "\s-1RIPEMD160,\s0 see \s-1\fBEVP_MD\-RIPEMD160\s0\fR\|(7)" 4
.IX Item "RIPEMD160, see EVP_MD-RIPEMD160"
.IP "\s-1NULL,\s0 see \s-1\fBEVP_MD\-NULL\s0\fR\|(7)" 4
.IX Item "NULL, see EVP_MD-NULL"
.PD
.SS "Symmetric Ciphers"
.IX Subsection "Symmetric Ciphers"
.IP "\s-1AES,\s0 see \s-1\fBEVP_CIPHER\-AES\s0\fR\|(7)" 4
.IX Item "AES, see EVP_CIPHER-AES"
.PD 0
.IP "\s-1ARIA,\s0 see \s-1\fBEVP_CIPHER\-ARIA\s0\fR\|(7)" 4
.IX Item "ARIA, see EVP_CIPHER-ARIA"
.IP "\s-1CAMELLIA,\s0 see \s-1\fBEVP_CIPHER\-CAMELLIA\s0\fR\|(7)" 4
.IX Item "CAMELLIA, see EVP_CIPHER-CAMELLIA"
.IP "3DES, see \s-1\fBEVP_CIPHER\-DES\s0\fR\|(7)" 4
.IX Item "3DES, see EVP_CIPHER-DES"
.IP "\s-1SM4,\s0 see \s-1\fBEVP_CIPHER\-SM4\s0\fR\|(7)" 4
.IX Item "SM4, see EVP_CIPHER-SM4"
.IP "ChaCha20, see \s-1\fBEVP_CIPHER\-CHACHA\s0\fR\|(7)" 4
.IX Item "ChaCha20, see EVP_CIPHER-CHACHA"
.IP "ChaCha20\-Poly1305, see \s-1\fBEVP_CIPHER\-CHACHA\s0\fR\|(7)" 4
.IX Item "ChaCha20-Poly1305, see EVP_CIPHER-CHACHA"
.IP "\s-1NULL,\s0 see \s-1\fBEVP_CIPHER\-NULL\s0\fR\|(7)" 4
.IX Item "NULL, see EVP_CIPHER-NULL"
.PD
.SS "Message Authentication Code (\s-1MAC\s0)"
.IX Subsection "Message Authentication Code (MAC)"
.IP "\s-1BLAKE2,\s0 see \s-1\fBEVP_MAC\-BLAKE2\s0\fR\|(7)" 4
.IX Item "BLAKE2, see EVP_MAC-BLAKE2"
.PD 0
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_MAC-CMAC"
.IP "\s-1GMAC,\s0 see \s-1\fBEVP_MAC\-GMAC\s0\fR\|(7)" 4
.IX Item "GMAC, see EVP_MAC-GMAC"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_MAC\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_MAC-HMAC"
.IP "\s-1KMAC,\s0 see \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7)" 4
.IX Item "KMAC, see EVP_MAC-KMAC"
.IP "\s-1SIPHASH,\s0 see \fBEVP_MAC\-Siphash\fR\|(7)" 4
.IX Item "SIPHASH, see EVP_MAC-Siphash"
.IP "\s-1POLY1305,\s0 see \fBEVP_MAC\-Poly1305\fR\|(7)" 4
.IX Item "POLY1305, see EVP_MAC-Poly1305"
.PD
.SS "Key Derivation Function (\s-1KDF\s0)"
.IX Subsection "Key Derivation Function (KDF)"
.IP "\s-1HKDF,\s0 see \s-1\fBEVP_KDF\-HKDF\s0\fR\|(7)" 4
.IX Item "HKDF, see EVP_KDF-HKDF"
.PD 0
.IP "\s-1TLS13\-KDF,\s0 see \s-1\fBEVP_KDF\-TLS13_KDF\s0\fR\|(7)" 4
.IX Item "TLS13-KDF, see EVP_KDF-TLS13_KDF"
.IP "\s-1SSKDF,\s0 see \s-1\fBEVP_KDF\-SS\s0\fR\|(7)" 4
.IX Item "SSKDF, see EVP_KDF-SS"
.IP "\s-1PBKDF2,\s0 see \s-1\fBEVP_KDF\-PBKDF2\s0\fR\|(7)" 4
.IX Item "PBKDF2, see EVP_KDF-PBKDF2"
.IP "\s-1PKCS12KDF,\s0 see \s-1\fBEVP_KDF\-PKCS12KDF\s0\fR\|(7)" 4
.IX Item "PKCS12KDF, see EVP_KDF-PKCS12KDF"
.IP "\s-1SSHKDF,\s0 see \s-1\fBEVP_KDF\-SSHKDF\s0\fR\|(7)" 4
.IX Item "SSHKDF, see EVP_KDF-SSHKDF"
.IP "\s-1TLS1\-PRF,\s0 see \s-1\fBEVP_KDF\-TLS1_PRF\s0\fR\|(7)" 4
.IX Item "TLS1-PRF, see EVP_KDF-TLS1_PRF"
.IP "\s-1KBKDF,\s0 see \s-1\fBEVP_KDF\-KB\s0\fR\|(7)" 4
.IX Item "KBKDF, see EVP_KDF-KB"
.IP "X942KDF\-ASN1, see \s-1\fBEVP_KDF\-X942\-ASN1\s0\fR\|(7)" 4
.IX Item "X942KDF-ASN1, see EVP_KDF-X942-ASN1"
.IP "X942KDF\-CONCAT, see \s-1\fBEVP_KDF\-X942\-CONCAT\s0\fR\|(7)" 4
.IX Item "X942KDF-CONCAT, see EVP_KDF-X942-CONCAT"
.IP "X963KDF, see \s-1\fBEVP_KDF\-X963\s0\fR\|(7)" 4
.IX Item "X963KDF, see EVP_KDF-X963"
.IP "\s-1SCRYPT,\s0 see \s-1\fBEVP_KDF\-SCRYPT\s0\fR\|(7)" 4
.IX Item "SCRYPT, see EVP_KDF-SCRYPT"
.IP "\s-1KRB5KDF,\s0 see \s-1\fBEVP_KDF\-KRB5KDF\s0\fR\|(7)" 4
.IX Item "KRB5KDF, see EVP_KDF-KRB5KDF"
.IP "HMAC-DRBG, see \s-1\fBEVP_KDF\-HMAC\-DRBG\s0\fR\|(7)" 4
.IX Item "HMAC-DRBG, see EVP_KDF-HMAC-DRBG"
.IP "\s-1ARGON2,\s0 see \s-1\fBEVP_KDF\-ARGON2\s0\fR\|(7)" 4
.IX Item "ARGON2, see EVP_KDF-ARGON2"
.PD
.SS "Key Exchange"
.IX Subsection "Key Exchange"
.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)" 4
.IX Item "DH, see EVP_KEYEXCH-DH"
.PD 0
.IP "\s-1ECDH,\s0 see \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)" 4
.IX Item "ECDH, see EVP_KEYEXCH-ECDH"
.IP "X25519, see \s-1\fBEVP_KEYEXCH\-X25519\s0\fR\|(7)" 4
.IX Item "X25519, see EVP_KEYEXCH-X25519"
.IP "X448, see \s-1\fBEVP_KEYEXCH\-X448\s0\fR\|(7)" 4
.IX Item "X448, see EVP_KEYEXCH-X448"
.IP "\s-1TLS1\-PRF\s0" 4
.IX Item "TLS1-PRF"
.IP "\s-1HKDF\s0" 4
.IX Item "HKDF"
.IP "\s-1SCRYPT\s0" 4
.IX Item "SCRYPT"
.PD
.SS "Asymmetric Signature"
.IX Subsection "Asymmetric Signature"
.IP "\s-1DSA,\s0 see \s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7)" 4
.IX Item "DSA, see EVP_SIGNATURE-DSA"
.PD 0
.IP "\s-1RSA,\s0 see \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_SIGNATURE-RSA"
.IP "\s-1ED25519,\s0 see \s-1\fBEVP_SIGNATURE\-ED25519\s0\fR\|(7)" 4
.IX Item "ED25519, see EVP_SIGNATURE-ED25519"
.IP "\s-1ED448,\s0 see \s-1\fBEVP_SIGNATURE\-ED448\s0\fR\|(7)" 4
.IX Item "ED448, see EVP_SIGNATURE-ED448"
.IP "\s-1ECDSA,\s0 see \s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7)" 4
.IX Item "ECDSA, see EVP_SIGNATURE-ECDSA"
.IP "\s-1SM2\s0" 4
.IX Item "SM2"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_SIGNATURE\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_SIGNATURE-HMAC"
.IP "\s-1SIPHASH,\s0 see \fBEVP_SIGNATURE\-Siphash\fR\|(7)" 4
.IX Item "SIPHASH, see EVP_SIGNATURE-Siphash"
.IP "\s-1POLY1305,\s0 see \fBEVP_SIGNATURE\-Poly1305\fR\|(7)" 4
.IX Item "POLY1305, see EVP_SIGNATURE-Poly1305"
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_SIGNATURE\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_SIGNATURE-CMAC"
.PD
.SS "Asymmetric Cipher"
.IX Subsection "Asymmetric Cipher"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_ASYM_CIPHER\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_ASYM_CIPHER-RSA"
.PD 0
.IP "\s-1SM2,\s0 see \s-1\fBEVP_ASYM_CIPHER\-SM2\s0\fR\|(7)" 4
.IX Item "SM2, see EVP_ASYM_CIPHER-SM2"
.PD
.SS "Asymmetric Key Encapsulation"
.IX Subsection "Asymmetric Key Encapsulation"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEM\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_KEM-RSA"
.PD 0
.IP "X25519, see \s-1\fBEVP_KEM\-X25519\s0\fR\|(7)" 4
.IX Item "X25519, see EVP_KEM-X25519"
.IP "X448, see \s-1\fBEVP_KEM\-X448\s0\fR\|(7)" 4
.IX Item "X448, see EVP_KEM-X448"
.IP "\s-1EC,\s0 see \s-1\fBEVP_KEM\-EC\s0\fR\|(7)" 4
.IX Item "EC, see EVP_KEM-EC"
.PD
.SS "Asymmetric Key Management"
.IX Subsection "Asymmetric Key Management"
.IP "\s-1DH,\s0 see \s-1\fBEVP_KEYMGMT\-DH\s0\fR\|(7)" 4
.IX Item "DH, see EVP_KEYMGMT-DH"
.PD 0
.IP "\s-1DHX,\s0 see \s-1\fBEVP_KEYMGMT\-DHX\s0\fR\|(7)" 4
.IX Item "DHX, see EVP_KEYMGMT-DHX"
.IP "\s-1DSA,\s0 see \s-1\fBEVP_KEYMGMT\-DSA\s0\fR\|(7)" 4
.IX Item "DSA, see EVP_KEYMGMT-DSA"
.IP "\s-1RSA,\s0 see \s-1\fBEVP_KEYMGMT\-RSA\s0\fR\|(7)" 4
.IX Item "RSA, see EVP_KEYMGMT-RSA"
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1EC,\s0 see \s-1\fBEVP_KEYMGMT\-EC\s0\fR\|(7)" 4
.IX Item "EC, see EVP_KEYMGMT-EC"
.IP "X25519, see \s-1\fBEVP_KEYMGMT\-X25519\s0\fR\|(7)" 4
.IX Item "X25519, see EVP_KEYMGMT-X25519"
.IP "X448, see \s-1\fBEVP_KEYMGMT\-X448\s0\fR\|(7)" 4
.IX Item "X448, see EVP_KEYMGMT-X448"
.IP "\s-1ED25519,\s0 see \s-1\fBEVP_KEYMGMT\-ED25519\s0\fR\|(7)" 4
.IX Item "ED25519, see EVP_KEYMGMT-ED25519"
.IP "\s-1ED448,\s0 see \s-1\fBEVP_KEYMGMT\-ED448\s0\fR\|(7)" 4
.IX Item "ED448, see EVP_KEYMGMT-ED448"
.IP "\s-1TLS1\-PRF\s0" 4
.IX Item "TLS1-PRF"
.IP "\s-1HKDF\s0" 4
.IX Item "HKDF"
.IP "\s-1SCRYPT\s0" 4
.IX Item "SCRYPT"
.IP "\s-1HMAC,\s0 see \s-1\fBEVP_KEYMGMT\-HMAC\s0\fR\|(7)" 4
.IX Item "HMAC, see EVP_KEYMGMT-HMAC"
.IP "\s-1SIPHASH,\s0 see \fBEVP_KEYMGMT\-Siphash\fR\|(7)" 4
.IX Item "SIPHASH, see EVP_KEYMGMT-Siphash"
.IP "\s-1POLY1305,\s0 see \fBEVP_KEYMGMT\-Poly1305\fR\|(7)" 4
.IX Item "POLY1305, see EVP_KEYMGMT-Poly1305"
.IP "\s-1CMAC,\s0 see \s-1\fBEVP_KEYMGMT\-CMAC\s0\fR\|(7)" 4
.IX Item "CMAC, see EVP_KEYMGMT-CMAC"
.IP "\s-1SM2,\s0 see \s-1\fBEVP_KEYMGMT\-SM2\s0\fR\|(7)" 4
.IX Item "SM2, see EVP_KEYMGMT-SM2"
.PD
.SS "Random Number Generation"
.IX Subsection "Random Number Generation"
.IP "CTR-DRBG, see \s-1\fBEVP_RAND\-CTR\-DRBG\s0\fR\|(7)" 4
.IX Item "CTR-DRBG, see EVP_RAND-CTR-DRBG"
.PD 0
.IP "HASH-DRBG, see \s-1\fBEVP_RAND\-HASH\-DRBG\s0\fR\|(7)" 4
.IX Item "HASH-DRBG, see EVP_RAND-HASH-DRBG"
.IP "HMAC-DRBG, see \s-1\fBEVP_RAND\-HMAC\-DRBG\s0\fR\|(7)" 4
.IX Item "HMAC-DRBG, see EVP_RAND-HMAC-DRBG"
.IP "SEED-SRC, see \s-1\fBEVP_RAND\-SEED\-SRC\s0\fR\|(7)" 4
.IX Item "SEED-SRC, see EVP_RAND-SEED-SRC"
.IP "\s-1JITTER,\s0 see \s-1\fBEVP_RAND\-JITTER\s0\fR\|(7)" 4
.IX Item "JITTER, see EVP_RAND-JITTER"
.IP "TEST-RAND, see \s-1\fBEVP_RAND\-TEST\-RAND\s0\fR\|(7)" 4
.IX Item "TEST-RAND, see EVP_RAND-TEST-RAND"
.PD
.PP
In addition to this provider, the \*(L"SEED-SRC\*(R" and \*(L"\s-1JITTER\*(R"\s0 algorithms
are also available in the base provider.
.SS "Asymmetric Key Encoder"
.IX Subsection "Asymmetric Key Encoder"
.IP "\s-1RSA\s0" 4
.IX Item "RSA"
.PD 0
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1DH\s0" 4
.IX Item "DH"
.IP "\s-1DHX\s0" 4
.IX Item "DHX"
.IP "\s-1DSA\s0" 4
.IX Item "DSA"
.IP "\s-1EC\s0" 4
.IX Item "EC"
.IP "\s-1ED25519\s0" 4
.IX Item "ED25519"
.IP "\s-1ED448\s0" 4
.IX Item "ED448"
.IP "X25519" 4
.IX Item "X25519"
.IP "X448" 4
.IX Item "X448"
.IP "\s-1SM2\s0" 4
.IX Item "SM2"
.PD
.PP
In addition to this provider, all of these encoding algorithms are also
available in the base provider. Some of these algorithms may be used in
combination with the \s-1FIPS\s0 provider.
.SS "Asymmetric Key Decoder"
.IX Subsection "Asymmetric Key Decoder"
.IP "\s-1RSA\s0" 4
.IX Item "RSA"
.PD 0
.IP "RSA-PSS" 4
.IX Item "RSA-PSS"
.IP "\s-1DH\s0" 4
.IX Item "DH"
.IP "\s-1DHX\s0" 4
.IX Item "DHX"
.IP "\s-1DSA\s0" 4
.IX Item "DSA"
.IP "\s-1EC\s0" 4
.IX Item "EC"
.IP "\s-1ED25519\s0" 4
.IX Item "ED25519"
.IP "\s-1ED448\s0" 4
.IX Item "ED448"
.IP "X25519" 4
.IX Item "X25519"
.IP "X448" 4
.IX Item "X448"
.IP "\s-1SM2\s0" 4
.IX Item "SM2"
.IP "\s-1DER\s0" 4
.IX Item "DER"
.PD
.PP
In addition to this provider, all of these decoding algorithms are also
available in the base provider. Some of these algorithms may be used in
combination with the \s-1FIPS\s0 provider.
.SS "Stores"
.IX Subsection "Stores"
.IP "file" 4
.IX Item "file"
.PD 0
.IP "org.openssl.winstore, see \fBOSSL_STORE\-winstore\fR\|(7)" 4
.IX Item "org.openssl.winstore, see OSSL_STORE-winstore"
.PD
.PP
In addition to this provider, all of these store algorithms are also
available in the base provider.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBopenssl\-core.h\fR\|(7), \fBopenssl\-core_dispatch.h\fR\|(7), \fBprovider\fR\|(7),
\&\fBOSSL_PROVIDER\-base\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
The \s-1RIPEMD160\s0 digest was added to the default provider in OpenSSL 3.0.7.
.PP
All other functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

234
openssl-3.4.2/doc/man/man7/OSSL_PROVIDER-legacy.7 Normal file
View File

@@ -0,0 +1,234 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_PROVIDER-LEGACY 7ossl"
.TH OSSL_PROVIDER-LEGACY 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_PROVIDER\-legacy \- OpenSSL legacy provider
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The OpenSSL legacy provider supplies OpenSSL implementations of algorithms
that have been deemed legacy. Such algorithms have commonly fallen out of
use, have been deemed insecure by the cryptography community, or something
similar.
.PP
We can consider this the retirement home of cryptographic algorithms.
.SS "Properties"
.IX Subsection "Properties"
The implementations in this provider specifically has this property
defined:
.ie n .IP """provider=legacy""" 4
.el .IP "``provider=legacy''" 4
.IX Item "provider=legacy"
.PP
It may be used in a property query string with fetching functions such as
\&\fBEVP_MD_fetch\fR\|(3) or \fBEVP_CIPHER_fetch\fR\|(3), as well as with other
functions that take a property query string, such as
\&\fBEVP_PKEY_CTX_new_from_name\fR\|(3).
.PP
It isn't mandatory to query for any of these properties, except to
make sure to get implementations of this provider and none other.
.SH "OPERATIONS AND ALGORITHMS"
.IX Header "OPERATIONS AND ALGORITHMS"
The OpenSSL legacy provider supports these operations and algorithms:
.SS "Hashing Algorithms / Message Digests"
.IX Subsection "Hashing Algorithms / Message Digests"
.IP "\s-1MD2,\s0 see \s-1\fBEVP_MD\-MD2\s0\fR\|(7)" 4
.IX Item "MD2, see EVP_MD-MD2"
Disabled by default. Use \fIenable\-md2\fR config option to enable.
.IP "\s-1MD4,\s0 see \s-1\fBEVP_MD\-MD4\s0\fR\|(7)" 4
.IX Item "MD4, see EVP_MD-MD4"
.PD 0
.IP "\s-1MDC2,\s0 see \s-1\fBEVP_MD\-MDC2\s0\fR\|(7)" 4
.IX Item "MDC2, see EVP_MD-MDC2"
.IP "\s-1WHIRLPOOL,\s0 see \s-1\fBEVP_MD\-WHIRLPOOL\s0\fR\|(7)" 4
.IX Item "WHIRLPOOL, see EVP_MD-WHIRLPOOL"
.IP "\s-1RIPEMD160,\s0 see \s-1\fBEVP_MD\-RIPEMD160\s0\fR\|(7)" 4
.IX Item "RIPEMD160, see EVP_MD-RIPEMD160"
.PD
.SS "Symmetric Ciphers"
.IX Subsection "Symmetric Ciphers"
Not all of these symmetric cipher algorithms are enabled by default.
.IP "Blowfish, see \s-1\fBEVP_CIPHER\-BLOWFISH\s0\fR\|(7)" 4
.IX Item "Blowfish, see EVP_CIPHER-BLOWFISH"
.PD 0
.IP "\s-1CAST,\s0 see \s-1\fBEVP_CIPHER\-CAST\s0\fR\|(7)" 4
.IX Item "CAST, see EVP_CIPHER-CAST"
.IP "\s-1DES,\s0 see \s-1\fBEVP_CIPHER\-DES\s0\fR\|(7)" 4
.IX Item "DES, see EVP_CIPHER-DES"
.PD
The algorithm names are: \s-1DES_ECB, DES_CBC, DES_OFB, DES_CFB, DES_CFB1, DES_CFB8\s0
and \s-1DESX_CBC.\s0
.IP "\s-1IDEA,\s0 see \s-1\fBEVP_CIPHER\-IDEA\s0\fR\|(7)" 4
.IX Item "IDEA, see EVP_CIPHER-IDEA"
.PD 0
.IP "\s-1RC2,\s0 see \s-1\fBEVP_CIPHER\-RC2\s0\fR\|(7)" 4
.IX Item "RC2, see EVP_CIPHER-RC2"
.IP "\s-1RC4,\s0 see \s-1\fBEVP_CIPHER\-RC4\s0\fR\|(7)" 4
.IX Item "RC4, see EVP_CIPHER-RC4"
.IP "\s-1RC5,\s0 see \s-1\fBEVP_CIPHER\-RC5\s0\fR\|(7)" 4
.IX Item "RC5, see EVP_CIPHER-RC5"
.PD
Disabled by default. Use \fIenable\-rc5\fR config option to enable.
.IP "\s-1SEED,\s0 see \s-1\fBEVP_CIPHER\-SEED\s0\fR\|(7)" 4
.IX Item "SEED, see EVP_CIPHER-SEED"
.SS "Key Derivation Function (\s-1KDF\s0)"
.IX Subsection "Key Derivation Function (KDF)"
.PD 0
.IP "\s-1PBKDF1\s0" 4
.IX Item "PBKDF1"
.IP "\s-1PVKKDF\s0" 4
.IX Item "PVKKDF"
.PD
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\s-1\fBOSSL_PARAM\s0\fR\|(3),
\&\fBopenssl\-core.h\fR\|(7),
\&\fBopenssl\-core_dispatch.h\fR\|(7),
\&\fBprovider\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

168
openssl-3.4.2/doc/man/man7/OSSL_PROVIDER-null.7 Normal file
View File

@@ -0,0 +1,168 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_PROVIDER-NULL 7ossl"
.TH OSSL_PROVIDER-NULL 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_PROVIDER\-null \- OpenSSL null provider
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The OpenSSL null provider supplies no algorithms.
.PP
It can used to guarantee that the default library context and a fallback
provider will not be accidentally accessed.
.SS "Properties"
.IX Subsection "Properties"
The null provider defines no properties.
.SH "OPERATIONS AND ALGORITHMS"
.IX Header "OPERATIONS AND ALGORITHMS"
The OpenSSL null provider supports no operations and algorithms.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
This functionality was added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

201
openssl-3.4.2/doc/man/man7/OSSL_STORE-winstore.7 Normal file
View File

@@ -0,0 +1,201 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OSSL_STORE-WINSTORE 7ossl"
.TH OSSL_STORE-WINSTORE 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
OSSL_STORE\-winstore \- OpenSSL built in OSSL_STORE for Windows
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1OSSL_STORE\s0 implementation for Windows provides access to Windows' system
\&\f(CW\*(C`ROOT\*(C'\fR certificate store through URIs, using the \s-1URI\s0 scheme
\&\f(CW\*(C`org.openssl.winstore\*(C'\fR.
.SS "Supported URIs"
.IX Subsection "Supported URIs"
There is only one supported \s-1URI:\s0
.PP
.Vb 1
\& org.openssl.winstore:
.Ve
.PP
No authority (host, etc), no path, no query, no fragment.
.SS "Supported \s-1OSSL_STORE_SEARCH\s0 operations"
.IX Subsection "Supported OSSL_STORE_SEARCH operations"
.IP "\fBOSSL_STORE_SEARCH_by_name\fR\|(3)" 4
.IX Item "OSSL_STORE_SEARCH_by_name"
As a matter of fact, this must be used. It is not possible to enumerate all
available certificates in the store.
.SS "Windows certificate store features"
.IX Subsection "Windows certificate store features"
Apart from diverse constraints present in the certificates themselves, the
Windows certificate store also has the ability to associate additional
constraining properties alongside a certificate in the store. This includes
both documented and undocumented capabilities:
.IP "\(bu" 4
The documented capability to override \s-1EKU\s0
.IP "\(bu" 4
The undocumented capability to add name constraints
.IP "\(bu" 4
The undocumented capability to override the certificate expiry date
.PP
\&\fISuch constraints are not checked by this \s-1OSSL_STORE\s0 implementation, and
thereby not honoured\fR.
.PP
However, once extracted with \fBOSSL_STORE_load\fR\|(3), certificates that have
constraints in their X.509 extensions will go through the usual constraint
checks when used by OpenSSL, and are thereby honoured.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBossl_store\fR\|(7), \fBOSSL_STORE_open_ex\fR\|(3), \s-1\fBOSSL_STORE_SEARCH\s0\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
The winstore (\f(CW\*(C`org.openssl.winstore\*(C'\fR) implementation was added in OpenSSL
3.2.0.
.SH "NOTES"
.IX Header "NOTES"
OpenSSL uses \s-1\fBOSSL_DECODER\s0\fR\|(3) implementations under the hood.
To influence what \s-1\fBOSSL_DECODER\s0\fR\|(3) implementations are used, it's advisable
to use \fBOSSL_STORE_open_ex\fR\|(3) and set the \fIpropq\fR argument.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

212
openssl-3.4.2/doc/man/man7/RAND.7 Normal file
View File

@@ -0,0 +1,212 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "RAND 7ossl"
.TH RAND 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
RAND
\&\- the OpenSSL random generator
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Random numbers are a vital part of cryptography, they are needed to provide
unpredictability for tasks like key generation, creating salts, and many more.
Software-based generators must be seeded with external randomness before they
can be used as a cryptographically-secure pseudo-random number generator
(\s-1CSPRNG\s0).
The availability of common hardware with special instructions and
modern operating systems, which may use items such as interrupt jitter
and network packet timings, can be reasonable sources of seeding material.
.PP
OpenSSL comes with a default implementation of the \s-1RAND API\s0 which is based on
the deterministic random bit generator (\s-1DRBG\s0) model as described in
[\s-1NIST SP 800\-90A\s0 Rev. 1]. The default random generator will initialize
automatically on first use and will be fully functional without having
to be initialized ('seeded') explicitly.
It seeds and reseeds itself automatically using trusted random sources
provided by the operating system.
.PP
As a normal application developer, you do not have to worry about any details,
just use \fBRAND_bytes\fR\|(3) to obtain random data.
Having said that, there is one important rule to obey: Always check the error
return value of \fBRAND_bytes\fR\|(3) and do not take randomness for granted.
Although (re\-)seeding is automatic, it can fail because no trusted random source
is available or the trusted source(s) temporarily fail to provide sufficient
random seed material.
In this case the \s-1CSPRNG\s0 enters an error state and ceases to provide output,
until it is able to recover from the error by reseeding itself.
For more details on reseeding and error recovery, see \s-1\fBEVP_RAND\s0\fR\|(7).
.PP
For values that should remain secret, you can use \fBRAND_priv_bytes\fR\|(3)
instead.
This method does not provide 'better' randomness, it uses the same type of
\&\s-1CSPRNG.\s0
The intention behind using a dedicated \s-1CSPRNG\s0 exclusively for private
values is that none of its output should be visible to an attacker (e.g.,
used as salt value), in order to reveal as little information as
possible about its internal state, and that a compromise of the \*(L"public\*(R"
\&\s-1CSPRNG\s0 instance will not affect the secrecy of these private values.
.PP
In the rare case where the default implementation does not satisfy your special
requirements, the default \s-1RAND\s0 internals can be replaced by your own
\&\s-1\fBEVP_RAND\s0\fR\|(3) objects.
.PP
Changing the default random generator should be necessary
only in exceptional cases and is not recommended, unless you have a profound
knowledge of cryptographic principles and understand the implications of your
changes.
.SH "DEFAULT SETUP"
.IX Header "DEFAULT SETUP"
The default OpenSSL \s-1RAND\s0 method is based on the \s-1EVP_RAND\s0 deterministic random
bit generator (\s-1DRBG\s0) classes.
A \s-1DRBG\s0 is a certain type of cryptographically-secure pseudo-random
number generator (\s-1CSPRNG\s0), which is described in [\s-1NIST SP 800\-90A\s0 Rev. 1].
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBRAND_bytes\fR\|(3),
\&\fBRAND_priv_bytes\fR\|(3),
\&\s-1\fBEVP_RAND\s0\fR\|(3),
\&\fBRAND_get0_primary\fR\|(3),
\&\s-1\fBEVP_RAND\s0\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

189
openssl-3.4.2/doc/man/man7/RSA-PSS.7 Normal file
View File

@@ -0,0 +1,189 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "RSA-PSS 7ossl"
.TH RSA-PSS 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
RSA\-PSS \- EVP_PKEY RSA\-PSS algorithm support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBRSA-PSS\fR \s-1EVP_PKEY\s0 implementation is a restricted version of the \s-1RSA\s0
algorithm which only supports signing, verification and key generation
using \s-1PSS\s0 padding modes with optional parameter restrictions.
.PP
It has associated private key and public key formats.
.PP
This algorithm shares several control operations with the \fB\s-1RSA\s0\fR algorithm
but with some restrictions described below.
.SS "Signing and Verification"
.IX Subsection "Signing and Verification"
Signing and verification is similar to the \fB\s-1RSA\s0\fR algorithm except the
padding mode is always \s-1PSS.\s0 If the key in use has parameter restrictions then
the corresponding signature parameters are set to the restrictions:
for example, if the key can only be used with digest \s-1SHA256, MGF1 SHA256\s0
and minimum salt length 32 then the digest, \s-1MGF1\s0 digest and salt length
will be set to \s-1SHA256, SHA256\s0 and 32 respectively.
.SS "Key Generation"
.IX Subsection "Key Generation"
By default no parameter restrictions are placed on the generated key.
.SH "NOTES"
.IX Header "NOTES"
The public key format is documented in \s-1RFC4055.\s0
.PP
The PKCS#8 private key format used for RSA-PSS keys is similar to the \s-1RSA\s0
format except it uses the \fBid-RSASSA-PSS\fR \s-1OID\s0 and the parameters field, if
present, restricts the key parameters in the same way as the public key.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
\&\s-1RFC 4055\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_set_rsa_pss_keygen_md\fR\|(3),
\&\fBEVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md\fR\|(3),
\&\fBEVP_PKEY_CTX_set_rsa_pss_keygen_saltlen\fR\|(3),
\&\fBEVP_PKEY_CTX_new\fR\|(3),
\&\fBEVP_PKEY_CTX_ctrl_str\fR\|(3),
\&\fBEVP_PKEY_derive\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2017\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

210
openssl-3.4.2/doc/man/man7/X25519.7 Normal file
View File

@@ -0,0 +1,210 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "X25519 7ossl"
.TH X25519 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
X25519,
X448
\&\- EVP_PKEY X25519 and X448 support
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBX25519\fR and \fBX448\fR \s-1EVP_PKEY\s0 implementation supports key generation and
key derivation using \fBX25519\fR and \fBX448\fR. It has associated private and public
key formats compatible with \s-1RFC 8410.\s0
.PP
No additional parameters can be set during key generation.
.PP
The peer public key must be set using \fBEVP_PKEY_derive_set_peer()\fR when
performing key derivation.
.SH "NOTES"
.IX Header "NOTES"
A context for the \fBX25519\fR algorithm can be obtained by calling:
.PP
.Vb 1
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
.Ve
.PP
For the \fBX448\fR algorithm a context can be obtained by calling:
.PP
.Vb 1
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);
.Ve
.PP
X25519 or X448 private keys can be set directly using
\&\fBEVP_PKEY_new_raw_private_key\fR\|(3) or loaded from a PKCS#8 private key file
using \fBPEM_read_bio_PrivateKey\fR\|(3) (or similar function). Completely new keys
can also be generated (see the example below). Setting a private key also sets
the associated public key.
.PP
X25519 or X448 public keys can be set directly using
\&\fBEVP_PKEY_new_raw_public_key\fR\|(3) or loaded from a SubjectPublicKeyInfo
structure in a \s-1PEM\s0 file using \fBPEM_read_bio_PUBKEY\fR\|(3) (or similar function).
.SH "EXAMPLES"
.IX Header "EXAMPLES"
This example generates an \fBX25519\fR private key and writes it to standard
output in \s-1PEM\s0 format:
.PP
.Vb 9
\& #include <openssl/evp.h>
\& #include <openssl/pem.h>
\& ...
\& EVP_PKEY *pkey = NULL;
\& EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
\& EVP_PKEY_keygen_init(pctx);
\& EVP_PKEY_keygen(pctx, &pkey);
\& EVP_PKEY_CTX_free(pctx);
\& PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
.Ve
.PP
The key derivation example in \fBEVP_PKEY_derive\fR\|(3) can be used with
\&\fBX25519\fR and \fBX448\fR.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_PKEY_CTX_new\fR\|(3),
\&\fBEVP_PKEY_keygen\fR\|(3),
\&\fBEVP_PKEY_derive\fR\|(3),
\&\fBEVP_PKEY_derive_set_peer\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2017\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

241
openssl-3.4.2/doc/man/man7/bio.7 Normal file
View File

@@ -0,0 +1,241 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "BIO 7ossl"
.TH BIO 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
bio \- Basic I/O abstraction
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/bio.h>
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
A \s-1BIO\s0 is an I/O abstraction, it hides many of the underlying I/O
details from an application. If an application uses a \s-1BIO\s0 for its
I/O it can transparently handle \s-1SSL\s0 connections, unencrypted network
connections and file I/O.
.PP
There are two types of \s-1BIO,\s0 a source/sink \s-1BIO\s0 and a filter \s-1BIO.\s0
.PP
As its name implies a source/sink \s-1BIO\s0 is a source and/or sink of data,
examples include a socket \s-1BIO\s0 and a file \s-1BIO.\s0
.PP
A filter \s-1BIO\s0 takes data from one \s-1BIO\s0 and passes it through to
another, or the application. The data may be left unmodified (for
example a message digest \s-1BIO\s0) or translated (for example an
encryption \s-1BIO\s0). The effect of a filter \s-1BIO\s0 may change according
to the I/O operation it is performing: for example an encryption
\&\s-1BIO\s0 will encrypt data if it is being written to and decrypt data
if it is being read from.
.PP
BIOs can be joined together to form a chain (a single \s-1BIO\s0 is a chain
with one component). A chain normally consists of one source/sink
\&\s-1BIO\s0 and one or more filter BIOs. Data read from or written to the
first \s-1BIO\s0 then traverses the chain to the end (normally a source/sink
\&\s-1BIO\s0).
.PP
Some BIOs (such as memory BIOs) can be used immediately after calling
\&\fBBIO_new()\fR. Others (such as file BIOs) need some additional initialization,
and frequently a utility function exists to create and initialize such BIOs.
.PP
If \fBBIO_free()\fR is called on a \s-1BIO\s0 chain it will only free one \s-1BIO\s0 resulting
in a memory leak.
.PP
Calling \fBBIO_free_all()\fR on a single \s-1BIO\s0 has the same effect as calling
\&\fBBIO_free()\fR on it other than the discarded return value.
.PP
Normally the \fItype\fR argument is supplied by a function which returns a
pointer to a \s-1BIO_METHOD.\s0 There is a naming convention for such functions:
a source/sink \s-1BIO\s0 typically starts with \fIBIO_s_\fR and
a filter \s-1BIO\s0 with \fIBIO_f_\fR.
.SS "\s-1TCP\s0 Fast Open"
.IX Subsection "TCP Fast Open"
\&\s-1TCP\s0 Fast Open (\s-1RFC7413\s0), abbreviated \*(L"\s-1TFO\*(R",\s0 is supported by the \s-1BIO\s0
interface since OpenSSL 3.2. \s-1TFO\s0 is supported in the following operating systems:
.IP "\(bu" 4
Linux kernel 3.13 and later, where \s-1TFO\s0 is enabled by default.
.IP "\(bu" 4
Linux kernel 4.11 and later, using \s-1TCP_FASTOPEN_CONNECT.\s0
.IP "\(bu" 4
FreeBSD 10.3 to 11.4, supports server \s-1TFO\s0 only.
.IP "\(bu" 4
FreeBSD 12.0 and later, supports both client and server \s-1TFO.\s0
.IP "\(bu" 4
macOS 10.14 and later.
.PP
Each operating system has a slightly different \s-1API\s0 for \s-1TFO.\s0 Please
refer to the operating systems' \s-1API\s0 documentation when using
sockets directly.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Create a memory \s-1BIO:\s0
.PP
.Vb 1
\& BIO *mem = BIO_new(BIO_s_mem());
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBIO_ctrl\fR\|(3),
\&\fBBIO_f_base64\fR\|(3), \fBBIO_f_buffer\fR\|(3),
\&\fBBIO_f_cipher\fR\|(3), \fBBIO_f_md\fR\|(3),
\&\fBBIO_f_null\fR\|(3), \fBBIO_f_ssl\fR\|(3),
\&\fBBIO_f_readbuffer\fR\|(3),
\&\fBBIO_find_type\fR\|(3),
\&\fBBIO_get_conn_mode\fR\|(3),
\&\fBBIO_new\fR\|(3),
\&\fBBIO_new_bio_pair\fR\|(3),
\&\fBBIO_push\fR\|(3), \fBBIO_read_ex\fR\|(3),
\&\fBBIO_s_accept\fR\|(3), \fBBIO_s_bio\fR\|(3),
\&\fBBIO_s_connect\fR\|(3), \fBBIO_s_fd\fR\|(3),
\&\fBBIO_s_file\fR\|(3), \fBBIO_s_mem\fR\|(3),
\&\fBBIO_s_null\fR\|(3), \fBBIO_s_socket\fR\|(3),
\&\fBBIO_set_callback\fR\|(3),
\&\fBBIO_set_conn_mode\fR\|(3),
\&\fBBIO_set_tfo\fR\|(3),
\&\fBBIO_set_tfo_accept\fR\|(3),
\&\fBBIO_should_retry\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

185
openssl-3.4.2/doc/man/man7/ct.7 Normal file
View File

@@ -0,0 +1,185 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "CT 7ossl"
.TH CT 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
ct \- Certificate Transparency
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/ct.h>
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This library implements Certificate Transparency (\s-1CT\s0) verification for \s-1TLS\s0
clients, as defined in \s-1RFC 6962.\s0 This verification can provide some confidence
that a certificate has been publicly logged in a set of \s-1CT\s0 logs.
.PP
By default, these checks are disabled. They can be enabled using
\&\fBSSL_CTX_enable_ct\fR\|(3) or \fBSSL_enable_ct\fR\|(3).
.PP
This library can also be used to parse and examine \s-1CT\s0 data structures, such as
Signed Certificate Timestamps (SCTs), or to read a list of \s-1CT\s0 logs. There are
functions for:
\&\- decoding and encoding SCTs in \s-1DER\s0 and \s-1TLS\s0 wire format.
\&\- printing SCTs.
\&\- verifying the authenticity of SCTs.
\&\- loading a \s-1CT\s0 log list from a \s-1CONF\s0 file.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBd2i_SCT_LIST\fR\|(3),
\&\fBCTLOG_STORE_new\fR\|(3),
\&\fBCTLOG_STORE_get0_log_by_id\fR\|(3),
\&\fBSCT_new\fR\|(3),
\&\fBSCT_print\fR\|(3),
\&\fBSCT_validate\fR\|(3),
\&\fBSCT_validate\fR\|(3),
\&\fBCT_POLICY_EVAL_CTX_new\fR\|(3),
\&\fBSSL_CTX_set_ct_validation_callback\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
The ct library was added in OpenSSL 1.1.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2016\-2017 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

295
openssl-3.4.2/doc/man/man7/des_modes.7 Normal file
View File

@@ -0,0 +1,295 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "DES_MODES 7ossl"
.TH DES_MODES 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
des_modes \- the variants of DES and other crypto algorithms of OpenSSL
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Several crypto algorithms for OpenSSL can be used in a number of modes. Those
are used for using block ciphers in a way similar to stream ciphers, among
other things.
.SH "OVERVIEW"
.IX Header "OVERVIEW"
.SS "Electronic Codebook Mode (\s-1ECB\s0)"
.IX Subsection "Electronic Codebook Mode (ECB)"
Normally, this is found as the function \fIalgorithm\fR\fB_ecb_encrypt()\fR.
.IP "\(bu" 2
64 bits are enciphered at a time.
.IP "\(bu" 2
The order of the blocks can be rearranged without detection.
.IP "\(bu" 2
The same plaintext block always produces the same ciphertext block
(for the same key) making it vulnerable to a 'dictionary attack'.
.IP "\(bu" 2
An error will only affect one ciphertext block.
.SS "Cipher Block Chaining Mode (\s-1CBC\s0)"
.IX Subsection "Cipher Block Chaining Mode (CBC)"
Normally, this is found as the function \fIalgorithm\fR\fB_cbc_encrypt()\fR.
Be aware that \fBdes_cbc_encrypt()\fR is not really \s-1DES CBC\s0 (it does
not update the \s-1IV\s0); use \fBdes_ncbc_encrypt()\fR instead.
.IP "\(bu" 2
a multiple of 64 bits are enciphered at a time.
.IP "\(bu" 2
The \s-1CBC\s0 mode produces the same ciphertext whenever the same
plaintext is encrypted using the same key and starting variable.
.IP "\(bu" 2
The chaining operation makes the ciphertext blocks dependent on the
current and all preceding plaintext blocks and therefore blocks can not
be rearranged.
.IP "\(bu" 2
The use of different starting variables prevents the same plaintext
enciphering to the same ciphertext.
.IP "\(bu" 2
An error will affect the current and the following ciphertext blocks.
.SS "Cipher Feedback Mode (\s-1CFB\s0)"
.IX Subsection "Cipher Feedback Mode (CFB)"
Normally, this is found as the function \fIalgorithm\fR\fB_cfb_encrypt()\fR.
.IP "\(bu" 2
a number of bits (j) <= 64 are enciphered at a time.
.IP "\(bu" 2
The \s-1CFB\s0 mode produces the same ciphertext whenever the same
plaintext is encrypted using the same key and starting variable.
.IP "\(bu" 2
The chaining operation makes the ciphertext variables dependent on the
current and all preceding variables and therefore j\-bit variables are
chained together and can not be rearranged.
.IP "\(bu" 2
The use of different starting variables prevents the same plaintext
enciphering to the same ciphertext.
.IP "\(bu" 2
The strength of the \s-1CFB\s0 mode depends on the size of k (maximal if
j == k). In my implementation this is always the case.
.IP "\(bu" 2
Selection of a small value for j will require more cycles through
the encipherment algorithm per unit of plaintext and thus cause
greater processing overheads.
.IP "\(bu" 2
Only multiples of j bits can be enciphered.
.IP "\(bu" 2
An error will affect the current and the following ciphertext variables.
.SS "Output Feedback Mode (\s-1OFB\s0)"
.IX Subsection "Output Feedback Mode (OFB)"
Normally, this is found as the function \fIalgorithm\fR\fB_ofb_encrypt()\fR.
.IP "\(bu" 2
a number of bits (j) <= 64 are enciphered at a time.
.IP "\(bu" 2
The \s-1OFB\s0 mode produces the same ciphertext whenever the same
plaintext enciphered using the same key and starting variable. More
over, in the \s-1OFB\s0 mode the same key stream is produced when the same
key and start variable are used. Consequently, for security reasons
a specific start variable should be used only once for a given key.
.IP "\(bu" 2
The absence of chaining makes the \s-1OFB\s0 more vulnerable to specific attacks.
.IP "\(bu" 2
The use of different start variables values prevents the same
plaintext enciphering to the same ciphertext, by producing different
key streams.
.IP "\(bu" 2
Selection of a small value for j will require more cycles through
the encipherment algorithm per unit of plaintext and thus cause
greater processing overheads.
.IP "\(bu" 2
Only multiples of j bits can be enciphered.
.IP "\(bu" 2
\&\s-1OFB\s0 mode of operation does not extend ciphertext errors in the
resultant plaintext output. Every bit error in the ciphertext causes
only one bit to be in error in the deciphered plaintext.
.IP "\(bu" 2
\&\s-1OFB\s0 mode is not self-synchronizing. If the two operation of
encipherment and decipherment get out of synchronism, the system needs
to be re-initialized.
.IP "\(bu" 2
Each re-initialization should use a value of the start variable
different from the start variable values used before with the same
key. The reason for this is that an identical bit stream would be
produced each time from the same parameters. This would be
susceptible to a 'known plaintext' attack.
.SS "Triple \s-1ECB\s0 Mode"
.IX Subsection "Triple ECB Mode"
Normally, this is found as the function \fIalgorithm\fR\fB_ecb3_encrypt()\fR.
.IP "\(bu" 2
Encrypt with key1, decrypt with key2 and encrypt with key3 again.
.IP "\(bu" 2
As for \s-1ECB\s0 encryption but increases the key length to 168 bits.
There are theoretic attacks that can be used that make the effective
key length 112 bits, but this attack also requires 2^56 blocks of
memory, not very likely, even for the \s-1NSA.\s0
.IP "\(bu" 2
If both keys are the same it is equivalent to encrypting once with
just one key.
.IP "\(bu" 2
If the first and last key are the same, the key length is 112 bits.
There are attacks that could reduce the effective key strength
to only slightly more than 56 bits, but these require a lot of memory.
.IP "\(bu" 2
If all 3 keys are the same, this is effectively the same as normal
ecb mode.
.SS "Triple \s-1CBC\s0 Mode"
.IX Subsection "Triple CBC Mode"
Normally, this is found as the function \fIalgorithm\fR\fB_ede3_cbc_encrypt()\fR.
.IP "\(bu" 2
Encrypt with key1, decrypt with key2 and then encrypt with key3.
.IP "\(bu" 2
As for \s-1CBC\s0 encryption but increases the key length to 168 bits with
the same restrictions as for triple ecb mode.
.SH "NOTES"
.IX Header "NOTES"
This text was been written in large parts by Eric Young in his original
documentation for SSLeay, the predecessor of OpenSSL. In turn, he attributed
it to:
.PP
.Vb 5
\& AS 2805.5.2
\& Australian Standard
\& Electronic funds transfer \- Requirements for interfaces,
\& Part 5.2: Modes of operation for an n\-bit block cipher algorithm
\& Appendix A
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBBF_encrypt\fR\|(3), \fBDES_crypt\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

238
openssl-3.4.2/doc/man/man7/evp.7 Normal file
View File

@@ -0,0 +1,238 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP 7ossl"
.TH EVP 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
evp \- high\-level cryptographic functions
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/evp.h>
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP\s0 library provides a high-level interface to cryptographic
functions.
.PP
The \fBEVP_Seal\fR\fI\s-1XXX\s0\fR and \fBEVP_Open\fR\fI\s-1XXX\s0\fR
functions provide public key encryption and decryption to implement digital \*(L"envelopes\*(R".
.PP
The \fBEVP_DigestSign\fR\fI\s-1XXX\s0\fR and
\&\fBEVP_DigestVerify\fR\fI\s-1XXX\s0\fR functions implement
digital signatures and Message Authentication Codes (MACs). Also see the older
\&\fBEVP_Sign\fR\fI\s-1XXX\s0\fR and \fBEVP_Verify\fR\fI\s-1XXX\s0\fR
functions.
.PP
Symmetric encryption is available with the \fBEVP_Encrypt\fR\fI\s-1XXX\s0\fR
functions. The \fBEVP_Digest\fR\fI\s-1XXX\s0\fR functions provide message digests.
.PP
The \fB\s-1EVP_PKEY\s0\fR\fI\s-1XXX\s0\fR functions provide a high-level interface to
asymmetric algorithms. To create a new \s-1EVP_PKEY\s0 see
\&\fBEVP_PKEY_new\fR\|(3). EVP_PKEYs can be associated
with a private key of a particular algorithm by using the functions
described on the \fBEVP_PKEY_fromdata\fR\|(3) page, or
new keys can be generated using \fBEVP_PKEY_keygen\fR\|(3).
EVP_PKEYs can be compared using \fBEVP_PKEY_eq\fR\|(3), or printed using
\&\fBEVP_PKEY_print_private\fR\|(3). \fBEVP_PKEY_todata\fR\|(3) can be used to convert a
key back into an \s-1\fBOSSL_PARAM\s0\fR\|(3) array.
.PP
The \s-1EVP_PKEY\s0 functions support the full range of asymmetric algorithm operations:
.IP "For key agreement see \fBEVP_PKEY_derive\fR\|(3)" 4
.IX Item "For key agreement see EVP_PKEY_derive"
.PD 0
.IP "For signing and verifying see \fBEVP_PKEY_sign\fR\|(3), \fBEVP_PKEY_verify\fR\|(3) and \fBEVP_PKEY_verify_recover\fR\|(3). However, note that these functions do not perform a digest of the data to be signed. Therefore, normally you would use the \fBEVP_DigestSignInit\fR\|(3) functions for this purpose." 4
.IX Item "For signing and verifying see EVP_PKEY_sign, EVP_PKEY_verify and EVP_PKEY_verify_recover. However, note that these functions do not perform a digest of the data to be signed. Therefore, normally you would use the EVP_DigestSignInit functions for this purpose."
.ie n .IP "For encryption and decryption see \fBEVP_PKEY_encrypt\fR\|(3) and \fBEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ""digital envelope"" using the \fBEVP_SealInit\fR\|(3) and \fBEVP_OpenInit\fR\|(3) functions." 4
.el .IP "For encryption and decryption see \fBEVP_PKEY_encrypt\fR\|(3) and \fBEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ``digital envelope'' using the \fBEVP_SealInit\fR\|(3) and \fBEVP_OpenInit\fR\|(3) functions." 4
.IX Item "For encryption and decryption see EVP_PKEY_encrypt and EVP_PKEY_decrypt respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a digital envelope using the EVP_SealInit and EVP_OpenInit functions."
.PD
.PP
The \fBEVP_BytesToKey\fR\|(3) function provides some limited support for password
based encryption. Careful selection of the parameters will provide a PKCS#5 \s-1PBKDF1\s0 compatible
implementation. However, new applications should not typically use this (preferring, for example,
\&\s-1PBKDF2\s0 from PCKS#5).
.PP
The \fBEVP_Encode\fR\fI\s-1XXX\s0\fR and
\&\fBEVP_Decode\fR\fI\s-1XXX\s0\fR functions implement base64 encoding
and decoding.
.PP
All the symmetric algorithms (ciphers), digests and asymmetric algorithms
(public key algorithms) can be replaced by \s-1ENGINE\s0 modules providing alternative
implementations. If \s-1ENGINE\s0 implementations of ciphers or digests are registered
as defaults, then the various \s-1EVP\s0 functions will automatically use those
implementations automatically in preference to built in software
implementations. For more information, consult the \fBengine\fR\|(3) man page.
.PP
Although low-level algorithm specific functions exist for many algorithms
their use is discouraged. They cannot be used with an \s-1ENGINE\s0 and \s-1ENGINE\s0
versions of new algorithms cannot be accessed using the low-level functions.
Also makes code harder to adapt to new algorithms and some options are not
cleanly supported at the low-level and some operations are more efficient
using the high-level interface.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBEVP_DigestInit\fR\|(3),
\&\fBEVP_EncryptInit\fR\|(3),
\&\fBEVP_OpenInit\fR\|(3),
\&\fBEVP_SealInit\fR\|(3),
\&\fBEVP_DigestSignInit\fR\|(3),
\&\fBEVP_SignInit\fR\|(3),
\&\fBEVP_VerifyInit\fR\|(3),
\&\fBEVP_EncodeInit\fR\|(3),
\&\fBEVP_PKEY_new\fR\|(3),
\&\fBEVP_PKEY_fromdata\fR\|(3),
\&\fBEVP_PKEY_todata\fR\|(3),
\&\fBEVP_PKEY_keygen\fR\|(3),
\&\fBEVP_PKEY_print_private\fR\|(3),
\&\fBEVP_PKEY_decrypt\fR\|(3),
\&\fBEVP_PKEY_encrypt\fR\|(3),
\&\fBEVP_PKEY_sign\fR\|(3),
\&\fBEVP_PKEY_verify\fR\|(3),
\&\fBEVP_PKEY_verify_recover\fR\|(3),
\&\fBEVP_PKEY_derive\fR\|(3),
\&\fBEVP_BytesToKey\fR\|(3),
\&\fBENGINE_by_id\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2000\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

721
openssl-3.4.2/doc/man/man7/fips_module.7 Normal file
View File

@@ -0,0 +1,721 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "FIPS_MODULE 7ossl"
.TH FIPS_MODULE 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
fips_module \- OpenSSL fips module guide
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
See the individual manual pages for details.
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This guide details different ways that OpenSSL can be used in conjunction
with the \s-1FIPS\s0 module. Which is the correct approach to use will depend on your
own specific circumstances and what you are attempting to achieve.
.PP
For information related to installing the \s-1FIPS\s0 module see
<https://github.com/openssl/openssl/blob/master/README\-FIPS.md>.
.PP
Note that the old functions \fBFIPS_mode()\fR and \fBFIPS_mode_set()\fR are no longer
present so you must remove them from your application if you use them.
.PP
Applications written to use the OpenSSL 3.0 \s-1FIPS\s0 module should not use any
legacy APIs or features that avoid the \s-1FIPS\s0 module. Specifically this includes:
.IP "\(bu" 4
Low level cryptographic APIs (use the high level APIs, such as \s-1EVP,\s0 instead)
.IP "\(bu" 4
Engines
.IP "\(bu" 4
Any functions that create or modify custom \*(L"\s-1METHODS\*(R"\s0 (for example
\&\fBEVP_MD_meth_new()\fR, \fBEVP_CIPHER_meth_new()\fR, \fBEVP_PKEY_meth_new()\fR, \fBRSA_meth_new()\fR,
\&\fBEC_KEY_METHOD_new()\fR, etc.)
.PP
All of the above APIs are deprecated in OpenSSL 3.0 \- so a simple rule is to
avoid using all deprecated functions. See \fBossl\-guide\-migration\fR\|(7) for a list of
deprecated functions.
.SS "Making all applications use the \s-1FIPS\s0 module by default"
.IX Subsection "Making all applications use the FIPS module by default"
One simple approach is to cause all applications that are using OpenSSL to only
use the \s-1FIPS\s0 module for cryptographic algorithms by default.
.PP
This approach can be done purely via configuration. As long as applications are
built and linked against OpenSSL 3.0 and do not override the loading of the
default config file or its settings then they can automatically start using the
\&\s-1FIPS\s0 module without the need for any further code changes.
.PP
To do this the default OpenSSL config file will have to be modified. The
location of this config file will depend on the platform, and any options that
were given during the build process. You can check the location of the config
file by running this command:
.PP
.Vb 2
\& $ openssl version \-d
\& OPENSSLDIR: "/usr/local/ssl"
.Ve
.PP
Caution: Many Operating Systems install OpenSSL by default. It is a common error
to not have the correct version of OpenSSL in your \f(CW$PATH\fR. Check that you are
running an OpenSSL 3.0 version like this:
.PP
.Vb 2
\& $ openssl version \-v
\& OpenSSL 3.0.0\-dev xx XXX xxxx (Library: OpenSSL 3.0.0\-dev xx XXX xxxx)
.Ve
.PP
The \fB\s-1OPENSSLDIR\s0\fR value above gives the directory name for where the default
config file is stored. So in this case the default config file will be called
\&\fI/usr/local/ssl/openssl.cnf\fR.
.PP
Edit the config file to add the following lines near the beginning:
.PP
.Vb 2
\& config_diagnostics = 1
\& openssl_conf = openssl_init
\&
\& .include /usr/local/ssl/fipsmodule.cnf
\&
\& [openssl_init]
\& providers = provider_sect
\& alg_section = algorithm_sect
\&
\& [provider_sect]
\& fips = fips_sect
\& base = base_sect
\&
\& [base_sect]
\& activate = 1
\&
\& [algorithm_sect]
\& default_properties = fips=yes
.Ve
.PP
Obviously the include file location above should match the path and name of the
\&\s-1FIPS\s0 module config file that you installed earlier.
See <https://github.com/openssl/openssl/blob/master/README\-FIPS.md>.
.PP
For \s-1FIPS\s0 usage, it is recommended that the \fBconfig_diagnostics\fR option is
enabled to prevent accidental use of non-FIPS validated algorithms via broken
or mistaken configuration. See \fBconfig\fR\|(5).
.PP
Any applications that use OpenSSL 3.0 and are started after these changes are
made will start using only the \s-1FIPS\s0 module unless those applications take
explicit steps to avoid this default behaviour. Note that this configuration
also activates the \*(L"base\*(R" provider. The base provider does not include any
cryptographic algorithms (and therefore does not impact the validation status of
any cryptographic operations), but does include other supporting algorithms that
may be required. It is designed to be used in conjunction with the \s-1FIPS\s0 module.
.PP
This approach has the primary advantage that it is simple, and no code changes
are required in applications in order to benefit from the \s-1FIPS\s0 module. There are
some disadvantages to this approach:
.IP "\(bu" 4
You may not want all applications to use the \s-1FIPS\s0 module.
.Sp
It may be the case that some applications should and some should not use the
\&\s-1FIPS\s0 module.
.IP "\(bu" 4
If applications take explicit steps to not load the default config file or
set different settings.
.Sp
This method will not work for these cases.
.IP "\(bu" 4
The algorithms available in the \s-1FIPS\s0 module are a subset of the algorithms
that are available in the default OpenSSL Provider.
.Sp
If any applications attempt to use any algorithms that are not present,
then they will fail.
.IP "\(bu" 4
Usage of certain deprecated APIs avoids the use of the \s-1FIPS\s0 module.
.Sp
If any applications use those APIs then the \s-1FIPS\s0 module will not be used.
.SS "Selectively making applications use the \s-1FIPS\s0 module by default"
.IX Subsection "Selectively making applications use the FIPS module by default"
A variation on the above approach is to do the same thing on an individual
application basis. The default OpenSSL config file depends on the compiled in
value for \fB\s-1OPENSSLDIR\s0\fR as described in the section above. However it is also
possible to override the config file to be used via the \fB\s-1OPENSSL_CONF\s0\fR
environment variable. For example the following, on Unix, will cause the
application to be executed with a non-standard config file location:
.PP
.Vb 1
\& $ OPENSSL_CONF=/my/nondefault/openssl.cnf myapplication
.Ve
.PP
Using this mechanism you can control which config file is loaded (and hence
whether the \s-1FIPS\s0 module is loaded) on an application by application basis.
.PP
This removes the disadvantage listed above that you may not want all
applications to use the \s-1FIPS\s0 module. All the other advantages and disadvantages
still apply.
.SS "Programmatically loading the \s-1FIPS\s0 module (default library context)"
.IX Subsection "Programmatically loading the FIPS module (default library context)"
Applications may choose to load the \s-1FIPS\s0 provider explicitly rather than relying
on config to do this. The config file is still necessary in order to hold the
\&\s-1FIPS\s0 module config data (such as its self test status and integrity data). But
in this case we do not automatically activate the \s-1FIPS\s0 provider via that config
file.
.PP
To do things this way configure as per
\&\*(L"Making all applications use the \s-1FIPS\s0 module by default\*(R" above, but edit the
\&\fIfipsmodule.cnf\fR file to remove or comment out the line which says
\&\f(CW\*(C`activate = 1\*(C'\fR (note that setting this value to 0 is \fInot\fR sufficient).
This means all the required config information will be available to load the
\&\s-1FIPS\s0 module, but it is not automatically loaded when the application starts. The
\&\s-1FIPS\s0 provider can then be loaded programmatically like this:
.PP
.Vb 1
\& #include <openssl/provider.h>
\&
\& int main(void)
\& {
\& OSSL_PROVIDER *fips;
\& OSSL_PROVIDER *base;
\&
\& fips = OSSL_PROVIDER_load(NULL, "fips");
\& if (fips == NULL) {
\& printf("Failed to load FIPS provider\en");
\& exit(EXIT_FAILURE);
\& }
\& base = OSSL_PROVIDER_load(NULL, "base");
\& if (base == NULL) {
\& OSSL_PROVIDER_unload(fips);
\& printf("Failed to load base provider\en");
\& exit(EXIT_FAILURE);
\& }
\&
\& /* Rest of application */
\&
\& OSSL_PROVIDER_unload(base);
\& OSSL_PROVIDER_unload(fips);
\& exit(EXIT_SUCCESS);
\& }
.Ve
.PP
Note that this should be one of the first things that you do in your
application. If any OpenSSL functions get called that require the use of
cryptographic functions before this occurs then, if no provider has yet been
loaded, then the default provider will be automatically loaded. If you then
later explicitly load the \s-1FIPS\s0 provider then you will have both the \s-1FIPS\s0 and the
default provider loaded at the same time. It is unspecified which implementation
of an algorithm will be used if multiple implementations are available and you
have not explicitly specified via a property query (see below) which one should
be used.
.PP
Also note that in this example we have additionally loaded the \*(L"base\*(R" provider.
This loads a sub-set of algorithms that are also available in the default
provider \- specifically non cryptographic ones which may be used in conjunction
with the \s-1FIPS\s0 provider. For example this contains algorithms for encoding and
decoding keys. If you decide not to load the default provider then you
will usually want to load the base provider instead.
.PP
In this example we are using the \*(L"default\*(R" library context. OpenSSL functions
operate within the scope of a library context. If no library context is
explicitly specified then the default library context is used. For further
details about library contexts see the \s-1\fBOSSL_LIB_CTX\s0\fR\|(3) man page.
.SS "Loading the \s-1FIPS\s0 module at the same time as other providers"
.IX Subsection "Loading the FIPS module at the same time as other providers"
It is possible to have the \s-1FIPS\s0 provider and other providers (such as the
default provider) all loaded at the same time into the same library context. You
can use a property query string during algorithm fetches to specify which
implementation you would like to use.
.PP
For example to fetch an implementation of \s-1SHA256\s0 which conforms to \s-1FIPS\s0
standards you can specify the property query \f(CW\*(C`fips=yes\*(C'\fR like this:
.PP
.Vb 1
\& EVP_MD *sha256;
\&
\& sha256 = EVP_MD_fetch(NULL, "SHA2\-256", "fips=yes");
.Ve
.PP
If no property query is specified, or more than one implementation matches the
property query then it is unspecified which implementation of a particular
algorithm will be returned.
.PP
This example shows an explicit request for an implementation of \s-1SHA256\s0 from the
default provider:
.PP
.Vb 1
\& EVP_MD *sha256;
\&
\& sha256 = EVP_MD_fetch(NULL, "SHA2\-256", "provider=default");
.Ve
.PP
It is also possible to set a default property query string. The following
example sets the default property query of \f(CW\*(C`fips=yes\*(C'\fR for all fetches within
the default library context:
.PP
.Vb 1
\& EVP_set_default_properties(NULL, "fips=yes");
.Ve
.PP
If a fetch function has both an explicit property query specified, and a
default property query is defined then the two queries are merged together and
both apply. The local property query overrides the default properties if the
same property name is specified in both.
.PP
There are two important built-in properties that you should be aware of:
.PP
The \*(L"provider\*(R" property enables you to specify which provider you want an
implementation to be fetched from, e.g. \f(CW\*(C`provider=default\*(C'\fR or \f(CW\*(C`provider=fips\*(C'\fR.
All algorithms implemented in a provider have this property set on them.
.PP
There is also the \f(CW\*(C`fips\*(C'\fR property. All \s-1FIPS\s0 algorithms match against the
property query \f(CW\*(C`fips=yes\*(C'\fR. There are also some non-cryptographic algorithms
available in the default and base providers that also have the \f(CW\*(C`fips=yes\*(C'\fR
property defined for them. These are the encoder and decoder algorithms that
can (for example) be used to write out a key generated in the \s-1FIPS\s0 provider to a
file. The encoder and decoder algorithms are not in the \s-1FIPS\s0 module itself but
are allowed to be used in conjunction with the \s-1FIPS\s0 algorithms.
.PP
It is possible to specify default properties within a config file. For example
the following config file automatically loads the default and \s-1FIPS\s0 providers and
sets the default property value to be \f(CW\*(C`fips=yes\*(C'\fR. Note that this config file
does not load the \*(L"base\*(R" provider. All supporting algorithms that are in \*(L"base\*(R"
are also in \*(L"default\*(R", so it is unnecessary in this case:
.PP
.Vb 2
\& config_diagnostics = 1
\& openssl_conf = openssl_init
\&
\& .include /usr/local/ssl/fipsmodule.cnf
\&
\& [openssl_init]
\& providers = provider_sect
\& alg_section = algorithm_sect
\&
\& [provider_sect]
\& fips = fips_sect
\& default = default_sect
\&
\& [default_sect]
\& activate = 1
\&
\& [algorithm_sect]
\& default_properties = fips=yes
.Ve
.SS "Programmatically loading the \s-1FIPS\s0 module (nondefault library context)"
.IX Subsection "Programmatically loading the FIPS module (nondefault library context)"
In addition to using properties to separate usage of the \s-1FIPS\s0 module from other
usages this can also be achieved using library contexts. In this example we
create two library contexts. In one we assume the existence of a config file
called \fIopenssl\-fips.cnf\fR that automatically loads and configures the \s-1FIPS\s0 and
base providers. The other library context will just use the default provider.
.PP
.Vb 4
\& OSSL_LIB_CTX *fips_libctx, *nonfips_libctx;
\& OSSL_PROVIDER *defctxnull = NULL;
\& EVP_MD *fipssha256 = NULL, *nonfipssha256 = NULL;
\& int ret = 1;
\&
\& /*
\& * Create two nondefault library contexts. One for fips usage and
\& * one for non\-fips usage
\& */
\& fips_libctx = OSSL_LIB_CTX_new();
\& nonfips_libctx = OSSL_LIB_CTX_new();
\& if (fips_libctx == NULL || nonfips_libctx == NULL)
\& goto err;
\&
\& /* Prevent anything from using the default library context */
\& defctxnull = OSSL_PROVIDER_load(NULL, "null");
\&
\& /*
\& * Load config file for the FIPS library context. We assume that
\& * this config file will automatically activate the FIPS and base
\& * providers so we don\*(Aqt need to explicitly load them here.
\& */
\& if (!OSSL_LIB_CTX_load_config(fips_libctx, "openssl\-fips.cnf"))
\& goto err;
\&
\& /*
\& * Set the default property query on the FIPS library context to
\& * ensure that only FIPS algorithms can be used. There are a few non\-FIPS
\& * approved algorithms in the FIPS provider for backward compatibility reasons.
\& */
\& if (!EVP_set_default_properties(fips_libctx, "fips=yes"))
\& goto err;
\&
\& /*
\& * We don\*(Aqt need to do anything special to load the default
\& * provider into nonfips_libctx. This happens automatically if no
\& * other providers are loaded.
\& * Because we don\*(Aqt call OSSL_LIB_CTX_load_config() explicitly for
\& * nonfips_libctx it will just use the default config file.
\& */
\&
\& /* As an example get some digests */
\&
\& /* Get a FIPS validated digest */
\& fipssha256 = EVP_MD_fetch(fips_libctx, "SHA2\-256", NULL);
\& if (fipssha256 == NULL)
\& goto err;
\&
\& /* Get a non\-FIPS validated digest */
\& nonfipssha256 = EVP_MD_fetch(nonfips_libctx, "SHA2\-256", NULL);
\& if (nonfipssha256 == NULL)
\& goto err;
\&
\& /* Use the digests */
\&
\& printf("Success\en");
\& ret = 0;
\&
\& err:
\& EVP_MD_free(fipssha256);
\& EVP_MD_free(nonfipssha256);
\& OSSL_LIB_CTX_free(fips_libctx);
\& OSSL_LIB_CTX_free(nonfips_libctx);
\& OSSL_PROVIDER_unload(defctxnull);
\&
\& return ret;
.Ve
.PP
Note that we have made use of the special \*(L"null\*(R" provider here which we load
into the default library context. We could have chosen to use the default
library context for \s-1FIPS\s0 usage, and just create one additional library context
for other usages \- or vice versa. However if code has not been converted to use
library contexts then the default library context will be automatically used.
This could be the case for your own existing applications as well as certain
parts of OpenSSL itself. Not all parts of OpenSSL are library context aware. If
this happens then you could \*(L"accidentally\*(R" use the wrong library context for a
particular operation. To be sure this doesn't happen you can load the \*(L"null\*(R"
provider into the default library context. Because a provider has been
explicitly loaded, the default provider will not automatically load. This means
code using the default context by accident will fail because no algorithms will
be available.
.PP
See \*(L"Library Context\*(R" in \fBossl\-guide\-migration\fR\|(7) for additional information about the
Library Context.
.SS "Using Encoders and Decoders with the \s-1FIPS\s0 module"
.IX Subsection "Using Encoders and Decoders with the FIPS module"
Encoders and decoders are used to read and write keys or parameters from or to
some external format (for example a \s-1PEM\s0 file). If your application generates
keys or parameters that then need to be written into \s-1PEM\s0 or \s-1DER\s0 format
then it is likely that you will need to use an encoder to do this. Similarly
you need a decoder to read previously saved keys and parameters. In most cases
this will be invisible to you if you are using APIs that existed in
OpenSSL 1.1.1 or earlier such as \fBi2d_PrivateKey\fR\|(3). However the appropriate
encoder/decoder will need to be available in the library context associated with
the key or parameter object. The built-in OpenSSL encoders and decoders are
implemented in both the default and base providers and are not in the \s-1FIPS\s0
module boundary. However since they are not cryptographic algorithms themselves
it is still possible to use them in conjunction with the \s-1FIPS\s0 module, and
therefore these encoders/decoders have the \f(CW\*(C`fips=yes\*(C'\fR property against them.
You should ensure that either the default or base provider is loaded into the
library context in this case.
.SS "Using the \s-1FIPS\s0 module in \s-1SSL/TLS\s0"
.IX Subsection "Using the FIPS module in SSL/TLS"
Writing an application that uses libssl in conjunction with the \s-1FIPS\s0 module is
much the same as writing a normal libssl application. If you are using global
properties and the default library context to specify usage of \s-1FIPS\s0 validated
algorithms then this will happen automatically for all cryptographic algorithms
in libssl. If you are using a nondefault library context to load the \s-1FIPS\s0
provider then you can supply this to libssl using the function
\&\fBSSL_CTX_new_ex\fR\|(3). This works as a drop in replacement for the function
\&\fBSSL_CTX_new\fR\|(3) except it provides you with the capability to specify the
library context to be used. You can also use the same function to specify
libssl specific properties to use.
.PP
In this first example we create two \s-1SSL_CTX\s0 objects using two different library
contexts.
.PP
.Vb 11
\& /*
\& * We assume that a nondefault library context with the FIPS
\& * provider loaded has been created called fips_libctx.
\& */
\& SSL_CTX *fips_ssl_ctx = SSL_CTX_new_ex(fips_libctx, "fips=yes", TLS_method());
\& /*
\& * We assume that a nondefault library context with the default
\& * provider loaded has been created called non_fips_libctx.
\& */
\& SSL_CTX *non_fips_ssl_ctx = SSL_CTX_new_ex(non_fips_libctx, NULL,
\& TLS_method());
.Ve
.PP
In this second example we create two \s-1SSL_CTX\s0 objects using different properties
to specify \s-1FIPS\s0 usage:
.PP
.Vb 10
\& /*
\& * The "fips=yes" property includes all FIPS approved algorithms
\& * as well as encoders from the default provider that are allowed
\& * to be used. The NULL below indicates that we are using the
\& * default library context.
\& */
\& SSL_CTX *fips_ssl_ctx = SSL_CTX_new_ex(NULL, "fips=yes", TLS_method());
\& /*
\& * The "provider!=fips" property allows algorithms from any
\& * provider except the FIPS provider
\& */
\& SSL_CTX *non_fips_ssl_ctx = SSL_CTX_new_ex(NULL, "provider!=fips",
\& TLS_method());
.Ve
.SS "Confirming that an algorithm is being provided by the \s-1FIPS\s0 module"
.IX Subsection "Confirming that an algorithm is being provided by the FIPS module"
A chain of links needs to be followed to go from an algorithm instance to the
provider that implements it. The process is similar for all algorithms. Here the
example of a digest is used.
.PP
To go from an \fB\s-1EVP_MD_CTX\s0\fR to an \fB\s-1EVP_MD\s0\fR, use \fBEVP_MD_CTX_md\fR\|(3) .
To go from the \fB\s-1EVP_MD\s0\fR to its \fB\s-1OSSL_PROVIDER\s0\fR,
use \fBEVP_MD_get0_provider\fR\|(3).
To extract the name from the \fB\s-1OSSL_PROVIDER\s0\fR, use
\&\fBOSSL_PROVIDER_get0_name\fR\|(3).
.SS "\s-1FIPS\s0 indicators"
.IX Subsection "FIPS indicators"
\&\s-1FIPS\s0 indicators have been added to the \s-1FIPS\s0 provider in OpenSSL 3.4.
\&\s-1FIPS 140\-3\s0 requires indicators to be used if the \s-1FIPS\s0 provider allows non
approved algorithms. An algorithm is approved if it passes all required checks
such as minimum key size. By default an error will occur if any check fails.
For backwards compatibility individual algorithms may override the checks by
using either an option in the \s-1FIPS\s0 configuration (See
\&\*(L"\s-1FIPS\s0 indicator options\*(R" in \fBfips_config\fR\|(5)) \s-1OR\s0 in code using an algorithm context
setter. Overriding the check means that the algorithm is not \s-1FIPS\s0 compliant.
\&\fBOSSL_INDICATOR_set_callback\fR\|(3) can be called to register a callback to log
unapproved algorithms. At the end of any algorithm operation the approved status
can be queried using an algorithm context getter to retrieve the indicator
(e.g. \*(L"fips-indicator\*(R").
An example of an algorithm context setter is \*(L"key-check\*(R"
in \*(L"Supported parameters\*(R" in \s-1\fBEVP_KDF\-HKDF\s0\fR\|(7).
.PP
The following algorithms use \*(L"fips-indicator\*(R" to query if the algorithm
is approved:
.IP "\s-1DSA\s0 Key generation" 4
.IX Item "DSA Key generation"
\&\s-1DSA\s0 Key generation is no longer approved.
See \*(L"\s-1DSA\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-DSA\s0\fR\|(7)
.IP "\s-1DSA\s0 Signatures" 4
.IX Item "DSA Signatures"
\&\s-1DSA\s0 Signature generation is no longer approved.
See \*(L"Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-DSA\s0\fR\|(7)
.IP "\s-1ECDSA\s0 Signatures" 4
.IX Item "ECDSA Signatures"
See \*(L"\s-1ECDSA\s0 Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7)
.IP "\s-1EC\s0 Key Generation" 4
.IX Item "EC Key Generation"
See \*(L"Common \s-1EC\s0 parameters\*(R" in \s-1\fBEVP_PKEY\-EC\s0\fR\|(7)
.IP "\s-1RSA\s0 Encryption" 4
.IX Item "RSA Encryption"
\&\*(L"pkcs1\*(R" padding is no longer approved.
.Sp
See \*(L"\s-1RSA\s0 Asymmetric Cipher parameters\*(R" in \s-1\fBEVP_ASYM_CIPHER\-RSA\s0\fR\|(7) and
\&\*(L"\s-1RSA KEM\s0 parameters\*(R" in \s-1\fBEVP_KEM\-RSA\s0\fR\|(7)
.IP "\s-1RSA\s0 Signatures" 4
.IX Item "RSA Signatures"
See \*(L"Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7)
.IP "\s-1DRBGS\s0" 4
.IX Item "DRBGS"
See \*(L"Supported parameters\*(R" in \s-1\fBEVP_RAND\-HASH\-DRBG\s0\fR\|(7) and
\&\s-1\fBEVP_RAND\-HMAC\-DRBG\s0\fR\|(7)/Supported parameters>
.IP "\s-1DES\s0" 4
.IX Item "DES"
Triple-DES is not longer approved for encryption.
See \*(L"Parameters\*(R" in \s-1\fBEVP_CIPHER\-DES\s0\fR\|(7)
.IP "\s-1DH\s0" 4
.IX Item "DH"
See \*(L"\s-1DH\s0 and \s-1DHX\s0 key exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH\-DH\s0\fR\|(7)
.IP "\s-1ECDH\s0" 4
.IX Item "ECDH"
See \*(L"\s-1ECDH\s0 Key Exchange parameters\*(R" in \s-1\fBEVP_KEYEXCH\-ECDH\s0\fR\|(7)
.IP "\s-1KDFS\s0" 4
.IX Item "KDFS"
See relevant \s-1KDF\s0 documentation e.g. \*(L"Supported parameters\*(R" in \s-1\fBEVP_KDF\-HKDF\s0\fR\|(7)
.IP "\s-1CMAC\s0 and \s-1KMAC\s0" 4
.IX Item "CMAC and KMAC"
See \*(L"Supported parameters\*(R" in \s-1\fBEVP_MAC\-CMAC\s0\fR\|(7) and
\&\*(L"Supported parameters\*(R" in \s-1\fBEVP_MAC\-KMAC\s0\fR\|(7)
.PP
The following \s-1FIPS\s0 algorithms are unapproved and use the \*(L"fips-indicator\*(R".
.IP "RAND-TEST-RAND" 4
.IX Item "RAND-TEST-RAND"
See \*(L"Supported parameters\*(R" in \s-1\fBEVP_RAND\-TEST\-RAND\s0\fR\|(7)
The indicator callback is \s-1NOT\s0 triggered for this algorithm since it is used
internally for non security purposes.
.IP "X25519 and X448 Key Generation and Key Exchange" 4
.IX Item "X25519 and X448 Key Generation and Key Exchange"
.PP
The unapproved (non \s-1FIPS\s0 validated) algorithms have a property query value of
\&\*(L"fips=no\*(R".
.PP
The following algorithms use a unique indicator and do not trigger the
indicator callback.
.ie n .IP "AES-GCM ciphers support the indicator ""iv-generated""" 4
.el .IP "AES-GCM ciphers support the indicator ``iv-generated''" 4
.IX Item "AES-GCM ciphers support the indicator iv-generated"
See \*(L"\s-1PARAMETERS\*(R"\s0 in \fBEVP_EncryptInit\fR\|(3) for further information.
.ie n .IP "\s-1ECDSA\s0 and \s-1RSA\s0 Signatures support the indicator ""verify-message""." 4
.el .IP "\s-1ECDSA\s0 and \s-1RSA\s0 Signatures support the indicator ``verify-message''." 4
.IX Item "ECDSA and RSA Signatures support the indicator verify-message."
See \*(L"\s-1ECDSA\s0 Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-ECDSA\s0\fR\|(7) and
\&\*(L"Signature Parameters\*(R" in \s-1\fBEVP_SIGNATURE\-RSA\s0\fR\|(7) /for further information.
.SH "NOTES"
.IX Header "NOTES"
Some released versions of OpenSSL do not include a validated
\&\s-1FIPS\s0 provider. To determine which versions have undergone
the validation process, please refer to the
OpenSSL Downloads page <https://www.openssl.org/source/>. If you
require FIPS-approved functionality, it is essential to build your \s-1FIPS\s0
provider using one of the validated versions listed there. Normally,
it is possible to utilize a \s-1FIPS\s0 provider constructed from one of the
validated versions alongside \fIlibcrypto\fR and \fIlibssl\fR compiled from any
release within the same major release series. This flexibility enables
you to address bug fixes and CVEs that fall outside the \s-1FIPS\s0 boundary.
.PP
As the \s-1FIPS\s0 provider still supports non-FIPS validated algorithms,
The property query \f(CW\*(C`fips=yes\*(C'\fR is mandatory for applications that
want to operate in a \s-1FIPS\s0 approved manner.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBossl\-guide\-migration\fR\|(7), \fBcrypto\fR\|(7), \fBfips_config\fR\|(5),
<https://www.openssl.org/source/>
.SH "HISTORY"
.IX Header "HISTORY"
The \s-1FIPS\s0 module guide was created for use with the new \s-1FIPS\s0 provider
in OpenSSL 3.0.
\&\s-1FIPS\s0 indicators were added in OpenSSL 3.4.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

283
openssl-3.4.2/doc/man/man7/life_cycle-cipher.7 Normal file
View File

@@ -0,0 +1,283 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "LIFE_CYCLE-CIPHER 7ossl"
.TH LIFE_CYCLE-CIPHER 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
life_cycle\-cipher \- The cipher algorithm life\-cycle
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
All symmetric ciphers (CIPHERs) go through a number of stages in their
life-cycle:
.IP "start" 4
.IX Item "start"
This state represents the \s-1CIPHER\s0 before it has been allocated. It is the
starting state for any life-cycle transitions.
.IP "newed" 4
.IX Item "newed"
This state represents the \s-1CIPHER\s0 after it has been allocated.
.IP "initialised" 4
.IX Item "initialised"
These states represent the \s-1CIPHER\s0 when it is set up and capable of processing
input. There are three possible initialised states:
.RS 4
.IP "initialised using EVP_CipherInit" 4
.IX Item "initialised using EVP_CipherInit"
.PD 0
.IP "initialised for decryption using EVP_DecryptInit" 4
.IX Item "initialised for decryption using EVP_DecryptInit"
.IP "initialised for encryption using EVP_EncryptInit" 4
.IX Item "initialised for encryption using EVP_EncryptInit"
.RE
.RS 4
.RE
.IP "updated" 4
.IX Item "updated"
.PD
These states represent the \s-1CIPHER\s0 when it is set up and capable of processing
additional input or generating output. The three possible states directly
correspond to those for initialised above. The three different streams should
not be mixed.
.IP "finaled" 4
.IX Item "finaled"
This state represents the \s-1CIPHER\s0 when it has generated output.
.IP "freed" 4
.IX Item "freed"
This state is entered when the \s-1CIPHER\s0 is freed. It is the terminal state
for all life-cycle transitions.
.SS "State Transition Diagram"
.IX Subsection "State Transition Diagram"
The usual life-cycle of a \s-1CIPHER\s0 is illustrated:
+---------------------------+
| |
| start |
| |
+---------------------------+ + - - - - - - - - - - - - - +
| ' any of the initialised '
| EVP_CIPHER_CTX_new ' updated or finaled states '
v ' '
+---------------------------+ + - - - - - - - - - - - - - +
| | |
| newed | | EVP_CIPHER_CTX_reset
| | <----+
+---------------------------+
| | |
+---------+ | +---------+
EVP_DecryptInit | | EVP_CipherInit | EVP_EncryptInit
v v v
+---------------------------+ +---------------------------+ +---------------------------+
| | | | | |
| initialised | | initialised | | initialised |
| for decryption | | | | for encryption |
+---------------------------+ +---------------------------+ +---------------------------+
| | |
| EVP_DecryptUpdate | EVP_CipherUpdate EVP_EncryptUpdate |
| v |
| +---------------------------+ |
| | |--------------------+ |
| | updated | EVP_CipherUpdate | |
| | | <------------------+ |
v +---------------------------+ v
+---------------------------+ | +---------------------------+
| |---------------------+ | | |
| updated | EVP_DecryptUpdate | | | updated |------+
| for decryption | <-------------------+ | | for encryption | |
+---------------------------+ | +---------------------------+ |
| EVP_CipherFinal | | ^ |
+-------+ | +--------+ | |
EVP_DecryptFinal | | | EVP_EncryptFinal +-------------------+
v v v EVP_EncryptUpdate
+---------------------------+
| |-----------------------------+
| finaled | |
| | <---------------------------+
+---------------------------+ EVP_CIPHER_CTX_get_params
| (AEAD encryption)
| EVP_CIPHER_CTX_free
v
+---------------------------+
| |
| freed |
| |
+---------------------------+
.SS "Formal State Transitions"
.IX Subsection "Formal State Transitions"
This section defines all of the legal state transitions.
This is the canonical list.
Function Call ---------------------------------------------- Current State -----------------------------------------------
start newed initialised updated finaled initialised updated initialised updated freed
decryption decryption encryption encryption
EVP_CIPHER_CTX_new newed
EVP_CipherInit initialised initialised initialised initialised initialised initialised initialised initialised
EVP_DecryptInit initialised initialised initialised initialised initialised initialised initialised initialised
decryption decryption decryption decryption decryption decryption decryption decryption
EVP_EncryptInit initialised initialised initialised initialised initialised initialised initialised initialised
encryption encryption encryption encryption encryption encryption encryption encryption
EVP_CipherUpdate updated updated
EVP_DecryptUpdate updated updated
decryption decryption
EVP_EncryptUpdate updated updated
encryption encryption
EVP_CipherFinal finaled
EVP_DecryptFinal finaled
EVP_EncryptFinal finaled
EVP_CIPHER_CTX_free freed freed freed freed freed freed freed freed freed
EVP_CIPHER_CTX_reset newed newed newed newed newed newed newed newed
EVP_CIPHER_CTX_get_params newed initialised updated initialised updated initialised updated
decryption decryption encryption encryption
EVP_CIPHER_CTX_set_params newed initialised updated initialised updated initialised updated
decryption decryption encryption encryption
EVP_CIPHER_CTX_gettable_params newed initialised updated initialised updated initialised updated
decryption decryption encryption encryption
EVP_CIPHER_CTX_settable_params newed initialised updated initialised updated initialised updated
decryption decryption encryption encryption
.SH "NOTES"
.IX Header "NOTES"
At some point the \s-1EVP\s0 layer will begin enforcing the transitions described
herein.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-cipher\fR\|(7), \fBEVP_EncryptInit\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

262
openssl-3.4.2/doc/man/man7/life_cycle-digest.7 Normal file
View File

@@ -0,0 +1,262 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "LIFE_CYCLE-DIGEST 7ossl"
.TH LIFE_CYCLE-DIGEST 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
life_cycle\-digest \- The digest algorithm life\-cycle
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
All message digests (MDs) go through a number of stages in their life-cycle:
.IP "start" 4
.IX Item "start"
This state represents the \s-1MD\s0 before it has been allocated. It is the
starting state for any life-cycle transitions.
.IP "newed" 4
.IX Item "newed"
This state represents the \s-1MD\s0 after it has been allocated.
.IP "initialised" 4
.IX Item "initialised"
This state represents the \s-1MD\s0 when it is set up and capable of processing
input.
.IP "updated" 4
.IX Item "updated"
This state represents the \s-1MD\s0 when it is set up and capable of processing
additional input or generating output.
.IP "finaled" 4
.IX Item "finaled"
This state represents the \s-1MD\s0 when it has generated output.
For an \s-1XOF\s0 digest, this state represents the \s-1MD\s0 when it has generated a
single-shot output.
.IP "squeezed" 4
.IX Item "squeezed"
For an \s-1XOF\s0 digest, this state represents the \s-1MD\s0 when it has generated output.
It can be called multiple times to generate more output. The output length is
variable for each call.
.IP "freed" 4
.IX Item "freed"
This state is entered when the \s-1MD\s0 is freed. It is the terminal state
for all life-cycle transitions.
.SS "State Transition Diagram"
.IX Subsection "State Transition Diagram"
The usual life-cycle of a \s-1MD\s0 is illustrated:
+--------------------+
| start |
+--------------------+
| EVP_MD_CTX_reset
| EVP_MD_CTX_new +-------------------------------------------------+
v v |
EVP_MD_CTX_reset + - - - - - - - - - - - - - - - - - - - - - - + EVP_MD_CTX_reset |
+-------------------> ' newed ' <--------------------+ |
| + - - - - - - - - - - - - - - - - - - - - - - + | |
| | | |
| | EVP_DigestInit | |
| v | |
| EVP_DigestInit + - - - - - - - - - - - - - - - - - - - - - - + | |
+----+-------------------> ' initialised ' <+ EVP_DigestInit | |
| | + - - - - - - - - - - - - - - - - - - - - - - + | | |
| | | ^ | | |
| | | EVP_DigestUpdate | EVP_DigestInit | | |
| | v | | | |
| | +---------------------------------------------+ | | |
| +-------------------- | | | | |
| | | | | |
| EVP_DigestUpdate | | | | |
| +-------------------- | | | | |
| | | updated | | | |
| +-------------------> | | | | |
| | | | | |
| | | | | |
+----+------------------------- | | -+-------------------+----+ |
| | +---------------------------------------------+ | | | |
| | | | | | |
| | | EVP_DigestSqueeze +-------------------+ | | |
| | v | | | |
| | EVP_DigestSqueeze +---------------------------------------------+ | | |
| | +-------------------- | | | | |
| | | | squeezed | | | |
| | +-------------------> | | ---------------------+ | |
| | +---------------------------------------------+ | |
| | | | |
| | +---------------------------------------+ | |
| | | | |
| | +---------------------------------------------+ EVP_DigestFinalXOF | | |
| +------------------------- | finaled | <--------------------+----+ |
| +---------------------------------------------+ | |
| EVP_DigestFinal ^ | | | |
+---------------------------------+ | | EVP_MD_CTX_free | |
| v | |
| +------------------+ EVP_MD_CTX_free | |
| | freed | <--------------------+ |
| +------------------+ |
| |
+------------------------------------------------------+
.SS "Formal State Transitions"
.IX Subsection "Formal State Transitions"
This section defines all of the legal state transitions.
This is the canonical list.
Function Call --------------------- Current State -----------------------------------
start newed initialised updated finaled squeezed freed
EVP_MD_CTX_new newed
EVP_DigestInit initialised initialised initialised initialised initialised
EVP_DigestUpdate updated updated
EVP_DigestFinal finaled
EVP_DigestFinalXOF finaled
EVP_DigestSqueeze squeezed squeezed
EVP_MD_CTX_free freed freed freed freed freed
EVP_MD_CTX_reset newed newed newed newed
EVP_MD_CTX_get_params newed initialised updated
EVP_MD_CTX_set_params newed initialised updated
EVP_MD_CTX_gettable_params newed initialised updated
EVP_MD_CTX_settable_params newed initialised updated
EVP_MD_CTX_copy_ex newed initialised updated squeezed
.SH "NOTES"
.IX Header "NOTES"
At some point the \s-1EVP\s0 layer will begin enforcing the transitions described
herein.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-digest\fR\|(7), \fBEVP_DigestInit\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

219
openssl-3.4.2/doc/man/man7/life_cycle-kdf.7 Normal file
View File

@@ -0,0 +1,219 @@
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "LIFE_CYCLE-KDF 7ossl"
.TH LIFE_CYCLE-KDF 7ossl "2025-07-01" "3.4.2" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
life_cycle\-kdf \- The KDF algorithm life\-cycle
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
All key derivation functions (KDFs) and pseudo random functions (PRFs)
go through a number of stages in their life-cycle:
.IP "start" 4
.IX Item "start"
This state represents the \s-1KDF/PRF\s0 before it has been allocated. It is the
starting state for any life-cycle transitions.
.IP "newed" 4
.IX Item "newed"
This state represents the \s-1KDF/PRF\s0 after it has been allocated.
.IP "deriving" 4
.IX Item "deriving"
This state represents the \s-1KDF/PRF\s0 when it is set up and capable of generating
output.
.IP "freed" 4
.IX Item "freed"
This state is entered when the \s-1KDF/PRF\s0 is freed. It is the terminal state
for all life-cycle transitions.
.SS "State Transition Diagram"
.IX Subsection "State Transition Diagram"
The usual life-cycle of a \s-1KDF/PRF\s0 is illustrated:
+-------------------+
| start |
+-------------------+
|
| EVP_KDF_CTX_new
v
+-------------------+
| newed | <+
+-------------------+ |
| |
| EVP_KDF_derive |
v | EVP_KDF_CTX_reset
EVP_KDF_derive +-------------------+ |
+ - - - - - - - - | | |
' | deriving | |
+ - - - - - - - -> | | -+
+-------------------+
|
| EVP_KDF_CTX_free
v
+-------------------+
| freed |
+-------------------+
.SS "Formal State Transitions"
.IX Subsection "Formal State Transitions"
This section defines all of the legal state transitions.
This is the canonical list.
Function Call ------------- Current State -------------
start newed deriving freed
EVP_KDF_CTX_new newed
EVP_KDF_derive deriving deriving
EVP_KDF_CTX_free freed freed freed
EVP_KDF_CTX_reset newed newed
EVP_KDF_CTX_get_params newed deriving
EVP_KDF_CTX_set_params newed deriving
EVP_KDF_CTX_gettable_params newed deriving
EVP_KDF_CTX_settable_params newed deriving
.SH "NOTES"
.IX Header "NOTES"
At some point the \s-1EVP\s0 layer will begin enforcing the transitions described
herein.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBprovider\-kdf\fR\|(7), \s-1\fBEVP_KDF\s0\fR\|(3).
.SH "HISTORY"
.IX Header "HISTORY"
The provider \s-1KDF\s0 interface was introduced in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

Some files were not shown because too many files have changed in this diff Show More